Legal · Privacy · Data Protection

Privacy Policy

We believe privacy is straightforward, not complicated. This policy explains exactly what data HostingGarage collects, why, how it is used, and what your rights are — written in plain English.

Current version Effective date: 1 January 2026 · Last reviewed: May 2026 · Applies to: hostinggarage.in and all subdomains
India DPDPA 2023 IT Act 2000 GDPR (EU) UK GDPR CCPA (California) FTC Guidelines 2023 ASCI India 2021
Plain English summary
What this privacy policy says in 30 seconds
Domain names you enter are used only to run your check — not stored permanently
SSL and uptime checks run entirely on our Mumbai server — no data leaves to third parties
DNS checker and Speed Test send your domain to Google and Cloudflare — disclosed below
Google Analytics tracks site usage — you can opt out
Affiliate links exist on hosting comparison pages — they are always disclosed
We never sell your data to anyone, ever
Email addresses (SSL reminders) are used only for that purpose
You have full rights to access, correct, and delete your data
Section 1

Who We Are

HostingGarage (hostinggarage.in) is a free website health checker and hosting comparison platform operated by an individual based in Bengaluru, Karnataka, India.

HostingGarage provides four free diagnostic tools — SSL checker, DNS checker, website uptime checker, and website speed test — along with hosting comparison pages and a hosting performance report card. Some hosting comparison pages contain affiliate links as disclosed in our Affiliate Disclosure.

For the purposes of the General Data Protection Regulation (GDPR), HostingGarage is the data controller for personal data collected through this website. For the purposes of India’s Digital Personal Data Protection Act 2023 (DPDPA), HostingGarage is the data fiduciary.

Data Controller / Data Fiduciary: HostingGarage.in
Location: Bengaluru, Karnataka, India
Contact: privacy@hostinggarage.in
Website: https://hostinggarage.in
Section 2

What Data We Collect and Why

HostingGarage collects the minimum data necessary to operate the service. The table below lists every category of data we collect, why we collect it, and the legal basis for doing so.

Data Why collected Source Stored? Legal basis
Domain names To run the requested SSL, DNS, uptime, or speed check User input Temporarily cached only — not stored permanently Legitimate interest / Contract performance
IP address Security, rate limiting, abuse prevention Automatic — server logs Server logs — 30 days Legitimate interest
Browser type and device Analytics — understanding how the site is used Automatic — Google Analytics Google Analytics — 26 months Consent
Pages visited, time on page Analytics — improving tools and content Automatic — Google Analytics Google Analytics — 26 months Consent
Geographic location (city/country) Analytics — understanding our India audience Derived from IP — Google Analytics Google Analytics — 26 months Consent
Email address SSL certificate expiry reminders — one email 30 days before expiry User input — SSL checker reminder form Until reminder is sent or user unsubscribes Consent
Referrer URL Understanding which sources send visitors to the site Automatic — server logs, Google Analytics Google Analytics — 26 months Consent / Legitimate interest
What we do not collect: We do not collect names, postal addresses, phone numbers, payment card details, government ID numbers, health data, or any other sensitive personal information. We do not create user accounts and do not require registration to use any tool.
Section 3

How Our Tools Handle Your Data

Each tool operates differently in terms of what happens to the domain you enter. This section explains the exact data flow for each tool — including whether your domain stays on our server or is sent to a third party.

