Skip to main content

This VPN just received top marks for its new no-logs policy

hma vpn
(Image credit: Future)

HMA has received a “low-risk user privacy impact rating” after its strict no-logs policy was independently audited by cyber-risk experts at VersSprite.

Already one of the world's best VPN providers – and formerly known as HideMyAss! – HMA offers more than 1,100 servers across 190 countries. It announced the policy earlier this year in order to protect the data of its users, and conducted the independent assessment to ensure it was 100% effective.

You can read our full HMA review here.

Independent audit

HMA says that the third-party review “included analyses of data, traffic, and storage on both the client and server-side, and the disconnection of user identities with data containing information about online user activity.” 

The results were then used to calculate a risk level from low to critical, which turned out to be the former. 

Andrei Mochola, commercial director at HMA, said: “The VPN industry has struggled with a trust issue for a long time. 

“The ownership of some VPN companies is ambiguous at best or concealed at worst, and many people are unaware that they’re handing over their data to organisations which offer little to no visibility on what they do with it.”

Mochola explained that the company’s no-logs policy forms part of a wider privacy improvement effort. 

“This stamp of approval from VerSprite completes phase two, and moving forward we will also be introducing new privacy features, connection protocols, and improvements to our infrastructure so we can better protect user privacy,” he added.

The provider has joined the likes of ExpressVPN and NordVPN who have had their own no-logging policies audited by established names like PricewaterhouseCooper.

Closing any gaps

During the independent audit, VerSprite analysed HMA’s Android VPN, iOS VPN, Mac VPN and Windows VPN applications “from the installation process through the entire data flow of the in-scope endpoint applications.” 

In a media release, the companies said the aim of this independent audit was to “identify, report and provide recommendations for any technical gaps" within HMA's newly launched no-logs policy. 

Tony UcedaVélez, CEO of VerSprite, added: "HMA relied on our offensive security team’s talents to focus more on privacy violations that could be present via the VPN client software. 

“We worked to help validate the assurances made from the no-logging policy and helped them understand the nature of the risks identified so that they could improve the product’s overall privacy level.”