Privacy Policy

Account data. When you create an account, we collect your email address and a hashed version of your password. We do not store your password in plaintext.

API usage data. We log every request made with your API key, including a timestamp, the IP address you looked up, and the HTTP response code. We use this to calculate your monthly usage for billing and to display your usage history in the dashboard.

Your own IP address. When you access the tracenow website or make API calls, our servers receive your IP address as part of normal HTTP traffic. We do not store this separately beyond standard server access logs, which are retained for 30 days.

Payment data. If you provide a payment method, billing details are processed and stored by our payment processor. tracenow does not store raw card numbers or full payment credentials.

We use the data we collect to:

• Authenticate you and manage your account.
• Track API usage and calculate monthly invoices accurately.
• Detect abuse, rate limit violations, and security threats.
• Send transactional emails — account confirmation, invoices, important service changes. We do not send marketing email unless you opt in.
• Improve reliability and performance of the API.

We do not sell your data. We do not share your email address or account information with third parties for advertising purposes.

When your application calls the tracenow API to look up an IP address, we log that request for billing and abuse prevention. We do not resell or share individual lookup records with third parties.

The IP addresses your users send to your application, and which you then pass to our API, are your responsibility to handle in accordance with the privacy laws applicable to you (e.g., GDPR if your users are in the EU). tracenow processes those IPs as a data processor on your behalf.

Account data is retained for as long as your account is active. If you close your account, we delete your personal data within 90 days, except for records we are required to retain for legal or financial compliance (such as invoices, which are kept for 7 years).

API request logs are retained for 12 months for billing verification and abuse investigation, then deleted.

Server access logs (raw HTTP logs) are retained for 30 days.

tracenow uses a single session cookie to keep you signed in to the dashboard. This cookie contains an encrypted session token — no personal data is embedded in it. It expires when you sign out or after a period of inactivity.

We do not use tracking cookies, advertising pixels, or third-party analytics scripts that follow you across the web.

tracenow uses a small number of third-party providers to operate:

• Payment processor — to handle billing. They receive your payment details; we do not.
• Cloud infrastructure — our servers and database run in data centers in the United States.
• Transactional email — to send account and billing emails. Your email address is shared with this provider solely for that purpose.

We select providers who commit to appropriate data handling practices and do not use your data for their own purposes.

You can access and update your account information from the dashboard at any time. You can also close your account, which triggers deletion of your personal data per the retention schedule above.

If you are located in the EU or UK, you may have additional rights under GDPR, including the right to access a copy of your data, correct inaccuracies, object to processing, or request erasure. To exercise any of these rights, email us at privacy@tracenow.io.

We use standard security practices: HTTPS everywhere, hashed passwords, encrypted session tokens, and access controls on our internal systems. No system is perfectly secure, but we take reasonable steps to protect your data.

If you discover a security issue, please report it to security@tracenow.io rather than disclosing it publicly.

If we make material changes to this policy, we will notify you by email and update the date at the top of this page. Continued use of the service after such changes constitutes acceptance.

Questions or requests regarding your data? Email us at privacy@tracenow.io.