Data Protection
Our GDPR-aligned approach to data minimization, transparency, and user rights.
Commitment
We comply with GDPR and similar regulations by limiting collection, providing clear notices, and honoring data subject rights. We design tools to work without accounts or stored identifiers.
What we process
Minimal collection
- IP address and network metadata (real time)
- Aggregated usage statistics
- Contact data when you reach out
We do not collect
- Names or account profiles
- Passwords or payment details
- Browsing history or tracking identifiers
- Biometric or sensitive categories
Legal basis
Contract performance
Processing required to deliver diagnostics you request.
Legitimate interests
Security monitoring, fraud prevention, and service improvement.
Legal obligations
Compliance with applicable laws and regulations.
Consent
Optional analytics or communications where required.
Your rights
Access and portability
Request access to your data and receive it in a portable format.
Correction and deletion
Correct inaccuracies or request deletion where applicable.
Restriction and objection
Limit processing or object to certain uses of your data.
Complaints
You may lodge a complaint with a supervisory authority.
To exercise rights, contact privacy@my-ip.me.
Security measures
Technical controls
- Encrypted transport (TLS)
- Secure infrastructure and monitoring
- Access control and auditing
Organizational controls
- Security training and policies
- Incident response procedures
- Regular reviews and audits
Retention
IP data: processed in real time, not stored.
Analytics: aggregated metrics retained up to 12 months.
Support: retained up to 30 days after resolution.
International transfers
Services may be hosted across global regions for reliability. We use providers with GDPR-aligned safeguards and contractual protections.
Data breach notification
If a personal data breach occurs, we follow GDPR timelines to notify authorities and affected users when required.