TunnelBear Review: Hear me Roar!

by
Frederik Lipfert
Dr. Frederik Lipfert Founder, vpncheck
Updated on 25 Oct 2021
Frederik is a serial entrepreneur that jumped into entrepreneurship after earning his doctorate in physics. Founding and running an analytics company got him into the online privacy and security space he's now contributing to with vpncheck. Read full bio

Expert Contributions

Adrian Sproule
Adrian Sproule Network Engineer
Diana Hakobyan
Diana Hakobyan User Interface Designer
John Mulligan
John Mulligan Cybersecurity Researcher
Gillian Carrington Lawyer
Gillian Carrington Privacy & Data Protection Lawyer
Alla Robert Aristakesyan
Alla Robert Aristakesyan Business Consultant
Tamara Milacic
Tamara Milacic Pricing Expert
This review is based on the exclusive research, analyses, and tests our experts have conducted of TunnelBear VPN

TunnelBear Review: Cute Packaging, But Here’s What Our Cybersecurity Expert Hated About This VPN

Our VPN review of TunnelBear looks at performance, security, usability, and more, to see what’s under all the bear puns. By the end of this review, you’ll know if it has the speed to facilitate whatever tasks you have, if it hides you properly from the authorities, and whether it is safe to use TunnelBear. Best of all, we’ve enlisted the help of VPNCheck’s team of industry experts for their professional assessment and opinions.

We’re diving into what TunnelBear has to offer, so buckle up. 

As soon as you turn on TunnelBear, you’ll notice the bear puns and references in almost everything right away. But we’re not going to be sidetracked by those because that’s not why we are here. We’re here because you want to know if TunnelBear is worth what you’ll pay for it.

TunnelBear VPN in a Nutshell

  • Streaming: You can unblock several streaming services such as Netflix (sometimes), Hulu, HBO Max, Amazon Prime with Tunnelbear, but you will have trouble accessing Disney+, ESPN, or ESPN+.
  • Security: TunnelBear uses the industry-standard AES 256-bit encryption to protect your identity and ensure that you can browse without fear. Because of GhostBear, you can bypass Chinese censorship (although, due to various factors outlined in this review, we wouldn’t recommend using TunnelBear as a VPN for China).
  • Apps & Extensions: Tunnelbear apps are simple and easy to use, which makes them user-friendly, even for people who have never used a VPN.
  • Reliability: TunnelBear has annual, independent audits to confirm that it delivers what it promises to customers and that it implements the things it claims it implements.

TunnelBear Network Performance: How Does the ‘Bear’ Perform?

Every VPN company, except the ones that never make questionable marketing statements (do they exist?), will say that their VPN is the fastest, that it will unlock everything you throw at it, and that you are safe from every alliance out there trying to snoop on you.

The reality is, all those statements need to be tested for authenticity. As such, we reached out to one of our experts,  Adrian Sproule, to perform rigorous testing around TunnelBear’s speeds and overall performance.

Our Expert Review and Rating of TunnelBear’s Network Performance

Adrian Sproule
Adrian Sproule
Network Engineer

A number of DNS tests were carried out to check for DNS leaks before testing via the VPN and no DNS leaks were found. While performing the same tests when connected to the VPN, a DNS leak was found using the Google DNS leak software NameBench. Further tests were carried out using dnsleaktest.com and a number of other online DNS leak testing tools, but none triggered any DNS leaks, which could indicate that the NameBench may be a false-positive. These negative results align with TunnelBear’s ‘no DNS leaks’ claim on their website.

Multiple speeds tests using VPN endpoints around the world were carried out using speedtest.net using the ‘best and fastest’ speedtest.net server closest to the VPN endpoint, and the results were interesting. For the download speeds, when connected to the VPN the download speeds dropped to between 6 – 25% of the ISPs speeds when not connected to the VPN, although out of the 16 speed tests carried out, 15 were closer to the 25%. The upload speeds, when connected to the VPN, were very poor, with speeds dropping to 0.6 – 11% of the ISP upload speed. Only one test out of 16 managed to get over 100Mbps, and the remaining were below 25Mbps for uploads.

Further tests were carried out from the London VPN endpoint to various speedtest.net locations around the world and the results showed the download speeds only dropping to 12% of the ISP speed to Phoenix, US but again upload speeds were dependent on location with the European tests near to London providing reasonable uploads but when upload to the US and South America uploads dropped as low as 0.07% of the ISP upload speed!

Compared to other VPN providers, TunnelBear does not allow the user to select servers or cities within countries to connect to; this could mean that all users are using the same servers within the TunnelBear infrastructure, which could result in slower download\upload speeds due to loads on the server. Some other VPN providers have an indicator within their software that shows the load on their servers, allowing the user to decide on what server to connect to for better performance.

