Privacy policy

What we log

The detection API and the dashboard emit standard web-server access logs containing: your source IP, the URL path, the HTTP method, a timestamp, the user-agent string, and the numeric HTTP status code. Logs rotate automatically every 10 MB and only the most recent 10 rotations are retained. Nothing is kept longer than approximately 7 days under normal traffic.

What we do not do

• • No tracking cookies are set on iplogs.com.
• • No third-party analytics (no Google Analytics, no Plausible, no PostHog).
• • No advertising, no affiliate links, no trackers.
• • No persistent database of individual IP lookups.
• • No sharing of request data with third parties.
• • No email collection, no user accounts, no session tracking.

Outbound data

When you request a detection verdict, the engine may consult third-party data sources for the target IP: MaxMind GeoLite2 (local database, no network call), ip-api.com (fallback geolocation), check.torproject.org (Tor exit list, fetched server-side, hourly), and api.mullvad.net (Mullvad relay list, fetched server-side, every 6 hours). Your IP is not forwarded to any third party as part of the detection pipeline — only the target IP is looked up.

GDPR & CCPA

IP addresses are considered personal data under the GDPR. IPLogs processes IP addresses only for the purpose of serving the user-requested detection verdict and for abuse rate- limiting, under the GDPR lawful basis of legitimate interest (Article 6(1)(f)). We do not sell data under CCPA. To request deletion of log data matching a specific IP address, email admin@iplogs.com.

Changes

Material changes to this policy will be announced on the GitHub repository and the "Last updated" date above will be bumped.