Proton offers notable privacy protections, minimal collection, no access to encrypted content, and user data control tools. The main drawbacks are typical contract risk-shifting clauses, auto-renewal, inactivity-based deletion for free accounts, and mandatory arbitration/class waiver for U.S. consumers.
Proton’s legal posture is relatively privacy-forward for a consumer service: it emphasizes minimal data collection, end-to-end encryption, user access/export/deletion rights, and limited disclosure under Swiss law. The tradeoffs are standard but important: auto-renewal, broad liability limits, account/data deletion after long inactivity or delinquency, unilateral policy changes, and U.S.-specific arbitration with class action waiver.
Points of interest
Proton says it lacks the technical means to access encrypted emails, files, calendar items, passwords, or notes. Practically, this sharply limits what the company itself can inspect or hand over.
"We do not have the technical means to access the content of your encrypted emails, files, calendar events, passwords, or notes."
U.S. consumer users are subject to binding individual arbitration and a class action waiver unless they opt out. This can make it harder to bring disputes in court or join with other users.
"requires you to arbitrate any claims... on an individual basis... you may not proceed in a class"
Proton disclaims many warranties and caps its liability at the greater of $100 or the amount you paid. If the service fails or data is lost, your financial recovery may be very limited.
"shall not exceed $100, or the amount you paid us, if any, for use of your Account or the Services"
The policy expressly states data minimization as a core principle, and account creation does not require personal information. That lowers the amount of identifying data tied to your account by default.
"Our overriding policy is to collect as little user information (personal data included) as possible"
Users can directly access, edit, delete, or export personal data from the account interface. This is a meaningful usability and privacy benefit because it reduces friction for exercising privacy rights.
"Through your Account interface, you can directly access, edit, delete, or export personal data"
Proton says it discloses only limited data it possesses, and only for binding requests from competent Swiss authorities, while challenging requests where possible. It also says it cannot decrypt end-to-end encrypted content.
"We will only disclose the limited user data we possess if we are legally obligated to do so by a binding request"
Free accounts inactive for 12 months may be suspended or deleted, along with some or all stored data. Users do get advance notices, but the loss risk is important if you use Proton as cold storage.
"free Accounts that have been inactive for a consecutive period of 12 months and/or part or all of their associated data"
Paid subscriptions renew automatically unless you cancel in time. This is common, but users should watch renewal dates and plan-specific cancellation rules.
"After the initial term, the subscription is renewed automatically"
Both the Terms and Privacy Policy can be changed at any time, with continued use treated as acceptance. That gives Proton flexibility to alter the deal without obtaining fresh explicit consent.
"the Company reserves the right to review and change these Terms at any time"
Proton says permanent IP logging is not the default for accounts. That is a significant privacy benefit, though there are stated abuse-prevention exceptions.
"By default, we do not keep permanent IP logs in relation with your Account."
Although default logging is limited, Proton may temporarily retain IPs for anti-abuse and permanently retain them for Terms violations. That means anonymity protections can narrow if Proton suspects misuse.
"your IP address may be retained permanently if you are engaged in activities that breach our Terms of Service"
Support and payment operations involve outside processors like Zendesk, Stripe, PayPal, Chargebee, and Atlassian. Proton says these processors do not handle general day-to-day account usage data, but some user data does leave Proton for these functions.
"we rely on different data processors... Notably, they do not store data in relation with the general day-to-day use of your Account"
Other Security services on AIgree
Compare Proton with…
The 7 clauses that actually matter, the red flags to watch for, in 5 minutes.
Report a problem with this summary
Spot something wrong, missing, or misleading? Tell us — we review every report.
Spot something wrong, missing, or misleading? Tell us — we review every report.
Thanks — your report was submitted and will be reviewed.
Documents
Terms of Service
source ↗- •Using Proton services means you accept these terms, including separate terms for Proton Wallet and Lumo where applicable.
- •Users must be at least 13, minors need parental consent, and bot-created accounts are not allowed.
- •You are responsible for all activity on your account and may not use it for illegal, abusive, spam, or unauthorized access activities.
- •Proton may suspend, restrict, or terminate accounts for prohibited use, inactivity, excessive resource use, or unpaid plans.
- •Free accounts inactive for 12 months may lose access and data after advance notices; paid accounts are treated as active while subscribed.
- •Services are provided as is without warranties, and Proton limits liability to the greater of $100 or the amount you paid.
- •Proton will not be liable for indirect or consequential damages, and you must indemnify Proton for third-party claims arising from your use.
- •Paid plans renew automatically unless canceled, and most refunds are only available within 30 days of initial purchase, subject to conditions.
- •Disputes are generally governed by Swiss law and Geneva courts, and U.S. users are subject to individual arbitration and a class action waiver unless they opt out within 30 days.
Privacy Policy
source ↗- •Proton says it collects minimal personal data and cannot access encrypted emails, files, calendar events, passwords, or notes.
- •You can create an account without personal information, but optional external email addresses may be used for recovery, security notices, and marketing.
- •Proton uses human verification like captcha, email, or SMS to prevent abuse, and may temporarily retain related IP, email, or phone data.
- •Proton generally does not keep permanent IP logs, but may temporarily or permanently retain IP addresses to prevent abuse or Terms violations.
- •Support, sales, payment, and app diagnostics data may be processed by Proton affiliates and third-party providers such as Zendesk, HubSpot, Chargebee, Stripe, and PayPal.
- •Payment processors receive necessary payment details, while Proton keeps your name and last four card digits, not full credit card information.
- •If censorship bypass routing is used, third parties may see your IP address or Proton app usage, but not your encrypted content.
- •Proton says it discloses limited user data only when legally required by competent Swiss authorities and cannot decrypt end-to-end encrypted content.
- •You can access, edit, delete, or export personal data through your account, and you may complain to the relevant supervisory authority.
- •Proton may change this policy at any time, and continued use of the services means you accept the updated policy.
