Privacy Policy · Lookip

1. Overview

Lookip operates https://lookip.io, the dashboard, the public lookup tools, and the IP intelligence API at api.lookip.io (collectively, the “Service”). This Privacy Policy supplements our Terms of Service and uses the same defined terms.

We try to keep this policy plain and complete. If anything is unclear, write to [email protected] and we will explain.

2. Our role

Under the EU General Data Protection Regulation, the UK GDPR, and equivalent laws, we act in two roles:

Controller — for the data we collect about you directly: your account, billing, sessions, support correspondence, and the way you use the Service.
Processor — for data you put into the Service about other people, such as the optional context payload you attach to a lookup, contacts you save, or end-user IPs you query on behalf of your own application. You remain the controller of that data and decide its purposes and means; we process it on your instructions.

California and other U.S. state laws use different terms (“business” vs “service provider”) — the substantive distinction is the same.

3. Data we collect

The table below describes what we collect and where it comes from.

Category	What it contains	Where it comes from
Account data	Name, email address, hashed password (bcrypt), email-verification status, role, account creation/update timestamps. If you sign in with Google, we also receive the basic profile fields Google shares (sub, email, name, picture).	Provided by you when you sign up or update your profile.
API key metadata	Key label, public prefix (e.g. lk_live_xxxxxxxx), a SHA-256 hash of the secret key, status (active/revoked), and timestamps including last-used time. We never store the full secret in clear text — once shown, only its hash is kept.	Generated when you create or rotate a key in the dashboard.
Billing data	Stripe customer ID, subscription ID, current plan, period anchors, cancel-at-period-end flag, payment status. Card numbers, CVCs, and bank details are collected and held by Stripe — they never reach our servers.	Collected by Stripe on our behalf when you start a paid plan.
Lookup logs	Each successful or failed lookup is logged with: the API key id, the queried IP, response status, response latency, the enrichment response, and a timestamp. We use these to render your history in the dashboard, enforce quota, support you, and detect abuse.	Created when you call the API or use the public lookup tools while signed in.
Optional context payload	If you choose to attach a context object to a lookup (e.g. userAgent, email, username, firstName, lastName, phone, address, city, region, country, postal, note, tags, extra), we store those values on the lookup record so you can see them in your history. Context is never forwarded to the upstream IP data provider.	Provided by you on a per-request basis. Entirely optional.
Contacts directory	If you save contacts to your dashboard (IP, email, username, name, phone, address, note, tags, extra JSON), we store those entries scoped to your account.	Provided by you when you create or import contacts.
Lookup data snapshots	To serve repeat lookups quickly we keep a snapshot of the upstream response for each IP we have queried recently. The snapshot is keyed by IP only and contains no information about which Lookip customer queried it.	Returned by the upstream IP intelligence provider.
Visitor IP & request metadata	When you visit lookip.io or use a public tool such as VPN check, our hosting and CDN providers receive your IP address, user agent, the URL requested, referrer, and timestamps. Bot-mitigation services may inspect these to issue a challenge.	Automatically collected at the network layer.
Cookies & local storage	A first-party httpOnly session cookie (signed JWT) when you sign in, a small theme preference cookie, and any tokens set by Cloudflare Turnstile to remember that you have passed a challenge. We do not use third-party advertising or cross-site tracking cookies.	Set by us or by Cloudflare Turnstile on visit / on login.
Communications	Email you send to [email protected] and any replies, including support and sales threads.	Provided by you when you contact us.

We do not knowingly collect special-category data (such as data revealing health, religion, sexual orientation, political opinions, biometric or genetic data) and we ask that you do not place such data into the optional context payload.

4. How we use data

Provide the Service — authenticate you, render the dashboard, generate API keys, run lookups, return enrichment data, track quota.
Bill correctly — process subscriptions, calculate overage, reconcile with Stripe, send receipts and invoices.
Keep the Service safe — rate-limit, detect and mitigate abuse, bot traffic, credential stuffing, and quota gaming.
Improve the Service — measure aggregate request volume, latency, error rates, and feature usage to guide product decisions.
Support you — respond to your emails and dashboard messages, troubleshoot, and follow up.
Comply with law — meet our legal, tax, accounting, and regulatory obligations, and respond to valid legal requests.

We do not sell personal data. We do not use the data you submit through the API (including queried IPs or context payloads) to train machine-learning models.

5. Legal bases (EEA / UK)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

Performance of a contract — to provide the Service you signed up for, and to bill you accurately.
Legitimate interests — to keep the Service secure, prevent abuse, understand how the product is used, and communicate operational changes. We balance these interests against your rights and freedoms.
Legal obligation — to retain records required by tax, accounting, and other applicable laws, and to respond to lawful requests.
Consent — where required, for example for optional analytics or for marketing emails (you can withdraw consent at any time).

6. Cookies & similar tech

We use a small number of strictly first-party cookies and similar storage:

Session cookie — an httpOnly, secure JWT cookie set after you sign in. It identifies your session and is required for authenticated routes.
Theme preference — a tiny cookie that remembers your light/dark preference so the page does not flash on load.
Cloudflare Turnstile — challenge tokens that prove a visitor is not an abusive bot. These are set on lookip.io by Cloudflare on our behalf.

We do not run third-party advertising trackers, cross-site tracking pixels, or behavioural analytics that profile you across the web. If we add an opt-in analytics tool in the future, we will update this policy and respect your preference.

7. Sharing & sub-processors

We share personal data only with vendors that help us run the Service, and only as much as they need. Each is bound by a written agreement to handle data securely and only on our instructions.

