Privacy

What we collect

• Account: your email address (sign-in identifier), display name (optional), workspace name. No passwords are stored, sign-in is magic-link based, with optional TOTP.
• DNS records you create: names, values, TTLs, GSLB target lists. These are inherently public data once your zone is delegated, every resolver on the internet can read them. We treat them as public.
• Query telemetry: per-tenant aggregate counts (queries per month), not individual queries. We do not log source IPs of resolvers querying your zones.
• Audit log: what changed in your workspace, who changed it, and when. You can read it under /audit. We use it for support + abuse investigation.
• Server logs: standard HTTP access logs (request URL, status, IP, user-agent), kept for 30 days for debugging.

What we don't collect

• Individual DNS query IPs or per-query payloads.
• Analytics from third-party trackers (no Google Analytics, Segment, Meta pixel, etc.).
• Cross-site fingerprints or cookies for advertising.

Where data lives

Today: Hetzner in Germany. EU-only single region during beta. As we add edge locations, customer record data is published to every region's DNS engines (so they can answer queries), billing + account data stays in the EU primary.

Contact

Questions, deletion requests, or anything that smells like an incident: hello@aigw.app.