Last updated: 13 May 2026
Name, email address, IP address, and subdomain configuration data you provide. We also log activity for security and abuse prevention.
To operate the service, send transactional emails, and prevent abuse. We do not sell your data to any third party.
We use a single session cookie for authentication. No advertising or tracking cookies are used.
Your subdomain name and DNS records are stored in our database and pushed to Cloudflare. Subdomain names are publicly visible in the directory.
Cloudflare receives subdomain names and DNS values. Your SMTP provider receives your email for delivery. No other third-party data sharing occurs.
Account data is retained until you delete your account. Activity logs are retained for 30 days. Released subdomain history is kept for 90 days then purged.
You may delete your account at any time from the dashboard. This permanently removes your account and all associated data. Contact us to request a data export.
Passwords are hashed with bcrypt (cost 12). All sessions are CSRF-protected. HTTPS is enforced in production.
Questions about your data? Use the contact form in the dashboard.