privacy / proxycheck.io

What spam should I expect from you once I hand over my email address?

Hopefully none of the emails we send you will be considered spam but to keep you in complete control we have provided five email preferences within the customer dashboard which allow you to specify the kinds of emails we can send you (Account related, Query overage notices, Upcoming payment notices, Downtime and New Features/Changes) and by default only one of those is ticked which is "Important emails related only to my account".

That setting toggle means we'll only send you an email if your paid plan is coming to an end or you go over your daily query allowance for five days consecutively. We limit those query exhausted emails to one per month maximum.

On top of these emails there are some you cannot turn off for security reasons. Those include the emails we send you after you change your two-factor settings, email address, API Key or Password. We also send you an email when you subscribe to a paid plan.

Do you store cookies in my browser when I visit your website and if so what are they for?

We do store a few cookies when you visit our website and we've detailed them all below.

  • Cloudflare Cookie: This is placed in your browser once you've been verified by Cloudflare as not a threat to our website.
  • Matomo Analytic Cookies: We self-host an analytic service which allows us to track which pages on our website our visitors are using and for how long, where our visitors are coming from elsewhere on the web and the performance of our paid advertisements. This data is stored solely on our own servers and we do not use or share analytical data from Matomo with third parties.
  • Dashboard Cookies: If you login to the dashboard we store a session token to maintain your login with the site.
  • Tawk.to Cookies: For our customer live support chat to function. (only served from the Contact Us page)
  • Stripe Cookies: Stripe (our payment processor) may put a cookie in your browser while you browse our site to help reduce fraud.
  • Google Ad Cookies: If you came to our website from a Google Ad, you will have a cookie placed in your browser so we can track conversions (how many clicks on our ads resulted in a sale).
  • Microsoft Ad Cookies: If you came to our website from a Microsoft Ad, you will have a cookie placed in your browser so we can track conversions (how many clicks on our ads resulted in a sale)
  • Cookie Accept Cookie: When you click the Cookie Accept button at the top of our pages a cookie is stored in your browser so that the message won't re-appear.

As most businesses do, we advertise our services through both Google and Microsoft. This means sometimes visitors to our website will come to us by having clicked on an advertisment we paid to be shown across either the Google or Microsoft ad networks. To make sure that our advertisements are effective and leading to sales we track what is known as conversions. Meaning how many clicks on our ads result in sales.

As part of this if you visit our website from an Ad, we will place a Cookie in your browser and track each and every time you make a sale so that we can determine if our advertisements are working and how much value they're providing us.

When performing this tracking, code from either Google or Microsoft will run as you perform a purchase, but this code will only be served to you if you came to us from one of these advertising platforms and only the relevent conversion tracking code will be served to you. Below we've included a detail of these cookies.

Your purchases will only be tracked in our self-hosted Matomo and not shared with third parties.

Your purchases will be tracked by us in our self-hosted Matomo and by Googles advertising platform.

Your purchases will be tracked by us in our self-hosted Matomo and by Microsofts advertising platform.

When we track your purchases in the way noted above only the amount you spent and the amount of times you spent it is shared with the noted systems. Your financial information and which package you purchased from us is not shared.

If I use your disposable email detection feature what happens to the emails I send you?

If the email you send us is considered by us to be disposable (and shown as such on our API) then it's logged in only one place which is your accounts positive detection log. We do not store these anywhere else and we do not access your positive detection logs at any time.

If the email you send us is considered to not be disposable (aka we think it's normal email address) then we do not store it anywhere and we perform no processing on that email of any kind. That means no saving, no logging, nothing. We do not act upon this data in any way.

When we perform checking on emails we only check the part after the @, the top level domain part. Which means you can send us a randomised first portion of the email for example instead of sending [email protected] you could send [email protected] - It's completely up to you, we do not save the emails you send us, it's simply not needed for this feature to function.

What information do you collect and store when I sign up for your service?

To ensure your privacy we collect only your email address to facilitate sending you an API Key and to send you important notices relating to your usage of our service. You are free to use any email address. If you do not use an API Key then we only store your IP Address so that our software can record how many queries you have made upto the allowed 100 per day.

If you have an API Key we store your querying IP for a maximum of 24 hours to help us track free account abusers. If you purchase a paid subscription we ask for your name and address but those are only stored with Stripe (our payment processor) and are not stored on our own servers.

You may want to look at our GDPR Compliance page which goes into more detail about what we store and where we store it.

Do you collect or store any usage/stats information relating to my account?

