The short version: We do not log your DNS queries, fax contents, or resume submissions. We do not sell data. We do not share data with third parties except what is strictly required to deliver the service you paid for. The third parties we use are listed in full below.
1. Who We Are
Harbor Privacy operates three products: a DNS-based network protection service, a secure anonymous fax service, and an AI-powered career document tool. All products are operated under the Harbor Privacy brand from Pembroke, MA.
Questions: privacy@harborprivacy.com
2. What We Collect and Why
Harbor Privacy DNS
DNS queries are processed in memory only and never written to disk or retained. We collect:
- Your email address (to create and manage your account)
- Payment information (processed entirely by Stripe -- we never see or store your card details)
- Your assigned AdGuard client ID (to provision your DNS endpoint)
Harbor Privacy Fax
- Your document is uploaded, converted, and transmitted to the destination fax number via Telnyx
- The file is permanently deleted the moment Telnyx confirms delivery via webhook
- We do not store the fax number dialed, document contents, or cover page message after transmission
- No account is required to send a fax
- Payment is processed by Stripe. We do not store card details.
- The only record retained is a Stripe transaction ID, amount, and timestamp for billing reconciliation
Career by Harbor Privacy
- Resume and job description text is submitted to Anthropic's Claude API to generate your document
- Submitted content is not retained after your document is delivered
- We do not use your resume content to train AI models
- Payment is processed by Stripe via access codes
3. Third-Party Services — Full Disclosure
We use a minimal, carefully chosen set of third-party services. Here is every external service that touches your data across all Harbor Privacy products:
| Service | Purpose | Products | Data Shared | Their Policy |
|---|---|---|---|---|
| Stripe | Payment processing | DNS, Fax, Career | Payment card details, transaction amount, email (if provided). We never see or store raw card numbers. | stripe.com/privacy |
| Telnyx | Fax transmission (T.38 FoIP) | Fax | Your document (temporarily, for transmission only), destination fax number, delivery status. Telnyx operates as a conduit and does not retain document contents after transmission. | telnyx.com/privacy-policy |
| Anthropic | AI document generation (Claude API) | Career | Resume text and job description submitted for document generation. Subject to Anthropic API data handling policies. We do not send identifying information beyond document content. | anthropic.com/privacy |
| Resend | Transactional email (receipts, fax delivery confirmations) | DNS, Fax, Career | Your email address and the content of the transactional email (receipt or delivery notification). Not used for marketing. | resend.com/privacy |
| Umami Analytics | Privacy-respecting page view analytics | DNS, Fax, Career | Aggregate page view counts and referrer sources only. No cookies, no fingerprinting, no individual tracking, no personally identifiable information collected. | umami.is/privacy |
| Oracle Cloud | Server infrastructure hosting | DNS, Fax, Career | All Harbor Privacy services run on Oracle Cloud Infrastructure (OCI) in the US. Oracle provides the compute environment but does not access application-level data. | oracle.com/legal/privacy |
| AdGuard Home | DNS filtering engine (self-hosted) | DNS | Self-hosted on our Oracle Cloud infrastructure. No data leaves our servers. AdGuard Home is open source (GPL v3). Query logs are disabled. | adguard.com/privacy |
We do not use Google Analytics, Meta Pixel, or any advertising technology on any Harbor Privacy property. We do not sell, rent, or share your data with advertisers or data brokers.
4. Cookies and Analytics
We use Umami Analytics -- a cookieless, privacy-respecting analytics platform. It collects no personally identifiable information, uses no cookies, and does not fingerprint your browser. It gives us aggregate traffic counts only.
No other cookies or tracking scripts are present on any Harbor Privacy property.
5. Data Retention
- DNS queries: Never stored. Zero retention.
- Fax documents: Deleted immediately on Telnyx delivery confirmation. Maximum 30-minute failsafe cleanup if transmission does not complete.
- Career documents: Not retained after PDF delivery.
- DNS account data: Retained for the life of your subscription plus 30 days after cancellation, then permanently deleted.
- Payment records: Stripe transaction ID, amount, and timestamp retained as required for tax and financial records (typically 7 years). No document or query content is included.
- Fax delivery confirmation emails: Sent via Resend and not stored on our servers.
6. Security
All data in transit is encrypted via TLS. Our servers run hardened Ubuntu instances on Oracle Cloud with restricted SSH access and no unnecessary open ports. API keys and secrets are stored in systemd environment variables, never in source code or logs. We do not operate shared hosting environments.
7. Your Rights
Because we collect so little, there is very little to act on -- but you have the right to request deletion of your account and associated data, ask what data we hold about you, and correct any inaccurate account information. Email privacy@harborprivacy.com and we will respond within 5 business days.
8. Law Enforcement
Because we do not log DNS queries, fax contents, or document submissions, there is nothing substantive to hand over. In the event of a valid legal request, we can only provide what we actually retain: account email addresses and Stripe payment records for DNS subscribers. We have no ability to produce browsing history, fax contents, or document contents because we do not store them.
9. Children
Harbor Privacy services are not directed at children under 13. We do not knowingly collect data from children.
10. Changes to This Policy
If we make material changes, we will update the date above and notify active DNS subscribers by email. Continued use after an update constitutes acceptance.
11. Contact
Harbor Privacy | privacy@harborprivacy.com | harborprivacy.com