Legal

Privacy Policy

Effective April 18, 2026

1. Overview

Routalyzer is a network diagnostics product operated under the Monolyth platform. We are committed to handling your information with care. This policy explains what data we collect, why we collect it, and how it is used. We collect the minimum data necessary to operate the Service.

2. Information We Collect

If you use the Service without an account: We store a value in your browser's localStorage (_rta_uses) to track anonymous usage count locally in your browser. No personal data is sent to our servers for this purpose.

If you create an account: We store your name, email address, and profile picture URL as provided by your OAuth provider (Google or GitHub). We do not receive or store your OAuth password. We also store per-tool usage counters (MTR analyses, Looking Glass runs, IP lookups, BGP lookups, DNS checks, SSL inspections, Whois queries) and your last active timestamp. These metrics are accessible via the Monolyth platform dashboard and are used solely for aggregate service analytics.

Diagnostic inputs: MTR output, IP addresses, domain names, and other targets submitted to the tools are processed server-side to run diagnostics. We do not persistently store raw diagnostic inputs or results.

3. How We Use Your Information

  • To authenticate you and maintain your session
  • To run network diagnostic commands (ping, traceroute, MTR) on your behalf via remote servers
  • To track per-tool usage statistics, visible via the Monolyth platform dashboard
  • To deliver feedback submissions to our team
  • To improve the Service based on aggregate, anonymised usage patterns

4. Data Storage

Account data is stored in a PostgreSQL database hosted on Neon (neon.tech), with our application deployed on Vercel. We use Prisma as our database ORM. We do not sell, rent, or share your personal data with third parties for marketing purposes.

5. Third-Party Services

  • Google OAuth / GitHub OAuth: Authentication — subject to their respective privacy policies
  • Stripe: Payment processing (coming soon) — see stripe.com/privacy
  • Proxycheck.io: IP/VPN detection — queries are made server-side with no user identity attached
  • Hetzner / server providers: Looking Glass server hosting (Nuremberg, Helsinki, Ashburn, Singapore) — target IP addresses are sent to these servers when running diagnostics
  • BGPView: BGP and prefix data — queries are made server-side with no user identity attached
  • Vercel: Hosting and serverless functions — subject to Vercel's privacy policy

6. Cookies & Local Storage

We store a value in localStorage (_rta_uses) to track anonymous usage counts locally in your browser — this never leaves your device. We also store a preference flag (_rta_welcomed) to avoid showing the welcome modal repeatedly. If you sign in, a session cookie is set by Auth.js to maintain your authentication state. We do not use advertising or tracking cookies.

7. Data Retention

Account data is retained for as long as your account is active. If you wish to delete your account and associated data, contact us on Discord and we will process the request within 30 days.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete personal data we hold about you, or to object to its processing. To exercise these rights, reach out via Discord.

9. Children

The Service is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The effective date at the top of this page indicates when it was last revised. Continued use of the Service after changes are posted constitutes acceptance of the revised policy.

11. Contact

For privacy-related questions or data deletion requests, reach us on Discord.
Terms of Service·Back to Routalyzer