For services such as YouTube and Netflix, both sites were accessible via the VPN and testing for 8k video streaming on YouTube was reasonably good for general viewing if the user didn’t mind 1-2 seconds of buffering for the 8k trade-off; otherwise, 4k streaming had no buffering and provided a good view experience.

Overall, from an end-user experience, general browsing and video streaming via TunnelBear provided a good experience. Still, users who require good upload speeds for file sharing, etc., may experience poor performance. 

Based on my opinion as a Senior Network and Firewall Engineer, I rate TunnelBear VPN 6 / 10.

    6
    6

    A screenshot of Tunnelbear’s claims about their performance having lighting fast speeds and worldwide network

    Streaming with TunnelBear

    A significant portion of the population that uses VPNs is comprised of people who just want to watch their favorite shows, without having to move to a different continent or country to access geo-blocked content.

    What can TunnelBear unblock?

    Normally, we would go through every platform, checking it out one by one and showing you how the VPN in question can unlock it. However, our research emerged with TunnelBear showing some shortcomings, especially when streaming or unblocking streaming platforms.

    As such, we are going to divide this portion into what platforms it can unblock, the performance it delivers, and the sites it seems unable to get around.

    Streaming Platforms Unblocked by TunnelBear

    TunnelBear is capable of unblocking Netflix, Hulu, Amazon Prime Video, HBO Max, and Kodi, using its GhostBear feature, which makes your VPN traffic signature harder to detect. The GhostBear feature is TunnelBear’s version of stealth mode, which means it will slow your speeds, due to the extra encryption blanket. 

    Since tests may vary, depending on how high your speeds are, let’s examine what each platform’s experience is like.

    TunnelBear for Netflix: Unblocked, Inconsistently

    Netflix works by locking some content to specific locations. The geo-locking features mean that a viewer in the US won’t see the UK’s Netflix library.  TunnelBear, like any VPN service, can make you look like you are located at any of its available servers, allowing you to access content inaccessible to your actual location. However, the further away a server is from you, the lower the speed. 

    Given that you’ll need GhostBear to unblock the content, chances are that the further away from the server you are, the worse your streaming experience.

    Hulu: Unblocked

    The only hurdle here is that Hulu doesn’t allow people from outside the US to sign up for its platform, even though it has grown its catalog to include some truly entertaining titles. By simply connecting to a US server, you can get an account. However, the speed vs distance face-off will still affect you and might cheapen the experience, especially on TunnelBear, which may have iffy speeds depending on where you are and what server you connect to.

    Amazon Prime Video: Unblocked

    Amazon Prime Video is yet another great streaming platform that features the same caveat as Hulu and more. If you are not in Germany, the UK, or the US, you cannot get a standalone Prime Video subscription.

    People from all other countries have to get the full bundled Amazon package with features they will never use but still pay for. Again, TunnelBear fulfills all the duties of a VPN in making you appear as though you were in countries where the standalone subscription is offered.

    HBO Max: Unblocked

    Joining the top four streaming services, HBO Max brings with it the esteemed HBO catalog with classics like The Wire and recent entries like Lovecraft Country. The challenge here is that you can’t get it outside of the US, which TunnelBear solves by connecting you to a US server so you can get an account.

    Streaming Platforms TunnelBear Has Trouble Unblocking

    If you were looking forward to watching anything on Disney+, ESPN+ or ESPN, banish the thought, unless you get a VPN that can unblock those sites, because TunnelBear doesn’t. It could not unblock BBC iPlayer either so, if you are not in the UK or using a VPN that can access that library, none of that British goodness is coming to your screen. And, while we’re being honest, it just isn’t one of the best VPNs to use for Netflix.

    From many of the user reviews that we have seen of people flung across the planet sharing experiences about using TunnelBear, we can describe the streaming as spotty, at best, and unreliable in some cases. 

    It is worth noting that viewers of US/UK-based streamed content from outside the US/UK may experience varying speeds, depending on what bandwidth they have and how far from the server they are. 

    NOTE: TunnelBear may not be the best option if you want to stream content at high speeds, with high levels of resolution, though the experience may vary. For the best streaming experience, check out our reviews for VPNs optimized for the task. 

    ExpressVPN Review
    NordVPN Review
    Hotspot Shield Review
    CyberGhost VPN Review 

    Naturally, you’ll find VPN reviews that state that TunnelBear proved to be the best option for whatever “tests” they conducted. Our advice? Check out the free plan (detailed in the pricing portion of this review) which is unlike anything other VPNs offer (you’ll see why) to make sure that it works well for your location, speed and requirements.

