a. The privacy of users of the Service is very important to CIRA. CIRA will not sell, rent, or license your personal information to any third party.
b. As an open DNS resolver, there is no signup or requirement to disclose personal information to CIRA, other than that which is provided by accessing the Service. The only method by which CIRA can identify end users is by the IP (internet protocol) address of the user.
c. When you use the Service, we collect your IP (internet protocol) address, and your domain name queries. IP addresses may represent individual persons or devices, or they may represent large groups of end users within an organization. The Service does not distinguish between single and multiple users behind a single IP address.
d. Your detailed DNS query data that includes your IP address will be retained by CIRA for up to twenty-four (24) hours, in order to identify and protect the Service from any malicious behaviour, after which time it will be deleted. Beyond 24 hours only aggregated data will be retained in which your domain name queries will no longer be attributable to your IP address.
e. In the event CIRA observes behaviours which CIRA deems to be malicious or anomalous, CIRA may retain detailed DNS query data in the course of normal network defense and mitigation. This collection will be limited to DNS query data associated with IP addresses that CIRA determines are involved in the event.
f. CIRA will use threat feeds provided by intelligence partners.CIRA may share with intelligence partners data about domains and the number of blocks associated with them. This data will not include any Canadian Shield User’s Personally Identifiable Information (PII).
g. CIRA may also share high level anonymized aggregate statistics, including metrics on threat type, geolocation, as well as other vertical metrics including performance of the Service (e.g. number of threats blocked, infrastructure uptime) with the public and with its threat intelligence partners.