Surfshark Privacy Report
Encryption
| In Transit | Yes |
| At rest? | Yes |
| All network communications and capabilities? | Yes |
Security Updates
| Automatic, regular software/ firmware updates? | Yes |
| Product available to use during updates? | No |
Passwords
| Mandatory password? | Yes |
| Two-Factor authentication? | Yes, must opt in |
| Multi-Factor authentication? | No |
Vulnerability Management
| Point of contact for reporting vulnerabilities? | support@surfshark.com |
| Bug bounty program? | No |
Privacy Policy
| Link | https://surfshark.com/privacy-policy |
| Specific to device? | No |
| Readable? | Yes |
| What data they log | Email address, billing info, diagnostic reports, google analytics/advertising Ids in apps |
| What data they don’t log | Traffic or use of its Virtual Private Network service on any platform. We do not track user activities outside of our Site, nor do we track the website browsing or connection activities of users who are using our Services. |
| Can you delete your data? | Yes, if you are a resident of California |
| Third-party sharing policies | Can opt out of third-party pixels that use cookies. Third parties leveraged for customer feedback, fraud detection, email, ETL, payment, cart abandonment, blog hosting, app crash info, and support tickets. |
Surveillance
| Log camera device/ app footage | n/a |
| Log microphone device/ app | n/a |
| Location tracking device/ app | No |
Parental Controls
| Are there parental controls? | No |
Company History
| Any security breaches/ surveillance issues in past? | Yes |
| Did they do anything to fix it? | No |
Additional Security Features
| Anything like privacy shutters, privacy zones, etc.? | n/a |