TunnelBear Privacy Report

Privacy Rating
7.9
/10
TunnelBear VPN Kill Switch  - Product Header Image

Like all VPNs, Tunnelbear must collect some information from users if only to charge them for the service, but they collect as little as possible. They feature strong privacy tools including encryption in transit, at rest, and across all network communications, as well as two-factor authentication. In addition, they have a spotless record of no breaches. A bug bounty program and automatic software updates, though, would’ve increased their score.

Encryption

In Transit Yes
At rest? Yes
All network communications and capabilities? Yes

Security Updates

Automatic, regular software/ firmware updates? No
Product available to use during updates? No

Passwords

Mandatory password? Yes
Two-Factor authentication? Yes
Multi-Factor authentication? No

Vulnerability Management

Point of contact for reporting vulnerabilities? Fill out a support ticket
Bug bounty program? No

Privacy Policy

Link https://www.tunnelbear.com/privacy-policy
Specific to device? No
Readable? Yes
What data they log Payment info, email, browser version, total data used in a month
What data they don’t log IP addresses, DNS queries, information about the applications, services or websites users use while connected to the service.
Can you delete your data? Yes
Third-party sharing policies Shares with third parties that support for payment and email distribution

Surveillance

Log camera device/ app footage n/a
Log microphone device/ app n/a
Location tracking device/ app No

Parental Controls

Are there parental controls? No

Company History

Any security breaches/ surveillance issues in past? No
Did they do anything to fix it? n/a

Additional Security Features

Anything like privacy shutters, privacy zones, etc.? n/a