Lantern Privacy Policy
Lantern servers do not and will never log:
- Linking Lantern account to real identity (such as purchase information)
- Connection logs (time stamps of connection of IP addresses from client to Lantern server)
- Browsing history
- Traffic destination or metadata
- DNS queries
Lantern is committed to protecting your privacy. We want you to understand what information we collect, what we don’t collect, and how we collect, use, and store information. We disassociate your payment information with your Lantern Pro account. We do not collect logs of your activity, including no logging of browsing history, traffic destination, data content, or DNS queries. We also never store connection logs, meaning no logs of your IP address, your outgoing Lantern server IP address associated with the connection timestamp, or session duration. Given a specific Lantern Pro account, Lantern is technically unable to associate the Lantern account with the real identity of the user. Given a Lantern IP address and a precise time-stamp, Lantern is technically unable to attribute this IP address to a Lantern user or a Lantern user IP address.
Our guiding principle toward data collection is to collect only the minimal data required to operate a world-class service at scale. We designed our systems to not have sensitive data about our customers; even when compelled, we cannot provide data that we do not possess.
This privacy policy will help you understand how Innovate Labs, LLC (“ Lantern ,” “ we ,” “ our ,” or “ us ”) collects, uses, and stores information.
Click to see the independent security audit done by NCC Group, one of the world's leading cyber security service providers
General Information
Lantern collects four types of information:
(i) Information related to your account (“personal information”)
This information is collected for the purpose of administering your Lantern subscription and includes your username, email address, and payment information, which you submit on our order page when you subscribe for the Services. We accept any email address because the email address is not verified. All Payment information such as transaction ID, payment account will be disassociated after account creation, to prevent association with your real identity.
(ii) Aggregate Apps and Lantern server connection summary statistics
Lantern collects minimal information about usage in order to maintain excellent customer support and quality of service. The section below specifies in detail what information we collect. These statistics never include anything about what the user did with the Lantern server: no data about the contents or destinations of Lantern server traffic, no DNS queries, and no IP connection logs.
(iii) (User-controlled option): Anonymous app diagnostics, including crash reports
App diagnostic data, which include crash reports, usability diagnostics, and Lantern server connection diagnostics, are anonymized and cannot be tied back to individual Lantern users.
(iii) (User-controlled option): Issue report submission:
Users can choose to affirmatively submit issues to Lantern to debug an issue. This issue has logs attached and is not anonymized to help debug the issue. However, users have to affirmatively go into the menu to submit issues to us.
Personal Information
Lantern collects personal information that you provide to us directly through the app. The specific information collected varies depending on the payment method you choose. However, all Payment information such as transaction ID, payment account will be disassociated after account creation, to prevent association with your real identity.
With some forms of payment, the Site may redirect you to the website of a third-party payment processor to complete the transaction. To understand what personal information these processors collect and store, please refer to the respective processor's terms and privacy policy. However, third party processors or Lantern technically cannot link such payment information to a specific Lantern Pro account.
All payment information will be disassociated after account creation.
- We collect your payment information to create a Lantern Pro account.
- All payment information that is collected during account creation such as payment account, the name of the account holder, payment method, transaction ID and order ID is immediately disassociated with the Lantern pro account after Lantern Pro account creation. This is to prevent association of Lantern Pro accounts with real identity.
- We cannot control the storage of payment information stored by third party processors. However, third party processors or Lantern technically cannot link such payment information to a specific Lantern Pro account.
- The date of purchase and date of expiration will be stored with the account. But no precise timestamps are stored to avoid correlation with payment data.
We accept any email address and the email address is not verified. Lantern uses the email address you provided for the following reasons:
- To send emails related to payment transactions.
- To provide links to our Site, including password reset emails.
- To send you updates and announcements.
- To communicate with you about your Lantern server services or respond to your communications.
