Privacy Policy - DNS Checker (CHKR)

1. Introduction

Welcome to DNS Checker (CHKR). Your privacy is taken seriously and protecting your personal data is a priority. This privacy policy explains how data is handled when you visit this website and informs you about your privacy rights and how the law protects you.

2. Contact Information

For any privacy-related inquiries, you can reach DNSChkr at:

General inquiries: [email protected]
Administrative matters: [email protected]
DMCA requests: [email protected]

3. Information Collection

DNSChkr's DNS checking tools process data locally in your browser. Personal information is not collected without your knowledge. Standard server logs are maintained containing:

IP addresses
Browser type and version
Operating system information
Timestamp of visits
Pages visited

This information is used solely for security purposes and improving service quality. Server logs are retained for a maximum of 90 days and are then automatically deleted. Logs are not shared with third parties except where required by law or to respond to verified abuse reports.

4. How Each Tool Handles Your Data

When you use any DNSChkr tool, your query is processed in real-time and the results are returned directly to your browser. Your individual tool usage is not tracked, sold, or shared — DNSChkr does not record which users looked up which domains or IP addresses, and no query logs linking your identity to specific lookups are maintained.

Important distinction: DNSChkr independently maintains databases of publicly available domain, DNS, WHOIS, and IP data (see Section 5). This data exists regardless of whether anyone uses the tools and may be made available as bulk data products or downloads. If you look up microsoft.com using a DNSChkr tool, the fact that you looked it up is not recorded or sold. However, microsoft.com's publicly available DNS records, WHOIS data, and related infrastructure information may already exist in DNSChkr's databases and may be included in data products derived from public sources.

Below is a breakdown of how each tool category handles data:

Community Scans

Many DNSChkr tools display a "Recent Community Scans" section showing domains or IP addresses recently checked by all visitors. This feature may be enabled on any tool across the platform, including DNS, WHOIS, security, email, and network tools.

When a community scan entry is created, only the domain name or IP address, its scan result or score, and a timestamp are recorded. No personally identifiable information is stored alongside the entry — there is no record of who ran the scan, their IP address, account, or any other identifier
Community scan entries are publicly visible to other visitors of the tool
Opt-out: Where community scans are available, each tool provides an option to hide your scan from the community list before submitting. When you choose to opt out, no community scan entry is created for that query
Removal requests: If a domain or IP address you control appears in community scan results and you would like it removed, contact [email protected]. DNSChkr also maintains an internal blocklist to prevent specific domains or IP addresses from appearing in community scan results on an ongoing basis

DNS & Domain Tools

DNS Inspector, DNS Propagation Checker, Domain Age Checker, Domain Expiry Checker, WHOIS Lookup, Reverse WHOIS, Bulk WHOIS, Domain Availability

Queries are forwarded to upstream DNS servers, RDAP/WHOIS servers, or internal databases in real-time
The DNS Inspector may cache resolved DNS records for a short period (up to 5 minutes) to reduce load on upstream servers. This cache is in-memory and is automatically cleared
Apart from community scan entries (see above), no permanent record of your individual queries is stored. Query history is not logged to any database

Email Tools

Email Tester, MX Record Lookup, SPF Record Checker, DKIM Record Checker, DMARC Record Checker, SMTP Diagnostics, Email Header Analyzer

DNS record lookups (MX, TXT, CNAME) are performed in real-time against public DNS servers
SMTP connection tests connect to the target mail server, perform a handshake, and immediately disconnect. No emails are sent or received
Email headers submitted for analysis are processed entirely in real-time. Headers are not stored on any server after the response is returned

Security & Network Tools

IP Address Lookup, Port Scanner, Blacklist Checker, Website Reputation Checker, HTTP Security Headers, HTTP Header Checker, Redirect Checker

IP lookups query internal geolocation databases and public threat intelligence feeds. The IP you look up is not logged
Port scans connect to the target host on specified ports and immediately report the result. No scan results are saved
Blacklist and reputation checks query public DNS-based blocklists (DNSBLs) and threat feeds in real-time. Results are not stored
HTTP header and redirect checks make a standard HTTP request to the target URL, return the response headers or redirect chain, and discard the data

Other Tools

Robots.txt Checker, Expiring Domains

The robots.txt checker fetches and parses the target site's robots.txt file in real-time. The fetched file is not stored
Expiring domains data is derived from publicly available WHOIS records and is not based on user queries

5. Publicly Available Infrastructure Data

As a DNS and domain intelligence platform, DNSChkr maintains databases of publicly available internet infrastructure data. This includes information sourced from:

Public TLD zone files (containing registered domain names and their name server records)
Public WHOIS and RDAP records (containing domain registration details as published by registries and registrars)
Public IP address allocation data from Regional Internet Registries (ARIN, RIPE, APNIC, LACNIC, AFRINIC)
Public DNS records (A, AAAA, MX, NS, TXT) as they appear in the global DNS system

This data is publicly accessible to anyone querying DNS servers, WHOIS/RDAP services, or zone file access programs. DNSChkr aggregates and indexes this data to power its tools, TLD directory, rankings, and analytics. If your domain or IP address appears in DNSChkr's databases, it is because that information is part of the public internet infrastructure record, not because you used any DNSChkr tool.

