Is it safe to use Hotspot Shield?

Hotspot Shield VPN 2021 test & evaluation

advantages: Hotspot Shield has a very clear zero log policy and doesn't track anything you do online. It also uses its own Hydra catapult protocol, which is much faster than OpenVPN. In addition, it uses the highly secure AES-256 encryption and has a kill switch.

disadvantage: It does not use its own DNS server

1. Logging Policy

What is a logging policy and why is it important?

Every app developer wants to know how their app is being used, who is using it, and how performance can be improved to attract even more users. VPN providers are no exception.

Even if you don't expect them to collect information about their users, after all, a VPN is for anonymity on the internet, but most VPN providers still do. This information is stored in logs. The number and type of data providers that are kept in the user logs can vary, but they usually fall under one or more of the following four categories:

  • Service-specific information: Anonymous information about the VPN server you use to surf the Internet, the operating system of your device and the version of the VPN client used.
  • Connection-specific information: Anonymous information that shows the date, time and duration of your browser sessions as well as the volume of inbound and outbound traffic per session.
  • IP Specific Information: This information indicates the IP address from which you connected to the service and can be used to indicate your exact location.
  • Activity-specific information: Comprehensive information about your surfing activities, including the addresses of websites you visit while using the service, as well as your search history.

Typically, you don't need to worry about the first two categories of information (service-specific and connection-specific). As mentioned earlier, this data is collected anonymously and usually bundled with similar data collected by other users to derive usage and performance statistics.

The only reason a VPN provider needs your real IP address is to find out where their service is being used. While this may not be that big of a dilemma from their point of view, it could be a deal breaker for users looking for a safe and 100% anonymous browsing experience.

However, there is no need for a VPN to spy on your online activities. If your provider keeps logs of the websites you visit, the online services you use, and the web searches you perform, you should be concerned. This is usually the case with free providers, which is why we never recommend them. They tend to use this information for promotional purposes and / or sell it to third parties who collect this information.

None of the VPN providers we recommend collect personal information about their users.

While other vendors claim they don't log sensitive user data, it may not be entirely true. They have different ideas about what counts as sensitive data. Because of this, you should always read the privacy policy and at least one or two honest reviews before signing up for anything.

What is the Hotspot Shield logging policy?

Hotspot Shield has a very clear zero-log policy: it doesn't log your browsing data and it will delete your IP address after you disconnect from the VPN. So you are online completely anonymously.

Many VPNs are relatively small businesses and have vague privacy policies. This can be a problem as you don't know exactly what exactly is being saved. Hotspot Shield is not a small company. With more than 650 million users around the world, data collection transparency is a top priority. In her own words as follows:

Our goal is to know in advance what we are collecting

We have read their privacy policy and transparency report in full and can infer the following:

  • Your IP address is saved, but only when you are connected to the VPN: when you disconnect from the VPN, your IP address is deleted.
  • Your browsing history is never saved: your online activities (the websites you visit and the services you use) are never tracked or saved.

2. Area of ​​affiliation

What is an area of ​​responsibility and why is it important?

Like any other business, a VPN provider must operate in accordance with the laws and regulations of the country or state in which they are incorporated. The country in which the provider is registered and the laws they must comply with are generally referred to as the jurisdiction.

Many developed countries such as the United States, Australia and Canada, as well as most EU member states, have strict data retention laws. Internet Service Providers (ISPs) in these countries must comply with these laws by keeping logs of their users' browsing activity and email exchanges. ISPs must also provide this information to the authorities upon request. To protect their privacy, many people use VPNs, which makes their personal information invisible, even to their ISP.
Since VPNs are private network providers, they do not have any public retention requirements. Even so, government agencies are still trying to seize servers and data logs from VPN providers.

For example, every federal agency can turn to the appropriate VPN with a national security letter, a secret subpoena in which they can access data logs and VPN servers. In 2013, the encrypted email provider Lavabit decided to shut down after the NSA sent it such a letter. He was asked for access to Edward Snowden's private emails. Due to pressure from local authorities regarding data retention laws, Private Internet Access abruptly shut down all servers in Russia in 2016.

There are many more examples of government agencies attempting to seize data from VPN providers, but most of them are not made public. To protect yourself from such situations, you should do the following:

Use a VPN that is registered in a country with loose or nonexistent data retention laws and that doesn't have an active membership in nondisclosure agreements like Fourteen Eyes or UKUSA.

