RocketDNS

Privacy Policy

Last Updated: January 27, 2026

1. Introduction

RocketDNS ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you subscribe to our Secondary DNS service. We adhere to the principles of GDPR, CCPA, and PIPEDA to ensure your rights are respected.

2. Role of Paddle (Merchant of Record)

Our order process is conducted by our online reseller Paddle.com. Paddle.com is the Merchant of Record for all our orders. Paddle provides all customer service inquiries related to billing and handles returns.

When you purchase a subscription, the personal data required for the transaction (such as your name, address, payment details, and tax identification) is collected and processed directly by Paddle.com in accordance with their Privacy Policy. RocketDNS does not store your full credit card number. We only receive the data necessary for service fulfillment, such as your email address and subscription validity status.

3. Information We Collect

We collect only the data necessary to provide and improve our service:

  • Account Information: Name, email address, password hash, and subscription metadata (synced from Paddle).
  • Service Data: Domain names, zone files (DNS records), and IP configurations you input.
  • Operational Logs: IP addresses interacting with our API or Dashboard, and metadata regarding DNS query volume (for billing purposes).

4. Data Retention

We retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy.

  • Account Data: Retained for the lifetime of your account plus 2 years for audit/tax compliance.
  • DNS Query Logs: Retained for a maximum of 30 days for debugging and security analysis, after which they are aggregated or deleted.

5. Your Rights (GDPR & CCPA)

Depending on your location, you may have the following rights regarding your personal data:

  • The right to access: You have the right to request copies of your personal data.
  • The right to rectification: You have the right to request that we correct any information you believe is inaccurate.
  • The right to erasure: You have the right to request that we erase your personal data ("Right to be Forgotten"), subject to legal billing retention requirements.
  • The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

To exercise these rights, please contact us at privacy@rocketdns.io.

6. Cookies and Tracking

We use minimal cookies strictly necessary for the operation of the dashboard:

  • Session Cookies: To keep you logged in securely (`rocketdns_session`).
  • XSRF-TOKEN: To prevent Cross-Site Request Forgery attacks.

We do not use third-party advertising cookies or sell your browsing data to ad networks.

7. Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption of data in transit (TLS 1.2+) and encryption of sensitive secrets (API tokens, Webhook keys) at rest.