Back to Legal

No-Log Policy

Last updated: June 30, 2026

Our Promise: We do not log, store, or monitor your VPN activity. Period. This isn't just a policy—it's built into our infrastructure. We cannot log what our systems aren't designed to capture.

What We DO NOT Collect

Browsing history
Which sites or apps you use
Traffic destination
DNS queries
Data content (what flows through the tunnel)
Your original IP paired with your activity
Assigned VPN IP paired with your activity
Any log linking your identity to your browsing

Our no-log promise covers your activity and the content of your traffic. To keep working in censored networks, the app does record anonymized connection-performance metrics (which connection method succeeded on which network — never what you browse). See Privacy Policy §1.3.

What We DO Collect (Minimal)

DataReason
Email addressAccount creation and recovery
Payment infoSubscription billing
Support ticketsWhen you contact us

* This data is for account management only and is never connected to your VPN browsing activity or the content of your traffic.

How We Enforce This

RAM-Only Servers

Our VPN servers are designed to run in RAM, minimizing persistent data storage. On reboot, server memory is cleared.

No Logging Infrastructure

We don't have the technical capability to log. Our servers aren't configured to store connection data.

Minimal Data Architecture

Our systems are designed from the ground up to minimize data collection. We can't hand over the browsing activity or traffic content we never store.

Independent Audits

We are planning to engage independent third-party auditors to verify our no-log claims. Reports will be published publicly.

Independent Audits

We are committed to full transparency. We are actively working toward engaging an independent third-party security firm to audit our no-log infrastructure and publish the results publicly.

Audit reports will be linked here once completed. In the meantime, our technical architecture (RAM-only servers, no logging infrastructure) is designed to make data retention structurally impossible.

What Happens If Authorities Ask?

We cannot comply with requests for data we don't have. When we receive legal requests for user activity data, we can only respond with what we have:

  • Email address (if provided)
  • Payment method (but not full card numbers)
  • No record of your browsing, destinations, or traffic content (we don't have it)

See our Transparency Report for statistics on legal requests received.

Warrant Canary

As of the last update of this page, OrbVPN has NOT received:

  • • Any National Security Letters
  • • Any gag orders
  • • Any warrants from any government organization
  • • Any requests to backdoor our software

This canary is updated monthly. See our full Warrant Canary for signed cryptographic proof.