Data handling principles
Aerod should be built around four rules:
- Run locally when practical. Browser and device checks should execute client-side when a server is not required.
- Use network data only when needed. IP and routing checks require a request, but they do not require turning the result into a user profile.
- Avoid invasive analytics by default. Aggregate measurement is acceptable; user-level surveillance is not aligned with the brand.
- Explain limitations. A privacy tool should explain what it can see, what it cannot see, and what the result means.
Browser checks
Browser checks can involve signals such as user agent data, viewport size, language, timezone, storage behavior, canvas, WebGL, audio, permissions, and other browser APIs.
Aerod should treat those checks as diagnostic information. The result should be shown to the user and explained clearly. Raw browser fingerprints should not be stored by default.
IP and network checks
An IP check may process the IP address visible to Aerod, request headers, network owner, ASN, approximate region, and connection indicators.
That information is necessary for the tool to work. It should not be used to create a persistent identity profile by default.
Affiliate redirects
The /go/<slug> redirect system is designed to keep provider links clean and maintainable. Redirect data should be stored in the repository as structured link data. If click counts are added later, they should be anonymous and aggregate unless a stronger reason is documented.
Logs and debugging
Cloudflare and other infrastructure may create operational logs to serve the site, protect against abuse, and debug deployment issues. Aerod should keep operational logging proportional to those purposes.
Future changes
If Aerod later adds accounts, saved reports, email subscriptions, comments, or advanced analytics, this page and the Privacy Policy should be updated before those features are enabled.