If you are a YouTube user like me, you probably have heard about NordVPN from all the sponsorships. No matter if they are a travel vlogger, food critics, or tech reviewer. The similarity is that they all use NordVPN, or at least claim to be. My question is, do they actually know how VPN works?
Mentioned in my privacy setup, I only use 2 VPNs, ProtonVPN and Mullvad. And they are always being highly recommended by security researchers and people who understand how privacy works. However, the ultimate VPN would still be your own, self-hosted it and you are fully responsible for it.
Spending time looking through NordVPN’s privacy policy allow me to have a better understanding of the application/service.1
- Device information. We may collect some device information on our application too. Such information is logged automatically and may include the model of your device, operating system version, and similar non-identifying information. We may use this information to monitor, develop, and analyze the use of NordVPN Services. Also, to help users connect to the most convenient server when using a Quick connect feature, our application detects the device’s city (detection is done locally, this data is not logged in our systems).
- Device identifiers. In some cases, we may record your device’s identifier for marketing or analytics purposes. These identifiers are assigned to your device by the OS manufacturer and can be reset at any time from your device’s settings. For instructions, see the following policies for different devices: Advertising & Privacy on iOS devices and Managing your Google Settings on Android devices.
- Enabled features. Knowing which product features are enabled on your application helps us to provide you with more relevant information. For example, this means that you will not receive in-app notifications about NordVPN features that are already enabled.
Well it ‘may’ collect some device information. This statement is not specific, this device information can be anything.
Additionally, in 2018, ‘The best VPN’ has been breached. The server was vulnerable between January 31st, 2018 and March 20th, 2018, but NordVPN believes it was only breached once, during March. I do not blame NordVPN for not preventing the breach, nothing is 100%. But I cannot stand the period of time it takes to disclosure the case, 1.5 years after it happened.