Is Fing GDPR Compliant?

What is GDPR?

GDPR (the General Data Protection Regulation) is an EU regulation that came into play on the 25 May 2018. It focuses on data protection and privacy for all people within the European Union and the European Economic Area. It aims to give people control over their personal data. It also addresses the export of personal data outside the EU and EEA areas.

Is Fing GDPR Compliant?

As a company whose primary focus is on providing tools to protect against data theft, we were very happy to see a regulation like GDPR coming in. Everyone should have the right to take control over their own data.

We have done extensive legal work on reviewing our Privacy Policy and practices, not only to be in perfect compliance with the existing regulations but also to make sure that we are, at any time, completely respecting of our users’ privacy. We are fully compliant with GDPR requirements which are amongst the most stringent on the planet in respect to user privacy.

To read more about how we are privacy and security conscious, please visit our Privacy Policy and Security Principles.

What About Public IP Addresses?

We have been asked about the Fing App’s requirement of device public IP addresses and compliance with GDPR. We don’t want our users to be in the dark about the way we operate, so we have written in detail about this topic below.

The Fing App receives the Public IP address from the originating scanning device and enriches it with publicly available information in order to deliver the data back to the user in a readable format in the App. This practice is clearly covered by section II of our Privacy Policy.

The enrichment of Public IP addresses is performed by an external service called GeoIP, used by developers all over the world. This service does not provide the location of the user, but the publicly available information of the ISP the user is connected to. It is used, in our case, to show to the end-user of the Fing App information such as: what their public IP address is, who and where is their Internet Service Provider and whether their Internet connection is indeed working.

None of the above-mentioned information is considered Personally Identifiable Information by existing regulations. A public IP address cannot lead on its own to personally identify a user, unless it is combined with specific personal information that you would have to explicitly provide to us, for instance, when creating a Fing Account (for reference, Article 4 of GDPR).

When you create a Fing Account with us, we require you to read accept our Terms of Service and Privacy Policy. Even in this case, as we indeed care a lot about our users’ privacy and security; we don’t just comply to the security standard, we always try to exceed them and stay ahead of the curve in these matters.

If you have any specific concerns please do not hesitate to reach out to us at

Was this article helpful?

Related Articles