- To send marketing information, such as Lantern offers, surveys, invitations, and content about other matters in connection with Lantern (“Marketing emails”). You may choose to not receive Marketing emails by following the opt-out procedure described in these emails.
Lantern uses your personal information only for the purposes listed in this Privacy Policy, and we do not sell your personal information to third parties.
Aggregate Apps and Lantern server Connection Summary Statistics
We ensure that we never log browsing history, traffic destination, data content, IP addresses, or DNS queries. Therefore:
- We do not know which user ever accessed a particular website or service.
- We do not know which user was connected to the Lantern server at a specific time or which Lantern server IP addresses they used at a specific time.
- For Lantern Pro users, we do not know the set of original IP addresses of a user’s computer.
- For Lantern Pro users, we do not know who purchased the pro account.
- For Lantern Free users, we collect user IP to limit abuse. However, we cannot associate Lantern server IP to the user IP address even with a precise time-stamp.
Should anyone try to compel Lantern to release user information based on any of the above, we cannot supply this information because the data don’t exist .
In order to maintain excellent customer support and quality of service, Lantern collects the following information related to your Lantern server usage:
Device ID
Device ID a randomly generated identifier that is stored on the user's machine. It cannot be tied to the user’s hardware such as hardware serial number, MAC address, IMEI. We collect this information for diagnostic purposes and allow you to manage your Pro account.
Apps and Apps versions
We collect information related to which Apps and Apps version(s) you have activated. Knowing your current version of the Apps allows our Support Team to troubleshoot technical issues with you.
When utilizing the split tunneling feature on the Android app, Lantern queries the system to obtain a list of installed applications. This allows users to selectively determine which apps should communicate over the VPN tunnel. It's important to note that this list is solely accessed within the split tunneling view and is never transmitted from the device.
Language/local setting
We collect information on your operating system language and local setting to help customize your Lantern interface.
Aggregate sum of data transferred (in MB)
We collect information regarding the total sum of data transferred by a given user and a given device. Although we provide unlimited data transfer for pro users, if we notice that a single user or device pushes more traffic than thousands of others combined, thereby affecting the quality of service for other Lantern users, we may contact that user for an explanation.
Summary
We collect minimal usage statistics to maintain our quality of service. We may know, for example, that a lantern account has access to our Lantern server in New York, Hong Kong and Japan, and consumed 5GB of data for the month. The Lantern account can’t be uniquely identified as responsible for any specific behavior because his usage pattern overlaps with thousands of other Lantern customers who also have access to the same Lantern servers.
We’ve engineered our systems to categorically eliminate storage of sensitive data. We never know WHO the account holder is or HOW they have utilized our Service. We stand by our firm commitment to our customers’ privacy by not possessing any data related to a user’s online activities.
Anonymous App Diagnostics, including Crash Reports(can be turned off by the user)
With your permission, we collect anonymized app diagnostic data, which include crash reports, usability diagnostics, and Lantern server connection diagnostics. We use these data in our network operations tools to help optimize network speeds and to let us identify problems and areas for improvement related to specific apps, Lantern servers, or ISPs. The information we receive is fully anonymized and cannot be tied back to individual Lantern users (i.e., we do not store which user sent which data, and we do not store user IP addresses).
If you share this information with Lantern, we will collect the following anonymized information:
- Diagnostic information about if and how a Lantern server connection attempt failed.
- Speed test data.
- App diagnostics, including crash reports and usability diagnostics, also without any
personally identifiable information. These are handled in an anonymized form by these third parties, dependent on the platform you are using Lantern on:
- Windows: Sentry, owned by Functional Software, Inc. See Sentry’s Privacy Policy.
- Mac: Sentry, owned by Functional Software, Inc. See Sentry’s Privacy Policy.
- Linux: Sentry, owned by Functional Software, Inc. See Sentry’s Privacy Policy.
- iOS: See Apple’s Privacy Policy You can disable Apple’s crash reporting in iOS settings as described here.
- Android: Firebase Crashlytics, owned by Google. See Firebase’s Privacy and Security documentation.