    TunnelBear Torrenting

    Unless you have high bandwidth and connect to a local server, your speed is likely to take a hit. Because of that, torrenting on TunnelBear is not exactly as fast as it should be. Long-distance speeds are inherently slower.

    TunnelBear says on its website that one could opt for a TCP Override. In this mode, the VPN is forced to use only a TCP protocol instead of UDP. However, TCP tends to be slower because it checks the files’ integrity. UDP does not, but may transmit incomplete data packets.

    TunnelBear says that TCP is supposed to improve your connection but that has nothing to do with improving speeds. TCP makes your connection reliable so you don’t get corrupted/incomplete files. To go faster, opt for UDP, but be aware of the risk of incomplete data packets.

    Tunnelbear Servers and Compatibility

    TunnelBear provides apps and clients for macOS, Windows, iOS, Android, and browser extensions for Chrome, Firefox, Opera, and other Chromium-based browsers. Mac users on Safari do not get an extension.

    Linux users can manually configure TunnelBear if they use Ubuntu. However, there is no native app developed for the OS yet.

    TunnelBear does not have router support, as it does not support manual configuration for the VPN connection. It insists that the connection be made from within the Tunnelbear application, browser extension, or one of its supported platforms.

    Access From China and High-Censorship Countries

    Accessing VPNs from high censorship countries is usually something people might need to have better access to information and restricted parts of the internet. Whatever your feelings about repressive, oppressive, or questionable regimes, there is no denying that the risk is significantly higher when a person tries to access the internet from such locations.

    The access has to be secure, to avoid putting the user at risk. TunnelBear, like all VPNs, has a challenge to overcome when it comes to China. To serve those users, TunnelBear scaled up its Singapore and Japan region capabilities and recommend that people in Hong Kong connect to them for the best experience. 

    Users should also enable a feature called GhostBear, which makes your VPN traffic look like internet traffic. The Chinese Firewall uses something called Deep Packet Inspection (DPI) to identify what kind of traffic a user is getting, to block some forms the government is not comfortable with. GhostBear deploys a technology named Obfsproxy to change the traffic signature into regular (non-VPN) traffic.

     The VPN is known for its efforts to thwart censorship and has even taken to donating bandwidth in its fight against censorship. This effort is not something you see with most VPNs. It shows a certain nobility. The team behind it helped the citizens of Turkey circumvent a Twitter ban and donated bandwidth to Iran and Venezuela.

    NOTE: GhostBear is not on iOS but works on Mac, Android, and Windows. The feature also slows down traffic and is not recommended for users looking for high speeds or those living in the high surveillance zone. Make sure to download the app BEFORE you arrive in China.

    Server Locations

    Let’s start with where the company is headquartered, Canada. Those who know a little something about surveillance just perked up and that’s because The Great White North is part of the Five Eyes Alliance, which means the government could require the company to log user data.

    On top of that, the company was acquired by McAfee in 2018, putting it under US jurisdiction. 

    The redeeming quality here is that the VPN does not keep logs and only collects very basic information, which means that even if a government were to ask for data, there would not be much to give.

    That aside, the VPN has servers located in 46 countries. It does not say how many servers it has, though some estimates place the number at around 3,000*.

    A screenshot of the 46 countries where Tunnelbear servers are located

    TunnelBear has said before that it has dedicated servers in all locations and only opts to use virtual servers when there’s unexpected demand. The company also says that less than 20% of its fleet is made up of virtual servers, which are located in the country they claim to be, meaning your data is exactly where you connect.

    *That number is not substantiated because the VPN itself hasn’t confirmed it.

    TunnelBear UI/UX: Bear-Themed and Easy-to-Use Design

    When it comes to reviewing what a VPN looks like, it can be easy to gloss over the design or other elements that make the apps easy to use. So, we tasked one of our specialists, Diana Hakobyan, to look deeply into the design of TunnelBear’s apps and clients.

    Our Expert Review and Rating of TunnelBear’s UI/UX Design

    Diana Hakobyan
    Diana Hakobyan
    User Interface Designer

    TunnelBear is an example of an application with a playful attitude and classic 2D flat design with illustration and animation. It also features a mascot that’s present in almost all interactions with the interface.

    The overall design is consistent across all the devices and features native components on Android, iOS, Mac, and desktop. It doesn’t have any notifications or any secondary systems, which may complicate the use of the software. You just have to do a few clicks and you are connected.

