What we hold
An email address you pick, a bcrypt password hash, a prepaid balance with its ledger, and the records of the servers you ordered. That is the entire account.
TRANSPARENCY.001
·
Report
NordBastion Transparency Report
8,756 customers · 0 identities disclosed.
Every government request, DMCA notice and court order received in the last 12 months, counted. Across 8,756 active customers we disclosed 0 identities and removed 0 pieces of content on legal demand. The one exception is confirmed CSAM — that line is non-negotiable, and the counter shows it (1 this period).
Reporting window Jul 2025 — Jun 2026
- 8,756
- Active customer accounts
- 0
- Customer identities disclosed
- 0
- Accounts terminated for non-CSAM reasons
- 1
- Accounts terminated for confirmed CSAM
Secret or gagged demands are covered separately by the warrant canary.
Requests received
What came in. What we acted on.
Every legal pathway we could be asked through, in one place. The "actioned" column is the count we acted on after legal review.
| Request type | Received | Actioned |
|---|---|---|
|
Government & law-enforcement requests
Almost always seeking customer identity data we do not hold. Nothing to surrender, nothing surrendered.
|
47 | 0 |
|
DMCA / copyright notices
We are an infrastructure provider, not a content host, and we do not have identity data to forward to. The notices are filed and answered with that statement.
|
184 | 0 |
|
Court orders to disclose customer data
Honoured to the extent the data exists — which, by design, it does not. Every order this period was answered with "we do not hold this."
|
6 | 0 |
|
Court orders to remove content
We do not run a content platform; the content sits on customer-controlled servers. We forward to the customer when permitted and take no further action.
|
8 | 0 |
|
Foreign subpoenas / MLAT requests
Pushed back unless served through a domestic Nordic court with proper jurisdiction. None met the bar this period.
|
4 | 0 |
|
National-security letters / gag orders
None received this period. The warrant canary covers the case where we cannot say so.
|
0 | 0 |
|
CSAM (child sexual abuse material) reports
The one exception. Reviewed by humans, hashed against NCMEC, account terminated and content removed if confirmed. Reported upstream as required.
|
4 | 1 |
All figures rolling 12-month window. Updated on every legal-review cycle.
The one exception
We act on CSAM. Nothing else.
Child sexual abuse material is the one universal red line where the no-action default does not apply. Reports are reviewed by humans within 24 hours, content is hashed against NCMEC, and confirmed cases mean account termination, content removal and an upstream report — every time, in every jurisdiction.
This is the only category in the table above where the "Actioned" column ever shows a non-zero. It is not a marketing claim — it is the only commitment we will not relax under any circumstance.
CSAM workflow
- 4
- Reports received
- 4
- Investigated
- 1
- Confirmed via NCMEC hashes
- 1
- Account terminated · content removed · upstream report filed
Report CSAM you find on a NordBastion server: PGP key · Panel ticket
What we hold, and what we never hold
What we never hold
No identity documents. No legal name. No phone number. No proof of address. No payment-card data. No copy of what runs on your servers. There is nothing in our database to surrender beyond what is listed to the left.
Retention
Operational logs are minimal and short-lived (30 days). Close your account and the email + ledger + server-history records are destroyed within 14 days. Crypto top-up records are kept only as long as accounting requires.
Process
How we handle a request. Every time.
Logged and reviewed
Every request that reaches us is recorded and reviewed by counsel before anything else happens. No silent action, ever.
Scope challenged
Anything overbroad, vague, or outside the jurisdiction it claims to come from is pushed back on, on principle. Most requests die here.
Nothing to disclose
When a valid order survives review, we check our database and answer with what we hold — which, for customer identity, is always nothing. That answer is the same in every locale.
Customer notified
The affected customer is notified through the panel within 14 days, unless a valid gag order forbids it — in which case the warrant canary handles the signal.
Transparency is a doctrine, not a page.
This report only works because of how the network is built and run — minimal collection, jurisdiction by design, and nothing changed in silence.