I Dug Through Windscribe’s Privacy Policy, Audit Reports, and Legal Cases – Here’s What Logs It Actually Keeps
Published
Quick Answer
- Based on Windscribe's privacy policy, technical documentation, audit reports, transparency reports, public legal disclosures, and responses the company provided directly to me, I found no evidence that Windscribe stores browsing history, source IP logs, or historical VPN session logs. While the company does retain limited account metadata such as bandwidth usage and a last-activity timestamp, the available evidence broadly supports its no-logs claims.
Windscribe has one of the more unusual privacy architectures in the VPN industry. Instead of relying on traditional server setups, it runs a custom in-memory system called FreshScribe that is designed to avoid storing user activity on disk. The company also publishes unusually detailed technical explanations of how its infrastructure works and has publicly argued that it cannot tie VPN activity back to individual users because the necessary logs simply do not exist.
Those are strong claims. In this article, I'll examine exactly what data Windscribe collects, what information it says it never stores, how its infrastructure handles active connections, and whether audits, transparency reports, and real-world legal requests support its no-logs promises.
How We Evaluated Windscribe's Logging Practices
To determine whether Windscribe stores logs, we reviewed the company's publicly available privacy documentation and compared it with technical information about its infrastructure. We also examined direct responses provided by Windscribe in July 2026 to better understand what data is collected, retained, and excluded from its logging practices.
All research was conducted in June 2026. The objective was to verify whether Windscribe's no-activity-logs claims align with the information provided in its policies, technical resources, and direct communications.
Our evaluation focused on the following areas:
Test Environment:Country: IndiaDate: June 10 - 17, 2026Tested by: Rachita Jain
Privacy Policy Analysis: We reviewed Windscribe's privacy policy line by line to understand exactly what information the company collects, stores, and excludes from its logging practices. Particular attention was given to activity logs, connection data, IP addresses, bandwidth usage, and account-related records.
Direct Communication With Windscribe: We contacted Windscribe's team with questions about its logging practices, data retention policies, infrastructure design, and privacy claims. Their responses were compared against information published in official documentation.
Technical Documentation Review: We examined Windscribe's technical resources, infrastructure explanations, and blog posts to better understand how user data is handled across its network and backend systems.
Independent Audit Verification: We reviewed publicly available security and privacy audits to determine whether Windscribe's no-logs claims have been independently assessed and whether auditors identified any limitations or concerns.
External Research and Community Feedback: To identify potential gaps between official claims and real-world experiences, we researched discussions across privacy forums, Reddit communities, industry publications, and user reports. This helped us determine whether any logging-related incidents, controversies, or unanswered concerns had been raised by users or security researchers.
Transparency and Consistency Check: Finally, we compared findings across all sources to evaluate whether Windscribe's statements remained consistent throughout its privacy policy, audit reports, technical documentation, public communications, and direct responses.
Windscribe Logging Policy Summary
What I Found in Windscribe's Privacy Policy Regarding Logs
To understand whether Windscribe keeps logs, I carefully reviewed its privacy policy to identify every piece of information the company collects, stores, or processes. While Windscribe says it does not retain browsing activity or connection logs, it does collect certain account and operational data needed to run the service. Here's a breakdown of what information is collected, when it's collected, and how it affects your privacy.
1. On their website
Windscribe doesn't use Google Analytics, Facebook pixels, or any third-party tracking service. Instead they run a self-hosted, open-source Piwik analytics instance on their own servers. When you load any page on windscribe.com, the following is collected:
- Browser user-agent
- Browser language
- Screen resolution
- Referring website (where you came from)
- First 3 octets of your IP address - meaning if your IP is
203.0.113.45, they only see203.0.113.xxx
That last point matters. By dropping the final octet, the address can no longer identify you specifically - it only places you in a general network block. This data feeds aggregate statistics only and never leaves their servers.
Privacy Impact: Low - The data is anonymized, used for website analytics, and does not identify individual users.
2. When you sign up
Creating an account requires only:
- Username
- Password
Email addresses are optional and are primarily used for password recovery and account notifications.
For paid subscriptions, Windscribe stores a payment transaction reference for fraud prevention purposes. According to the privacy policy, this information is retained for 30 days before being removed.
Users may also pay with cryptocurrency, which can further reduce the amount of personally identifiable information associated with an account.
Privacy Impact: Low — Username and password are required to create an account. Email is optional, and payment references are standard for subscription processing.
3. When you actively use the VPN
According to Windscribe's privacy policy, the company retains two account-level metrics:
30-Day Bandwidth Usage
Windscribe stores the total amount of bandwidth transferred during a rolling 30-day period.
