www.ve.ms

Free tools for a more reliable internet — no ads, no tracking

Privacy Policy

1. Controller and contact

The controller responsible for data processing in connection with this website and the tools and services offered on it is shown below. For data protection matters and to exercise your rights, please use these contact details. We do not appoint a separate data protection officer due to the size of the project.

Hold the button for 5 seconds to reveal contact details.

2. Hosting and infrastructure

This website and its tools are hosted in Germany. Our hosting provider acts as a processor; we have concluded a data processing agreement (Auftragsverarbeitungsvertrag, AV contract) in accordance with Art. 28 GDPR. Data is stored and processed within the European Union (Germany). We do not use external content delivery networks (CDNs), third-party fonts (e.g. Google Fonts), or third-party analytics or tracking scripts on this site. This reduces the number of parties that receive your data and supports privacy by design.

3. Data we process and for what purpose

3.1 General website use

When you visit our website, the server automatically records access data (e.g. IP address, time, requested URL, browser type). This is necessary for technical operation and to ensure security. Access logs are typically retained for a limited period and then deleted or anonymised. We do not use this data to profile you or to pass it on to third parties for advertising purposes.

3.2 Sessions and rate limiting

Some areas of the site (in particular the tools) use server-side sessions. Session data may include a session identifier and, where necessary for the function, temporary data such as:

  • Rate-limiting counters (to prevent abuse and ensure fair use)
  • Captcha-related data (to distinguish human users from automated abuse)
  • For the Mail Blacklist Check and Mail Delivery Check tools: the email address you enter, only for the duration of the check, to perform the test and apply rate limits

This data is stored only for the duration of the session or for short retention periods and is not used for long-term profiling or marketing.

3.3 Tools and services — data flow

Our tools process the inputs you provide only to deliver the requested service. We describe the main data flows below.

  • Mail Delivery Check: The email address you enter is used to send a test email and verify delivery. For sending we use an external mail provider (e.g. 75p.de). The address is processed only for this check and for rate limiting; we do not use it for newsletters or other marketing.
  • Mail Blacklist Check: The IP or domain you enter is checked against public blacklists. No persistent storage of your inputs beyond session/rate-limit needs.
  • Email Header Analyzer: The headers you paste are processed only on our server to analyse them and display the result. They are not stored permanently.
  • Cookie & Tracking Check: The URL you enter is fetched by our server (via HTTP/HTTPS) to analyse response headers and page content for cookies and third-party resources. The URL is processed only for this analysis and for rate limiting; we do not crawl or store the full content of third-party sites.
  • Website Speed: The URL you enter is requested by our server to measure response times (e.g. DNS, connection, time to first byte). The URL is used only for this measurement and for rate limiting.
  • Client Speedtest: Your browser exchanges data with our server to measure download and upload speed and latency. This data is technical (e.g. test payloads); we do not use it to identify you personally beyond what is inherent in the connection (e.g. IP).
  • DNS Lookup: The domain or hostname you enter is used to perform DNS queries and show you the results. No long-term storage of your queries.
  • WHOIS Lookup: The domain or IP you enter is used to perform a WHOIS query and display the result. Processed only for this purpose and for rate limiting.
  • Certificate Check: The URL or hostname you enter is used to fetch the SSL/TLS certificate and display subject, issuer, validity, and related data. Processed only for this check and for rate limiting; not stored permanently.
  • Ping Check: The hostname or IP you enter is used to run a ping from our server and display round-trip times and packet loss. Processed only for this check and for rate limiting; not stored permanently.

3.4 Account and login

If you register or log in, we process your account data (e.g. identifier, password stored in hashed form) only for authentication and to provide account-linked services. We do not use this data for marketing or pass it to third parties for advertising.

We do not sell or share your tool inputs with third parties for advertising or similar purposes. Where we use external services (e.g. mail delivery), their processing is limited to what is necessary for the function (e.g. sending one test email).

4. Legal basis

We process personal data on the following bases:

  • Legitimate interest (Art. 6(1)(f) GDPR): for operation of the website, security, rate limiting, and abuse prevention; for providing and improving the tools.
  • Contract or pre-contractual steps (Art. 6(1)(b) GDPR): where you use a service that constitutes a contract (e.g. use of a tool in accordance with our terms).
  • Legal obligation (Art. 6(1)(c) GDPR): where we must retain or disclose data to comply with applicable law.

Where we rely on legitimate interest, we have balanced our interests (operating a secure, usable site and tools) against your rights; we minimise data and retention and do not use your data for advertising.

5. Your rights

Under the GDPR you have the right to:

  • Access (Art. 15): obtain confirmation as to whether we process your data and, if so, a copy and other information.
  • Rectification (Art. 16): have inaccurate personal data corrected.
  • Erasure (Art. 17): request deletion of your data where the legal conditions are met.
  • Restriction of processing (Art. 18): request that we only store your data and process it in limited ways in certain situations.
  • Data portability (Art. 20): receive your data in a structured, commonly used format where the processing is based on consent or contract and is carried out by automated means.
  • Object (Art. 21): object to processing based on legitimate interest; we will stop unless we demonstrate compelling legitimate grounds.
  • Withdraw consent: where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.
  • Complain to a supervisory authority (Art. 77): you may lodge a complaint with a data protection authority, in particular in the EU member state of your residence, place of work, or place of the alleged infringement. In Germany, the competent authority is the supervisory authority of the federal state where we are based.

To exercise these rights, contact us using the details in section 1. We will respond within the time limits set by the GDPR (generally one month).

6. Data retention

We keep personal data only as long as necessary for the purposes described:

  • Access and error logs: limited period (e.g. a few weeks), then deletion or anonymisation.
  • Session and rate-limit data: short-lived; not retained beyond what is needed for abuse prevention and fair use.
  • Tool inputs (URLs, email addresses, domains, etc.): not stored permanently; only processed for the immediate request and, where applicable, for rate limiting during your session.

We do not retain your tool inputs for long-term analysis or marketing. Where we are under a legal obligation to retain data (e.g. for tax or legal claims), we retain it only as required by law.

7. Recipients and international transfers

Data may be passed to:

  • Hosting provider (Germany): they process data on our behalf under a data processing agreement; no transfer outside the EU for core hosting.
  • Mail provider (e.g. for Mail Delivery Check): only to the extent necessary to send the test email; we choose providers with adequate data protection where possible.

We do not transfer your personal data to countries outside the European Economic Area unless we have ensured appropriate safeguards (e.g. adequacy decision or standard contractual clauses). Our primary infrastructure is in Germany.

8. Security

We take appropriate technical and organisational measures to protect your data (e.g. secure connections, access controls, regular updates). Despite this, no system can be completely secure; we encourage you to avoid sending highly sensitive data through our tools where possible.

9. Changes to this policy

We may update this privacy policy from time to time to reflect changes in our practices or the law. The current version is always available on this page. We will indicate the date of the last update where appropriate. Continued use of the site after changes constitutes acceptance of the updated policy where permitted by law.

10. Contact for privacy

For any questions about this privacy policy or our data practices, please use the contact details given in section 1.

ve.ms — Free tools for a more reliable internet. Last updated 2026.