NordVPN Privacy Report

NordVPN doesn’t log important information like timestamps, IP addresses, activity logs, or browsing data. More importantly, its policy states it doesn’t share any information with third parties. NordVPN’s reputation suffered from a 2019 data breach. However, the company has taken steps to prevent future breaches and offers a bug bounty program to prevent further breaches.
Encryption
In Transit | Yes |
---|---|
At rest? | Yes |
All network communications and capabilities? | Yes |
Security Updates
Automatic, regular software/ firmware updates? | Yes |
---|---|
Product available to use during updates? | Yes |
Passwords
Mandatory password? | Yes |
---|---|
Two-Factor authentication? | Yes with NordPass |
Multi-Factor authentication? | Yes with NordPass |
Vulnerability Management
Point of contact for reporting vulnerabilities? | Hackerone |
---|---|
Bug bounty program? | Yes |
Privacy Policy
Link | https://my.nordaccount.com/legal/privacy-policy/nordvpn/ |
---|---|
Specific to device? | No |
Readable? | Yes |
What data they log | Statistical server load information, username and a timestamp of last session, connectivity information, application diagnostics, anonymized telemetry data, device information, email address payment data, country details, email address, email optimization data, IP address if you use the chat-bot, access logs, cookies |
What data they don’t log | Connection time stamps, used bandwidth, traffic logs, IP addresses or browsing data |
Can you delete your data? | Yes, must contact support team |
Third-party sharing policies | Do not share info with third parties |
Surveillance
Log camera device/ app footage | n/a |
---|---|
Log microphone device/ app | n/a |
Location tracking device/ app | No |
Parental Controls
Are there parental controls? | No |
---|
Company History
Any security breaches/ surveillance issues in past? | Yes |
---|---|
Did they do anything to fix it? | Yes |
Additional Security Features
Anything like privacy shutters, privacy zones, etc.? | n/a |
---|