Is VPN safe?
Not for an app that sees everything you do online.
Our take. A VPN carries all of your traffic, yet VPN is built with more third-party tracking code than 94% of the vpns we have scanned, including an analytics SDK from India. We would not trust it with anything private.
VPN links 0 categories of your data to you.
From the developer's own App Store privacy label. These are the kinds of data VPN ties to your identity, and it also declares it shares data to track you across other apps.
It carries trackers from 4 companies.
Third-party SDKs found in the app, matched to the company that publishes each. Present in the code; we do not observe what they transmit.
Where it sits among vpns.
Every one of these apps we have scanned, on the two measures above: third-party trackers it carries (across) and data it links to you on its own label (up). Toward the top right is more invasive.
Each dot is one vpn app. VPN sits to the right, carrying more third-party tracking than most.
Two more flags.
Each is a fact read straight from the app. The same checks run on every app we scan. Only the ones that apply here are shown.
It declares cross-app tracking
Its own App Store label says it tracks you across other companies apps and websites using your advertising identifier.
It sends analytics to a company in India
InMobi is a India company. Its analytics SDK is built into the app.
What it's built from.
All 43 SDKs in the app, grouped by what they are for. 11 are third-party trackers.
11 of the 43 are third-party trackers. The rest are the app's own code and standard open-source building blocks.
Show the full SDK list
How we know this
Counterspy downloads the app from the App Store and statically analyzes its compiled binary. Embedded SDKs are matched against a signature database and resolved to the company that operates each. We also read the developer's App Store privacy label, which lists the data the app says it collects and links to you. We do not run the app or intercept its traffic, so we report capabilities present in the code and the developer's own disclosures, not proven transmission. We assess privacy and data collection, not malware, security flaws, or developer intent. Reports are automated and never edited for payment. Scan v2.25, 2026-04-03.
- Third-party trackers are advertising, analytics and attribution SDKs detected by static signature matching. Presence shows a capability is compiled in, not that it ran or transmitted data.
- "Data the app links to you" is the count of data categories the developer declares as Data Linked To You in its App Store privacy label. Labels are self-reported and not verified by Apple.
- Comparison across the 33 vpns in our corpus. Trackers: median 3. Data linked to you: median 0.