    The biggest part of the application is the interactive world map with multiple elements and illustrations of “tunnels”. The color palette is limited to two primary colors – green and dark green, and supporting colors of white and grey/dark grey. On mobile devices, the overlays are predominantly white with a transparent or semitransparent gradient and shadows.

    In comparison to the one-click or one-button-connect application, TunnelBear relies heavily on animation. Depending on the actions performed by the user, the interface reacts accordingly. For example, there’s no movement on the screen upon the first request to connect. Once a server is selected, the interactive map will show the movement indicating that the initial location has been changed. There are a couple of interesting and playful design choices within the application. For example, there’s an icon of a log next to the “Logout button” or an option to disable or enable the “bear sounds” upon connecting or reconnecting to another server. Overall, it creates a compelling experience with a well-thought-out product. 

    In some cases, animation can be excessive but not in TunnelBear’s case. The application is a great place for a regular user to start: it’s simple and playful. Just one click on the map to connect to the first available server. What’s also nice about the application is that it supports some accessibility needs, at least on mobile devices.

    During the test, we didn’t encounter any technical problems and it worked very well. The slight negative is the fact that the platform does not provide Gaming or Torrent P2P servers.

          PROS     Points           CONS Points
    • Beginner-friendly
    +3
    • No Gaming or Torrent P2P servers.
    -1
    • Very well thought-out UX
    +3
    • Consistent design across all devices
    +2
    • Interesting design choices (puns, icons, interactivity, animation)
    +3

    As a UI/UX Designer, I rate this app 9/10.

      9
      9

      Device Compatibilities

      It is not uncommon to find a VPN that does not have cover for all platforms. That is why it is essential we know what TunnelBear runs on.A screenshot of Tunnelbear’s device compatibilities showing the Mac, Windows, iOS and Android icons

      You can install and use TunnelBear on:

      • Windows
      • macOS
      • iOS
      • Android

      There are some discrepancies between some of the apps, which we will outline below.

      The Desktop Apps: Tunnelbear VPN for Windows and Mac

      The Windows TunnelBear app is a standard VPN you can get straight from the official TunnelBear website. The installation file is about 131MB and once installed, will give you access to the sign-in interface. The same (except for file size) is true for Mac users.

      The interface design does not deviate a lot. The team behind it tries to keep it uniform, even in the mobile apps. 

      What about Linux? Well, there is no support for Linux, which means you have to do a manual configuration for it to work.

      If you are a Mac user, the only way to access the app is from the tray. Depending on what you prefer, you can toggle between light and dark themes on the macOS version.

      The Mobile Apps: Tunnelbear VPN for Android and iOS

      As you may have noticed, we have not listed other mobile platforms. That’s because TunnelBear only supports these two. Of the two platforms, the iOS version is worse than the Android version. First off, it does not have a kill switch. So, if your connection cuts off and you don’t realize it immediately, it could leave traces of your IP address and location. That alone defeats the whole point of having a VPN. 

      The Android version appears to have been well designed and even has an Encrypted Server Name Indicator built-in, to bypass DNS-level VPN blocking. In addition to that, it is the only one of any platform/devices with SplitBear, TunnelBear’s split tunneling feature to split your traffic into two streams simultaneously (encrypted and unencrypted).

      Routers

      TunnelBear does not currently have support for routers, because it does not support manual configurations of its VPN connection. The connection has to be made from within the TunnelBear application or browser extension on one of the support devices/platforms.

      As some of you might know, routers come in handy when you have more devices than your subscription can cover, since you can connect just one router to the VPN and then connect your devices to it to secure as many as you can connect without diversely affecting your internet speed.

      Extensions

      Tunnelbear Chrome extensions are available, as well as extensions for Firefox, Opera. Since Brave Browser allowed us to install it, it should work on most Chromium-based browsers (if not all). It does not work on Safari or Internet Explorer, but you can switch over to Edge already, which is a Chromium-based browser that should accept the extension.A screenshot of Tunnelbear Chrome extension on the Web Store

      Now, let’s walk you through what you can expect to see after installing it.

      Usability

      Since the features are more or less the same, we are going to use the Windows version of it to get a sense of what it looks like and how to navigate it. We have mentioned the key differences in apps, which you should keep in mind as we take the tour. 

      It is a simple interface with pots of honey, showing exactly where servers are for easier connections. 

      To the top left, you can see the menu.

      There’s a stylized ‘T’ there for TunnelBear. When you click on the three lines, this is what you’ll see.A screenshot of Tunnelbear’s Windows interface showing Map and Settings on its left nav menu and honey pot icons to indicate their server locations

      It allows you to either go to the settings or tweak some things, or return to the map to choose a server.

