Privacy Policy

1. Introduction

This Privacy Policy explains how Dokall (dokall.com) collects, uses, stores, and protects information when you visit or use our website and free online developer tools.

Dokall is designed to be used without registration, accounts, or sign-up. We do not ask you to create a profile, provide an email address to access the site, or maintain user accounts.

This policy is written with the transparency expectations of the EU General Data Protection Regulation (GDPR) and related UK GDPR in mind. If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the sections on your rights and legal bases apply to you.

2. Data Controller

The operator of Dokall (“we”, “us”, “our”) is the data controller for personal data processed through this website, except where a third-party service acts as an independent controller (see Section 7).

For privacy-related enquiries or to exercise your data protection rights, contact us at privacy@dokall.com.

3. What We Do Not Do

• We do not require account registration or login to use Dokall.
• We do not sell your personal data.
• We do not use third-party advertising or behavioural tracking cookies.
• We do not build marketing profiles from your tool usage.

4. Categories of Data We Process

Because Dokall is a collection of many independent tools, the data involved depends on which features you use. The table below summarises the main categories.

4.1 Browser-only tools

Tools such as JSON formatting, hashing, Base64 conversion, JWT debugging, UUID generation, regex testing, text diff, colour conversion, and many others process input locally in your browser. We do not receive the content you enter into those tools.

4.2 Server-processed features

Some features require server processing because they fetch external resources, store temporary content, or call third-party APIs. These include, among others:

• AI Chat & AI Translate — message or text content is sent to our servers for processing.
• Quick Notes & OneLink / URL Shortener — note or link content may be stored in our database for a limited period so you can access it via a shared URL.
• Temp Mail — disposable inbox addresses and received messages are stored temporarily on our infrastructure.
• Link Preview, Video Download, cURL Runner, Proxy Checker — URLs, requests, or proxy details you submit are processed on our servers to perform the requested action.
• Online SMS — may retrieve publicly available numbers through third-party services.

Do not submit sensitive personal data, credentials, or confidential information unless you understand and accept that it will be processed by the relevant feature.

5. Legal Bases for Processing (GDPR)

Where GDPR applies, we rely on the following legal bases:

• Legitimate interests (Art. 6(1)(f)) — operating, securing, and improving the website; measuring aggregated traffic; preventing abuse; maintaining server logs for diagnostics.
• Performance of a service you request (Art. 6(1)(b)) — processing data you voluntarily submit when using a server-backed tool (e.g. creating a note, shortening a URL, translating text).
• Consent (Art. 6(1)(a)) — where applicable for non-essential cookies or analytics in jurisdictions that require consent. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
• Legal obligation (Art. 6(1)(c)) — where we must retain or disclose information to comply with applicable law.

6. Cookies & Local Storage

6.1 Cookies

We use a minimal set of cookies and similar technologies necessary to operate and measure the site:

• Google Analytics — helps us understand aggregate page views and usage patterns. We configure IP anonymisation where supported. Google may set cookies such as _ga. See Google's Privacy Policy.
• Cloudflare Turnstile — used on certain features to distinguish legitimate visitors from automated abuse. Cloudflare may set cookies or use browser storage as part of verification.

We do not use advertising cookies or cross-site tracking for marketing purposes.

6.2 Local storage

Your browser's local storage may hold preferences and convenience data, including:

• Theme and accent colour settings
• Meeting planner layout or time-zone selections
• Temporary inbox identifiers for Temp Mail
• Locally saved edit/delete tokens for notes or short links you created on this device

This data remains on your device unless you clear site data in your browser. We cannot access your local storage remotely.

7. Third-Party Processors & Services

We use trusted infrastructure and service providers to host and operate Dokall. Depending on the feature you use, data may be processed by:

• Cloudflare — website hosting, CDN, security, and Turnstile bot protection (Privacy Policy)
• Google Analytics — aggregated website analytics (Privacy Policy)
• External APIs — certain tools contact third-party services (for example, link metadata fetchers, translation or AI providers, SMS number directories, or video resolution services) solely to fulfil your request.
• Content delivery networks — some UI assets (such as country flag images) may be loaded from external CDNs when you view specific tools.

When you follow links to third-party websites from Dokall, their own privacy policies apply. We are not responsible for the practices of external sites.

8. Data Retention

We apply data minimisation and retention limits wherever server storage is involved:

• Temp Mail — inboxes and messages are temporary and expire after approximately one hour, after which they are deleted.
• Quick Notes & OneLink / short links — stored content is automatically removed after approximately 90 days, unless deleted earlier.
• Server logs & security records — retained only as long as reasonably necessary for security, troubleshooting, and legal compliance, then deleted or anonymised.
• Analytics data — retained according to Google Analytics configuration and our internal reporting needs, typically in aggregated form.
• AI / translation requests — processed to fulfil the request; we do not use your submissions to build user profiles. Retention of logs, if any, is limited to operational and abuse-prevention purposes.

Content stored only in your browser persists until you clear site data or uninstall your browser profile.

9. International Transfers

Dokall is operated using global cloud infrastructure. If you access the site from the EEA, UK, or Switzerland, your data may be transferred to countries that do not provide the same level of data protection, including the United States.

Where required, we rely on appropriate safeguards such as the provider's standard contractual clauses or equivalent mechanisms offered by infrastructure partners including Cloudflare and Google.

10. Security

We implement reasonable technical and organisational measures to protect information processed through Dokall, including HTTPS encryption, access controls on infrastructure, and abuse prevention on sensitive endpoints.

No method of transmission or storage is completely secure. Because many tools run client-side, your sensitive input often never leaves your browser — but you should still avoid submitting secrets, private keys, or confidential data unless necessary and you trust the specific feature involved.

11. Your Rights (EEA / UK / Switzerland)

Subject to applicable law, you may have the following rights regarding your personal data:

• Access — request confirmation of whether we process your data and obtain a copy.
• Rectification — request correction of inaccurate data.
• Erasure — request deletion where processing is no longer justified.
• Restriction — request limited processing in certain circumstances.
• Portability — receive data you provided in a structured, machine-readable format, where applicable.
• Objection — object to processing based on legitimate interests.
• Withdraw consent — where processing is based on consent.

To exercise these rights, email privacy@dokall.com. We may need to verify your request. We will respond within the timeframe required by applicable law (generally one month under GDPR).

You also have the right to lodge a complaint with your local data protection supervisory authority if you believe our processing violates applicable law.

12. Children

Dokall is intended for general developer and professional use. We do not knowingly collect personal data from children under 16 (or the minimum age required in your country). If you believe a child has provided personal data through a server-backed feature, contact us and we will take appropriate steps to delete it.

13. Automated Decision-Making

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our tools, legal requirements, or operational practices. The “Last updated” date at the top indicates when the policy was last revised. Material changes will be posted on this page. Continued use of Dokall after an update constitutes acceptance of the revised policy where permitted by law.