This is primarily used to:
- Enforce free-plan data limits
- Detect abuse
- Manage account quotas
The counter resets according to the user's billing or bandwidth renewal cycle.
Privacy Impact: Low — Required to enforce free-plan limits and account quotas. Does not reveal browsing activity or websites visited.
Last Activity Timestamp
Windscribe also stores a timestamp indicating the last time an account was active on the network.
When we asked Windscribe directly how long this information is retained, they explained:
This means Windscribe maintains only a single activity timestamp rather than a historical activity record.
Privacy Impact: Medium — Reveals when an account was last active, although Windscribe stores only the most recent timestamp rather than a history of activity.
4. While you are actively connected
The privacy policy and the founder's technical breakdown both describe two separate locations where data lives during an active session.
On the VPN server itself (local RAM):
Some information must temporarily exist while a VPN connection is active.
According to Windscribe, the following data is held in memory during an active session:
- VPN username
- Connection time
- Data transferred during the session
The company states this information exists only in RAM and is discarded immediately when the session ends.
When we asked what technical safeguards prevent this information from being written to disk, Windscribe explained:
The company also stated that it maintains custom software builds that prevent user IP information from appearing in connection status outputs and related system files.
Privacy Impact: Low — This data exists only while the VPN is connected and is required for the service to function.
In a central Redis database (also in-memory, never on disk):
- Number of parallel connections on your account at any given moment
- A running byte counter for the 30-day period
- Server hostname and an internal RFC1918 private IP address (not your real public IP, more on this in a moment)
On disconnect, an immediate API call fires and the Redis record is cleared.
Privacy Impact: Low — Used to manage active connections and bandwidth tracking. Windscribe says it stores internal routing information rather than users' public IP addresses.
5. What persists after you leave
After a VPN session ends, Windscribe states that active-session information is discarded.
The remaining account-level information may include:
- Username
- Password
- Optional email address
- Current 30-day bandwidth usage
- Last activity timestamp
- Account type and subscription status
According to Windscribe, inactive accounts are periodically pruned, although no specific retention timeline is publicly disclosed.
Privacy Impact: Low to Medium — The retained information is primarily account metadata rather than activity logs, but the last-activity timestamp remains associated with the account.
What Does Windscribe NOT Log?
A VPN's privacy claims are often defined as much by what it doesn't collect as what it does. This section breaks down the types of activity and connection data Windscribe says it never stores, along with a few important technical nuances worth understanding.
Browsing Activity
According to Windscribe's privacy policy, browsing history is never recorded.
The company states that it does not store:
- Websites visited
- DNS requests
- Browsing history
- Internet activity records
This means Windscribe says it cannot see a historical record of which websites a user accessed while connected to the VPN.
Source IP Addresses
One of the most important claims in Windscribe's privacy policy is that source IP addresses are not stored.
However, privacy policies often leave room for exceptions buried in authentication systems, security infrastructure, crash reports, or DDoS mitigation tools. To clarify this point, I asked Windscribe directly whether source IP addresses are ever written to any infrastructure logs, even temporarily.
Windscribe responded:
This clarification is significant because it extends beyond the wording of the privacy policy and addresses common areas where VPN providers sometimes retain connection information.
The company also explained elsewhere in its technical documentation that while a VPN server must know a user's IP address during an active session to route traffic correctly, that information exists only in memory and is not written to persistent storage.
Historical VPN Session Logs
Based on Windscribe's privacy policy, technical documentation, and direct correspondence, the company says it does not maintain historical VPN session logs.
In practical terms, Windscribe says it does not keep records showing:
- When a specific user connected
- Which IP address they connected from
- Which VPN server they used
- How long a session lasted after it ends
The company further stated that it cannot provide historical VPN session information because those records do not exist.
Traffic Metadata
Windscribe also says it does not maintain the records necessary to associate specific internet activity with a specific account.
According to the company's privacy policy and technical explanations, VPN exit IP addresses are shared among many users simultaneously. Because Windscribe does not store source IP histories or historical session logs, it says it cannot reliably determine which customer generated particular traffic after the fact.
What About Active Connections?
One important distinction is that a VPN must temporarily process some information while a connection is active.
According to both Windscribe's technical documentation and the answers provided to me directly, information such as usernames, connection times, and data transfer statistics exists only in RAM while a session is active.
When I asked what technical safeguards prevent that information from being written to disk, Windscribe explained:
The company also stated that it maintains custom builds of software that prevent user IP information from being output through connection status files or related diagnostic tools.
