Vizoguard Transparency: What We Collect and What We Don't

Most VPN providers claim to have a "no-logs policy." Very few explain what that means in concrete terms. This page does. It lists every category of data we do not collect, every piece of data we do collect, and the specific reason we collect it. If something is not on the "do collect" list, we don't have it.

We are a small team. We don't have a marketing department writing this. This is what we actually do.

The short version

We never see your IP address, browsing history, DNS queries, or connection timestamps. We know your email, your plan, and one device ID per Pro license. That is it. Your traffic is encrypted end-to-end and we cannot read it even if we wanted to.

What We Do NOT Collect

Each item below represents a category that many VPN providers quietly log. We do not. Not in compressed form, not in aggregated form, not temporarily.

✓

IP addresses We never see or store your real IP address. When you connect through Vizoguard, your origin IP is not written to any log, database, or temporary file on our server. Not even for a second. Our Outline VPN server processes your connection but discards origin addressing immediately — it is never surfaced to application code.
✓

Browsing history No record of websites you visit is created or retained at any point. Your traffic is encrypted before it reaches our server. We cannot see the URLs, domains, or content of what you access. There is no "request log" on our end.
✓

Connection timestamps We do not log when you connect to or disconnect from the VPN. There are no session records. If you were connected on a specific date at a specific time, we have no way of confirming or denying that — because it was never recorded.
✓

DNS queries Your DNS lookups are encrypted through the VPN tunnel. We do not operate a separate DNS resolver that logs queries. The domains you look up are not recorded anywhere on our infrastructure.
✓

Bandwidth usage per session We do not track how much data you transfer in any given session or cumulatively. There is no per-user bandwidth meter running on our server. We monitor total server load for infrastructure health, but this is not tied to individual accounts.
✓

Traffic content Your data is encrypted end-to-end using AES-256-GCM or ChaCha20-Poly1305 before it leaves your device. Even if we wanted to inspect your traffic, we cannot — we don't hold the decryption keys for your session payload. We encrypt; we don't analyze.
✓

Device identifiers beyond license binding We do not fingerprint your hardware. We do not collect your device name, OS version, screen resolution, CPU details, installed apps, or any other device attribute. The only device information we store is a single device ID per Pro license — which you provide — solely to enforce the one-device limit on that plan. Basic plan does not store any device identifier at all.

What We DO Collect (and Why)

We collect the minimum required to run a subscription VPN business. Here is the complete list, with the exact reason each item exists.

Email address Required to deliver your license key after purchase and to send renewal notices before your subscription expires. Stored in our SQLite database on our VPS in Malta. We do not share it with third parties. We do not send marketing email. You can reach us at privacy@vizoguard.com to request deletion.
License key + device binding (Pro plan only) Each Pro license allows one bound device. When you activate your license, the device ID you provide is stored alongside your license key to prevent key sharing. This is a single opaque string — we do not know what kind of device it is or who manufactured it. Basic plan users have no device binding and no device ID is stored.
Stripe customer ID and subscription ID When you purchase through Stripe, we receive a Stripe customer ID and subscription ID. These are stored so we can manage billing — process renewals, handle cancellations, and respond to payment failures. We never see your full card number. Card data lives entirely within Stripe's systems and never passes through ours.
Plan type and expiry date We store whether your license is Basic or Pro and when it expires. This is what our server checks when you connect — to verify your subscription is active and to apply the correct feature set. Without this we could not run a subscription service.
Connection history (desktop app only — stored locally, not on our servers) The Vizoguard desktop application keeps a local log of your connection history — times you connected, duration, and basic stats. This log exists only on your device. It is never transmitted to our servers. You can delete it at any time from within the app. We have no access to it.

How Our VPN Works

Understanding what we can and cannot see requires understanding the technical setup. We are not running a conventional VPN.

Protocol: Shadowsocks (not OpenVPN or WireGuard) — Shadowsocks disguises your traffic as regular HTTPS. To a network observer, your VPN connection looks like ordinary encrypted web traffic. This makes it significantly harder to detect or block in restrictive network environments.
Encryption: AES-256-GCM or ChaCha20-Poly1305 — Both are widely regarded as secure. ChaCha20-Poly1305 is the preferred cipher on devices where AES hardware acceleration is unavailable (older Android devices, for example). The encryption key is generated per-connection and derived from your access key — not stored on our server.
Infrastructure: one well-secured server — We don't run 6,000 servers across 94 countries. We run one server, managed directly by our team, on a VPS with 200 GB NVMe, 16 TB bandwidth, and 16 GB RAM. We know exactly what is running on it. We are not leasing rented infrastructure in 60 jurisdictions with uneven security practices.
No traffic inspection — Our server's role is to receive your encrypted connection, forward it to the destination, and return the response — all encrypted. It does not unpack, examine, or log the contents of your requests. It cannot. The payload arrives encrypted and leaves encrypted.

How Our AI Threat Detection Works (Pro)

Vizoguard Pro includes an AI-powered threat detection layer. Given that it analyzes your browsing behavior, the natural question is: does it send data about what you visit to our servers? The answer is no — and here is exactly why.

URL analysis runs on your device, not our servers — When you navigate to a URL, the threat analysis happens locally in the desktop application. Your URL is evaluated by the on-device model. It is not uploaded to our API for remote analysis.
8 analysis vectors run client-side — The detection engine examines signals such as domain age, URL structure, certificate properties, and pattern matching against known threat signatures. All 8 vectors execute in-process on your machine.
Threat decisions are made locally — The app decides locally whether to allow or block a connection. We do not receive a report of what you tried to visit or what was blocked. The threat decision is yours — not a query sent to our servers.
Blocklist updates are a static file download — The only server communication the threat detection system makes is periodically downloading an updated blocklist. This is a one-way transfer: we push a file, your device fetches it. We do not know which devices downloaded it or when.

What We're Working On

We are honest about what we haven't done yet and what we are planning.

Planned

Third-party audit We are a small team. We have not yet commissioned an independent audit of our no-logs claims or codebase. We know this is the gold standard — Mullvad and ProtonVPN have done it, and it matters. We are actively evaluating audit firms. When it happens, the results will be published here without redaction.
Evaluating

Open-source client components We are evaluating which parts of the desktop and Android clients can be open-sourced. Our preference is to open-source the VPN connection layer and threat detection core so the community can verify our no-inspection claim directly. This is under active internal discussion.
Planned

Warrant canary A warrant canary is a regularly updated statement confirming that we have not received any secret government orders, subpoenas, or National Security Letters requiring us to hand over user data without disclosure. We plan to publish one on this page. As of March 2026, we have received no such orders — but we want to make that statement a formal, dated commitment going forward.

Our Commitment

We're a small team at PRIME360 HOLDING LTD in Malta (EU). We built Vizoguard because we believe security software should be affordable and honest — not a race to the lowest price funded by selling user data, and not a premium product priced out of reach for most people.

We make money from subscriptions. That means our incentives are aligned with yours: if our product doesn't actually protect your privacy, you cancel. We don't have a fallback revenue stream that involves your browsing data. We don't serve ads. We don't have investors demanding we monetize your behavior.

If you have specific questions about our data practices that this page doesn't answer, email privacy@vizoguard.com. We will respond, not a bot.