Privacy Policy
Built privacy-first: no cookies, no third-party trackers, keys never leave memory.
1. Who we are
PKI Tools (pkitools.io) is operated by MI Support IT, Denmark. For any privacy-related questions or requests, contact us through the MI Support IT website.
2. No cookies, cookie-free analytics
We do not use tracking cookies, and we do not use third-party analytics services. Our own analytics counts visitors using an anonymous identifier derived from a daily-rotating hash. It cannot be linked back to you, and it changes every day, so visits cannot be connected across days.
For each pageview we store: the page visited, the referrer source (e.g. a search engine name), UTM campaign parameters when present, your device category (desktop/mobile/tablet), and your country. The country is resolved locally on our own server from your IP address using an offline database (geolocation by DB-IP) — the IP address itself is discarded immediately and never stored with analytics data. The only cookie on this site is a session cookie used by site administrators to access the admin dashboard.
3. What happens to data you submit to the tools
Private keys are never stored, logged, or transmitted further. When you use the Key Matcher or paste key material into any tool, the key is used in memory to perform the requested comparison or analysis and is then discarded.
Certificates, CSRs, and CRLs you submit for analysis may be retained together with the analysis results for service statistics, quality, and abuse prevention. Certificates are by design public objects; do not submit material you consider confidential.
When you generate a document with the CPS Builder or Key Ceremony Planner, the document itself is created in your browser and is never sent to us. We log only metadata about the generation: the document type, the organization name and document title you entered, your country, and a timestamp.
4. Monitoring subscriptions and email
If you subscribe to CRL or certificate-expiry notifications, we store your email address, the monitored CRL URL or hostname, your notification preferences, and a log of the notification emails we send you (recipient, type, time, and delivery status). This data is used solely to provide the monitoring service.
Emails are delivered through Mailgun (EU region) acting as our data processor. Every notification email contains a link to manage your subscription or unsubscribe; unsubscribing deletes the subscription.
5. Server logs
Like virtually all web services, our API keeps operational request logs (endpoint, timestamp, IP address, browser user-agent, and response status) for security, rate limiting, and troubleshooting. These logs are not used for marketing or profiling.
6. Your rights
Under the GDPR you have the right to access, rectify, and erase personal data we hold about you, and to object to or restrict processing. Notification subscriptions can be deleted directly via the unsubscribe link in any email we send. For anything else, contact us and we will respond without undue delay.
7. Changes
We may update this policy as the service evolves. The effective date below always reflects the latest revision. Substantial changes will be visible on this page.
Effective date: July 8, 2026