What We Cannot See
Your browsing history is invisible to us.
HARBOR PRIVACY HAS NO ACCESS TO
- Your DNS queries — the websites your devices look up
- Your browsing history or search terms
- Your IP address or physical location
- What sites you visit or how long you spend on them
- Any past query history — logs are off by default
- Content of any web traffic
AdGuard Home's query logging is intentionally disabled on every Harbor Privacy installation. We did not turn it on and we do not turn it on unless you specifically request help troubleshooting a site that isn't loading.
What We Can See
Only anonymous statistics.
HARBOR PRIVACY CAN SEE
- Your client ID — a random identifier like timothy4821. Not linked to your name or identity.
- Total DNS queries processed today and this week — a number only, no detail
- Total queries blocked — a number only
- Percentage of queries blocked by category — aggregated, not individual
- Your name and email — provided at signup, used only to contact you
- Payment information — handled entirely by Stripe, we never see your card details
Support & Troubleshooting
What happens if I need help?
If a specific site stops loading for you and you contact us for help, we may temporarily enable query logging for that one domain so we can diagnose the issue. Here is exactly how that works:
TEMPORARY TROUBLESHOOTING LOGS
- Logging is only enabled with your knowledge and consent
- We can only see queries going forward — not historical data
- You must reproduce the issue for us to see anything
- Logs are reviewed only to fix your specific issue
- Logs are deleted immediately after the issue is resolved
- We cannot pull up past browsing history — it does not exist
- We do not retain logs after troubleshooting is complete
Legal Requests & Subpoenas
What happens if we receive a legal request?
We have nothing to give.
Harbor Privacy does not retain DNS query logs, browsing history, or any record of what websites you have visited. If we receive a subpoena or legal request for your browsing data, we cannot provide what we do not have.
The only information we retain is:
- Your name and email address
- Your subscription status
- Payment records handled by Stripe
We comply with lawful legal requests. We will always notify you if we receive a request related to your account unless prohibited by law from doing so.
Harbor Privacy Fax
Fax transmission — what we keep and what we don't.
HARBOR PRIVACY FAX — DATA HANDLING
- Your document is never stored after delivery is confirmed
- We do not retain the fax number you dialed
- We do not retain cover page contents or message text
- No account is required — nothing to link back to you
- Fax transmission is routed through Telnyx LLC, a licensed telecommunications carrier
- Telnyx may retain standard call detail records (number dialed, timestamp, duration) as required by telecommunications regulations — this is outside our control and standard for all carriers
- The only record we retain is a Stripe transaction ID, amount, and timestamp for billing reconciliation
- Documents are permanently deleted within 30 minutes maximum if delivery cannot be confirmed
Harbor Privacy Fax operates under the HIPAA conduit exception (45 CFR §164.500(b)) -- the same legal category as a telephone company or postal carrier. We transmit and immediately discard. We are not a covered entity and do not act as a business associate.
If you need absolute certainty that no metadata exists anywhere, understand that Telnyx as a carrier operates under FCC regulations that require standard call record retention. Harbor Privacy itself holds nothing beyond the Stripe transaction record.
Career by Harbor Privacy
AI career tools — what happens to your resume.
CAREER BY HARBOR PRIVACY — DATA HANDLING
- Your resume text is not stored after your document is delivered
- Your job description text is not retained
- We do not use your submitted content to train AI models
- No account is required to use the career tools
- Resume and job description text is submitted to Anthropic's Claude API for document generation
- Anthropic's API data handling policies apply to content in transit -- see anthropic.com/privacy
- Payment is processed by Stripe via access codes -- we never see your card details
- Only a Stripe transaction ID, amount, and timestamp are retained for billing
Your resume contains some of the most personal information about you. We built the career tools with the same philosophy as the rest of Harbor Privacy -- process what is needed, deliver the result, discard everything else. We are not in the business of building profiles on job seekers.
Harbor Money
We never see your bank.
Harbor Money is the only personal finance product we know of that ships without bank credentials. There is no Plaid, no MX, no screen-scrape, no third-party aggregator. You forward transaction-alert emails from your bank to a private address we issue you. We read the email. That's the entire pipeline.
- We do not have, request, or store your bank username or password
- We do not have your full account or card number — only the last four digits if the bank's email mentions them
- We do not pull balances, statements, or history from your bank
- We do not log into your email, scrape your inbox, or read anything you don't forward
- We keep parsed transaction values (date, amount, merchant, last-four) so the app works
- We keep the forwarded email body (truncated) so you can audit and re-parse if a rule changes
- You can rotate your inbound address from Settings, which invalidates anything pointed at the old one
- If our built-in parsers can't read an email, we may send just that one email's text to Anthropic's Claude Haiku for a parsing assist. Anthropic's stated policy is that it does not train on API inputs and does not retain message content beyond 30 days for trust & safety. You can disable AI fallback entirely in Settings → Privacy controls.
- Inbound mail is received via Cloudflare Email Routing on
harborprivacy.app. Per Cloudflare's published policy, they do not store email body content, do not data-mine inbound messages, and do not use the content for training or advertising. Cloudflare's role in our pipeline is to receive the SMTP message, hand the raw bytes to our Worker for processing, and discard the message immediately after. We do not give Cloudflare permission to retain it, and they don't.
The opposite of Harbor Money is every "free" budgeting app that asks for your bank login. They get your data; you get the budget tool. Harbor Money charges you a small fee so we can stay on the right side of that trade.
Why This Matters
This is intentional, not incidental.
OUR COMMITMENT
We built Harbor Privacy specifically because we believe your browsing history is none of your ISP's business — and none of ours either.
A privacy service that logs your data is not a privacy service. We designed our infrastructure from the ground up to collect as little as technically possible while still delivering the service.
Children's Privacy (Harbor Kids)
COPPA COMPLIANCE
Harbor Kids accounts are established and managed entirely by a parent or legal guardian. We do not knowingly collect personal information from children under 13.
If you believe a child under 13 has provided us with personal information without parental consent, contact us at support@harborprivacy.com and we will delete it immediately.
Harbor Kids child profiles are identified only by a sub-account ID appended to the parent account (e.g. accountid-kid1). No names, ages, or any personal information about the child is stored. DNS filtering is applied at the network level — we do not monitor, record, or retain what sites your child visits.
Harbor Kids is not directed at children. It is a parental tool, purchased and managed by adults. Children do not create accounts, log in, or interact with our systems in any way.
If you have questions about our data practices, email us at info@harborprivacy.com. We will answer in plain English.