Privacy Policy

Last updated: June 11, 2026 · App: TrustPhone DNS (com.trustphone.dns)

Summary

TrustPhone DNS is a local DNS blocker. It uses Android's VPN API to process DNS queries on your device. Your DNS queries and browsing history are never sent to our servers or sold, and we do not require an account. The only data that can leave your device is optional, off-by-default crash and usage diagnostics that you control.

What TrustPhone DNS does

Intercepts DNS queries on your device via a local VPN tunnel
Matches domain names against on-device blocklists (ads, trackers, malware, phishing, and more via policy profiles)
Forwards allowed queries to your chosen DNS resolver (e.g. Cloudflare)
Stores blocked-query logs and settings only on your device

What we do NOT do

Inspect HTTPS page content
Log your browsing history to the cloud
Sell data to advertisers
Require an account
Collect analytics or crash data unless you explicitly opt in

Data stored on your device

Data	Purpose
Settings (allowlist, DNS choice)	App functionality
Blocked/allowed query log	Activity screen in the app
Per-app rules	Firewall features (Pro)

This data is held in the app's private, sandboxed storage. It is excluded from Android cloud backup. You can clear app data at any time in Android Settings.

Optional diagnostics (off by default)

TrustPhone DNS includes Google Firebase Crashlytics and Analytics. Both are disabled by default and only activate if you turn on "Share anonymous telemetry" in Privacy Center. When enabled:

Advertising ID (AAID) and SSAID collection remain disabled
We do not send DNS queries or query logs to analytics
Diagnostics are limited to crash stack traces and aggregate counts

We also use Firebase Remote Config to deliver DNS resolver and blocklist configuration. Remote Config does not transmit app-supplied personal data.

Permissions

Permission	Why
VPN	Required to filter DNS system-wide
Internet	Forward DNS to upstream resolver, update blocklists
Notifications	Show when protection is active
Boot completed	Optional auto-start

Third-party services

Upstream DNS (e.g. Cloudflare 1.1.1.1): receives DNS queries you allow through
Blocklist sources (HaGeZi, Steven Black, URLhaus, Phishing Army): downloaded and cached on device
Google Firebase (Crashlytics, Analytics, Remote Config): see Optional diagnostics above
Google Play Billing: processes Pro purchases through Google Play

Children's privacy

TrustPhone DNS is not directed at children under 13. Family/Child profiles are tools for parents and provide best-effort category filtering, not a guarantee that all unsafe content is blocked.

Contact

Privacy questions: support@trustphonedns.com

← Back to TrustPhone DNS