NordVPN passes third no-logs audit with flying colors

(Image credit: NordVPN)

The time of users blindly trusting what tech companies claim without any proof is long over. Transparency is key here, especially when it comes to privacy. 

That's why more and more of the best VPN providers are regularly putting their software under external scrutiny.

In a continuous effort to retain users' trust, NordVPN, one of the most popular VPN services around, has called an independent cybersecurity company to test its no-logs claims.

Industry-leading auditing firm Deloitte confirmed that the VPN provider complies with the data-handling practices stated in its Privacy Policy as no violations could be identified.  

This is the third time that the provider has undergone a no-logs audit since 2018.   

Transparency – a necessity for users

"Our users need to know that they can trust us. When people use a VPN service, they need to know that it won’t monitor their data. They need to have confidence in the security and effectiveness of its features and infrastructure. That’s what our audit process is all about," says NordVPN's product strategist Vykintas Maknickas.

A no-logs policy is an important feature to keep in mind when signing up to a VPN. That's especially important when the main reason behind such a purchase is protecting your privacy online as much as possible. 

While some logs are inevitable, a no-log VPN should guarantee that these are restricted to basic data like the number of users connecting to the same server and the email address associated with a user's account – and certainly not activity data like which sites you visit.

A no-log privacy policy's ultimate goal is to make sure that even in case a malicious hacker or government manages to acquire these data, no sensitive information about any users will be leaked. Such details simply won't exist. 

Deloitte conducted their assessment between November 21 to December 10 last year. 

The approach was a mixture of interviews with NordVPN employees alongside in-depth reviews of all the relevant settings and features. 

These include all NordVPN's server types and their configurations - standard, Double VPN, obfuscated servers, Onion over VPN and P2P-optimized servers - as well as all the privacy-relevant settings like its SmartPlay and malware blocking tool. 

The consulting firm concluded that NordVPN's "configuration of  IT systems and management of the supporting IT operations is properly prepared" in accordance with their privacy policy claims.  

"We are delighted to receive the Deloitte stamp of approval, which proves that when we say privacy, we truly mean it," said Maknickas.

Chiara Castro
Senior Staff Writer

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to