Privacy Policy

What ReconKit does

ReconKit is a browser-based tool that demonstrates what data websites can collect about you without asking. It reads publicly available browser APIs — the same ones every website can access — and shows you the results. The purpose is educational.

Data we do not collect

We do not collect, store, log, or transmit any of the following:

• Your IP address or location
• Your browser fingerprint, canvas hash, or audio fingerprint
• Your device specs, installed fonts, or screen information
• Any query you run through the tools — IP lookups, domains, breach checks, etc.
• Any personal information of any kind

How the tool works

All fingerprinting runs in your browser using JavaScript. No data is sent to ReconKit servers — we do not have servers that receive fingerprint data. When you use lookup tools (IP, Domain, Breach), your browser contacts third-party APIs directly. We never see those requests.

What is stored locally

ReconKit stores these items in your browser only — never on our servers:

• Your theme preference (light or dark mode)
• API keys you enter (stored on your device only, never sent to us)
• Recent scan snapshots for the comparison feature

You can clear this anytime by clearing local storage for this site in your browser settings.

Third-party APIs

Some tools make requests to external services from your browser directly:

• ipapi.co — resolves your public IP and approximate location
• AbuseIPDB — optional, requires your own key for IP reputation
• VirusTotal — optional, requires your own key for domain analysis
• HaveIBeenPwned — optional, requires your own key for breach lookups

Open source

ReconKit is fully open source. You can read every line of code at github.com/nzausnr/ReconKit. You do not have to trust this policy — you can verify it yourself.

Contact

Questions? Open an issue on GitHub or reach out via the community channels in the footer.