You can start or stop sharing these diagnostic data at any time in the App’s settings menu. On iOS, Apple’s crash reporting can be turned off in iOS settings.
Jurisdiction and Applicable Law
Lantern’s core mission is to keep your information private. In service of this mission, Lantern’s headquarters and registered place of business is in the United States.
The United States has no data retention laws, and any legal order requiring an American company to disclose customer records must come from an American court or American law enforcement agency. Under American law, information requests from foreign courts or law enforcement are subject to a “dual criminality” provision, meaning that the request is upheld by an American court only if the same crime is punishable by at least a one-year prison sentence under American law, had it taken place in the United States. Should we receive a valid legal order from an American Court, it is important to note that Lantern is technically unable to associate a Lantern account with the real identity of user and Lantern is technically unable to associate a Lantern IP address and corresponding time stamp with a single user IP address or a single Lantern user.
To learn more about how we respond to law enforcement requests, please visit our transparency report.
Storing of Information Related to Email and Feedback
Forms
Lantern keeps records of any correspondence, questions, complaints, or compliments you submit to us through our Site or Services, along with our response. Depending on how you contact Lantern, we may collect your email address and any additional information you provide to us. Having full correspondence records enables our staff to provide the best possible customer support experience.
We use a third-party platforms for support correspondence: Groove for emails and support tickets. When you correspond with us using these platforms, they will store your correspondence records—including your email address, as well as user and device attributes that help with troubleshooting, such as the country you are contacting us from and your device’s operating system. The platforms utilize modern security practices and HTTPS encryption.
Security Measures to Protect Your Information
While we believe our previous privacy guarantees are robust, it is important to understand that no data security measures in the world can offer 100% protection.
None of these data centers require us to collect or store any traffic data or personal information related to your use of Lantern server Services. If any data center were to ask us to log such data, we would immediately cease operations with said data center and find alternative options.
Even if a government were to physically seize one of our Lantern server servers, there would be no logs or information that would tie any individual user to a particular event, website, or behavior.
Consent and Age Restrictions
By using the Site, Content, Apps, Software, or Services, you agree to have your information handled as described in our Terms of Service and Privacy Policy.
The Services are intended for adults aged 18 and above. If you believe your child has provided information to us, please let us know immediately.
Advertisements
Occasionally, we employ advertisements as a means of sustaining our service, employing technologies like cookies and web beacons. These cookies utilized by our advertising affiliates facilitate the delivery of targeted ads, leveraging your usage data. Any data acquired through this procedure adheres to the regulations stipulated in the privacy policies of our advertising partners.
Users in the European Union
Lantern server is committed to user privacy globally, and our existing practices reflect that through minimal collection of data and ensuring users have control over their personal information. The General Data Protection Regulation (GDPR) of the European Union (EU) requires us to outline those practices in a specific manner for users in the EU.
In line with the GDPR, we collect and process the data outlined in this Privacy Policy on one of the following bases, depending on the circumstances:
- For the purposes of fulfilling our contractual obligations to users, including:
- Providing users with the Services and Apps they have requested.
- Managing user subscriptions and processing payments.
- Providing customer support.
- For a legitimate interest associated with the operation of our business, including:
- Enhancing the quality, reliability, and effectiveness of our Site, Services, and Apps.
- Communicating with customers to provide information and seek feedback related to our Services and Apps.
- With the consent of users, which users can withdraw at any time.
You can exercise your rights under the GDPR to access, transfer, correct, delete, or object to the processing of your personal information by contacting us at support@getlantern.org
Changes to the Privacy Policy
We may change our Privacy Policy from time to time, without prior notice to you, consistent with applicable privacy laws and principles. Your continued use of the Site or Services constitutes your acceptance of our Privacy Policy.
How to Contact Lantern
If you have any questions regarding our Privacy Policy and how we handle your information, please feel free to contact Lantern at the following email address: