no reason you can’t make some yourself. here is what i would change it to:
‘By default, user created profiles have logs (including client IP addresses and domains) enabled by default. Note that this somewhat contradicts the service’s privacy policy, which states that “If not specifically requested by the user, no data is logged.”’
I added a direct quote from the privacy policy to back up your statement too.
Thanks! I updated the commit as suggested:
I think this could still be made more clear.
To recap:
Your current PR clarified option #2 which is good. But you’ve left out #1 entirely, which is still misleading, just in a different way.
I’d suggest something like,
If used without an account, NextDNS does not keep logs.
If used with an account, NextDNS can provide insights and logging features. Logging is enabled by default. You can choose retention times and log storage locations for any logs you choose to keep, or disable logs completely. Note that this is inconsistent with the service’s Privacy Policy - NextDNS
I don’t think it’s misleading, since the footnote specifically stated about insights and logging features, which require a user account to be usable, and also their related privacy policy.
Moreover, we can’t guarantee that the no log policy when using the service without the insights and logging features wouldn’t be bogus as well. Maybe a banner like what @anonymous159 suggested would be more appropriated than to include an unrelated policy to the current footnote content.
On a side question:
Anyone, who has a account, can open a issue at GitHub if he hopes for something to be resolved?
Simple yes/no, as I dont want to derail
Agreed, at this point, it would be more appropriated to discuss this issue in the opened PR, unless one also has their PR opening and want to inform the others in this thread/community.
Yes, anyone with a GitHub account can do that. Though, recommendations should be discussed first in the forum before opening a PR.
Both of you have a private message 
Footnote #5 refers to the logging policy for NextDNS as a whole. Which can be used with or without an account.
ControlD is in a similar situation, and both things are clearly and separately acknowledged in the footnote It would be inconsistent and misleading to treat NextDNS differently.
- Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data.
There’s a new PR being discussed here:
Now, the PR has been merged, unfortunately, with this commit:
When used with an account, NextDNS will enable insights and logging features by default (as some features require it). You can choose retention time and log storage location for any logs you choose to keep, or disable logs altogether. If used without an account, no data is logged. https://nextdns.io/privacy
It’s a total disaster, IMO. This really shows there’s a favorite kid that would be protected by the teacher no matter what.
I have at lease 2 issues with the above statement that got merged to the PG repo:
If not specifically requested by the user, no data is logged. Some features require some sort of data retention; in that case, our users are given the option, control, and full access to what is logged and for how long.
Can anyone see the bold text in the statement above? It’s saying that the logging is NOT turned on by default, unless the user specifically requested it.
So, with the merged PR’s statement:
When used with an account, NextDNS will enable insights and logging features by default (as some features require it). You can choose retention time and log storage location for any logs you choose to keep, or disable logs altogether.
Where the hell in the policy which stated that NextDNS will enable insights and logging features by default when the user uses the service with an account???
The policy stated it clearly that the user NEEDS to request the logging, in which can only be done with a user account. It means that, with or without a user account, the logging shall not be enabled without the user consent.
This is completely different from Control D’s case that its policy #3 stated it clearly what is going to be logged, and what is not.
Just to make myself clear. I HAVE NO PROBLEM WITH THE SERVICE LOGGING. I have a problem because the service violated its policy and PG still defends it despite my concerns in the PR.
I asked @jonah one last time in the PR, as I see his commit suggestion could be the final version that could be merged into the repo:
Are you sure NextDNS privacy policy number 3 refer to the usage without an account (as the logging can only be requested on a user account)?
We are not trying to cover something, are we? The service clearly violated its policy, why do we still act like nothing happened? And the last question, if this was not NextDNS, do we still recommend the service/app that violated its policy?
However, there’s no answer in sight…
I will mark this comment as a solution, as I don’t care anymore. In the end, it’s a kid game. Wishing everyone good luck, everyone.
I would take NextDNS’s privacy policy up with them. I don’t think they’re doing anything nefarious.
It seems to be a case of:
Am I missing anything? I think the commit does get that point across.
Edit: I have put in a request with NextDNS to get them to clarify, hopefully they do.
- If you use an account because you want to log what you’ve been doing then logging will exist duh
that’s a huge assumption. there are many other more important reasons why someone would create an account, namely to customise the blocklists. in my case, the only reason why you would want to turn on logs in the first place is to check what is being blocked so that something can be added in the first place. that’s not something that should be on by default (and with the location of the United States instead of somewhere more private for some reason).
added to the allowlist*
I didn’t realize the privacy policy was what was in question here, I thought it was just outdated information on our end. I’m okay with removing it until their privacy policy reflects their current defaults.
In this PR it is replaced with dns0.eu:
We desperately need to split NextDNS away from this table as noted a few months ago here anyways:
I don’t think this is particularly fair, the committed information is still accurate anyhow.
I missed that one in the backlog. We should also look at adding mention of providers which support private ECS.
Funny, I just pushed a commit to that PR which does clarify that, and I didn’t see that GitHub Issue. This PR does now address that 
Just saw the updated version of the site. If we’re removing it for this reason, why is it still there as a cloud filtering recommendation? I thought that’s exactly where the problem was regarding the privacy policy.
We’re still waiting to hear back from them.
I think to be honest we could just put a warning admonition there stating that the comment about not logging relates to non-account use of NextDNS and that if you want logging disabled you must do so when creating an account.
There is also a thread I saw on their forum Important Inaccuracy in the NextDNS privacy policy - Bug Reports - NextDNS Help Center
I think that the default-on logging is not really a big issue. With a blocking DNS resolver you actually want the logs on (say, 24h retention) so you can see what is and isn’t blocked by the service and adjust the Allow/Deny list accordingly. IMHO.
