Legal · Privacy

Privacy Policy

Last updated: May 2026 · Effective immediately · dua9.online

Short version: We don't require accounts. We don't sell your data. Your API keys never leave your browser session. We use Google Analytics and Google AdSense — industry-standard tools that set cookies as described below.

Contents

Who We Are
Data We Collect
API Keys & Credentials
Cookies & Tracking
Advertising (Google AdSense)
Third-Party Services
Data Security
Children's Privacy
Your Rights
Contact

1. Who We Are

dua9.online ("we," "us," "our") provides a growing suite of free AI-powered tools for content writers, digital marketers, and Pinterest creators. We are committed to being transparent about how we handle data — primarily because we collect very little of it.

This Privacy Policy applies to all pages and tools hosted at dua9.online and its subdomains.

2. Data We Collect

2.1 Information You Provide

Contact form: When you submit our contact form, we collect your name, email address, and message. We use this data only to respond to your inquiry and do not add you to mailing lists.
API keys: Certain tools request third-party API keys. See Section 3 for full details — these are handled with strict privacy protection.

2.2 Automatically Collected Data

Server logs: Our hosting provider (Hostinger) collects standard server-side logs: IP addresses, request URLs, browser type, and timestamps. This data is used for security and performance monitoring.
Analytics: We use Google Analytics (with IP anonymization) to measure site traffic, popular tools, and visitor flows. Data is aggregated — we cannot identify individual users.
Advertising: Google AdSense uses cookies and similar technologies to serve relevant ads. See Section 5 for details.

3. API Keys & Your Credentials

Several tools require you to provide your own API key from Anthropic, Groq, Replicate, or OpenAI. Here is exactly how we handle them:

Browser session storage only: Keys are stored in sessionStorage — not cookies, not localStorage, and not any server database. Session storage is automatically and completely erased when you close your browser tab.
Not logged by our servers: When tools use a server-side relay (e.g., our Replicate proxy to bypass browser CORS restrictions), your API key is passed per-request in the HTTP Authorization header and is immediately discarded — never written to disk or any log.
Isolation between visitors: No visitor's API key is ever accessible to any other visitor. Each browser session is fully isolated.
Your recommendation: We recommend creating dedicated API keys for use on web tools and setting monthly spending limits through your provider's dashboard.

4. Cookies & Tracking Technologies

We use the following categories of cookies:

Strictly necessary: Required for basic tool functionality. No personal data collected.
Analytics (Google Analytics 4): Measures aggregate traffic patterns. IP addresses are anonymized. Opt out at Google Analytics Opt-out.
Advertising (Google AdSense): Used for ad personalization and measurement. Managed by Google — see Section 5.

You can manage or delete cookies at any time via your browser settings. Disabling advertising cookies does not disable ads — it makes them less relevant to you.

5. Advertising — Google AdSense

dua9.online displays advertisements served by Google AdSense. Google uses cookies (including the DoubleClick cookie) and web beacons to serve ads based on your interests and prior browsing activity.

Opt out of personalized ads: Visit Google Ads Settings or use the Ad personalization controls.
Industry opt-outs: aboutads.info or the NAI consumer opt-out.
EEA/UK users: A consent mechanism is displayed before advertising cookies are set.
What we don't do: We do not sell your data to advertisers, and we have no direct access to the data Google collects for ad-serving purposes.

Review Google's full data practices: Google Privacy Policy and Google Advertising Policies.

6. Third-Party Services

When you use tools powered by third-party AI APIs, your prompts and content are sent to those services under their own terms:

Anthropic Privacy Policy
Groq Privacy Policy
Replicate Privacy Policy
OpenAI Privacy Policy
Google Fonts (typography — may collect request data)
Hostinger Privacy Policy (web hosting)

7. Data Security

We implement appropriate technical and organizational measures to protect against unauthorized access, alteration, disclosure, or destruction of data:

All connections to dua9.online use HTTPS (TLS encryption)
We store no passwords, payment information, or sensitive personal data
Server access is restricted and monitored
API keys exist only in users' own browser sessions

8. Children's Privacy

dua9.online is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has submitted personal information to us, contact us at legal@dua9.online and we will delete it promptly.

Users aged 13–18 should obtain parental consent before using AI-powered tools, which may be subject to their own age restrictions.

9. Your Rights & Choices

Depending on your jurisdiction, you may have rights including access, correction, deletion, and data portability. To exercise any right, contact us at legal@dua9.online.

California (CCPA): We do not sell personal information. You have the right to know what we collect and to request deletion.
EEA/UK (GDPR): Our lawful basis for analytics is legitimate interest. You have the right to object and to lodge complaints with your Data Protection Authority.
All users: You can opt out of analytics and advertising cookies as described in Sections 4 and 5.

10. Contact

Privacy questions, requests, or concerns: legal@dua9.online

We aim to respond within 5 business days. For general questions, use our contact form.