Privacy Policy
Last updated: June 2026
This Privacy Policy is provided by ClearDNS, LLC, a Delaware limited liability company located at 8 The Green STE D, Dover, DE, US (referred to herein as "ClearDNS," "we," "us," or "our"). It describes how we handle information when you use the ClearDNS DNS filtering service ("Service"), our website, and our mobile applications.
At ClearDNS, privacy is not just a feature - it's our foundation. We've built our service from the ground up to minimize data collection while maximizing your protection online.
Our Privacy Philosophy
ClearDNS operates on a zero-knowledge principle. We believe that effective DNS filtering doesn't require knowing who you are. Unlike traditional services that require accounts, emails, and passwords, ClearDNS works without any account or registration: no name, no email, no password. The limited technical data we do process to run the service, such as your IP address, is described below and is never tied to a real-world identity.
What We Don't Collect
Let's start with what we intentionally avoid:
- No account information: We don't require or store emails, usernames, passwords, or any registration data.
- No account identifiers: We don't require or store your name, email, postal address, or phone number. We do necessarily process your IP address to deliver and secure the service, as explained under "IP Addresses" below.
- No query logs by default: Your DNS queries are processed in real-time and discarded immediately. We don't maintain logs of the websites you visit.
- No browsing history from DNS: We cannot and do not build profiles of your internet activity from your DNS queries. (Our own first-party product analytics does record page views on our website, dashboard, and apps, as described under "Website and Product Analytics" below.)
- No cross-device advertising tracking: Your DNS device configurations are independent, and we never track you across devices for advertising or share data with ad networks. A one-way device hash is stored solely for reinstall recovery (see Mobile App section below).
- No third-party analytics on DNS: Your DNS queries are never shared with advertisers, data brokers, or analytics companies.
What We Do Process
To provide DNS filtering, we necessarily process:
- DNS Queries: When your device makes a DNS request, we receive the domain name being queried. This is processed in real-time to apply your filter settings and is not stored.
- Filter Configuration: Your chosen filter categories (ads, malware, adult content, etc.) are stored in an anonymous configuration linked only to a randomly generated device identifier.
- Anonymous Device Tokens: Each device receives a unique, random token that identifies its filter configuration. This token contains no personal information and cannot be traced back to you.
IP Addresses
Because DNS resolution happens at the network level, our resolvers necessarily receive the IP address your device connects from. An IP address can, in some circumstances, be considered personal data, so we want to be clear about how we use it. We process IP addresses for these purposes:
- Service delivery: routing your DNS queries and returning filtered responses.
- Approximate location: we determine an approximate, country- and city-level location to power features such as the dashboard activity map and regional diagnostics. To do this we send the IP address to a third-party geolocation provider (ip-api.com) and cache the resulting IP-to-location mapping so we do not repeat the lookup. This cached mapping is associated with the IP address and is retained until it is refreshed or cleared.
- Security and abuse prevention: detecting and mitigating attacks, rate-limit evasion, and policy abuse. Records created for these purposes may include the IP address and are retained for a limited period (see Data Retention).
- Analytics (Analyze and Full tiers): per-query analytics records include your IP address, stored both in full and in a coarsened form (the last octet of IPv4 addresses zeroed; only the first 48 bits of IPv6 addresses kept), so the dashboard can show your activity by source. These records are associated only with your anonymous policy identifier, are visible only in your own dashboard, and are retained for 90 days. See "Dashboard Analytics Feature" below.
We do not sell IP addresses, use them for advertising, or share them with data brokers. IP addresses and the location derived from them are used solely to operate, secure, and provide the features of the service.
Mobile App
When you use the ClearDNS mobile app, we process limited device information solely for reinstall recovery and subscription management:
- Vendor Device Identifier: On iOS, we derive a one-way cryptographic hash (SHA-256) from the Identifier for Vendor (IDFV). On Android, a similar hash is derived from the Android ID. These hashes cannot be reversed to obtain the original identifier and are used only to recover your filter configuration if you reinstall the app.