      At the very bottom, the two arrows pointing at each other minimize and maximize the size of the window. When minimized to a tinier version, it looks like this:Tunnelbear on minimized window

      Right next to the on/off switch at the top left that turns the VPN on and off, there’s an option to choose servers. This is what you’ll see when you click on that.A screenshot of Tunnelbear’s interface when switched off

      From here, you can choose the server location you would like to use. 

      Over in settings, you will be able to access General Settings:

      Tunnelbear's Settings menu showing On-Off toggle buttons for startup launch, TCP override and notifications options

      Security settings:Tunnelbear’s Security menu showing on-off toggle buttons for VigilantBear and Ghostbear

      Choose trusted networks TunnelBear can automatically connect to and manage your account.Tunnelbear’s Trusted Networks menu showing an off-off toggle button, Current Network and an option to Add Trusted Network

      TunnelBear Security: Is TunnelBear Safe?

      When it comes to security, few people have the skills to know what to watch out for. Experts are our go-to move when doing a review. For security, we turned to John Mulligan, a network and cybersecurity professional.

      Our Expert Review and Rating of TunnelBear’s Security

      John Mulligan
      John Mulligan
      Cybersecurity Researcher

      Tunnelbear seems to have gained some traction and very positive reviews on the internet.   Acquiring their VPN client after setting up an account is simple and straightforward.  Their vpn client is a branded openvpn solution that simplifies the connection process allowing you to connect very quickly to different countries around the globe.  The traffic is secured with no traffic or DNS leaking and for basic security it is on par with similar solutions.  

      The openvpn client they are using is a version from 2019, which is a huge red flag in a production environment.  If they aren’t updating the main client facing part of their VPN solution, where else are they cutting corners?  The version they are using, OpenVPN 2.4.8 is major revisions behind and has open CVEs, including the ability to inject code and leak information.  Some of the open CVEs are over a year old and would be common knowledge for attackers.  In the past their local maintenance server running on the clients even when not connected to the VPN could be attacked, giving a bad actor escalated privilege on your device.

      Another red flag is that they are Canadian based and owned by a US company, exposing them to subpoenas.  Since January 2020, they have been subpoenaed at least 20 times and have confirmed the identity of at least 1 user.

      My overall feeling about the technical solution is that it is limited, but functional. The client works, the VPN works, but considering their privacy policy and severely outdated client technology, as a Network and Cybersecurity professional, my overall rating would be 3 / 10. My opinion is that most other VPN options would be a better alternative over Tunnelbear.

      With that, we conclude this portion of ‘how the security expert feels about the security.’

      As a Network and Cybersecurity professional, my overall rating would be 3/10.

        3
        3

        A screenshot of Tunnelbear’s privacy claims on their website: Vigilant Mode, Always On, No Logging and Closest Tunnel

        Protocols and Security Overview

        There is a lot to look at when it comes to TunnelBear’s security and some of the choices it makes to keep customers safe. Let’s start with the simple questions and work our way to protocols.

        Does Tunnelbear Have a Kill Switch?

        A kill switch disconnects your internet if the VPN’s connection is lost, which could save you if you’re downloading copyrighted content or are a journalist dealing with sensitive information. A momentary drop in connection without a kill switch could leak your real IP address. 

        TunnelBear has a kill switch named VigilantBear, which is available for Windows, Android, and Mac users only.

        Is Split Tunneling an Option With Tunnelbear?

        The split tunneling feature allows users to route some of their traffic through their internet service provider and the rest through the VPN. It can be useful in specific cases where some of your traffic has to be kept hidden, but you don’t want to hamper other concurrently running online activities. 

        Do you have an Android? If you do, you are in luck. We mentioned before that it only works for Android. Other users will either see all their traffic flow through the VPN or none at all.

        What About Tunnelbear Torrenting?

        TunnelBear used to block access for P2P downloads. However, it seems that now, that has changed. Keep in mind that if you are going to be doing a lot of torrenting, then TunnelBear may not be the VPN for you, since it has no servers explicitly set aside for P2P transfers like some of its counterparts.

        Encryption

        TunnelBear uses strong encryption protocols that break down like this:

        • Data encryption uses AES-256
        • Data authentication uses SHA256
        • Handshake encryption uses a 2048-, 3072-, or 4096-bit DH group

        Tunnelbear’s list of protocols and devices detailing their data encryption, data authentication and handshake encryption

        In terms of encryption, AES-256 is used by the United States to encrypt top-secret information, which is why you’ll see ‘military-grade encryption’ crop up anytime someone mentions the encryption algorithm. That being said, it seems to be on a par with the industry standard. 

