Your Privacy

This document provides important information about the data that we collect when you use Google Public DNS, how long we store it, and how we use it. You can also read our Terms of Service.

Our Commitment

We take your privacy very seriously. Google Public DNS adheres to the Google Privacy Policy. Moreover, Google does not use any personal information collected through the Public DNS service to target ads.

We do not correlate or associate personal information in Google Public DNS logs with your information from use of any other Google service except for addressing security and abuse.

Information that we collect

The information that we collect about your DNS queries is stored in two types of logs, each detailed below:

Temporary DNS Logs

Temporary logs are the only logs that store both your IP address and your DNS query. Specifically, the temporary logs include:

  • the IP address of your device sending the DNS query
  • the technical information collected for Permanent Logs (see below)
  • for DNS-over-HTTPS (DoH): the Content-Type and Accept HTTP headers

These logs are subject to our deletion processes within 24-48 hours. They are only used for the following reasons:

  • to identify and mitigate security threats or activity that we deem abusive or otherwise malicious,
  • to fix, maintain, and improve Google DNS services, and
  • to generate aggregate non-personally identifiable DNS usage summaries.

To address security and abuse issues, we may retain information from the temporary logs for longer than 48 hours, in each case solely for the limited purpose of resolving such issues.

Permanent DNS Logs

The permanent logs are a sampling of the temporary logs where your IP address is removed and replaced by a city or region-level location. Thus, the permanent logs contain no personal information about you. The following information is logged in the permanent logs:

  • Requested domain name
  • Request type (A , AAAA , NS, MX, TXT, etc.)
  • Request Size
  • Transport protocol (TCP, UDP, TLS, or HTTPS)
  • Client's autonomous system number
  • User's geolocation: country, region, and city (no more specific than 1 km² and 1000 users)
  • DNS Response code
  • Google DNS server information
  • Timestamp
  • Processing time
  • Response DNS flags (including AD, CD, DO, RD, and TC)
  • Response size
  • EDNS version
  • EDNS option
  • EDNS Client Subnet (ECS) (IP protocol and prefix length -- excluding the client IP address)
  • For DNS-over-HTTPS (DoH):
    • Version string corresponding to HTTP path (/dns-query or /resolve)
    • Response HTTP encoding, such as application/dns-message or json

Previous Versions

You can see all past versions of this policy.