Privacy regulation varies by country: some ISPs face stricter limits on retention or sale of data; others operate in looser environments. The technical picture is consistent: encryption and proper DNS routing through the tunnel deny your ISP the same visibility they would have on a plain connection.
This article complements our VPN security and tracking guides — read those for browser-layer tracking VPNs do not stop.
Looking for a reliable VPN?
KloxVPN — from $2.83/month. Apps for every device.
Plain Connection Visibility
Unencrypted DNS to the ISP’s resolver reveals domain lookups. HTTPS hides payload, but IPs and SNI (where not encrypted) can still leak destinations unless you add protections such as encrypted DNS and VPN tunnels.
On a Working VPN
DNS should traverse the VPN; kill switch should block leaks on disconnect. Misconfigured split tunneling or captive portals can re-expose plaintext; test after travel.
Marketing vs Regulation
“We do not sell browsing history” may be true in specific jurisdictions or narrowly defined; read policies and local law together.
Key Takeaways
VPNs materially reduce ISP visibility into what sites you use when the tunnel and DNS are healthy. They do not make you invisible to every actor — apps, sites, and employers have other vantage points.
Related Resources
Frequently Asked Questions
KloxVPN Team
Experts in VPN infrastructure, network security, and online privacy. The KloxVPN team has been building and operating VPN services since 2019, providing consumer and white-label VPN solutions to thousands of users worldwide.