Use a VPN that has a strict zero-log policy and does not record sensitive information that identifies users' location, identity, browsing habits, or the content of private conversations.

What is the responsibility of Hotspot Shield?

Hotspot Shield is registered in the United States. This is important to know as the US is not a good choice when it comes to online privacy.

US Internet Service Providers (ISPs) are allowed to collect and sell your data, the NSA conducts mass surveillance, and government agencies can attempt to confiscate data through corporate court orders.

As clearly stated in Hotspot Shield's transparency report, they are regularly contacted by law enforcement agencies in the US and abroad to identify users based on IP addresses related to Hotspot Shield's VPN servers.

Since Hotspot Shield does not collect any information about its users, it cannot transmit any information. Hundreds of data requests have been received since 2016. But it never passed anything.

This is the strength of a strict logging policy. You're safe with Hotspot Shield. Even in the US.

3. Protocol

What is a log and why is it important?

The way in which data is transmitted over the Internet, a private network or a local area network (LAN) is defined by a protocol. A VPN protocol determines how the VPN tunnel is established between your computer and the VPN server.

There are different protocols that offer different levels of encryption, security, and speed. OpenVPN is the most secure, while PPTP, L2TP, SSTP and IKEv2 are also widely used.

What protocols does Hotspot Shield use?

Hotspot Shield uses hydra catapult. This is a proprietary developed VPN protocol.

In the past, Hotspot Shield used IPSec and OpenVPN, but developed its own protocol to improve its performance. And with great success: Hotspot Shield is by far the fastest VPN in the world.

Compared to OpenVPN, Hydra Catapult offers significantly shorter connection times and much higher connection speeds over long distances.

4. Encryption

What is encryption and why is it important?

Encryption is the technology that keeps the data that you send and receive over the Internet secure. It uses an encryption key to temporarily convert readable data into unreadable data for secure online transmission. In order to decrypt the data and make it readable again, both the sender and the recipient must have access to this key.

Today there are two widely used VPN encryption standards, both of which are sub-types of the Advanced Encryption Standard (AES). One is AES-128, which uses a 128-digit key to protect data. While AES-128 is already impenetrable, there is also AES-256. As the name suggests, the data is hidden behind a 256-digit key, which makes it even more secure than the 128-digit key.

Which encryption standard does Hotspot Shield use?

Hotspot Shield uses the most secure AES-256 encryption standard.

5. DNS servers

What are DNS servers and why is it important?

Every website on the Internet has its own IP address, a seemingly random sequence of numbers that identifies the host server. Memorizing all of these numbers would be too difficult to say the least. Therefore, each IP address has a corresponding domain name that is easier to remember (e.g. “”).

When you enter a domain name in the address bar of your browser, a DNS server immediately searches for the corresponding IP address and directs you to that address. The information on IP addresses and associated domain names is stored on the server itself. In this sense, a DNS server is like the Internet's phone book.
Your ISP doesn't see the domains you are visiting, but they do log the IP addresses you have interacted with. If your VPN provider has its own DNS server, the DNS-IP conversion is carried out in the same encrypted tunnel that protects all your other data. So your ISP has no way of knowing which websites you have visited or restricting your access to certain IP addresses.

Does Hotspot Shield use its own DNS server?

No, Hotspot Shield uses third party DNS servers.

6. Kill switch switch

What is a kill switch and why is it important?

If your VPN connection is suddenly interrupted during your surfing session, your personal data will no longer be encrypted and thus made visible to your ISP and the owners of the websites you visit. To prevent this, some VPNs have an integrated kill switch function that automatically disconnects you from the Internet if you lose your connection and connects you again as soon as the VPN server of your choice is active again.

Does Hotspot Shield use a kill switch?

Yes, Hotspot Shield uses a kill switch switch.

7. Leak test

What is a “leak” and why is it important?

Although VPNs encrypt all of your data, parts of it may also be visible to others, even if you are connected to a VPN server. Examples of these “data leaks” are IP leaks (where your IP address is visible to others), WebRTC leaks (the content of voice and video chats), DNS leaks (the domain names of the websites you visit) and Windows Permission leaks (your Windows credentials).

Does Hotspot Shield make your data visible?

No, Hotspot Shield did not leak any data in our tests.