Privacy Policy
Last updated: 30 April 2026 · Applies to: www.diginterface.com
The short version: Most DigInterface tools require no account and store nothing about you. If you create an account, we store your email address and activity logs for security purposes. We don't sell your data, show you ads, or share your information with third parties. You can request deletion of your account and all associated data at any time.
1. Who We Are
DigInterface (www.diginterface.com) is a free online toolkit for IT professionals, email administrators, developers and domain owners. The site is operated by an individual developer based in Australia.
For privacy enquiries, contact us at: info@diginterface.com
This policy is governed by the Australian Privacy Act 1988 (and the Australian Privacy Principles) and, where applicable, the EU General Data Protection Regulation (GDPR).
2. What Data We Collect
2.1 Visitors using tools without an account
For all tools that do not require a login, we collect no personally identifiable information. Queries you submit (domains, IP addresses, email headers etc.) are processed in real time and are not stored. The following tools process data entirely in your browser and nothing is sent to our servers at all:
- DMARC Report Analyzer
- HAR / JSON Viewer
- HTML Editor
- Hash Calculator
- Base64 Encoder / Decoder
- Regex Tester
- Password Generator
2.2 Registered account holders
If you create a free account, we collect and store:
- Email address — used as your username and for account-related communications (verification, password reset)
- Password — stored as a one-way bcrypt hash, never in plain text
- Two-factor authentication secret — if you enable 2FA, a TOTP secret is stored encrypted
- Account activity logs — login events, tool usage, API key creation and security events, stored with timestamps and IP addresses for security purposes
- API usage logs — if you use the REST API, request logs including endpoint, target, status code and IP address are retained
2.3 Contact form
If you submit the contact form, your email address and message content are sent to us via Amazon SES. We do not store contact form submissions in our database.
2.4 Server logs
Our web server (Nginx on AWS LightSail) generates standard access logs including IP address, request path, HTTP status code and user agent. These are used for security monitoring and troubleshooting and are not linked to individual user accounts.
3. How We Use Your Data
We use the data we collect for the following purposes:
- Account management — to create and maintain your account, send verification and password reset emails
- Security — to detect suspicious activity, prevent abuse, enforce rate limits and protect the service
- Service improvement — aggregate, anonymised usage data helps us understand which tools are most useful
- Legal compliance — to comply with applicable laws and respond to lawful requests
We do not use your data for advertising, profiling, or any automated decision-making that affects you.
4. How Long We Keep It
- Account data — retained for as long as your account exists. Deleted within 30 days of account deletion.
- Account activity logs (User Events) — automatically purged after 90 days
- API usage logs — automatically purged after 20 days
- Server access logs — retained for up to 30 days then overwritten
- Contact form submissions — retained in email only, no fixed deletion schedule
5. Third Parties
We do not sell, rent or share your personal data with third parties for their own purposes. We use the following third-party services to operate the site:
- Amazon Web Services (AWS) — hosting infrastructure (LightSail) and email delivery (SES). AWS processes data in accordance with their privacy policy.
- Google reCAPTCHA — used on the contact form to prevent spam. Subject to Google's privacy policy.
- Google Analytics — we use Google Analytics to collect anonymised, aggregate traffic data (page views, referral sources). IP addresses are anonymised. You can opt out using the Google Analytics Opt-out Browser Add-on.
- bgpview.io — used by the WHOIS tool for ASN lookups. No personal data is shared; only the ASN number or IP address you submit is sent.
- ip-api.com — used by the What Is My IP tool for geolocation. Your IP address is sent to ip-api.com to resolve location data.
All third-party services are chosen with data minimisation in mind. We do not use advertising networks or data brokers.
6. Cookies and Tracking
We use a minimal number of cookies:
- Session cookie — a secure, HTTP-only cookie used to maintain your login session if you have an account. Expires when you sign out or after 7 days of inactivity.
- Google Analytics cookies — anonymised analytics only. No advertising cookies.
We do not use tracking pixels, fingerprinting, or any third-party advertising cookies. We do not display cookie consent banners because our cookie usage is limited to strictly necessary and analytics cookies only.
7. Security
We take reasonable steps to protect your data including:
- HTTPS enforced across the entire site with HSTS
- Passwords stored using bcrypt hashing
- API keys stored as hashed values, never in plain text
- Two-factor authentication available and encouraged for all accounts
- Security headers enforced at the web server level (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy)
- Rate limiting on all API endpoints
No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at info@diginterface.com.
8. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you
- Correction — request correction of inaccurate data
- Deletion — request deletion of your account and all associated personal data
- Portability — request your data in a portable format (GDPR users)
- Objection — object to processing of your data in certain circumstances
- Withdrawal of consent — where processing is based on consent, you may withdraw it at any time
You can delete your account at any time from your account settings page. For any other requests, contact us at info@diginterface.com. We will respond within 30 days.
If you are located in the EU/EEA and believe your rights have not been respected, you have the right to lodge a complaint with your local data protection authority.
9. Children
DigInterface is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the site after changes constitutes acceptance of the updated policy. For significant changes, we will notify registered users by email.
For any privacy-related questions or requests: