Privacy Policy

This privacy policy informs you about the type, scope, and purpose of the processing of personal data on our website. We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

When accessing our website, information of a general nature is automatically collected in server log files. This information includes:

• IP address of the requesting computer
• Date and time of access
• Name and URL of the retrieved file
• Amount of data transferred
• Referrer URL (the previously visited page)
• Browser used and operating system

Hosting Provider:

Our website and the associated databases are hosted on servers of Hetzner Online GmbH in Germany. The collection of these log files serves exclusively for secure operation, error diagnosis, and protection against abuse (e.g., DDoS attacks). The legal basis for this is our legitimate interest in the security and functionality of our service.

Many of our utility tools (e.g. Base64 converter, Password generator, CSR generator, JSON formatter) process your input entirely locally in your browser's memory.

This means: file contents, certificate keys, passwords, or text to be formatted remain on your device and are not transmitted to our servers or third parties. Exceptions (e.g. JNDI nameserver traces or processing services like Bcrypt) are explicitly marked in the respective tools and process data only transiently without permanent storage.

When you create a user account to monitor your own domains or upload private runbooks, we process the following data:

• Your email address and a cryptographically secure password (hashed)
• Registered domains and measurement results (audits)
• Your own Markdown runbooks (for your private knowledge base in your workspace)

This data remains isolated in your tenant workspace (tenant isolation) and is inaccessible to other users or workspaces. When deleting a domain or your account, all associated scan data and uploaded documents are immediately removed from the database and vector store.

When you request the free AI report, you provide your email address and actively consent (without a pre-checked box) to this privacy policy. As proof of consent, we save the consent text, the time, and technical metadata (IP address, user agent). The legal basis is your consent (Art. 6 para. 1 lit. a GDPR).

We use a double opt-in procedure: After the request, you will receive a confirmation email with a link. Only after clicking this link is your consent confirmed and your email address transmitted to our email marketing service provider (ActiveCampaign) to send the report and related information. Before confirmation, no transmission to third parties takes place.

You can revoke your consent at any time with effect for the future, e.g. via the unsubscribe link in any email or by message to us. After revocation or deletion, your lead data will be removed from our database.

We largely do not use tracking cookies. We use the local storage of your browser (LocalStorage) exclusively for technical preferences such as:

• Choice of theme (Dark/Light mode)
• Session token for authentication (JWT)
• Activation status of the AI Explain Panel