Privacy Policy

Last updated: April 21, 2026

1. Introduction

This Privacy Policy explains how Inspectr handles personal data in connection with the Inspectr website, local Inspectr usage, and Inspectr Expose remote ingress.

Inspectr is currently operated by an individual operator based in Belgium.

DNS for Inspectr Service is managed by Cloudflare, and hosted infrastructure is provided by Delta.blue in Europe.

Privacy and GDPR inquiries can be sent to [email protected] . Legal questions can be sent to [email protected] .

2. Interpretation and Definitions

"Inspectr Software" means the local Inspectr installation operated by you. "Inspectr Service" means the ingress/expose forwarding service. "Personal Data" means information relating to an identified or identifiable person. "Processing" means any operation on data, such as collection, use, disclosure, or deletion.

3. Data Roles and Responsibility Allocation

The following role allocation applies:

  • Website analytics and website operations: Inspectr acts as controller.
  • Support and legal contact emails: Inspectr acts as controller.
  • Inspectr Service ingress/expose payload relay: forwarding-only, non-persistent handling.
  • Inspectr Service abuse prevention and infrastructure security telemetry: Inspectr acts as controller for that limited telemetry.
  • Inspectr Software local capture and storage of request/response traffic: you (the user/customer) act as controller.
  • Self-hosted or enterprise local deployments: the deploying organization acts as controller for locally stored payload data.
  • Billing and payment processing: no billing or payment accounts are currently offered.

4. Local vs Expose Data Handling

Inspectr Software usage is local-first. Request and response data are handled and stored in your own environment under your control.

Inspectr Service (ingress/expose) is forwarding-only. Its function is to accept public ingress traffic and securely forward it to your local Inspectr instance.

Inspectr Service does not store request details or sensitive information from proxied traffic on the ingress side, including request bodies, query parameters, headers, and response payload content.

Any processing needed to relay a live request is transient and non-persistent.

5. Local Software and Ingress Data Handling

Inspectr Software is local-first. Request and response data are handled and stored in your own environment under your control.

Inspectr Service is forwarding-only and does not store request details or sensitive information from proxied traffic on the ingress side, including request bodies, query parameters, headers, endpoint URLs, and response payload content.

Any processing needed to relay live traffic is transient and non-persistent.

6. Categories of Data

Depending on usage, categories may include:

  • Contact data you voluntarily provide (for communication and support)
  • Technical and telemetry data required for reliability and abuse prevention
  • Request metadata and payload data processed by your own local Inspectr Software instance

For Inspectr Service ingress/expose, this policy excludes persistent storage of proxied request and response payload content on the ingress side.

7. Purposes and Legal Bases

Personal data is processed to operate and secure the website and Inspectr Service, respond to support/legal requests, prevent abuse, and comply with legal obligations. Where GDPR applies, the legal basis is legitimate interests, legal obligations, and consent where consent is required.

8. Website Analytics and Technical Data

The website does not use cookies.

We process limited technical usage data through analytics tooling such as PostHog (EU region) and first-party traffic measurement scripts to improve reliability and usability.

9. Retention

  • Website analytics events: up to 12 months.
  • Support communications: up to 24 months after the last interaction.
  • Security and abuse-prevention telemetry: up to 30 days, unless retained longer for an active incident investigation.
  • Legal/compliance requests and related correspondence: up to 10 years where required by law or dispute defense needs.
  • Ingress relay payload data: not retained on the Inspectr Service ingress side.
  • Local Inspectr Software data retention: fully controlled by the user/customer.

10. Sub-processors

For Inspectr Service, sub-processors include Cloudflare (DNS management) and Delta.blue (European cloud hosting). Sub-processors are used only for service infrastructure and operations.

11. International Transfers

For Inspectr Service, hosting is in Europe and transfers outside the European Economic Area are not part of normal operations.

If an exceptional transfer outside the European Economic Area is required, appropriate safeguards such as European Commission Standard Contractual Clauses are applied.

12. Disclosure of Personal Data

Personal data may be disclosed where required by law, to protect rights and security, or in connection with a merger, acquisition, or asset transfer.

13. Security Measures

We apply technical and organizational measures appropriate to risk, including transport encryption, access controls, and operational safeguards.

14. Your GDPR Rights

If GDPR applies, you may request access, rectification, erasure, restriction, objection, and data portability. You can also lodge a complaint with the competent data protection authority.

Requests can be sent to [email protected] and we aim to respond within one month.

15. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal data from children under 13.

16. Third-Party Links

The website may link to third-party websites. Their privacy practices are governed by their own policies.

17. Changes to This Policy

We may update this Privacy Policy from time to time. Material updates are reflected on this page with a revised "Last updated" date.