        Sadly, however, the Open VPN client they are using is outdated, leaving us vulnerable to attacks. Our cybersecurity expert therefore does not recommend TunnelBear, and it’s rather obvious that we could do better with a proper top-tier VPN. It really isn’t worth compromising for the price tag (more on that in our Pricing section!).

        Protocols

        Protocols dictate how data packets are sent across a network. The choice of protocol affects your level of exposure to cybersecurity risk and must always be included in your VPN checklist.Tunnelbear protocols

        So, how does TunnelBear fare on this front? Here’s what the VPN went with:

        OpenVPN

        OpenVPN is an open-source protocol that is seen as the model/standard when it comes to tunneling protocols. The reason is that it manages to strike a balance between security and speed. Encryption inherently slows down speed, but OpenVPN manages to deliver a better performance than its counterparts. 

        The protocol offers up to 256-bit encryption using the Open SSL library, giving it the kind of security government agencies and hackers have a difficult time breaching. Combined with TunnelBear’s obfuscation, firewalls won’t stand in your way.

        IKEv2

        This protocol is widely used across many VPN providers to reconnect devices with a VPN after disconnection from the internet. It is useful when switching between hotspots, which could happen multiple times in a day, especially on hand-held or portable devices.

        IPSec

        The Internet Protocol Security option is a collection of internet protocols that authenticate and send packets of data over an internet connection. They can use various algorithms and ciphers, which is why their strength is dependent on the algorithms picked. 

        TunnelBear does not support the popular WireGuard option, which may be a disappointment for some of you. However, the security already in place does its job sufficiently. The DNS and WebRTC Leak tests both showed that TunnelBear does not leak any of your information.

        Tunnelbear Reliability: No Red Flags Here?!

        TunnelBear’s name does not immediately conjure up images of trouble or data shenanigans and that’s because the VPN has no questionable history. However, it is always good to dig deep and find out all there is to find out. For that, we had our in-house legal expert, Gillian Carrington, take an in-depth analysis of Tunnelbear’s privacy policy for data privacy.

        Our Expert Review and Rating of TunnelBear’s Data Privacy Protection

        Gillian Carrington Lawyer
        Gillian Carrington
        Privacy & Data Protection Lawyer

        This would be a first-class Privacy Policy if it were not for one gaping flaw. 

        Both PIPEDA and the GDPR are widely regarded as setting global standards for data privacy by requiring security, privacy, specificity and accountability, and empowering data subjects to know what is happening to their data and control it. This Privacy Policy reflects those core values as closely as possible and even provides “trade-off” examples to allow users to assess how their data is handled.

        Positive aspects of the Privacy Policy include (i) complying with the data minimization and purpose limitation principles as far as possible by holding minimal personal data and offering detail about retention periods, (ii) communicating in a user-friendly manner (iii) giving a comprehensive account of what personal data is processed and why it is processed, (iv) offering users a detailed explanation of their rights in respect of their data and how they may exercise them. On the E-Privacy side we consider their Cookies Policy to be excellent (we would go so far as to say one of the best we have seen) as it details what cookies are actually used, why they are used, and how much data they process. TunnelBear also commits to safeguarding users’ privacy by not logging and storing users’ connection or behavioral data. 

        On the negative side, while there are issues we could raise around legitimate interest (if you are going to rely on legitimate interest as a basis for data processing, explain what you see as your legitimate interest in real terms and explain how you balance it against the user’s legitimate interests), this is what caught our eye:

        “If you are visiting from the European Union, please note that by providing your Personal Data, you consent to any transfer of your Personal Data to Canada and processing of your Personal Data globally in accordance with this Policy.”

        This clause arguably attempts to disapply the whole of the GDPR to Tunnelbear EU users’ personal data.  Consent is a very flimsy basis for transfer to Canada in any event, but the real sting is the purported consent to the processing of users’ personal data globally. Where? China, Russia? Why? How? Who? What is being agreed to here? This clause will have data rights activists seeing red, and rightly so. It’s not GDPR compliant at all. 

        This would be one of the best VPN Privacy Policies we have seen if it were not for the clause above. It is transparent, specific, and accessible. It engages with the GDPR requirements without swamping the user in legalese. The Cookies Policy is E-Privacy compliant and quite excellent,

        As a regulatory lawyer specializing in data protection and AI, I rate TunnelBear's Privacy Policy  7/10.

          7
          7

          What Does TunnelBear Log?

          The answer to this question is never easy. To verify the payment, send you emails and help you if you run into difficulties with the VPN, they have to log some data. However, this data can be kept as scant as possible, so that no government could ever get anything too extensive on a particular VPN’s users. 