DNSChkr may also make this publicly sourced data available as bulk data products, downloads, or through its API. These data products contain only information already available through public sources — they do not contain any user-specific data, tool usage records, or information about who queried what.

If you believe any publicly sourced data displayed on DNSChkr is inaccurate or you wish to request its review, contact [email protected].

6. Rate Limiting and Abuse Prevention

To prevent abuse and ensure fair access to the tools, DNSChkr uses rate limiting based on IP addresses:

Anonymous visitors: Your IP address is used to track daily usage against a per-IP credit limit. This tracking is done in server memory (not written to a database) and resets every 24 hours. The IP address is not stored permanently or associated with any other data
Registered users: Rate limiting is tracked against your user account rather than your IP address. Usage counts are stored in your account's credit balance record (see Section 7 below)
API users: API key usage is tracked in server memory against daily rate limits tied to your subscription tier. These counters reset at midnight UTC each day

In all cases, rate limiting data is used solely for access control and abuse prevention. IP addresses used for anonymous rate limiting are held in volatile server memory and are lost when the server restarts or when the 24-hour window expires.

7. User Accounts and Authentication

When you create an account on DNSChkr, the following information is collected and stored:

Account Data

Email address — used for authentication (magic link sign-in) and account communications
Display name — optional, set by you for personalization
Avatar URL — optional, if you choose to upload a profile image

Credit and Billing Data

Credit balance — your daily and monthly credit usage, reset dates, and bonus credits
Credit transactions — an audit log of credit usage, refunds, and top-ups (recording the tool operation, amount, and timestamp)
Subscription tier — which plan you are on (free, starter, plus, or pro)
Payment data — if you subscribe to a paid plan, payment processing is handled by a third-party payment processor (currently Stripe). DNSChkr stores a reference to your payment account for subscription management but does not store credit card numbers, bank details, or other payment credentials

API Keys

If you generate API keys for programmatic access, the key identifier and associated permissions are stored in your account. API keys can be revoked at any time from your account dashboard.

Data Security

Account data is stored securely with encryption at rest and in transit. Authentication sessions are managed using industry-standard token-based authentication. Access controls ensure that each user can only access their own data.

Account Deletion

You may request deletion of your account by contacting [email protected]. Upon deletion, your profile, credit balance, and any API keys are removed. Certain records such as payment transaction history may be retained as required for accounting, tax, or legal compliance obligations.

8. Data Retention Summary

The following table summarizes how long different categories of data are retained:

Data Type	Retention Period	Notes
Server logs (IP, user agent, pages)	90 days	Automatically deleted after retention period
Tool query data	Not stored	Processed in real-time and discarded
DNS cache (DNS Inspector)	Up to 5 minutes	In-memory only, automatically cleared
Anonymous rate-limit counters	24 hours	In-memory only, lost on server restart
Community scan entries	30 days	Domain/IP and result only — no user identifiers
Account data (email, preferences)	Until account deletion	Deleted upon request
Credit transaction history	Until account deletion	Deleted with account, except as required by law
Payment records (Stripe references)	7 years after last transaction	Retained for tax and legal compliance
Public infrastructure data (DNS, WHOIS)	Indefinite	Publicly sourced data, not tied to users

9. Security Practices

DNSChkr implements the following security measures to protect data:

Encryption in transit — all connections use HTTPS with TLS 1.2+ enforced. HTTP Strict Transport Security (HSTS) is enabled
Encryption at rest — account data and databases are stored on encrypted volumes
Authentication — passwordless magic-link authentication reduces credential-based attack vectors. Sessions use signed, httpOnly tokens
Email authentication — all outbound emails are authenticated using DKIM (RSA 2048-bit), SPF, and a DMARC policy set to reject
Access control — API endpoints are protected by key-based authentication with per-tier rate limits. User data is isolated per account
Infrastructure — services are distributed across multiple providers (Hetzner EU, AWS US) with Cloudflare providing DDoS protection, WAF, and CDN
Monitoring — server health, error rates, and suspicious activity are monitored continuously

DNSChkr does not hold SOC 2, ISO 27001, or similar formal certifications. As an independent project, these certifications are not currently pursued. If your organization requires certified vendors, evaluate whether DNSChkr's security practices meet your requirements before submitting sensitive data. For security-related inquiries, contact [email protected].

10. Cookies and Local Storage

DNSChkr uses the following cookies and local storage:

Authentication cookies (functional, always active) — session tokens that keep you signed in. These are essential for account functionality and cannot be opted out of while signed in
Cookie consent preference (functional) — stored in localStorage to remember whether you accepted or declined analytics cookies
Theme preference (functional) — stored in localStorage to remember your light/dark mode choice
Google Analytics cookies (analytics, consent required for EU visitors) — _ga and _ga_* cookies used to understand site usage patterns. These are only set after consent for visitors in the EEA, UK, and Switzerland. Non-EU visitors may have these set by default

DNSChkr does not use advertising cookies, social media tracking pixels, or any third-party cookies beyond Google Analytics.

