Common questions answered below. If you can't find what you need, write to us — you're talking to the people who built this.
No. The price you sign up at is the price you renew at. Always.
We send a reminder at least 7 days before any renewal charge so you're never caught off guard. If we ever adjust pricing for new customers, existing subscribers are grandfathered at their original rate.
If you're not satisfied for any reason within 30 days of your first purchase, contact us and we'll refund you in full. No questions, no retention loops.
The guarantee applies to your initial purchase only — not to renewals. Refunds are processed within 5–7 business days depending on your payment method.
Cancel from your account dashboard at any time. Your access continues until the end of the period you've paid for — we don't cut you off immediately and we don't charge a cancellation fee.
You won't receive a renewal charge after cancelling. We'll send a confirmation email when the cancellation is processed.
Yes. Upgrading to a longer plan credits the unused portion of your current plan toward the new one. Downgrades take effect at your next renewal date — you won't lose access mid-cycle.
Yes. We accept Bitcoin and other major cryptocurrencies via BTCPay Server. Crypto payments are processed without linking your wallet to your account identity.
Note: the 30-day money-back guarantee does not apply to crypto purchases due to the irreversible nature of blockchain transactions.
Monthly and Annual plans support 5 simultaneous connections. The Two Year plan supports 10. All plans work across Windows, macOS, iOS, Android, and Linux on the same account.
No. We do not log the websites you visit, the content of your traffic, your DNS queries, your search terms, or anything you download or upload. That information never touches our systems.
We do log a small amount of connection metadata — session timestamps, total bandwidth per session, and your source IP at connection time. Your source IP is held for 30 days for abuse response, then permanently and automatically purged.
Because "zero logs" is almost always a lie, and we'd rather tell you the truth.
Running a VPN without any logging creates an open infrastructure for spammers, fraudsters, and bad actors within weeks. We log the minimum required to respond to abuse, comply with legal obligations, and keep the network reliable for everyone. We tell you exactly what that minimum is — and we don't log a byte beyond it.
No. Your traffic is encrypted before it reaches our servers. We route it to its destination and don't inspect, record, or analyse what it contains or where it's going.
Your DNS queries also route through our servers — we resolve them and discard them. We don't store or analyse DNS query history.
No. We are not a data company. We don't sell, share, or monetise your data in any form. Our revenue comes entirely from subscription fees.
We shut down our first operation in 2015 rather than compromise on this. That's not a marketing line — it's verifiable history.
Not yet — we launched in 2026 and this takes time to do properly. We are committed to completing a third-party audit within our first year of operation and publishing the results whatever they say.
An audit that only gets published when it's flattering isn't an audit — it's marketing. We'll publish ours regardless of findings.
WireGuard. It's faster, leaner, and simpler to audit than OpenVPN — the protocol we ran on for 13 years in our original operation. WireGuard has a significantly smaller codebase (roughly 4,000 lines vs OpenVPN's hundreds of thousands), which means fewer places for vulnerabilities to hide.
It uses modern cryptography by default and is now considered the standard for new VPN deployments.
Windows, macOS, iOS, Android, and Linux. All platforms are supported under a single account — the simultaneous connection limit applies across devices, not per platform.
Setup guides for each platform are available on the Apps page.
All VPNs add some overhead — your traffic is being encrypted and routed through an extra server. With WireGuard, this overhead is minimal. If you're experiencing significant slowdowns, try these steps:
1. Connect to a closer server. The further your traffic travels, the higher the latency. Use a region geographically close to you or the service you're accessing.
2. Check your base speed. Run a speed test without the VPN first. If your base connection is slow, the VPN will reflect that.
3. Try a different server. Individual servers can be under load. Switching to another in the same region often helps.
If speeds remain noticeably degraded across multiple servers, contact support and we'll investigate.
Yes, on routers that support WireGuard. This covers most DD-WRT, OpenWRT, and pfSense/OPNsense setups. Router-level installation protects every device on your network without needing the app installed on each one.
Router installation counts as one connection regardless of how many devices are behind it. Setup guides are available on the Apps page.
Often, yes — but we won't promise it and we don't market ourselves as a streaming VPN. Streaming platforms actively block known VPN IP ranges, and the situation changes frequently as they update their blocklists.
We are primarily a privacy product. Streaming access is a side effect, not a feature we guarantee.
A kill switch cuts your internet connection if the VPN drops unexpectedly — preventing your real IP from being exposed during a reconnect gap. It's one of the most important features a VPN can have.
Yes, we have one, and it's enabled by default. If the VPN connection drops for any reason, your internet access is suspended until the tunnel is restored or you manually disable the kill switch.
Available on Windows, macOS, iOS, Android, and Linux.
A DNS leak happens when your DNS queries — the lookups that translate website names into IP addresses — bypass the VPN and go to your ISP's servers instead. This reveals the sites you're visiting to your ISP even while your traffic appears encrypted.
SecureTunnel routes all DNS queries through our own servers and prevents system DNS from bypassing the tunnel. You can verify this with any DNS leak test tool — search "DNS leak test" and run the check while connected.
WebRTC is a browser feature used for video calls and peer-to-peer connections. It can expose your real IP address directly to websites — bypassing the VPN entirely — because it communicates outside the normal browser traffic path.
This is a browser-level issue, not a VPN-level one. The most reliable fix is to disable WebRTC in your browser settings or install a browser extension that blocks WebRTC leaks. Our app addresses this at the network level where possible, but browser-level WebRTC requires a browser-level fix.
Three checks to run while connected to SecureTunnel:
1. IP check. Visit our homepage — the crimson bar at the top shows your current IP. If it matches the server region you connected to, your IP is masked.
2. DNS leak test. Search "DNS leak test" and run the check. All DNS servers shown should belong to SecureTunnel, not your ISP.
3. WebRTC check. Search "WebRTC leak test" and run it in your browser. If your real IP appears, you have a WebRTC leak at the browser level (see above).
Fargo, North Dakota, USA. Operated by Sterling Security Research, Inc., a North Dakota S-Corporation. Ben, Shawn, and Todd are the named operators.
There is no parent company, no holding group, and no offshore entity behind this. You can verify our domain ownership at lookup.icann.org.
With a valid court order, yes — we cannot ignore lawfully issued legal process. We won't claim otherwise.
What we can tell you is that we log as little as possible specifically so there is very little to hand over. If your source IP has been purged (after 30 days) and we have no traffic logs, a court order produces connection timestamps and bandwidth totals — not browsing history, not destinations, not content.
We will notify affected users of any legal request to the maximum extent the law allows. If prohibited from doing so, we will update our warrant canary.
A warrant canary is a regularly updated statement that we have not received any secret government orders we are prohibited from disclosing (national security letters, gag orders, etc.). As long as the canary is updated on schedule, no such orders have been received.
If the canary stops being updated or is removed, that's a signal something has changed — even if we can't say what. Our canary is published in the Legal section of the site.
We will shut this down before we sell it out. That's not a marketing line — it's what we did in 2015. When running it right was no longer sustainable, we closed the servers. We didn't sell to a holding company. We didn't quietly hand it off.
If this business ever reaches a point where the only path forward requires compromising our promises to subscribers, we close it. Subscribers are notified first and given time to move. That option is always on the table.
Write to us directly. You're talking to the people who built this — not a support script reading from a knowledge base. We typically respond within one business day.
[email protected]When contacting support, include your account email, the platform you're using (Windows/macOS/iOS/Android/Linux), and a brief description of what you're seeing. Screenshots are always helpful.
For billing issues, include your order number if you have it.