Based on the documentation reviewed and Windscribe's responses, the distinction is clear: some information must exist temporarily for the VPN to function, but Windscribe says it is not retained as historical logs once a session ends.
Privacy Concerns and Fine Print
No privacy policy is completely black and white. While Windscribe's logging practices are generally privacy-friendly, there are a few caveats, edge cases, and practical considerations that users should be aware of before relying on the service.
Payment Processor Records
While Windscribe stores only a transaction reference for 30 days, payment providers such as PayPal, Stripe, banks, and credit card processors maintain their own records. Those records exist independently of Windscribe and are outside the company's privacy policy.
Last Activity Timestamp
Although Windscribe does not keep connection logs, it does maintain a last-activity timestamp associated with an account.
The company clarified that only the most recent timestamp is stored and that it is overwritten during subsequent connections.
For most users this is a minor privacy consideration, but it is still metadata that exists.
Canada is "privacy-friendly" - until it isn't
Windscribe is incorporated in Canada, a member of the Five Eyes intelligence-sharing alliance. However, Canada does not currently require VPN providers to retain user activity logs. Windscribe's saving grace here is that even a successful legal demand would yield very little, but the jurisdiction is not a perfect shield, and it's worth being clear-eyed about that.
Also, it is worth noting that recently Canada is in line to pass the C22 bill, which, if passed, would mean more surveillance. Many VPN providers, including Windscribe, have shared their share of issues and actions they will take if the bill passes in 2026.
Historical Logging Before 2018
Windscribe founder Yegor Sak previously disclosed that prior to 2018 the company used a modified FreeRADIUS accounting implementation.
According to Windscribe, source IP addresses were not stored and session records were automatically removed.
The company has since replaced that infrastructure with its current FreshScribe architecture, but this remains a historical detail worth noting for long-time users.
Independent Audits & Real-World Proof
Not all audits are equally relevant. Some focus on the VPN server infrastructure itself, while others examine the desktop and mobile applications.
While reviewing Windscribe's audit history, I did not find evidence of a standalone no-logs audit specifically designed to verify and certify the company's logging practices.
Instead, the available audits fall into two categories:
- Infrastructure assessments that examined components of Windscribe's FreshScribe server architecture and privacy controls.
- Application security audits that reviewed the desktop and mobile apps.
This distinction matters because a security audit and a no-logs audit are not necessarily the same thing. A security audit focuses primarily on identifying vulnerabilities and misconfigurations, whereas a no-logs audit specifically attempts to verify what user data is collected, retained, and accessible within the provider's systems.
That said, the PacketLabs assessment remains highly relevant because it reviewed the production VPN infrastructure where logging would occur. While it should not be described as a dedicated no-logs certification, it does provide independent scrutiny of the systems responsible for implementing Windscribe's privacy architecture.
Below is a breakdown of every publicly available audit and what it actually examined.
1. Packetlabs - FreshScribe VPN stack (June 2024)
This is the most important audit Windscribe has published to date.
In June 2024, security firm PacketLabs assessed Windscribe's production FreshScribe VPN infrastructure -the actual server environment responsible for handling VPN traffic and implementing the company's no-logs architecture.
The audit found only minimal security concerns, all of which were remediated before the final report was issued. More importantly, PacketLabs specifically noted that Windscribe had implemented significant measures designed to reduce or prevent the disclosure of user information.
For anyone evaluating Windscribe's no-logs claims, this is currently the strongest independent verification available because it examined the live production VPN stack rather than an application or a test environment.
One statement from the report stands out:
The auditors also noted that Windscribe had implemented development changes specifically designed to reduce or prevent the disclosure of user information.
Full report: Packetlabs Audit - Google Drive
2. Cure53 Review (2022)
Before PacketLabs reviewed the production environment, Windscribe commissioned Cure53 to examine an early version of the FreshScribe infrastructure.
This audit focused on a pre-production deployment rather than the final system users interact with today. As a result, it is best viewed as an early validation of Windscribe's architecture rather than a definitive assessment of the current VPN network.
While the PacketLabs audit supersedes it in importance, the Cure53 review is still valuable because it shows that Windscribe subjected the FreshScribe design to independent scrutiny before deployment.
The key takeaway is that Windscribe's no-logs infrastructure wasn't simply deployed and trusted internally- it underwent third-party review before reaching production.
Full report: Cure53, December 2022
3. Desktop Application Audit (2021)
A VPN's privacy promises depend not only on server infrastructure but also on the software users install.