Sub-processor	Purpose	Data shared	Region
Upstream IP intelligence provider	We forward the queried IP address to a third-party data provider to obtain enrichment fields (geolocation, ASN, network classification). No Customer-supplied context is forwarded.	The queried IP address only.	United States
Stripe, Inc.	Payment processing, subscription billing, invoicing. Receives card and billing details directly from you.	Name, email, card details (held by Stripe, not us), billing address, transaction history.	United States & global
Cloudflare, Inc. (Turnstile)	Bot mitigation on public lookup tools and the login flow, to prevent abuse without using CAPTCHAs that target individuals.	IP address, user agent, challenge token, basic browser signals.	Global edge
Google LLC (Sign-in with Google)	Optional OAuth identity provider, used only if you choose to sign in with Google.	Basic profile fields released by Google (subject id, email, name, picture).	United States & global
Hosting & infrastructure providers	Run the web application, API, database, and supporting infrastructure. Process all traffic at the network layer.	All data we hold, encrypted in transit and at rest, only to the extent needed to serve requests.	United States and/or European Union, depending on deployment region

We may also disclose personal data: (a) to comply with applicable law or a valid legal request; (b) to protect the rights, property, or safety of Lookip, our customers, or others, including to prevent fraud or security incidents; (c) in connection with a merger, acquisition, financing, reorganisation, or sale of assets, in which case we will require the recipient to honour this policy. We do not sell personal data and we do not share it for cross-context behavioural advertising.

8. International transfers

The Service and its sub-processors operate globally. If you are located outside the country where our infrastructure or a sub-processor is hosted (often the United States or the European Union), your data may be transferred to and processed in those countries.

Where we transfer personal data out of the EEA, the UK, or Switzerland to a country without an adequacy decision, we rely on the European Commission's Standard Contractual Clauses (or the UK International Data Transfer Addendum / Swiss equivalent) together with supplementary measures such as encryption in transit and at rest, access controls, and limited data minimisation. You may request a copy of the relevant transfer mechanism by writing to [email protected].

9. Data retention

Account data — kept while your account is active and for up to twelve (12) months after you close it, except where a longer period is required by law (for example, tax records).
Billing records— retained for the period required by applicable tax and accounting law (typically 6–10 years).
Lookup history & context payloads — retained for the life of the API key plus a short grace period, or until you delete the lookup record or close the account. You can delete entries from the dashboard at any time.
IP data snapshots— refreshed periodically (typically every 24–72 hours) and overwritten on the next refresh.
Server & security logs — kept for up to thirty (30) days, longer when investigating an incident or where retention is required by law.
Support correspondence — kept for as long as needed to maintain the support relationship, and afterwards as a business record.

We may keep aggregated, anonymised data (such as request counts per region or per hour) indefinitely; it no longer identifies you and is not personal data.

10. Security

We take security seriously and apply the controls reasonable for a service of this size and risk profile, including:

TLS for all traffic between you and the Service.
Passwords stored using bcrypt with a per-user salt — never in clear text.
API keys stored only as a SHA-256 hash; the full key is shown to you exactly once, at creation time.
Session tokens issued as signed JWTs in httpOnly, secure cookies.
Bot mitigation through Cloudflare Turnstile on public tools.
Principle of least privilege for production access, with audit logging.
Encrypted storage for database, snapshots, and backups at the provider level.

No internet-connected service can be made fully secure. If we ever become aware of a security incident affecting your personal data, we will notify affected users and regulators as required by applicable law.

11. Your rights (EEA / UK / Switzerland)

Subject to applicable law and verification of your identity, you have the right to:

request access to your personal data and a copy of it;
request correction of inaccurate or incomplete data;
request erasure of personal data (subject to our right to keep data necessary for legal compliance, security, or to assert legal claims);
request restriction of, or object to, certain processing;
request portability of data you have provided to us in a structured format;
withdraw consent where processing is based on consent (without affecting prior processing);
lodge a complaint with your local data-protection authority — though we hope you will write to us first so we can put things right.

To exercise any of these rights, email [email protected] from the address associated with your account. We aim to respond within thirty (30) days.

12. U.S. state rights

Residents of California, Colorado, Connecticut, Virginia, Utah, and other U.S. states with comprehensive privacy laws have rights similar to those described above, including the right to know what personal information we collect, the right to delete, the right to correct, the right to opt out of the “sale” or “sharing” of personal information for targeted advertising, and the right to non-discrimination for exercising these rights.

We do not sell personal information and we do not share personal information for cross-context behavioural advertising. Submit any request to [email protected]. We may need to verify your identity before responding; an authorised agent acting on your behalf must provide proof of authorisation.

13. Children

The Service is intended for developers and operators and is not directed to children under sixteen (16). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

14. People whose IPs are queried

If your IP address has been queried through the Service by one of our customers, Lookip acts as a processoron that customer's behalf — the customer determines the purposes and means of the processing, not us. We hold a snapshot of the enrichment record indexed by IP, and we hold a log of the lookup scoped to the customer's account.

We do not have a way to look you up by your real-world identity and we do not receive your name, email, or any other personal identifier from our customers unless the customer chose to attach a context payload to a lookup. To exercise rights over that data you should contact the customer (the controller). If you cannot identify the customer, write to us at [email protected] and we will assist where we reasonably can.

15. Changes

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent revision. For material changes we will give reasonable advance notice through the Service or by email. Continued use of the Service after the change takes effect constitutes acceptance of the updated policy.

16. Contact

Privacy questions, requests, and complaints should be sent to [email protected]. If you prefer postal mail, request a postal address by email and we will provide one.