Scam Checker

Privacy Policy

Last updated: 2026-05-29.

Scam Checker is a free, privacy-first tool. The checker analyses what you paste in your browser, not on our servers. The community-report database holds only masked values and salted hashes. This page is written in plain English; it is engineering practice, not legal advice.

1. What Scam Checker does

We help you decide whether a message, email, link, SMS, screenshot, or PDF you received is a scam. The analysis is local to your device. We also publish community-reported scams so other readers can search for the same value.

2. Data we collect

2.1 Scam checker tool (/check and dedicated tool pages)

2.2 Community scam reports (/api/report)

2.3 Server logs (Vercel)

2.4 Analytics (opt-in only)

3. Data we deliberately do NOT collect

4. Cookies

Detail lives on the dedicated Cookie Policy. Summary:

5. AI & third-party processors

We do not train any AI model on user submissions, and we do not sell or share data with advertisers.

6. Retention

7. Your rights

Wherever you are, you can request:

Submit requests via the data removal page. Some regions (EU/UK GDPR, California CCPA, Australian Privacy Principles) grant additional formal rights — we honour the substance of these requests in the same workflow.

8. Security

See the dedicated security page for the engineering details: defence-in-depth redaction, security headers, API hardening, and our coordinated disclosure policy.

9. Children

Scam Checker is not directed to children under 13 (16 in some EU/UK contexts). If a parent or guardian believes a child's data was submitted, email privacy@scamchecker.app and we'll remove it on receipt.

10. Changes

We update this policy when our data practice changes. Material changes will be flagged on the homepage banner or via a new cookie-consent prompt where appropriate.

11. Contact

Privacy questions: privacy@scamchecker.app. Security: responsible disclosure. General contact: contact page.

This page is engineering practice and transparency, not a legal warranty. Specific regional requirements (GDPR, ePrivacy, CCPA, Australian Privacy Principles) require legal review before commercial scale-up.