Privacy policies can be a difficult read. They’re usually long and complicated documents that are drowned in “legalese” that only a lawyer could love. They are rarely updated and don’t reflect all the decisions which might allow a new piece of customer information to be collected or used.
This isn’t how it works at TunnelBear. From day one, we designed our VPN service to operate with a minimal amount of personal information. We have frequent privacy discussions to make sure our policy is up to date and evaluate any new information that might be collected. If new information is being collected, we’re careful to share these changes with you and let you know why we’re collecting it.
Removing your first name
The Bears are friendly by nature. When we started TunnelBear, we wanted our emails to come across as personalized, so we asked for your first name when you signed up. Of course, you could sign up with a fake name (there were some creative ones), but we’ve decided that complete privacy is more important than personalization. Plus, we can be friendly without addressing you by your first name.
Any first names that were stored by TunnelBear have been deleted from our database.
Removing maul trackers
The TunnelBear desktop apps used to have a feature called Maul Trackers. The feature blocked advertising trackers so they couldn’t follow you around the Internet. TunnelBear used to keep an anonymized count of the overall number of trackers we had blocking so we could report on who was doing the most damage to your privacy.
However, with https advertising becoming more common and trackers becoming more sophisticated our server-side approach to blocking has become less effective. TunnelBear recently introduced TunnelBear Blocker, a Chrome extension that blocks creepy online trackers. Blocker is free, open source and we don’t collect any information from it.
All information related to Maul Trackers has been deleted from our database including the blocked anonymized top level domains and the number of times these domains were blocked.
Removing total lifetime connections
Back in 2013, our team was looking for a privacy-respectful way to understand how frequently people were using TunnelBear. We came up with “total lifetime connections” as a metric to see how often someone turned TunnelBear ‘On’.
Total lifetime connections were stored as a number which increased over time, but since we never stored timestamps with this data, we quickly found that it was a difficult metric to use to understand the usage of our service. We’ve now deleted all entries related to total lifetime connections from our database.
So what do you wish you knew about TunnelBear's privacy practices? If you have any ideas, send us an email at firstname.lastname@example.org.