11. Third-Party Services

Third-party services may be used for:

Analytics
Performance monitoring
Security measures

These services may collect anonymous usage data subject to their own privacy policies.

12. Email Communications

When you create an account on DNSChkr, emails related to your use of the service may be sent. These communications fall into two categories:

Transactional Emails

These are essential emails required for the operation of your account and cannot be opted out of while your account is active. They include:

Authentication emails (magic link sign-in, email verification)
Password reset confirmations
Account security alerts (e.g., sign-in from a new device)
Service notifications directly related to your account or monitored resources

Marketing Emails

With your consent, optional marketing communications may be sent, including product updates, new feature announcements, and DNS industry insights. You may opt out of marketing emails at any time by:

Clicking the unsubscribe link included in every marketing email
Updating your email preferences in your account dashboard
Emailing [email protected]

All unsubscribe requests are honored promptly. Opting out of marketing emails will not affect your receipt of transactional emails. DNSChkr does not sell, rent, or share your email address with third parties for their marketing purposes.

13. Affiliate Programs and Advertising

DNSChkr participates in affiliate advertising programs, including those operated by Impact (impact.com) and CJ Affiliate (Commission Junction). These programs allow DNSChkr to earn commissions by linking to third-party products and services.

When you click an affiliate link on this site, affiliate partners may:

Place cookies on your device to track referrals and attribute qualifying purchases
Collect information such as your IP address, browser type, and referring URL
Use tracking pixels or similar technologies to measure advertising effectiveness

These affiliate cookies are set by the respective affiliate networks and are governed by their privacy policies. DNSChkr does not have access to or control over the data collected by these third-party cookies. You can opt out of affiliate tracking by adjusting your browser cookie settings or using your browser's private/incognito mode.

For full details on affiliate relationships, please see the Affiliate Disclosure.

14. Business Transfers

If DNSChkr is acquired, merged, or sold — in whole or in part — user account data (such as email addresses, subscription details, and credit balances) may be transferred to the acquiring party as part of the transaction. In such an event, affected users will be notified via email or a prominent notice on the site, and this privacy policy will be updated to reflect any changes in data handling practices under the new ownership.

15. Updates to This Policy

This privacy policy reflects DNSChkr's current data handling practices as of the "Last updated" date shown at the top of this page. As the platform evolves, data practices may change. If DNSChkr begins collecting, storing, or processing data in ways not described here, this policy will be updated accordingly before those changes take effect. Any material changes will be posted on this page with an updated revision date. Continued use of the service after such changes constitutes acceptance of the updated policy.

16. Your Rights (General)

You have the right to:

Access your personal data
Request correction of your personal data
Request deletion of your personal data
Object to processing of your personal data
Request restriction of processing your personal data

17. GDPR (European Economic Area & UK)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and UK GDPR apply to how DNSChkr processes your personal data.

Lawful Basis for Processing

DNSChkr processes personal data under the following lawful bases:

Legitimate interest (Article 6(1)(f)) — for server logs, security monitoring, and service improvement
Consent (Article 6(1)(a)) — for analytics cookies (Google Analytics). EU visitors are shown a cookie consent banner; analytics cookies are not set until consent is given
Contract performance (Article 6(1)(b)) — for account-related processing (authentication, credit management) when you create an account

Your GDPR Rights

In addition to the general rights listed above, EEA and UK residents have the right to:

Data portability — receive your personal data in a structured, machine-readable format
Right to erasure — request deletion of your personal data ("right to be forgotten")
Withdraw consent — withdraw consent for analytics cookies at any time by clearing your browser cookies or using your browser's cookie settings
Lodge a complaint — file a complaint with your local data protection authority (e.g., the ICO in the UK, CNIL in France, BfDI in Germany)

Data Controller

The data controller for DNSChkr is Ishan Karunaratne. For any GDPR-related requests, contact [email protected]. Requests will be responded to within 30 days as required by GDPR Article 12(3).

International Data Transfers

DNSChkr's servers are located in the United States and the European Union (Germany, Finland). When data is processed on US-based servers, it is limited to standard server logs and real-time tool query processing. No personal data is stored beyond standard log retention periods.

18. CCPA / CPRA (California)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides additional rights regarding your personal information.

Categories of Personal Information Collected

Identifiers — IP addresses (via server logs), email addresses (if you create an account)
Internet activity — pages visited, browser type, referring URLs (via server logs and Google Analytics)

Your CCPA Rights

Right to know — request what personal information is collected and how it is used
Right to delete — request deletion of personal information
Right to opt-out of sale — DNSChkr does not sell personal information to third parties
Right to non-discrimination — exercising your rights will not result in different pricing or service quality

To exercise any of these rights, contact [email protected]. Requests will be verified and responded to within 45 days as required by the CCPA.

Do Not Sell or Share My Personal Information

DNSChkr does not sell or share personal information as defined by the CCPA/CPRA. No personal data is sold to data brokers, advertisers, or other third parties.