There are three types of data your VPN might record: activity logs, connection logs, and aggregated logs. Understanding which data falls into each category is the key to protecting your privacy.
1. Activity Logs
Collecting activity data is the most invasive type of logging. It removes any privacy or anonymity benefit that a VPN might otherwise offer.
Also known as “usage logs“, this covers any data explicitly tied to your online activity.
Activity logs can include:
- Browsing history
- DNS requests
- URLs visited
- Usage metadata
Hola VPN’s privacy policy provides a good example of activity logging:

Free VPNs like Hola VPN are common culprits. This data is often shared or sold to third parties for advertising, effectively subsidizing the cost of a “free” subscription.
Some subscription-based “no-log” VPN services monitor activity only if they’re suspicious about an individual, or if they’re legally compelled to. Others record activity in real time and delete it the moment your session ends.

Our SkyVPN review, for example, found the service logs personally identifiable information such as your originating IP address and location.
Because that data is deleted so quickly, this milder form of activity logging isn’t a huge concern. That being said, it’s best avoided where possible.
Other providers are technically incapable of collecting activity logs because of how their networks are built, most notably the ones running RAM-only servers that wipe on every reboot. From a privacy standpoint, these providers are your best option.
Needless to say, any VPN storing full activity data should be avoided at all costs. If this concerns you, jump to the popular VPNs that log activity data.
2. Connection Logs
Connection logs can include:
- Bandwidth usage
- Dates and times of connection
- Originating IP address
- VPN server IP address
Connection logs can be collected at the server-level (e.g. total server bandwidth usage) or the user-level (e.g. your originating IP address).
Typically, this data is used to optimize network performance and troubleshoot support queries.
Server-level connection logs are a great example of why not all logging is a problem.
It’s practically impossible to run a VPN network without recording any data at all. In fact, storing the right, non-identifiable data helps ensure you get the best possible experience.
Storing the wrong connection logs, however, could let a VPN match you to your activity, and personally identify you.
That’s a serious problem for privacy-conscious users. Read on to find out exactly which logs are acceptable and which aren’t.

Claims that detailed data is only used to “deliver the best possible experience” or “improve customer service” are rife.
But we know from experience that the level of detail shown above in Avira Phantom VPN’s privacy policy simply isn’t necessary to run a well-performing VPN network.
And it’s not just one provider. Plenty of trusted security brands hold more connection data than you’d expect. F-Secure’s FREEDOME VPN, for instance, doesn’t log the websites you visit, but it does keep identifying connection data: your source IP address, a device ID, connection timestamps, session duration, and the volume of data transferred. Its provisioning logs, which include your IP address and device ID, are kept for a full year.
This matters because any log that exists can be handed over, or seized. In January 2019, Finland’s National Bureau of Investigation seized FREEDOME’s connection logs at the request of German police.
A court later ordered the logs destroyed, but the lesson is simple: a VPN can only surrender the data it chooses to keep in the first place.
3. Aggregated Logs
Some of the most popular VPNs collect aggregated logs. This means gathering information that’s supposedly anonymized and impossible to link to a specific user.
A VPN might collect the sites you visit, the bandwidth you use, or your connection times, then strip out any identifying factors and add it to a larger database.

Be aware that some VPNs claim that they don’t keep logs when in fact they keep aggregated logs. Hotspot Shield’s privacy policy, above, is a good example of what to look out for.
Ultimately, aggregated and anonymized data isn’t always the magic bullet that marketing teams claim.
The exact data being aggregated, and the strength of the anonymization, decides whether this type of logging is acceptable. You have to trust that your VPN service is anonymizing effectively.
If that’s a leap of faith you’re uncomfortable with, you’re better off choosing a truly no-logs VPN service.
What Is a No-Logs VPN?
A truly no-logs VPN service doesn’t collect or store any activity or connection data that could be used to personally identify you. Most importantly, it won’t hold any information transmitted through the VPN tunnel whatsoever.
This ensures no user can be tied to any specific activity or connection on the network. Every user stays private, anonymous, and unknown even to the VPN provider.
For most no-logs VPNs, the only identifying information they hold is your email address (to register your account) and billing details (in case you want a refund). Some go further and collect even less.
NOTE: A few services strip identity out entirely. Mullvad assigns you a random account number instead of an email and accepts payment in cash. Others, like ExpressVPN, let you pay in crypto to avoid the identifying payment process.
No-logs VPNs can’t be compelled to hand user data to authorities or third parties, because the data simply doesn’t exist.
This is how a strong logging policy can offset the risk of an unsafe VPN jurisdiction.
It’s worth noting that “no-logs” doesn’t mean that absolutely no data is kept at all. Genuine “zero logging” is effectively impossible while maintaining a strong network or enforcing device limits.
Most no-logs VPNs keep very basic data such as aggregate server load (the number of users or bandwidth per server). This involves no identifying information whatsoever, and it’s still classed as a no-logs VPN.
The strongest providers reinforce this by running RAM-only servers and publishing independent audits.