Does NordVPN Log Your Data? The Evidence in 2026
NordVPN claims to keep no logs. But how do we actually know this is true? We look at the audits, the court cases, and the technical evidence.
Every VPN claims to keep no logs. The ones worth trusting can back up that claim with evidence beyond a privacy policy. Here is the evidence for NordVPN no-logs claim specifically.
The 2018 server seizure
In 2018, a NordVPN server in Finland was accessed by an unauthorised party without NordVPN knowledge. This became public in 2019. The finding relevant to logging: when the server was accessed, there was no user data to steal. No connection logs, no IP addresses, no browsing history. This is the most credible evidence a no-logs policy is real: a third party had full access to a NordVPN server and found nothing useful about NordVPN users.
Independent audits
PricewaterhouseCoopers audited NordVPN no-logs policy in 2018 and 2020. The audit involved reviewing NordVPN systems, processes, and configurations to verify that no user data is retained. Both audits confirmed the no-logs claims. PwC is one of the largest and most reputable professional services firms in the world with significant reputation risk attached to their audit conclusions.
Technical implementation
NordVPN uses RAM-only servers across its network. RAM memory does not persist when power is removed. This means even if a server is seized and physically taken by authorities, there is no data stored on disk to recover. The combination of a policy, audit verification, and technical architecture that makes data retention physically difficult is the strongest available evidence.
What NordVPN does collect
NordVPN does collect some account-level data: your email address, payment information, and when your subscription was created. What they do not collect: IP addresses, browsing history, connection timestamps, or any data that could identify what you did while connected. The distinction between account data and usage data is important.
The verdict
The evidence for NordVPN no-logs policy is stronger than most VPN providers. The 2018 server seizure providing real-world proof, combined with PwC audits and RAM-only server architecture, is a credible combination. It is as close to verified as a no-logs policy can realistically get.
We test every tool we review. Ratings are based on real testing, not affiliate commission rates. Learn about our methodology →