Privacy Policy

Last updated: April 16, 2026 — We respect your privacy.

Last updated: April 2025

TrustMonitor ("we", "our", or "us") operates the domain safety checking service at trustmonitor.io. This Privacy Policy explains what information we collect, why we collect it, and what rights you have over it. We have written it in plain language — no legal jargon where plain language works just as well.

1. What We Collect

Domain Names You Check

When you run a domain check, we store the domain name and its check results in our database so we can serve cached results to future visitors quickly. Domain names are not personal information — they are public internet identifiers.

IP Addresses (Rate Limiting Only)

We record your IP address temporarily to enforce usage rate limits and protect the service from automated abuse. IP address logs are not linked to check results, are not stored in profiles, and are automatically purged after 30 days.

Contact Form Submissions

If you contact us through our contact form, we receive your name, email address, and message. This data is used only to respond to your inquiry and is never sold, rented, or shared with advertising networks.

Cookies

We use a small number of functional cookies:

  • Session cookie — used only by the admin panel to keep administrators logged in during a browser session. Not set for regular visitors.
  • Consent cookie (tm_privacy_ok) — records that you have seen and dismissed our privacy notice. Expires after 24 hours.

We do not use advertising cookies, tracking pixels, or any third-party cookie networks for visitor profiling.

2. What We Do Not Collect

  • Your name, email address, or any personal identifier — unless you voluntarily provide it via the contact form
  • Browser fingerprints or device identifiers
  • Payment information of any kind (the service is free)
  • Location data beyond the broad region implied by your IP address
  • Social media profile data

3. Third-Party Services We Query

To perform domain checks, our server queries external data sources on your behalf. Your IP address is not shared with these services — only the domain name being checked is sent:

  • VirusTotal — malware and phishing intelligence. Privacy policy →
  • Google Safe Browsing API — web threat detection. Privacy policy →
  • Google PageSpeed Insights — page performance data. Privacy policy →
  • ipinfo.io — IP geolocation for hosting location lookup
  • crt.sh — SSL certificate transparency logs
  • Wayback Machine (archive.org) — historical web archive data
  • RDAP / WHOIS registries — domain registration information

If Google Analytics is configured by the site administrator, Google may also collect analytics data about your visit. Refer to Google's Privacy Policy for details.

4. How We Use Your Information

  • To run domain safety checks and return results to you
  • To cache results and improve response speed for all users
  • To enforce rate limits and prevent automated abuse of the service
  • To respond to contact form inquiries
  • To maintain, improve, and protect the service

We do not sell your data. We do not share it with advertisers. We do not build behavioral profiles of our visitors.

5. Data Retention

Data TypeRetention Period
Domain check resultsIndefinitely (public internet data, not personal data)
IP rate-limit logs30 days, then automatically deleted
Contact form messagesUntil your inquiry is resolved, then deleted on request
Consent cookie24 hours (browser-side only, no server record)

6. Your Rights

Depending on where you are located (EU/EEA under GDPR, UK, California under CCPA), you may have rights to access, correct, or delete personal data we hold. Because we collect very little personal information, your practical options are:

  • Contact form data — email us to request deletion of any message you have submitted
  • IP logs — automatically purged within 30 days; we cannot identify specific log entries without your IP address at time of request

To exercise any right, email us at privacy@trustmonitor.io. We will respond within 30 days.

7. Security

All traffic is encrypted over HTTPS. Our infrastructure uses standard server hardening, firewall rules, and access controls. No internet-connected system is perfectly secure — if you discover a security vulnerability, please disclose it responsibly by emailing us before making it public.

8. Children

TrustMonitor is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has submitted personal data to us, please contact us immediately and we will delete it.

9. Changes to This Policy

When we make material changes to this policy, we will update the "Last updated" date at the top of this page. Continued use of the service after changes are posted constitutes your acceptance of the updated policy.

10. Contact

Questions or requests regarding this policy:
Contact form  |  privacy@trustmonitor.io

Questions about this policy?

Contact Us