Comment by ignoramous

Comment by ignoramous 2 days ago

> no databases of user info

Depends on the payment method. Accounting is mandatory in Sweden.

  As a customer of [payment] services, these entities would allow us to request this information if we chose to do so. In short, your payment actions with these two methods are not anonymous and the GDPR and other relevant data protection regulations may apply if you are making a payment by credit card, PayPal, Swish or by bank wire.

  The data must be kept for the statutory retention period described in applicable local laws such as the Swedish Accounting Act (some information must be stored for seven years from the end of the fiscal year).

That "some information" according to Swedish Accounting Act (bokföringslagen): "Every transaction, including customer payments, must be supported by proper documentation such as invoices, receipts, and payment confirmations."

https://mullvad.net/en/help/no-logging-data-policy / https://archive.vn/qkvD3

ijustlovemath 2 days ago

Sure, but if privacy matters to you, you have the option of buying credit anonymously and applying it to an anonymized account number. And if your threat model includes nation states, you're definitely not buying anything with a credit card. I also think if you're after payment details, there's more lucrative targets, eg Stripe.

Reply View 2 replies

ignoramous 2 days ago

OK. I was just wondering about your "zero trust" (aka "no database of user info etc") comment in the face of those and other Swedish laws that apply to Mullvad, is all.
What you're now telling me is only if I, as a user, don't give Mullvad my info, they wouldn't have to store that. I mean, that's one way or one way of looking at it, alright.

Reply View | 1 reply
- sdht0 a day ago
  
  Another way of looking at it is that Mullvad has gives their users the ability to do that, as compared to so many other "top" VPNs.
  
  Reply View | 0 replies