DuckDuckGo VPN has undergone an independent no-logs audit – and your data is confirmed to be safe

DuckDuckGo's VPN has passed an independent no-logs audit, with security firm Securitum confirming the service does not track user activity or store identifiable data.

The audit ran between October 2025 and January 2026 and included a full inspection of live servers, internal systems, and source code. Auditors checked how the VPN handles traffic, authentication, and infrastructure controls.

They found no evidence of logging mechanisms or data retention tied to individual users.

DuckDuckGo's product can't match the best VPNs, but it forms part of the company's privacy suite – and may be attractive to existing DuckDuckGo users.

No logging, no tracking – what the audit revealed

An independent audit by Securitum found that DuckDuckGo does not log user activity on its VPN servers, validating its privacy policy and no-logs commitment.

Auditors conducted a technical review of live production systems, including source code inspection and infrastructure analysis, and found no mechanisms that track or store browsing data.

The report also confirmed that DuckDuckGo does not retain connection metadata such as DNS queries. The VPN uses an internal resolver with in-memory caching, which clears data after a set period and does not write logs to disk – limiting the ability to associate users with specific domains.

Securitum found that the VPN does not inspect user network traffic and operates without logging functions enabled. DuckDuckGo also separates authentication from VPN usage, issuing session tokens that are not linked to individual identities and clearing session data after each connection.

Additional findings showed that all VPN servers run a consistent no-logs configuration across regions and operate on dedicated infrastructure. Changes to logging-related systems require formal approval controls to reduce the risk of unintended data collection.

This audit follows a separate security audit completed in 2024 and supports DuckDuckGo's stated privacy policy, which maintains that the company has no way to tie VPN activity to individual users.

Basic protection, but a lack of advanced tools

DuckDuckGo VPN is included in the company's Privacy Pro subscription and runs through the DuckDuckGo browser – a privacy-focused alternative to Google Chrome.

It encrypts traffic across the entire device, hides a user's IP address from websites and services, and supports iOS, Android, Windows, and macOS, with up to 5 simultaneous connections.

The app offers a stripped-back interface with limited configuration and no deep server-level controls, which keeps setup quick but omits advanced features found in more established VPNs.

DuckDuckGo VPN does not rank among the top-tier VPN services. It lacks multi-hop routing, split tunneling, dedicated IP addresses, and streaming-optimized servers, all of which are common in VPNs like NordVPN or Surfshark.

Its $9.99 monthly price also more expensive than most long-term VPN plans. The best VPN deals see prices start at $1.11 per month, so considering exploring your options if the VPN is what attracts you to the DuckDuckGo subscription.

For the same price as DuckDuckGo Privacy Pro, you can subscribe to Proton Unlimited, and benefit from an entire privacy-focused ecosystem to rival Google.

That said, it can still make sense for existing DuckDuckGo users. The subscription adds a VPN alongside private search, tracker blocking, and email protection, giving users an extra layer of network-level privacy without managing a separate service. There's also private AI tools and identity theft protection.