Privacy Policy
Last Updated: June 26, 2026
This Privacy Policy explains what personal data KyedNS ("KyedNS", "the Service", "we") collects, why, and what rights you have. KyedNS is operated from Denmark and is subject to the EU General Data Protection Regulation (GDPR).
1. Who is responsible for your data
The data controller is Michael Kyed, Denmark. For any privacy question or to exercise your rights, contact michael@kyed.dk.
2. What we collect
- Account data: your email address and the name you provide.
- Authentication: we use passwordless login, so we send one-time login links by email; we store login timestamps and the IP address of your last sign-in.
- DNS & dynamic-DNS data: the domains, zones, and records you create, including IP addresses submitted by your dynamic-DNS clients (routers). This is the core function of the Service.
- Security & abuse data: IP addresses and request metadata in our server logs, and an audit/activity record of changes, used to operate the Service securely and investigate abuse.
IP addresses are personal data under GDPR, which is why they are covered here.
3. Why we use it, and our legal basis
- To provide the Service — creating your account, authenticating you, and storing and serving your DNS records. Legal basis: performance of a contract (GDPR Art. 6(1)(b)).
- To keep the Service secure — logging, rate-limiting, abuse detection and blocking, and maintaining an audit trail (including for responding to lawful requests). Legal basis: our legitimate interests in protecting the Service and its users (GDPR Art. 6(1)(f)).
4. Cookies
We use a single essential cookie to keep you signed in. We do not use advertising, analytics, or third-party tracking cookies, so no cookie-consent banner is required.
5. Who we share it with
We do not sell your data. We use a small number of processors who handle data on our behalf under data-processing agreements:
- Hetzner (Germany, EU) — hosting and database infrastructure.
- AWS (Amazon SES) — sending transactional email (login links, notifications).
- AppSignal (EU) — error and performance monitoring. Sensitive parameters (credentials, tokens, emails, IPs) are filtered out before any data is sent.
6. How long we keep it
- Account data: for as long as your account exists, and a short period afterwards to handle wind-down and disputes.
- Audit records: up to 36 months, then deleted.
- Activity records (zone changes): up to 12 months, then deleted.
- Server logs: up to 30 days, then deleted.
7. International transfers
All of our processors operate within the EU: hosting (Hetzner) and monitoring (AppSignal) in the EU, and email delivery (AWS SES) in AWS's Frankfurt (EU) region, so your data is processed in the EU. To the extent AWS's US parent could be subject to a US access request, that situation is covered by an approved transfer mechanism (the EU-US Data Privacy Framework and/or Standard Contractual Clauses).
8. Your rights
Under GDPR you have the right to access your data, correct it, have it erased, restrict or object to its processing, and receive a copy in a portable format. To exercise any of these, email michael@kyed.dk and we will respond within one month. Note that erasure also reaches our audit and activity records.
If you believe we have handled your data unlawfully, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet, datatilsynet.dk).
9. Changes
We may update this Policy. Material changes will be reflected by the "Last Updated" date above, and where appropriate we will notify you.
10. Contact
Questions about this Policy or your data: michael@kyed.dk.