- Device Model and Brand: Basic device information (e.g., "iPhone" or "Pixel") is stored alongside your anonymous device token to help you identify your devices in the dashboard.
- Subscription Management: If you subscribe through the app, purchase records are managed by Apple (App Store) or Google (Play Store) and by RevenueCat, our subscription infrastructure provider. RevenueCat receives only your anonymous policy identifier, not your name, email, or any personal information. For RevenueCat's privacy practices, please refer to their privacy policy.
The vendor device identifier hash resets when you uninstall all ClearDNS apps from your device (iOS) or when you reset your device (Android). We do not use these identifiers for cross-app tracking, advertising, or analytics.
Optional Query Logging
For users who want visibility into their DNS activity (such as parents monitoring children's devices or users troubleshooting), we offer optional 90-day query log retention as an add-on feature.
- This is strictly opt-in and disabled by default
- Logs are stored encrypted and associated only with your anonymous device token
- You can delete your logs at any time
- Logs are automatically purged after 90 days
Dashboard Analytics Feature (Analyze and Full Tiers)
The Analyze and Full subscription tiers include a dashboard analytics feature that lets you view historical DNS activity, trends, and filtering statistics. To power this feature, ClearDNS stores per-query data using Cloudflare's built-in analytics infrastructure. This data includes:
- The domain name queried and the filtering decision (allowed/blocked)
- Your IP address, stored both in full and in a coarsened form (the last octet of IPv4 addresses is zeroed; only the first 48 bits of IPv6 addresses are retained)
- Timing, Cloudflare edge location, and protocol metadata
This data is associated only with your anonymous policy identifier and is never linked to your real-world identity. It includes your IP address (which can constitute personal data, as explained under "IP Addresses" above). It is retained for 90 days, is visible only in your own dashboard, and is used solely to display your analytics. On the Essential and Stream tiers, no per-query data is stored. ClearDNS does not use Google Analytics or any third-party analytics service on the DNS side.
Infrastructure and Security
ClearDNS infrastructure is designed with privacy in mind:
- DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT): All DNS traffic is encrypted, preventing your ISP or network operators from seeing your queries.
- Distributed Processing: We use Cloudflare's global network for DNS resolution, ensuring fast responses and robust security.
- Minimal Storage: DNS queries on the Essential and Stream tiers are processed in real-time and not written to permanent storage. Analyze and Full tiers retain anonymized data to power the dashboard analytics feature as described above.
- Regular Security Audits: Our infrastructure undergoes regular security reviews.
Website and Product Analytics
To understand how people discover ClearDNS and how our website, dashboard, block pages, and apps are used, we run our own first-party analytics. This is a tool we developed and host ourselves on our own infrastructure - it is not a third-party analytics product. We do not use Google Analytics, the Meta pixel, or any third-party tracking or advertising scripts, the data is not sent to any external analytics provider, and we never sell or share it with data brokers or advertisers. This analytics is entirely separate from the DNS service and does not read, log, or affect your DNS queries in any way. It collects:
- A random anonymous visitor identifier: stored in a first-party cookie and your browser's local storage. It is a random value that contains no name, email, or account information and is shared with no one. It expires after at most 180 days.
- Pages and events: the pages you view and basic interactions (for example, opening the subscription screen).
- Referrer and campaign information: the site that referred you and marketing campaign parameters (UTM tags). Because we run paid advertising, we also record advertising click identifiers (such as Google's
gclidor Meta'sfbclid) when they are present in the link you arrived from, solely to measure which campaigns are effective. We do not use this data to build advertising profiles of you or to retarget you across the web. - Approximate device and browser context: such as screen size, browser language, time zone, and browser type, used for aggregate reporting and to display the site correctly.
- IP address (transient): your IP address is used momentarily to derive an approximate, country- or region-level location and is then converted into a salted, one-way hash. This analytics pipeline does not store your raw IP address (note that the DNS service itself processes IP addresses separately, as described under "IP Addresses" above).
