No-Log Policy

NoLogVPN No-Log Policy

This page explains the specific meaning of NoLogVPN's no-log claim. The promise applies to VPN usage activity, not to the minimal account, billing, device, and bandwidth-accounting records needed to operate the service.

Service Provider / Data Controller

For GDPR purposes, MORARU ANDREI-DANIEL PERSOANĂ FIZICĂ AUTORIZATĂ is the data controller for account, payment, support, and website-related personal data.

Legal name: MORARU ANDREI-DANIEL PERSOANĂ FIZICĂ AUTORIZATĂ
Legal form: Authorised Natural Person (Romanian PFA)
Trade Register no.: F2026025353008
CUI/CIF: 54681475
Professional headquarters: Bucureşti Sectorul 1, Bulevardul Bucureştii Noi, Nr. 136, Etaj PARTER, Ap. 5
Email: [email protected]
Website: https://nologvpn.org

Short Version

We do not collect, store, or monitor VPN activity logs. This means we do not store browsing history, DNS queries, destination IP addresses, traffic contents, VPN session activity, or records linking a user account to websites or services accessed through the VPN. We may process limited account and billing data, such as email address, subscription status, payment processor reference, support messages, and security events necessary to operate the service. This data is not VPN activity data.

We Do Not Store

• We do not collect, store, or monitor VPN activity logs.

• We do not store browsing history, DNS queries, destination IP addresses, or traffic contents.

• We do not store VPN session activity or records linking a user account to websites or services accessed through the VPN.

• We do not keep a persistent per-user history database of destinations, packets, or activity through the VPN.

We Do Store

• Account email, password hash, creation time, and status.

• Short-lived password reset token hashes retained only until they are used or expire.

• Subscription status, renewal timing, and payment/provider references.

• For active devices: device name, WireGuard public key, assigned internal VPN IP, and selected protection profile. Revoked-device records and their linked device-scoped events are erased within 7 days.

• Minimal bandwidth/accounting totals for the current cycle and current day, used for fair-use enforcement, network protection, and throttling.

• Essential account/billing events for consent, checkout, and major subscription changes. Non-essential operational events are auto-purged after a short retention window.

• Checkout consent record with typed name, timestamp, agreement version, and related billing references.

Live Session Enforcement

Simultaneous connection limits are enforced from recent live WireGuard handshake state rather than from a stored long-term activity log. In practice, the service can see live runtime session state needed to keep the VPN working, but that data is not kept as a persistent browsing or DNS history database.

Scope of the Promise

The no-log promise applies to NoLogVPN's own VPN servers and application stack. Third-party services such as Stripe, Cloudflare, and upstream DNS resolvers operate under their own policies and may keep their own records outside NoLogVPN's servers.

What This Policy Does Not Mean

This policy does not mean that NoLogVPN keeps no records of any kind. It means that NoLogVPN does not keep VPN usage activity logs on its own servers. Minimal account, subscription, payment-reference, device, consent, and bandwidth-accounting totals needed for fair-use enforcement are still retained to operate the service, handle support, and manage billing. Password reset tokens and non-essential operational events are short-lived, and revoked-device records are then erased.

Related Policies

All Policies

SupportSupport us