ngsrv

Privacy Policy

Last updated: May 18, 2026

1. Introduction

ngsrv ("we," "our," or "us") operates the ngsrv.com website, the ngsrv command-line interface, and the tunneling and edge services that route public traffic to your origin (collectively, the "Service"). This Privacy Policy describes the personal data we process, why, for how long, and the choices you have. By using the Service, you agree to this policy.

We are not a free anonymizer. We are an edge that sits between the public internet and your origin, and we keep enough data to route traffic, enforce your security policies, bill accurately, and respond to abuse. We try to keep the rest at zero.

2. Data we collect about you

2.1 Account & billing

  • Email address and a hashed password.
  • Team and workspace membership.
  • API tokens and CLI tokens you generate (we store a hash and a short prefix, not the secret).
  • Billing details and tax information you provide. Card data is handled by a PCI-compliant payment processor — we never see or store full card numbers.

2.2 Tunnel and infrastructure metadata

For every active tunnel we record what we need to route it, bill it, and show it to you in the dashboard:

  • Tunnel ID, the subdomain or BYOD hostname assigned to it, and the team and user that own it.
  • Connection lifecycle events (connect / disconnect, duration, region).
  • Aggregated bandwidth (bytes in / bytes out) for billing.

2.3 Per-request edge logs

By default, every request that passes through the edge generates a structured log line so you can debug, audit, and bill it. That log includes:

  • Timestamp, HTTP method, path, query string.
  • Status code, response time, request and response size.
  • Client IP address and a coarse location (country / region) derived from it.
  • A bounded set of request and response headers needed for routing, debugging, and security enforcement (such asHost,User-Agent,Referer,Content-Type,Content-Length, and the headers our security policies actually inspect). Authorization-bearing headers (Authorization,Cookie,Set-Cookie) are redacted.

We do not log request or response bodies in this default mode.

2.4 Full Capture (opt-in only)

Paid teams may enable a feature called Full Capture, which extends the per-request log to include the full request and response body (truncated at 1 MB each). This is for debugging webhooks, integrations, and APIs.

  • Off by default. Must be enabled by the team owner from the Team Settings page.
  • Enabling it records who consented and when (full_capture_consent_at / full_capture_consent_by), so the team always has an audit trail.
  • Captured bodies inherit the same retention as your other request logs (see §5) and are deleted automatically when retention expires.
  • Disabling Full Capture stops the capture immediately for future requests; existing captured bodies age out under retention.

If your end-users send personal or sensitive data through your service, you (the team operating that service) are responsible for whether enabling Full Capture is appropriate, and for disclosing that to them.

2.5 Security and audit data

  • Sign-in events, IP and user-agent, and security policy triggers (e.g. WAF blocks, rate-limit denials, geo blocks).
  • Configuration changes (who created or removed a domain, token, policy, or team member).

2.6 Dashboard analytics

The ngsrv.com website uses essential cookies for sign-in. We do not run third-party advertising or behavioural tracking scripts.

3. Why we process this data

  • Routing: forward requests from a public hostname to the right tunnel and origin.
  • Security: enforce IP allow/deny lists, geo restrictions, rate limits, WAF rules, header auth, and time-based access — all of which are configured by you.
  • Billing: count bandwidth, requests, and add-ons against your plan.
  • Debugging: show you per-request logs in your dashboard, and Full Capture bodies if your team enabled it.
  • Abuse response: investigate and act on reports of phishing, malware, illegal content, or attacks routed through our edge.
  • Account & legal: operate your account, send service email, comply with tax and legal obligations.

4. Who we share data with

We do not sell or rent your personal data. We share it only with:

  • Subprocessors that run parts of the Service on our behalf — currently our cloud infrastructure, our managed database and auth provider, our payment processor, and our email provider. Each is bound by a data processing agreement and only receives what they need.
  • Legal authorities when we are legally required to (subpoena, court order, valid government request) or to protect the rights, safety, or property of ngsrv, our users, or the public.
  • An acquirer in the event of a merger, acquisition, or sale of all or part of our business — in which case the data continues to be handled under a policy at least as protective as this one.

5. Retention

Per-request logs (and any Full Capture bodies they contain) are deleted automatically by a daily job. The retention window is bound to your plan:

PlanRequest logsSecurity audit logs
Free3 days1 day
Pro7 days7 days
Pay-as-you-go30 days30 days
Enterprise90 days90 days

Other categories:

  • Account data — kept while the account is active. Deleted within 30 days of account deletion, except where we must keep it for legal or accounting reasons.
  • Billing records — kept for the period required by tax law in the relevant jurisdiction (typically 7 years).
  • Backups — purged on a rolling window; deletions propagate as backups age out.

6. Security

  • TLS for all public traffic.
  • Passwords are stored as salted hashes.
  • API and CLI tokens are stored as hashes; the plaintext is shown to you exactly once when you create it.
  • Database access is gated by row-level security so a team cannot read another team's data.
  • Sensitive headers are redacted before logs are written.

No system is invulnerable. If we discover a breach affecting your data, we will notify affected accounts without undue delay.

7. Your rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate personal data.
  • Delete your account and the personal data we hold about you.
  • Export your account data in a machine-readable form.
  • Object to or restrict certain processing, where the law gives you that right.

Most of these are available directly from the dashboard. Anything else, email privacy@ngsrv.com and we will respond within 30 days.

8. End-users of services tunneled through ngsrv

When traffic from your end-users hits ngsrv on its way to your service, ngsrv processes their data (such as their IP address) on your behalf as a processor. You — the team operating the service — are the controller for that data and remain responsible for telling your end-users about it in your own privacy notice.

9. International transfers

Our edge is global. Your traffic and the resulting logs may be processed in regions other than the one you live in. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

10. Children

ngsrv is not directed to people under 18 and we do not knowingly collect personal data from them. If you believe a child has created an account, contact us and we will delete it.

11. Changes

We will update this page when we change how we handle data. Material changes will be highlighted in-product or by email before they take effect. The "Last updated" date above always reflects the current version.

12. Contact

Privacy questions or requests: privacy@ngsrv.com

Security reports: security@ngsrv.com