🔒 SSL Checker
/ssl-checker/
Method Native PHP TLS connection from our Hostinger Mumbai server directly to your domain
Third parties None — no external API used
Data accessed Public SSL certificate only — same data any browser reads when visiting a site
Domain stored Not stored permanently. Cached for up to 1 hour for performance, then purged automatically
Private data accessed None — no access to files, databases, or server configuration
🌐 DNS Checker
/dns-checker/
Primary check DNS-over-HTTPS query from our Hostinger Mumbai server — no third party involved for the primary Mumbai result
Global propagation Your domain is sent from your browser to Google DNS (dns.google) and Cloudflare DNS (cloudflare-dns.com) to simulate global propagation results
Fallback If our Mumbai server is unavailable, your browser may query Google DNS directly
Data sent to Google Domain name, DNS record type. Governed by Google’s Privacy Policy
Data sent to Cloudflare Domain name, DNS record type. Governed by Cloudflare’s Privacy Policy
Domain stored Not stored permanently by HostingGarage
🔴 Website Status Checker
/hosting-tools/
Method Standard HTTP GET request sent from our Hostinger Mumbai server to your domain — identical to any browser visit
Third parties None — check runs entirely on our infrastructure
Data accessed HTTP response code and response time only — public data
Domain stored Not stored permanently
🚀 Website Speed Test
/website-speed-test/
Method Google PageSpeed Insights API — your domain is sent to Google to retrieve Core Web Vitals and performance scores
Third party Google PageSpeed Insights API — Google LLC, USA
Data sent to Google Domain name, request timestamp. Governed by Google’s Privacy Policy and Google APIs Terms
Attribution Results are powered by Google PageSpeed Insights as required by Google’s API Terms of Service
Domain stored Not stored permanently by HostingGarage
Important — domain names and personal data: If you enter a domain registered in the name of an individual (e.g. a personal portfolio domain), that domain name may constitute personal data under GDPR and India’s DPDPA. By submitting such a domain you confirm either that you are the domain owner, or that you are querying publicly available infrastructure data for which no private information is accessed or stored.
Section 4

Third-Party Services We Use

HostingGarage uses the following third-party services. Each service has its own privacy policy and data processing practices. Where a service processes data on our behalf, it acts as a data processor under GDPR and a data processor / consent manager under India’s DPDPA.

Google Analytics (via Site Kit)
Analytics · Data Processor
PurposeMeasuring website traffic, page views, visitor behaviour, and tool usage
Data sentIP address (anonymised), browser type, device, pages visited, time on site, referrer, approximate location
LocationGoogle LLC — United States (transfers governed by Standard Contractual Clauses)
Consent neededYes — non-essential. Blocked until consent given via cookie banner
Google PageSpeed Insights API
Tool Infrastructure
PurposeProviding Core Web Vitals and performance scores for the website speed test tool
Data sentDomain name submitted by the user, request timestamp
LocationGoogle LLC — United States
Consent neededInherent to tool use — disclosed at point of use on the speed test tool page
Cloudflare DNS-over-HTTPS
Tool Infrastructure · DNS Checker only
PurposeSimulating global DNS propagation results in the DNS checker tool
Data sentDomain name, DNS record type (browser-side request from user’s device)
LocationCloudflare Inc. — United States (processes via global anycast network)
Consent neededInherent to DNS checker global propagation feature — disclosed on tool page
HetrixTools
Uptime Monitoring · Data Processor
PurposeContinuous uptime and TTFB monitoring of HostingGarage’s own benchmark test sites (host1–host7.hostinggarage.in)
User data sentNone — HetrixTools monitors only our own test sites, not user-submitted domains
LocationHetrixTools infrastructure — probe from Mumbai, Maharashtra, India (BOM)
RelationshipData processor — processes HostingGarage’s own monitoring data on our behalf
Hostinger (Web Hosting)
Infrastructure · Data Processor
PurposeHosting the hostinggarage.in website and serving all PHP tools from Mumbai datacenter
Data processedServer access logs, IP addresses, all data that passes through the server including tool requests
LocationHostinger Mumbai BOM datacenter, India
RelationshipData processor — processes data on our behalf under Hostinger’s DPA
Section 5

Cookies and Tracking Technologies

HostingGarage uses cookies for analytics and to enable the site to function correctly. The table below lists every cookie set on this site, its purpose, and whether your consent is required.

Cookie name Set by Purpose Duration Type
PHPSESSID HostingGarage server PHP session management — allows the server to maintain a session during your visit Session (deleted when browser closes) Essential
_ga Google Analytics Distinguishes unique visitors — assigns a random ID to track sessions 2 years Non-essential
_gid Google Analytics Distinguishes visitors — stores and updates a unique value for each page visited 24 hours Non-essential
_gat Google Analytics Throttles request rate — limits data collection on high-traffic sites 1 minute Non-essential
Affiliate tracking cookies Hosting companies (third-party) Attribution — records that a visitor came from a HostingGarage affiliate link. Set only when you click an affiliate link. HostingGarage does not set these cookies. Varies by provider (typically 30–90 days) Marketing

Essential cookies (PHPSESSID) are required for the site to function and do not require your consent. Non-essential cookies (Google Analytics, affiliate tracking) are only activated after you give consent via our cookie consent banner.

