ExpressVPN Privacy Report

Privacy Rating
8.3
/10
ExpressVPN Home page  - Product Header Image

ExpressVPN has a strong reputation in the VPN industry. It uses military-grade AES-256 encryption and has zero history of any breaches. However, ExpressVPN would’ve received a higher score if the company updated its software automatically. Instead, users must download updates from the company’s website manually.

Encryption

In Transit Yes
At rest? Yes
All network communications and capabilities? Yes

Security Updates

Automatic, regular software/ firmware updates? No
Product available to use during updates? No

Passwords

Mandatory password? Yes
Two-Factor authentication? No
Multi-Factor authentication? No

Vulnerability Management

Point of contact for reporting vulnerabilities? Bugcrowd or via email at security@expressvpn.com
Bug bounty program? Yes

Privacy Policy

Link https://www.expressvpn.com/privacy-policy
Specific to device? No
Readable? Yes
What data they log Name, email address, and payment information name, email address, and payment information. App diagnostic data, which include crash reports, usability diagnostics, and VPN connection diagnostics, are anonymized and cannot be tied back to individual ExpressVPN users. Information related to which Apps and Apps version(s) you have activated. Whether you have successfully established a VPN connection on a particular day (but not a specific time of the day), to which VPN location (but not your assigned outgoing IP address), and from which country/ISP (but not your source IP address). Information regarding the total sum of data transferred by a given user. With your permission, we collect anonymized app diagnostic data, which include crash reports, usability diagnostics, and VPN connection diagnostics.
What data they don’t log No data about the contents or destinations of VPN traffic, no DNS queries, and no IP addresses.
Can you delete your data? Yes if european, must contact support
Third-party sharing policies Users may opt out of third-party vendor use of cookies

Surveillance

Log camera device/ app footage n/a
Log microphone device/ app n/a
Location tracking device/ app No

Parental Controls

Are there parental controls? No

Company History

Any security breaches/ surveillance issues in past? No
Did they do anything to fix it? n/a

Additional Security Features

Anything like privacy shutters, privacy zones, etc.? n/a