          TunnelBear collects this basic information, but also:

          • The kind of operating system you use
          • The months you used TunnelBear
          • Your total data usage for the current month
          • Operational logs/events (when you created the account, when you make payments, and so on)

          This barebones logging is more or less where a middle-of-the-road VPN should be. Some log less information than this and some more. Since you know what they log, you get to decide if you’re comfortable with it. 

          With Tunnelbear’s data privacy practices covered by our expert, let’s now turn our attention to their company profile to further investigate how transparent TunnelBear is as a VPN service. Our business consultant, Alla Robert Aristakesyan, happily gave us her opinion on this area.

          Our Expert Review and Rating of TunnelBear’s Business Structure

          Alla Robert Aristakesyan
          Alla Robert Aristakesyan
          Business Consultant

          Based on the conducted research, it is assumed that TunnelBear VPN has shown a proven financial record since its foundation in 2011, considering its acquisition by McAfee in 2018 for a purchase price of $25 million. 

          The original founders of TunnelBear, Ryan Dochuk and Daniel Kaldor, who have demonstrated solid professional experience in the tech field, do not run the company anymore. After the acquisition, it is reported that TunnelBear still operates as a separate team within McAfee and will continue to be based in Toronto, Canada (while incorporated as TunnelBear LLC in Delaware, United States). As per their LinkedIn page, TunnelBear has a range of 11 – 50 employees, out of which 28 members are registered as current employees, including part-time roles. However, no further information is found regarding the employees after the acquisition. Information regarding the financial performance and profitability of TunnelBear is not disclosed either. 

          In respect to the holding company McAfee (formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, Intel Security Group from 2014 to 2017, and McAfee LLC from 2018 – 2019), it was registered as Corporation in Delaware on July 19, 2019 for the purpose of completing an initial public offering (“IPO”) and related transactions in order to carry on the business of Foundation Technology Worldwide LLC and its consolidated subsidiaries. McAfee Corp. offers 2 classes of stocks – Class A and Class B. Class A common stock began trading on the NASDAQ Stock Market on October 22, 2020, under the symbol “MCFE. Class B Common Stock shares are issued to Continuing Owners and certain Management Owners. Class B common stock is neither listed nor traded on any stock exchange, nor is there an established public trading market for this class of common stock. The shares of Class B common stock have no rights to dividends or distributions, whether in cash or stock, but entitle the holder to one vote per share on matters presented to stockholders of McAfee Corp.

          Top shareholders of McAfee are TPG Global, LLC (approximately 39% of McAfee’s Class A common stock and approximately 22% of Class B common stock), Intel Americas Inc. (approximately 3% of Class A common stock and approximately 68% of Class B common stock), Thoma Bravo, L.P. (approximately 11% of McAfee’s Class A common stock and approximately 8% of Class B common stock). McAfee’s Sponsors (TPG Global, LLC (“TPG”) and Thoma Bravo, L.P.) and Intel collectively control a majority of the voting power of the outstanding Class A common stock and Class B common stock on a combined basis, thus making McAfee a “controlled company” within the meaning of the Exchange’s corporate governance standards. 

          As per McAfee’s Annual Report, as of December 2020, the company was operating with net loss of USD 289 million, out of which USD 171 million was net loss attributable to redeemable noncontrolling interests and USD 118 million was net loss attributable to McAfee Corp. However,  in July 2021, McAfee Corp. announced the completion of selling certain assets of McAfee’s Enterprise business to a consortium led by Symphony Technology Group (STG) in an all-cash transaction for $4.0 billion and to concentrate on the development of its consumer products. In August 2021, proceeding the transaction it paid a one-time special cash dividend of $4.50 per share of McAfee Corp.’s Class A common stock. McAfee reported using a portion of the proceeds from the transaction to repay approximately $1 billion of existing indebtedness.

          Based on my opinion as a business consultant, I rate TunnelBear VPN business 5/10.

            5
            5

            Tunnelbear Customer Support

            TunnelBear uses an email support approach with a ticketing system that works 24/5 every day of the year. However, it is a little disappointing that this VPN doesn’t have live-chat support or a customer service phone number. A screenshot of Tunnelbear’s customer support page

            Waiting on an email is not exactly something anyone wants to do, especially not when they need help urgently. However, the service has one of the most extensive FAQ sections we have seen, which should answer most of the questions that customers tend to ask. It also has the Virtual Support Bear to replace a customer chat representative on the Tunnelbear Support page.