How to manage cookies: You can withdraw cookie consent at any time by clearing cookies in your browser settings or clicking the cookie preferences link in the footer. You can also opt out of Google Analytics specifically using the Google Analytics Opt-out Browser Add-on.

Section 6

Affiliate Links and Commercial Relationships

Some pages on HostingGarage contain affiliate links to hosting providers. When you click an affiliate link and make a purchase, HostingGarage earns a commission from the hosting company at no extra cost to you. This commission is how the site is funded and what pays for the hosting plans we use for testing.

Current affiliate relationships: Kinsta, Cloudways, Hostinger, HostArmada, ChemiCloud, and MilesWeb. BigRock is included in our performance data but has no affiliate relationship with HostingGarage.

When you click an affiliate link, the hosting company may set a tracking cookie in your browser to attribute the referral. These cookies are set by the hosting company, not by HostingGarage. The relevant hosting company’s privacy policy governs how that cookie data is used.

Affiliate links appear only on hosting comparison and review pages. The free diagnostic tools — SSL checker, DNS checker, uptime checker, and speed test — contain no affiliate links. For full details see our Affiliate Disclosure.
Section 8

How Long We Keep Your Data

We retain data only for as long as necessary to fulfil the purpose for which it was collected. The table below shows retention periods for each data type.

Data type Retention period Reason
Domain names (tool queries) SSL: up to 1 hour cache. DNS/Status: session only. Not stored in any database. Performance optimisation — cached results prevent duplicate server load
Server access logs (IP, user agent, timestamp) 30 days Security, abuse prevention, and debugging. Deleted automatically by server rotation.
Google Analytics data 26 months (Google default setting) Understanding long-term usage trends. Configurable in Google Analytics account settings.
Email addresses (SSL reminders) Until the reminder email is sent, or until you unsubscribe — whichever comes first. Maximum 12 months. Fulfilling the reminder service you requested
Cookie consent records 12 months from consent date Proof of consent as required by GDPR Article 7(1)

When data is no longer required for its stated purpose and no legal obligation requires us to retain it, it is deleted or anonymised. You may request deletion of your personal data at any time — see Section 10 for your rights.

Section 9

International Data Transfers

HostingGarage is based in India and all primary tool infrastructure runs on our Hostinger Mumbai server. However, some data transfers to the United States occur when you use certain tools.

Transfer Destination Data transferred Safeguard
Google Analytics Google LLC, USA Browsing behaviour, anonymised IP, device data Standard Contractual Clauses (EU) · Google’s DPDP commitment (India)
Google PageSpeed API (speed test) Google LLC, USA Domain name submitted for speed testing Google APIs Terms of Service · SCCs for EU users
Google DNS-over-HTTPS (DNS checker) Google LLC, USA Domain name, DNS record type Google’s Privacy Policy · Minimal data, no persistent storage
Cloudflare DNS-over-HTTPS (DNS checker) Cloudflare Inc., USA Domain name, DNS record type Cloudflare Privacy Policy · SCCs for EU users · Minimal data
HetrixTools monitoring HetrixTools infrastructure HostingGarage’s own test site URLs only — no user data No user personal data transferred

For EU and UK visitors: Data transfers to the United States are governed by Standard Contractual Clauses (SCCs) approved by the European Commission, as implemented by Google and Cloudflare in their respective data processing agreements.

For Indian visitors: Cross-border data transfers to the USA are subject to the Digital Personal Data Protection Act 2023. We transfer data only to processors (Google, Cloudflare) that have made adequate commitments regarding data protection as recognised by or consistent with the DPDPA framework. The primary infrastructure for all tools remains in India (Hostinger Mumbai).

