Privacy Policy

Last updated: May 2026.

What we collect

• Domain names you submit — so we can run the audit and show you the report.
• IP address — for rate limiting and abuse prevention only.
• Email address — only if you request a PDF report or opt in to the newsletter. You can delete it at any time by emailing privacy@dmarcsentinel.com.

Cookies

We use two categories of cookies. The banner on your first visit lets you accept or reject the optional ones; your choice is remembered for six months. You can change it any time via Cookie preferences in the footer.

• Strictly necessary — session + CSRF cookies so the audit form can submit. Can't be disabled because the site won't work without them.
• Analytics (optional) — Google Analytics 4 + Google Tag Manager. These set first-party cookies like _ga and _ga_<id> to measure how often domains are audited and which pages have errors. We run in Google Consent Mode v2, so these tags stay in a denied, cookie-less state until you opt in.

We do not run advertising, remarketing, or personalised-ad cookies.

What we don't do

• No advertising or remarketing networks.
• No selling or sharing of personal data.
• No profiling beyond aggregated analytics.

Retention

Audit records are kept for 90 days then deleted. Email addresses are kept while you remain subscribed; unsubscribing deletes them within 30 days. Analytics cookies follow Google's default lifetime (24 months) and can be deleted via your browser at any time.

Legal basis (UK/EU GDPR)

Legitimate interest for audits and rate limiting. Consent (via the banner) for analytics cookies. Consent for marketing email.

Contact

We are operated by FXRM, a UK-registered business. Controller: Jon Morby <privacy@dmarcsentinel.com>.