Skip to main content
WorldIP.io

Privacy Policy

Last updated: April 16, 2026

Overview

WorldIP.io is a free IPv4 address lookup tool. We respect your privacy and collect minimal data. There are no user accounts, no email collection (except via the voluntary contact form), and no data sales.

What we collect

  • Search queries — When you look up an IP address, we log the query (not your identity) with a one-way hash of your IP + user agent for rate-limiting purposes. This hash cannot be reversed to identify you.
  • Google Analytics 4 — We use GA4 for aggregate traffic analysis (page views, geographic distribution, device types). GA4 operates under Google Consent Mode v2: analytics cookies are only set if you click "Accept" on the consent banner. If declined, GA4 uses cookieless, modeled data with no personal identifiers.
  • Google AdSense — When enabled, ads may use cookies for personalization only with your consent. Without consent, non-personalized ads are shown. AdSense also operates under Consent Mode v2.
  • Contact form — If you submit the contact form, we receive your name, email, and message via MailerSend. This data is used solely to respond to your inquiry.
  • Server logs — Standard web server logs (IP address, request URL, user agent, timestamp) are retained for 90 days for security and debugging purposes.

Cookies

We use the following cookies:

  • PHPSESSID — Session cookie for CSRF protection on the contact form. No personal data stored.
  • wio_consent — Stores your cookie consent preference (localStorage, not a cookie).
  • _ga, _ga_* — Google Analytics cookies, only set if you accept analytics cookies.

Your rights (GDPR)

If you're in the EU/EEA, you have the right to access, correct, or delete your personal data. Since we collect minimal data and no accounts exist, the most relevant right is declining cookies via the consent banner, which prevents any tracking beyond basic server logs.

To exercise your rights or ask questions, contact us.

PTR / reverse DNS data

WorldIP.io scans public DNS PTR records for all IPv4 addresses. This is publicly available DNS data — no different from running dig -x on any IP. PTR records contain hostnames set by IP block owners, not personal information. We do not scan ports, probe services, or make any connections to the IPs themselves.

Data retention

  • Search logs: retained indefinitely (hashed, non-identifying)
  • Server logs: 90 days
  • Contact form submissions: until resolved, then deleted
  • PTR records: refreshed continuously based on DNS TTL values

Third parties

We share no data with third parties beyond Google (Analytics/AdSense, under Consent Mode v2) and Cloudflare (CDN/security provider — see their privacy policy).

Do Not Track

We respect the DNT (Do Not Track) browser header. When detected, analytics cookies are automatically declined.

Changes

We may update this policy as our practices evolve. Significant changes will be noted with an updated "Last updated" date at the top.

Share