Linking to your account: when you use the dashboard or app, we associate this anonymous visitor identifier with your anonymous policy, user, and device identifiers (and your plan tier) so that we can attribute a signup to the marketing or campaign that produced it. These identifiers are the same random, anonymous tokens used by the DNS service; they are never your name, email, or phone number, and we never link them to a real-world identity. This linking happens only within our own first-party analytics and is never shared with advertisers or data brokers.
Your choice (opt-out): our analytics honors the Global Privacy Control (GPC) and Do Not Track browser signals. If your browser sends either signal, no analytics cookie is set and no analytics data is collected. You can also clear your cookies and local storage at any time, and the visitor identifier expires automatically.
We rely on this limited, anonymized, first-party analytics as a legitimate interest in operating, securing, and improving ClearDNS. It does not identify you personally.
Third-Party Services
We use the following third-party service providers to operate ClearDNS:
- Cloudflare: Provides the global edge network for DNS resolution and content delivery. Cloudflare processes DNS requests on our behalf but does not have access to your filter configurations or any identifying information.
- Stripe: Processes web-based payments. Stripe receives your payment method details (card number, Apple Pay, or Google Pay token) and a reference to your anonymous policy identifier. Stripe does not receive your name or email unless you voluntarily provide one for receipts.
- RevenueCat: Manages mobile app subscriptions (iOS App Store and Google Play Store). RevenueCat receives only your anonymous policy identifier and subscription status. It does not receive personal information.
- ip-api.com: Provides IP geolocation so we can show an approximate, country- and city-level location in your dashboard. We send the querying IP address to obtain its approximate location and send no other information. See "IP Addresses" above.
Each provider's privacy practices are governed by their own privacy policies.
Data Retention
- DNS Queries (Essential/Stream): Not retained (processed in real-time only)
- Dashboard Analytics Data (Analyze/Full): 90 days, then automatically deleted
- Filter Configurations: Retained as long as the device token is active
- Device Metadata: Device model and brand are retained as long as the device is active in your policy
- Device Recovery Hashes: Retained as long as the associated policy is active; deleted when the policy is destroyed
- IP Geolocation Cache: IP-to-location mappings are cached to avoid repeat lookups and are retained until refreshed or cleared
- Security Logs: Anomalous request logs, which may include the IP address, are retained for up to 30 days for abuse prevention
- Website and Product Analytics: Anonymous visitor identifier up to 180 days; aggregated, anonymized analytics events retained for product and campaign analysis
Your Rights
Although ClearDNS minimizes personal data collection, we respect your right to control your data:
- You can regenerate your device token at any time to disassociate from previous configurations
- You can turn off analytics (Log Keeping) for your policy at any time in your dashboard, which stops new activity from being recorded. Analytics data is automatically deleted after at most 90 days.
- You can destroy your policy, or let it expire, to stop all further data collection. Because the service is anonymous, we cannot identify or selectively delete the data of an individual person on request, but data is not retained beyond the periods described under "Data Retention."
- You can opt out of website and product analytics using your browser's Global Privacy Control or Do Not Track setting, or by clearing your cookies and local storage
- You can stop using our service at any time by removing the DNS configuration from your device
If you are located in the European Economic Area, you may have rights under the GDPR, including access, rectification, erasure, and data portability of any personal data we hold about you. Because ClearDNS is anonymous and we do not collect identifying information, in most cases we are unable to identify which data, if any, relates to a specific individual, and so cannot action an individual request on that basis (GDPR Article 11). Where we are able to verify a request, we will respond to it. In all cases, your data is governed by the controls and retention periods described above. You can reach us at contact@cleardns.io.
Children's Privacy
ClearDNS does not knowingly collect any personal information from anyone, including children under 13. Our service is designed to protect families, including children, without requiring or storing any personal data.
Changes to This Policy
We may update this Privacy Policy from time to time. We will post any changes on this page with an updated revision date. We encourage you to review this policy periodically.
Contact
If you have questions about this Privacy Policy or our privacy practices, you can reach us at contact@cleardns.io.
By using ClearDNS, you acknowledge that you have read and understood this Privacy Policy.