Duck DNS

free dynamic DNS hosted on Amazon VPC

support us: become a Patreon
new: install smoothwall, synology, EdgeRouter, mono, c#, bsd, netcat
updated: install Fritzbox, Free Nas, Mikrotik

Duck DNS Privacy Statement
(last updated September 9th 2018)

Dear DuckDNS User: we put this Privacy Statement in place so that you know how we handle your data.
This privacy policy is designed to comply with the GDPR (the EU General Data Protection Regulation of 2018) and other applicable privacy laws.

We may update our policies in order to reflect changes to our practices on the collection, storage and use of personal information.
The latest version will always be posted at this website.
If you want to have the latest information about our personal information handling practices, which we may collect through this website or when you register for a domain name, we suggest that you check this website frequently for updates to our privacy statement.
We only collect the data that we need to operate DuckDNS and this website, and we will not make this information public.

1. Information that we collect and why we collect it

When you register for the DuckDNS Dynamic Domain Name System service, we collect certain information from you to allow you to effectively use the service.
We only collect the minimum amount of information needed to operate the service.
For example: the IP address used to create your account, your email address, the issued access token for authorization (required by the DDNS API), and your target IP address.
This information can be personal information in that it may be possible to identify you based on this information alone, or in connection with other information.
We hold on to this information for recordkeeping purposes, in order to better assist you in the future.

This website uses cookies to facilitate user login. For instance, when we use a cookie to identify your session, you do not have to login with a password for each request that you make, thereby making the user experience of our site optimal. You can choose to not accept cookies, but it may affect your ability to login to, or to effectively use the website.

Cookies are also used on our Website by third parties for analytics, specifically, by Google Analytics, Persona, Twitter, Facebook, Reddit, Patreon, Paypal and Bitcoin.
Personal information may be collected by such providers for their own use, in line with their own privacy practices.
You may check the privacy statements of each of these providers to decide whether you are comfortable with their policies.

2. Sharing of Personal Data

DuckDNS may share personal information with our affiliates, and with companies, organizations or individuals outside of DuckDNS if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary or desirable to:
  • meet any applicable law, regulation, legal process or enforceable governmental request.
  • enforce applicable Terms of Use, including investigation of potential violations.
  • detect, prevent, or otherwise address abuse, security or technical issues.
  • protect against harm to the rights, property or safety of DuckDNS, our users or the public as required or permitted by law.
  • operate this website, including requesting contributions.
  • provisioning and operating the DuckDNS service.

3. Our Server & DuckDNS Services

This Website is hosted on AWS cloud services, at an Amazon data centre. AWS provides physical security of our systems.

Details are available at https://aws.amazon.com/compliance/data-center/data-centers/

Our servers are separated by a VPC, the disks are encrypted at rest. Logs are deleted after 90 days.
The information that might be personally identifiable contained in these logs is: IP, email; browser; and referrer paths.

Our servers are protected by AWS firewalls. They are not directly accessible via the Internet.
The DuckDNS service is run over SSL with a valid 256bit signed ssl certificate.
Our data is stored in an AWS provided database that is separated and only accessible to servers that are granted a role to access them.
Access to the database via the AWS Console is secured through MFA. Data in the database is encrypted at rest.

4. List of Third-party Data Processors

  • We use Google Analytics to process personal data for us.
  • We also use Google Drive for storing data.
We use these third-party services because they are cost effective. If we didn’t use these services, we wouldn’t be able to offer this great platform for free.
It is possible that some of them may store and transfer information from the EU to other countries.
We have reviewed Google’s privacy policies, specifically for each of these services, and we think that their standards are in-line with our own.
However, you should read these privacy policies for yourself and/or contact us with any questions that you may have, to decide for yourself.

5. Opting out

One of your rights under the GDPR and similar laws is to opt out of data collection.
You can do so at any time, but that means that the service or the website may become unavailable to you.
If you opted in and later want to change your mind, please write us at the below address.

6. Data Retention

We store the data we collect for about a year after a user or the DNS entry is no longer active.
Once a year, we do a data purge. The only exception to this is when we have a legal obligation to keep it longer.

7. Data Controller, Breaches & Privacy Concerns/Requests

Duck DNS’ data controller is Duckbill Holdings (Canada) Ltd.

If there is a breach of our database or the database of any third party that we use, we will contact you as well as the relevant authorities that we are required to contact under law, if you are affected.

Users of DuckDNS can request a copy of any of their personal information that we have in our system by sending an email to the person who handles our data protection at privacy@duckdns.org.

Any privacy-related issues or concerns about DuckDNS, the site or our services, including data correction (updates to your personal information) or other data subject access requests, can also be directed to privacy@duckdns.org.