We record how many queries you perform with your API Key if you have one, if you do not have an API Key, we record these stats with your IP Address. We also store a list of your positive detections if you're an API key holder, this list is accessible within your dashboard. We also store for around 5 minutes the negative detections made by our API, we then run these through our machine learning engine to find more proxies to block, only proxies found this way are stored long term with the rest of the data being discarded.

What information is stored when I stop using your service?

If you have an API Key then the number of queries you made will be stored forever. In addition to that the positive detections you made will be stored for 12 months and then deleted. If you do not have an API Key and you're using the 100 free queries per day that don't need an API Key then we only store the amount of queries you made over the previous 24 hours along with your querying IP Address.

You can select within the customer dashboard to close your account and have all held information related to you erased.

What is a warrant canary and why do you have one?

A warrant canary is a piece of information we publish before we receive any kind of warrant or court order to hand over user information. If at any time we were to receive such valid warrants or court orders we would remove the warrant canary warning you that our service is no longer safe for your data. You can view our warrant canary here: https://proxycheck.io/canary.txt

Who do you share my data with?
  • Your email address is shared with Amazon who are our mail carrier, this relationship does not give them the permission to use, resell or share your email address with anyone. They are only allowed to forward mails directly from us to you.
  • If you signup for a paid plan your email address and billing information are shared with Stripe who are our bank card processor. This relationship does not give them the permission to use, resell or share any of your information.

Apart from these two relationships we don't share your information with any other entity.

If my account is protected by a password how is my password stored?

When you protect your account with a password we hash it using bcrypt. This means a unique hash is stored by us and not your password itself. These hashes cannot be reversed back into your password and to further complicate attacks we supply a unique salt to your password prior to hashing. In real terms it means we follow industry best practices and your password is still safe in the event our database is breached.


Back
Last update: 27th of February 2022
27th of February 2022
A new cookie was added which details how we now track conversions for our Google Ads. If you did not come to our website via a Google Ad then no third-party conversion tracking will be performed and the Google conversion tracking Javascript will not even be served to you. A new cookie was added which details how we now track conversions for our Microsoft Ads. If you did not come to our website via a Microsoft Ad then no third-party conversion tracking will be performed and the Microsoft conversion tracking Javascript will not even be served to you. A new advertising cookie section was added giving more detail to how we track advertising conversions.
15th of February 2022
A new section regarding what happens to the emails you send us to check when utilising our disposable email feature was added.
6th of December 2021
The section regarding our tawk.to cookie use was changed as we now only serve the tawk.to chat software through our contact page. Thus you will not have this cookie set when you access any of our pages except the contact us page.
7th of October 2021
The section regarding how long your data is stored and how to erase it has been altered because you can now erase the data yourself from within the dashboard as opposed to needing to contact our support to do this.
18th of April 2021
The section regarding our cookie use was reworded, specifically the Matomo section to further clarify that we don't acquire or share our analytical data with any third parties, this has always been the case but it wasn't specifically detailed on the page until now.
13th of March 2021
The section regarding what data we store about you when you stop using the service was updated to clarify that we don't hold your positive detections forever and they are in-fact deleted after 12 months.
15th of January 2021
A new entry within the Cookie section was added for Stripe (our payment processor) which may place a cookie in your browser to help us reduce payment fraud.
19th of July 2020
A reference to Mailgun in the document was changed to Amazon as we have switched email carriers from Mailgun to Amazon.
4th of April 2019
The section about what information we store when you use our service was updated to state we now ask for your name and address when making a paid purchase but this information is stored exclusively with Stripe our payment processor.
1st of November 2018
The list of email toggles in the first privacy section was updated to replace the "promotional emails" toggle with the "Upcoming payment notice" toggle. We never sent any promotional emails so we have sunsetted that setting.
29th of October 2018
The privacy policy was updated to include instructions on how to have us delete all held information about you. The "Who do you share my data with?" section was updated to include information about our relationships with Mailgun and Stripe. Reworded the very top paragraph about email spam to be more clear. Altered the name of our self-hosted analytic service from Piwik to Matomo as the project has changed names.
7th of June 2018
Wording on the top entry "What spam should I expect from you" was updated to say we now offer five email preferences within the dashboard instead of four.
24th of April 2018
Added a new section regarding our use of browser cookies.
17th of February 2018
Added a link to our GDPR Compliance page under "What information do you collect and store"
14th of October 2017
The second point was expanded as we now do store registered users querying IP Addressees for 24 hours since their most recent query.