Privacy Policy

Last updated: January 15, 2026

Private Internet Access ("PIA", "we", "us", "our") operates piavpn.org and the PIA VPN applications (collectively, the "Service"). This Privacy Policy explains what information we collect, how we use it, and the rights you have over that information.

Summary: We do not log your VPN activity. Ever. We collect the minimum information necessary to create your account, bill you, and keep our Service running. We never sell your data.

1. Our No-Logs Commitment

We do not log, monitor, or store any of the following:

• Websites you visit or content you access
• IP addresses assigned while connected to the VPN
• Connection timestamps or session durations tied to individual users
• Bandwidth usage tied to individual users
• DNS queries

Our servers operate in RAM-only mode, meaning no data is written to persistent storage. This policy has been independently audited and upheld in multiple court proceedings.

2. Information We Do Collect

Account Information

When you sign up we collect: email address, a username, and encrypted payment token (via our payment processor — we never see full card numbers).

Anonymous Usage Statistics

We collect aggregate, anonymized metrics (total active sessions, aggregate bandwidth, server load) to operate the Service. None of this is linkable to an individual user.

Support Communications

If you contact our support team we retain the correspondence for quality and training purposes.

3. Cookies

Our website uses essential cookies for authentication and language preferences only. We do not use advertising or cross-site tracking cookies.

4. How We Share Information

We share information only when strictly necessary:

• With payment processors to complete transactions
• With service providers bound by confidentiality (e.g., email delivery)
• When required by valid legal process — but since we hold no activity data, there is nothing to produce

We do not sell, rent, or trade personal information. Ever.

5. Your Rights

Depending on your jurisdiction (GDPR, CCPA, etc.) you may have the right to:

• Access your account information
• Request correction or deletion of your account data
• Object to processing or request a copy
• Lodge a complaint with a supervisory authority

To exercise these rights, contact privacy@piavpn.org.

6. Security

We use AES-256 encryption in transit, secure credential hashing (Argon2id) at rest, and continuous security monitoring. Our systems are audited annually by independent firms.

7. Transparency Reports & Audits

We publish an annual transparency report and an independently audited no-logs attestation. Both are available on our blog.

8. Children

Our Service is not directed to children under 16. We do not knowingly collect information from anyone under 16.

9. Changes to This Policy

We may update this policy. Any material changes will be announced at least 30 days in advance via email and on this page.

10. Contact

Questions? Write to privacy@piavpn.org or our Data Protection Officer at dpo@piavpn.org.