If you are familiar with VPNs, you will know that their main purpose is to encrypt your online data and hide your IP address. But your VPN provider may still collect some information about you, and some of the more shady services even conduct excessive data collection.
So, what kind of user data do VPNs typically collect, and how do you know if your provider is collecting too much?
A shady VPN will never reveal your data collection. However, the law requires companies to outline the type of data they collect and how they use it. This is usually explained in the VPN’s privacy policy, which you can find on the official website.
The VPN’s privacy policy should also state whether any of your data is shared and, if so, with whom it is shared.
If your VPN provider doesn’t have a privacy policy, be careful with this. Even non-security-focused platforms like Instagram, Walmart, Youtube, and CNN all have privacy policies, so you should expect this to be the bare minimum from a VPN service.
If a VPN’s privacy policy is very short or vague, there may also be something wrong. A legitimate company must clearly state how it collects, uses, and shares your data, especially if that company’s purpose is to protect you and your data online.
ExpressVPN provides a good example of a VPN’s privacy policy, which covers a wide range of important topics. This includes data collection and use, user privacy, third-party cookies and analytics, child users, and data protection.
If you’re concerned that your VPN’s privacy policy may not be fact-based, make sure the company has been independently audited. That way, you know that any false claims have been dropped.