dnsbl.io

PRIVACY POLICY

Last Updated: January 2025

1. INFORMATION WE COLLECT

1.1 Automatically Collected Information

  • IP addresses making queries to our service
  • Query timestamps and frequency
  • DNS query patterns and types
  • API usage statistics
  • Browser type and operating system (web interface)

1.2 Information You Provide

  • Email addresses (for reports and API key requests)
  • Organization names (optional)
  • Abuse report details and evidence
  • Delist request information
  • Contact form submissions

1.3 Reported IP Addresses

IP addresses reported for abuse are stored in our database along with associated metadata including category, severity, timestamps, and reporter information.

2. HOW WE USE YOUR INFORMATION

We use collected information for:

  • Maintaining and operating the blacklist service
  • Processing abuse reports and delist requests
  • Preventing abuse and enforcing rate limits
  • Improving service quality and performance
  • Generating statistical and analytical reports
  • Communicating with users about their requests
  • Complying with legal obligations

3. DATA SHARING AND DISCLOSURE

3.1 Public Data

Blacklisted IP addresses and associated metadata (category, severity, report count) are publicly accessible through DNS queries and API endpoints. This is the core function of the service.

3.2 Private Data

Reporter email addresses and personal information are kept confidential and not publicly disclosed.

3.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

4. DATA RETENTION

  • Active blacklist entries: Retained until delisted or expired
  • Historical blacklist data: Retained for 2 years
  • Query logs: Retained for 90 days
  • Abuse reports: Retained for 2 years
  • Delist requests: Retained for 1 year after resolution
  • API keys: Retained until revoked by user or administrator

5. DATA SECURITY

We implement industry-standard security measures including:

  • Encrypted data transmission (TLS/SSL)
  • Secure database storage with access controls
  • Regular security audits and updates
  • Rate limiting and abuse prevention
  • API key authentication for programmatic access

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. YOUR RIGHTS

You have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal obligations)
  • Object to processing of your data
  • Request delist of your IP addresses (subject to verification)
  • Revoke API keys at any time

7. COOKIES AND TRACKING

Our website uses minimal cookies for essential functionality only. We do not use third-party tracking or advertising cookies. Session cookies are used to maintain user state during web interface usage.

8. THIRD-PARTY SERVICES

We use Supabase for database hosting. Their privacy policy applies to data stored on their infrastructure. We do not share your data with any other third parties except as required by law.

9. INTERNATIONAL DATA TRANSFERS

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

10. CHILDREN'S PRIVACY

Our service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children.

11. CHANGES TO PRIVACY POLICY

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the service after changes constitutes acceptance.

12. CONTACT

For privacy-related questions or to exercise your rights, contact us at privacy@dnsbl.io or through our contact form.