In September 2021, Leviathan Security Group conducted a source-code review of Windscribe's desktop application. The goal was to identify security weaknesses, privacy concerns, and implementation issues that could impact users.
The audit did not focus directly on server-side logging practices. Instead, it examined whether the desktop application behaved securely and as expected.
For privacy-conscious users, this audit provides assurance that the application itself underwent independent review rather than relying solely on internal testing.
Full Report - Leviathan Security Group, September 2021
4. Android and iOS Application Audit (2022)
In March 2022, Leviathan Security Group conducted a similar review of Windscribe's mobile applications.
As with the desktop audit, the focus was on application security, privacy protections, and source-code quality rather than server-side logging infrastructure.
The audit identified issues that were subsequently addressed by Windscribe before publication.
Together, the desktop and mobile audits provide additional confidence that Windscribe's applications behave as advertised and do not introduce unexpected privacy risks.
Full Report - Leviathan Security Group, March 2022
5. Open Source Applications
Audits provide a snapshot in time. Open-source software allows ongoing scrutiny.
Windscribe has open-sourced its desktop client, Android application, and browser extension, allowing independent researchers and security professionals to inspect the code themselves.
While open source is not a substitute for a formal audit, it makes it significantly harder for privacy-invasive functionality to remain hidden for long periods.
Full report: GitHub - Android App Audit
Real-World Tests of Windscribe's No-Logs Claims
Privacy policies and audits are useful, but the strongest test of a VPN's logging claims is what happens when someone actually requests user data. To evaluate whether Windscribe's no-logs policy holds up in practice, I reviewed public legal cases, the company's transparency reports, and direct responses Windscribe provided to my questions about what information it could and could not produce if served with a legal request.
1. The Greek Court Case
Based on the publicly available evidence, Windscribe's no-logs claims appear to have held up when tested in real-world situations. The strongest example comes from a Greek legal proceeding where the company stated it could not provide the requested activity data because those records did not exist.
In 2025, Greek authorities sought user information from Windscribe as part of a legal proceeding. According to Windscribe, the company was unable to provide historical VPN activity records because those logs did not exist. The outcome was consistent with the company's publicly stated logging policy and demonstrated how its infrastructure performs when subjected to an actual legal demand.
Unlike audits, which examine systems at a specific point in time, this case tested whether Windscribe could actually produce user activity records when legally compelled to do so. According to the company, it could not because those records were never retained.
2. Transparency Reports
Windscribe publishes an ongoing transparency report documenting copyright complaints, law-enforcement requests, and other demands for user information.
While transparency reports rely on self-reporting, they provide useful insight into how frequently a VPN provider receives requests and whether it has data available to hand over. According to Windscribe, requests that would require user activity logs have not resulted in meaningful disclosures because the relevant data is not retained.
Although transparency reports cannot independently verify a no-logs policy, they provide additional context that is broadly consistent with Windscribe's stated logging practices.
What Windscribe Could Still Provide
During my correspondence with Windscribe, I asked what information could still be produced if the company received a valid legal request. The answer helps clarify the difference between account information and activity logs.
Windscribe explained that while it cannot provide browsing activity or historical VPN session records, it does retain certain account-level information necessary to operate the service.
Information Windscribe Says It Could Provide
Information Windscribe Says It Could Not Provide
Is Windscribe Really a No-Logs VPN?
Yes, based on the evidence reviewed, Windscribe can reasonably be described as a no-logs VPN.
In regard to its privacy policy, technical documentation, transparency reports, public legal history, and responses provided directly to me, Windscribe appears to avoid collecting the types of logs most privacy-conscious users care about, including browsing history, source IP addresses, and historical VPN session records.
However, Windscribe has not undergone a dedicated no-logs audit. While its infrastructure and applications have been independently reviewed, none of the published audits were designed specifically to certify the company's no-logs claims.
What Supports Windscribe's No-Logs Claims
- No browsing history logs
- No source IP logging
- No historical VPN session logs
- RAM-only FreshScribe server architecture
- Source IPs reportedly never written to infrastructure logs
- Multiple independent security and infrastructure assessments
- Open-source desktop, browser, and Android applications
- Public transparency reporting
- Successfully tested during a real legal proceeding (Greek court case)
- Limited account metadata retention compared to many VPN providers
What Prevents a Perfect Score
- No dedicated no-logs audit
- Last activity timestamp is retained
- 30-day bandwidth usage is tracked
- Payment providers maintain separate transaction records
- Canadian jurisdiction may concern some privacy-focused users
- No publicly disclosed retention policy for inactive accounts
Related
