Privacy Policy

Last updated: 10 January 2026

ResCDN Ltd. ("ResCDN", "we", "us") operates a content delivery network accessible at rescdn.io. This policy explains what data we collect, why, and how long we keep it.

1. Data we collect

Access logs

When an asset is served through our network, we record:

• IP address of the requesting client
• Timestamp of the request
• URL path requested
• HTTP method and response code
• User-Agent header
• Referer header (if present)
• Bytes transferred

This is standard infrastructure logging used to operate the network, diagnose faults, and detect abuse.

Account data

If you create an account, we collect your email address, billing information (processed by Stripe), and API key usage records.

2. Why we collect it

Our legal basis under UK GDPR and EU GDPR is legitimate interests (Art. 6(1)(f)) for access logs — operating a CDN inherently requires logging requests. For account data the basis is contract performance (Art. 6(1)(b)).

3. Retention

Data type	Retention
Access logs	90 days, then deleted
Account records	Duration of account + 6 years (tax)
Billing records	7 years (legal requirement)

4. Sharing

We do not sell personal data. We share data only with:

• Infrastructure providers — servers operated by Hetzner, Vultr, and DigitalOcean under DPA agreements
• Payment processor — Stripe, for billing (their privacy policy applies)
• Law enforcement — where required by valid legal process

5. Your rights

Under UK/EU GDPR you have the right to access, correct, erase, or restrict processing of your personal data. Email privacy@rescdn.io to exercise any right. We respond within 30 days.

6. Cookies

Our marketing site does not use tracking cookies. We use one session cookie for dashboard authentication only.

7. Contact

ResCDN Ltd., Data Controller
Email: privacy@rescdn.io