ShieldDNS Privacy Policy

1. Data We Collect

We collect minimal data necessary to provide our service:

• Account Information: Email address and encrypted password when you create an account.
• Subscription Status: Information about your subscription plan (Free or Pro) and billing status.
• Minimal Logging: We may log DNS query metadata (such as timestamps and query counts) for service improvement and troubleshooting. We do not log the specific domains you visit.
• Device Information: Basic device identifiers to manage your connected devices and enforce device limits.

2. How We Use Your Data

We use the collected data for the following purposes:

• Authentication: To verify your identity and provide secure access to your account.
• Service Delivery: To provide DNS filtering and protection based on your subscription level.
• Payment Processing: To process subscription payments securely through our payment provider (Stripe).
• Service Improvement: To analyze usage patterns and improve our service quality and features.
• Communication: To send important service updates, security alerts, and (with your consent) promotional content.

3. Third-Party Services

We use trusted third-party services to operate ShieldDNS:

• Stripe: For secure payment processing. Stripe handles all payment information directly and is PCI-DSS compliant. We never store your credit card details.
• Supabase: For authentication and database services. Your account data is securely stored in Supabase's infrastructure.
• Cloudflare: For website hosting and content delivery. Cloudflare helps protect our website and ensure fast, reliable access.

4. Data Security

We implement industry-standard security measures to protect your data:

• All data transmission is encrypted using TLS/SSL
• Passwords are hashed and never stored in plain text
• Regular security audits and updates
• Access controls to limit data access to authorized personnel only

5. Your Rights

You have the following rights regarding your data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate data
• Deletion: Request deletion of your account and associated data
• Portability: Request your data in a portable format

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or through a notice on our website. Your continued use of ShieldDNS after such changes constitutes acceptance of the updated policy.