Security and trust, in the open.
How we protect your data, prove our claims, and stay accountable — without asking you to take our word for it.
Principles
What we refuse to compromise.
Privacy by design
No logs, no telemetry, no profiles. Privacy is the default, not a setting.
Zero surveillance
We protect, we do not watch. We never sell or share data with advertisers or brokers.
Encryption by default
DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) keep queries unreadable in transit.
Open standards
DoH, DoT and RPZ — interoperable and inspectable, not proprietary black boxes.
The proof
Verifiable today — not "trust us".
Compliance & legal framework
A complete, multi-jurisdiction legal suite written to GDPR (EU), KVKK (Türkiye) and CCPA (California): Privacy, Terms, Cookies, Acceptable Use and more.
Responsible disclosure
A published security contact under RFC 9116. Report issues to [email protected]; our security policy describes how we respond.
Zero-log data handling
Guardino DNS resolves in memory and keeps no query logs. The full product data practices — what is and isn't stored — are public at guardino.ai/transparency.
Named sub-processors
We publish every third party that may process data on our behalf and update the list before material changes: sub-processor list.
Certifications — the honest version
We don't claim badges we haven't earned. Today: encrypted open standards, a zero-log product, a published security contact, and a full legal framework. Formal third-party attestations (SOC 2, ISO 27001) and independent audits are on our roadmap as the products scale — and they'll appear here, with proof, when they're real.
FAQ
Trust, answered.
Does Guardino log DNS queries?
No. Guardino DNS is zero-log: it resolves queries in memory and does not write the people behind them to disk, build profiles, or sell DNS data. The full data practices are published at guardino.ai/transparency.
How do I report a security vulnerability?
We publish a security contact under RFC 9116 at /.well-known/security.txt. Email [email protected] with details; our disclosure policy lives at /legal/security. We acknowledge reports and coordinate disclosure responsibly.
Is Guardino GDPR, KVKK and CCPA aligned?
Yes. Guardino Technologies LLC maintains a full legal framework — Privacy Policy, Terms, Cookie Policy, DPA terms and a named sub-processor list — written to GDPR (EU), KVKK (Türkiye) and CCPA (California) expectations.
Do you have SOC 2 or ISO 27001?
Not yet. We are an early-stage company and are honest about it: today we publish a security contact, operate on encrypted open standards, keep a zero-log product, and maintain a complete legal/privacy framework. Formal third-party attestations (SOC 2, ISO 27001) and independent audits are on our roadmap as the products scale, and we will publish them on this page when complete.
Who are your sub-processors?
We maintain a public, named sub-processor list at /legal/sub-processors and update it before any material change, so you always know which third parties may process data on our behalf.
Where is Guardino based and incorporated?
Guardino Technologies LLC is incorporated in Wyoming, United States, and operates from Istanbul, Türkiye.