            TunnelBear Pricing: Well, the Free Trial Is Nice to Have

            TunnelBear takes payment in multiple forms. You can pay through your credit card, use Bitcoins (for extra anonymity), and jars of honey (remember the bear theme?).Tunnelbear’s 3 pricing plans - Free, Unlimited and Teams

            Three very straightforward plans tell you what you get and how much you pay. Let’s break it down.

            Tunnelbear Free VPN

            TunnelBear is the only VPN we know of that offers users genuine premium-level access to its services for free (with limitations). The free plan is intended for limited usage (not a lot of data transfers) and testing (for those considering a purchase). 

            The free plan is capped and can only allow you to use up to 500MB before you’re cut out.

            Tunnelbear VPN Premium: Unlimited Plan

            At $3.33 per month, this is the cheapest plan offered by TunnelBear for the average user. Under it, you are entitled to everything TunnelBear promises you, including unlimited secure browsing, connections of up to 5 devices to one subscription, and priority when you have a question for customer service.

            Tunnelbear Teams Plan

            On the Teams plan, users pay $5.75 per user per month. This connection secures two users or more. Like in the unlimited plan, you get up to five connected devices per user, unlimited protected browsing, a dedicated account manager, and centralized team billing and management. 

            TunnelBear offers money-back guarantees but only on a case-by-case basis. For those unsatisfied with their purchases, getting in contact with the Support Bears is crucial. The Terms of Service say that refund requests are subject to review. 

            We talked to a pricing consultant, Tamara Milacic, to learn more about TunnelBear’s offers. In her report, she delves into the pricing model used by the company, the plans, and how favorable they are to you, among other details.  Here’s what she opined regarding her findings.

            Our Expert Review and Rating of TunnelBear’s Pricing

            Tamara Milacic
            Tamara Milacic
            Pricing Expert

            In analyzing TunnelBear’s pricing strategy, they display the standard three-tier pricing structure that is used across the industry. The plan page directs visitors to a landing page with an option for a free, personal, or teams VPN connection. This way of navigating to pricing does serve multiple customer segments but it requires a longer journey than necessary for customers to get to the pricing page. 

            In terms of strategy, Tunnelbear sits within the mid-market range, they do not have a premium proposition nor are they a price leader. The 3-year plan is twice the price of the three-year plan from Vypr VPN as an example. Additionally, TunnerBear have not taken the time to localize any of their pricing and use USD pricing across the board. Unlike most of its competition, they do not offer the industry-standard 30-day money-back guarantee. 

            In terms of strategically clever aspects, the free trial offer is set up well. It allows potential customers to test out their service but having the 500MB monthly browsing limit means that the barriers to initial sign-up have been lowered but the limit makes conversion more likely, in comparison to unlimited trials. The behavioral nudge is there when customers run out of data.

            From a psychological pricing perspective, TunnelBear lists their pricing with the highest (monthly) plan price first. This anchors customers expectations making any price that they encounter after that seem lower. Additionally, they highlight their 3-year best deal plan in green, emphasizing it as the best deal. One last piece that could improve this messaging would be the total discount amount saved which, when above $100, increases conversion rates versus just the percentage discounts that they currently message.

            In terms of their teams plans, the pricing is structured on a sliding scale with no discounts or bespoke quotes offered for larger organisations/more seats. However, they do offer a 7-day free trial for these packages, again taking advantage by lowering barriers to sign up. Lastly, their cancellation customer journey is very smooth and can all be done online, unlike most of the competition. This is a great benefit and, coupled with the free trials, partly offsets the lack of money-back guarantee.

            Based on my opinion as a pricing consultant, I rate TunnelBear VPN pricing 6/10.

              6
              6

              Extra Features

              The features offered by TunnelBear cannot be considered extras. Not really. They are standard features we feel should be provided by every VPN. However, to clarify things, here is what the Bear Team calls the features and what they do.

              • VigilantBear– This is a kill switch. It is available on macOS, Windows, and Android. iOS users are out of luck on this front. You can activate it in the Preferences menu. 
              • GhostBear- The equivalent of stealth mode, this feature keeps you safe and unrestricted by firewalls.
              • SplitBear- This is a split tunneling feature that is only available on Android.

              Tunnelbear Pros and Cons

              Pros

              • The VPN allows independent annual audits to ensure that customers can trust that it does what it says it does
              • There is a free version that allows you up to 500MB per month with no other restrictions.
              • The apps have great ratings that hover at 4.5 out of 5, showing confidence from mobile phone users.

              Cons

              • Canada and the US (McAfee owns TunnelBear) belong to the Five Eyes Alliance which could force it to hand over user data.
              • TunnelBear is using an outdated OpenVPN client.
              • There are no phone or live chat support options.