Legal

Privacy Policy

What we collect, why, how long we keep it, and what you can do about it. Written plainly so you don't need a lawyer to read it.

Effective date: 2026-05-27. Last updated: 2026-06-02.

TL;DR
We log basic visitor analytics — your IP, browser, the pages you visit, and any tool queries you run — for 90 days. We use it to understand how the site is used, debug problems, and spot abuse. We don't sell it, we don't share it with ad networks, and we don't build cross-site profiles. If your browser sends DNT: 1, we skip logging entirely. Some of our links are affiliate links — if you click one, the partner may set its own cookie to credit us, but we don't set advertising cookies ourselves and we don't share your activity log with them. Email contact@check.systems to access or delete your data.

What we collect

For every page view (unless your browser sends DNT: 1), we store:

  • IP address — the full address, IPv4 or IPv6.
  • User-Agent string — browser, operating system, and device type as your browser reports them.
  • Geolocation — city, region, country, and timezone, derived from your IP via ipinfo.io.
  • Network identifiers — ASN, ISP, and reverse DNS, also derived from your IP.
  • Pages and actions — which pages you visited, which tools you ran and the targets you submitted (e.g. ping example.com), and any affiliate link clicks.
  • Referrer URL — the page that linked you to us, if your browser sends one.
  • UTM parameters — campaign tags on the URL, if present.
  • Session cookie — a random hex string named cs_sid, set HttpOnly, SameSite=Lax, 30-day expiry. It ties your page views together into a session. It is not shared with anyone.

Why we collect it

  • Analytics — to see which tools and articles people actually use.
  • Debugging — to reproduce errors when something breaks.
  • Abuse prevention — to spot scraping, scanning, or attempts to weaponize our tools against third parties.
  • Product improvement — to decide what to build next based on real usage.

Under GDPR, our lawful basis is legitimate interest (Article 6(1)(f)): running and improving a free diagnostic site. We weigh this against your privacy by keeping retention short, honoring DNT, refusing to sell, and never sharing with ad networks.

How long we keep it

Visitor sessions and events are kept for 90 days. A daily cron deletes anything older. We never archive, back up, or export raw visitor logs.

Who we share it with

Nobody. No third-party analytics (no Google Analytics, no Plausible, no Fathom). No ad networks. No data brokers. No sale or rental, ever. The only people who read this data are the operators of check.systems.

Third parties your browser still touches

We don't share visitor logs with third parties, but loading our pages does cause your browser to make requests elsewhere:

  • ipinfo.io — we send your IP to them so they can return the matching city, ASN, and ISP. See ipinfo.io/privacy.
  • Google Fonts — our pages load Inter and JetBrains Mono from fonts.googleapis.com. Google sees your IP and User-Agent when the fonts are fetched.
  • jsDelivr CDN — Bootstrap CSS and JS are served from jsDelivr. Your browser connects to their CDN.
  • Affiliate partners — if you click an affiliate link, you land on a third-party site governed by their own privacy policy.

Affiliate links & advertising cookies

check.systems is free, and affiliate links help keep it that way. When an article or tool page recommends something genuinely relevant — a VPN, DNS service, domain registrar, or web host — the link may be an affiliate link. If you click it and later buy, we may earn a commission at no extra cost to you. We only recommend things we'd use ourselves, and a commission never changes our technical take. (You'll see the same disclosure in our footer.)

Exactly what happens, data-wise, when you click one:

  • We log the click — first-party, as described above (which offer, which page). That's our own analytics; it is not shared with the partner.
  • You're sent through our /go/<partner> redirector to the partner or their affiliate network.
  • The partner or network may set its own cookie, on its own domain, to credit check.systems if you make a purchase. That cookie is set by them, not by us — and only when you actively click, never just from viewing our pages.

We work with affiliate partners both directly and through third-party affiliate networks. In every case the cookie is set by that partner or network on their domain, and their privacy policy governs it — you can review it on the destination site you're sent to. We don't disclose your identity to them.

What we don't do: we don't embed third-party advertising or tracking pixels in our pages, we don't run display ads, and we don't share our visitor logs with these partners. No affiliate cookie is set unless you click an affiliate link.

Opting out. Simply don't click affiliate links — nothing affiliate-related is set otherwise. You can also block or clear third-party cookies using your browser's controls to manage anything a partner sets after a click.

Your rights

Do Not Track. If your browser sends the DNT: 1 header, we skip the visitor log entirely. No session row, no event row, no cookie. The site still works.

California residents (CCPA / CPRA). You have the right to know what we've collected about you, to request deletion, and to not be discriminated against for exercising these rights. We do not sell personal information, so there is no "Do Not Sell" toggle to set — the answer is already no. We respond to verifiable requests within 45 days. To identify your data, send us the approximate timestamps and IP address you used.

EU / UK residents (GDPR). You have the right of access, rectification, erasure, restriction, and to object to processing based on legitimate interest. You may also lodge a complaint with your local data protection authority. We respond within 30 days. Our lawful basis is legitimate interest, weighed against the safeguards above.

How to exercise any of these. Email contact@check.systems with what you'd like (access, deletion, correction) and enough information for us to find your records (IP address, approximate dates).

Cookies and local storage

The complete list of state we store in your browser:

  • cs-themelocalStorage entry remembering your light/dark mode choice. Never sent to our server.
  • cs_sid — HttpOnly cookie, SameSite=Lax, 30-day expiry. A random 32-character hex string that groups your page views into a session. Skipped entirely if you send DNT: 1.

No tracking or advertising cookies are set by us. The only third-party cookies that may be involved are those an affiliate partner or network sets on their own domain when you click an affiliate link — see Affiliate links & advertising cookies above.

Changes to this policy

If we change what we collect, why, how long we keep it, or who we share it with, we'll update this page and add a dated entry below. Substantial changes will be flagged on the homepage for at least 14 days.

Changelog

  • 2026-06-02 — Added an "Affiliate links & advertising cookies" section: discloses affiliate links, the /go/<partner> redirector, and that affiliate partners/networks may set their own cookies on click-through. Clarified the cookies section accordingly. No change to what we log or share.
  • 2026-05-27 — Initial publication. Replaces previous policy. Discloses 90-day visitor analytics logging (IP, UA, pages, tool queries), introduces cs_sid session cookie, consolidates CCPA and GDPR sections from california-privacy.php and europe-disclosure.php, documents DNT honoring.

Contact

Privacy questions, access requests, deletion requests, or anything else: contact@check.systems.