Section 10

Your Rights

Depending on where you are located, you have specific rights over your personal data. These rights are provided under GDPR (EU/UK), India’s DPDPA 2023, and CCPA (California). We honour all applicable rights regardless of your location.

📋
Right to Access
Request a copy of the personal data we hold about you and how it is being used.
GDPR Art.15 · DPDPA Sec.11 · CCPA
✏️
Right to Correction
Request correction of inaccurate or incomplete personal data we hold about you.
GDPR Art.16 · DPDPA Sec.12
🗑️
Right to Erasure
Request deletion of your personal data where we have no legal obligation to retain it. Includes the right to withdraw consent.
GDPR Art.17 · DPDPA Sec.12 · CCPA
⏸️
Right to Restrict Processing
Request that we restrict processing of your data while a dispute is being resolved or for other legitimate reasons.
GDPR Art.18
📦
Right to Data Portability
Receive your personal data in a structured, commonly used, machine-readable format and transfer it to another provider.
GDPR Art.20 · DPDPA Sec.11
🚫
Right to Object
Object to processing of your data based on legitimate interest. You can object to direct marketing at any time.
GDPR Art.21
👤
Right to Nominate
Under India’s DPDPA, you may nominate another individual to exercise your rights on your behalf in the event of death or incapacity.
DPDPA Sec.14
🏷️
Right to Opt Out of Sale (CCPA)
California residents: we do not sell personal information. This right is automatically satisfied — no action needed.
CCPA · California residents only
🤝
Right to Grievance Redressal
Under India’s DPDPA, you have the right to a timely response to any grievance about how your data is handled.
DPDPA Sec.13 · Response within 30 days
↩️
Right to Withdraw Consent
You may withdraw consent for analytics cookies or email reminders at any time. Withdrawal does not affect prior processing.
GDPR Art.7 · DPDPA Sec.6
How to exercise your rights: Email privacy@hostinggarage.in with your request. We will respond within 30 days (GDPR / DPDPA standard). We will not charge a fee for reasonable requests. We may need to verify your identity before processing a request.
Section 11

Children’s Privacy

HostingGarage is not directed at children under the age of 18. We do not knowingly collect personal data from anyone under 18. If you are a parent or guardian and believe that your child has submitted personal data to this site, please contact us at privacy@hostinggarage.in and we will delete the data promptly.

Under India’s Digital Personal Data Protection Act 2023 (DPDPA), special protections apply to data of children under 18. We do not process data of minors and do not offer services directed at children.

Section 12

Changes to This Privacy Policy

We may update this privacy policy when our practices change, when we add or remove third-party services, or when applicable law requires updates. When we make changes, we update the “Last reviewed” date at the top of this page.

For significant changes that materially affect how we process your data — such as adding a new third-party service that receives personal data — we will provide more prominent notice, either via a banner on the site or by email if we hold your email address.

Continued use of the site after an update constitutes acceptance of the updated policy. If you do not agree with any changes, you should stop using the site and may request deletion of your data by contacting us.

VersionDateChange summary
1.01 January 2026Initial policy — covers all tools and services at launch
Section 13

Contact, Complaints, and Supervisory Authorities

If you have any question about this privacy policy, want to exercise a right, or want to make a complaint about how we handle your data, please contact us using the details below. We will respond within 30 days.

Contact Information
📧
Privacy enquiries
📧
General contact
🌐
📍
Location
Bengaluru, Karnataka, India
Supervisory authorities — if you are not satisfied with our response:

India: Data Protection Board of India (under DPDPA 2023) — meity.gov.in
EU residents: Your national data protection authority — edpb.europa.eu
UK residents: Information Commissioner’s Office — ico.org.uk
California residents: California Attorney General — oag.ca.gov/privacy/ccpa
This privacy policy was drafted with reference to India’s Digital Personal Data Protection Act 2023, the Information Technology Act 2000 and IT Rules 2011, the EU General Data Protection Regulation (Regulation 2016/679), the UK GDPR, the California Consumer Privacy Act (CCPA), and the FTC Endorsement Guides 16 CFR Part 255 (2023 update). This policy does not constitute legal advice. For specific legal questions consult a qualified privacy law practitioner.