Privacy Policy

For your safety, please read this entire Privacy Policy before accessing our app/site.

Welcome to All-in-one Internet Search. Our privacy policy is simple: User privacy (and data security) is of utmost importance to us. Everything we build has user privacy and security in mind. We do not store connection logs/cookies that associate your search history/website activity to your IP. Strong encryption is used in all our products.

Privacy Disclosures

As of we state the following:

We do not use detailed tracking tools (including super cookies, malware, & Google Analytics).
We have not received any National Security letters.
We have not received any gag orders.
We have not received any warrants from any government organization.
We comply with General Data Protection Regulation (GDPR) (EU).

Although we have a strict policy of not logging data, when accessing our website you may connect to the following services (who have their own privacy policies): Google, Bing, Twitter, Wikipedia, Reddit, TradingView, and Cloudflare (our CDN). There could be more based on which service you are accessing, including news feeds. Installing Privacy Badger (EFF), HTTPS Everywhere (EFF), and Ghostery extensions can help you get more detail on this.

Although we make every effort to protect your privacy, there are some circumstances where it is impossible (this is the nature of the Internet). Therefore, we suggest you change your IP/DNS (as well as install cookie blocking tools etc.) to conceal your identity. You could be concerned about these parties (or a rogue entity) collecting data including IPs and trying to intercept/monitor your communications. Please visit the following privacy guide to try to secure your device. There is no guarantee that these tools will work for you (they are not developed by us) so be sure to study how they function and use your best judgment.

Do not download software from websites which claim you have malware and that you need to install their software to remove it. This is a scam and their software is actually malware. We highly recommend Malwarebytes and CCleaner. We are developing our own offerings/services to help secure your connection and protect your privacy. Check our websites for any updates.

AIOIS Advertising & Privacy

We do not use targeted advertisements. Advertisements appear throughout the Website, independent of content. All advertisements (that we deploy, not including advertisements introduced by third-party widgets) are 300x250 images in a clearly defined carousel. Advertisers do not have access to the web pages you visit, your device details, or your search activity. Only after taping the relevant advertisement can our advertisers deploy any cookies. Cookies are only used (with varying expiration dates) so that we can be compensated for any purchases you make through our participating sponsors. All advertisers are thoroughly vetted for compliance with our strict privacy requirements.

AIOIS TV & Privacy

We use various video apps/sites to serve videos. This could include YouTube, Vimeo, IHR, and more. These videos are not loaded (with related scripts and possibly cookies) until you tap the relevant station button. We use youtube-nocookie for all YouTube videos.

AIOIS Finance & Privacy

We use TradingView and widgets. These widgets include Google Analytics code on the URLs you visit. You may block these widgets at any time.

AIOIS Sports & Privacy

Sports scores are displayed on sports URLs in an iframe from the unogoal sports website. You may block this iframe at any time.

AIOIS Entertainment & Privacy

We display YouTube youtube-nocookie videos.

AIOIS Wire & Privacy

YouTube videos and PodCasts are embeded in articles. Images are loaded via temporary proxy.

AIOIS Social & Privacy

Your may visit the feature anonymously and are not required to use your real name.

AIOIS Shop & Privacy

We do not use Google Analytics. We process any data you provide (via cookies) in forms you submit to us. You are not required to shop or purchase any items when visiting our site.

AIOIS Contact Us/Customer Support & Privacy

You may contact us anonymously. We delete any communication once support has been provided and your support ticket is closed.

AIOIS Paste & Privacy

Your notes are encrypted and deleted on the date you request.

AIOIS Anonymous Proxy & Privacy

Logs are deactivated.

AIOIS What is my IP? & Privacy

Your IP is resolved via third party widget. Link to source within widget.

AIOIS Dashboard & Privacy

Our news widget carousels save (if used) non-PII data (by design) in LocalStorage in your browser cache. This might include the word of the related feed you last accessed or "locked." This can be easily removed by clearing your browser cache.

What information do we collect?

Your privacy is important to us. We collect information from you when you register on our site, place an order, subscribe to our newsletter or fill out a form. We do not associate search activity to IP addresses, we take measures to make it difficult for anyone to track you, and we do not sell any information we obtain from you to third parties.

When ordering or registering on our site, as appropriate, you may be asked to enter your: name, e-mail address, mailing address, phone number or credit card information. You may, however, visit our site anonymously.

Application Layer: Your IP is not exposed to our search service provider (Google - via JavaScript) until you tap the search button. You may browse the search results anonymously by obscuring your IP/DNS via Tor + VPN. All other data presented to you (not including widgets) is retrieved anonymously (your IP is not exposed to the data providers for everything besides external images you allow to be displayed) - including All-in-one Live Type and All-in-one Search Ideas. This does not preclude the data providers from harvesting your actual search terms (which is a common privacy issue with all privacy search engines today), including Google/Wikipedia/Reddit. Remote images that you request (via our site) cannot be guaranteed to be fully secured although they are requested securely via https. There could be bugs ONLY in the Google search script (that we uncovered and Google has not patched) that we use that could cause random unsecured images in the search results from the URLs appearing in those results. An example would be searching with a query that results in ESPN URLs with images being displayed. HTTPS Everywhere can relieve such issues. If we were to proxy such images we would have to save them in a data center, possibly creating new security and privacy risks for you - therefore you remain in control of how you want to display images. To alleviate many of these issues, as stated earlier, you may use Tor + VPN + our enhanced privacy search feature or our anonymous proxy feature.

  • Input Sanitization Enabled

  • SQL Injection Protection Enabled

  • XSS Protection Enabled

  • Remote File Inclusion Protection Enabled

  • Computer Security Incident Response Team (CSIRT) on Alert

  • Incident Response Plan (IRP) Completed (following the SANS Institute guidelines of preparation, identification, containment, eradication, recovery, lessons learned) as well as additional contingency plans

  • Black Hat Penetration Testing

  • Established Adversary Research, Competitor Benchmarking and Security Research Teams

  • Front-end and Back-end Security Scans Enabled

    Network Layer: The Website uses the full (strict) SSL/TLS setting with HTTP Strict Transport Security (HSTS, RFC 6797) ("Full SSL (strict): Your origin has a valid certificate (not expired and signed by a trusted CA or Cloudflare Origin CA) installed. Cloudflare will connect over HTTPS and verify the cert on each request.") Our CDN (Cloudflare) does have access to your IP as well as your search terms as a result of having access to the visited URLs for network security purposes (Cloudflare's data retention policy). Therefore, if privacy is of utmost importance to you we recommend changing your IP.

  • HTTP Strict Transport Security (HSTS, RFC 6797) Enabled: Status: On / Max-Age: 12 months / Include subdomains: On / Preload: On / No-sniff: On / "HTTP Strict Transport Security (HSTS, RFC 6797) is a header which allows a website to specify and enforce security policy in client web browsers. This policy enforcement protects secure websites from downgrade attacks, SSL stripping, and cookie hijacking. It allows a web server to declare a policy that browsers will only connect using secure HTTPS connections, and ensures end users do not "click through" critical security warnings. HSTS is an important security mechanism for high security websites. HSTS headers are only respected when served over HTTPS connections, not HTTP."

  • Authenticated Origin Pulls Enabled: TLS client certificate presented for authentication on origin pull.

  • Minimum TLS Version Enabled: TLSv1.2 with support for TLSv1.3+0RTT
    "TLS 1.3 is the newest, fastest, and most secure version of the TLS protocol. SSL/TLS is the protocol that encrypts communication between users and your website. When web traffic is encrypted with TLS, users will see the green padlock in their browser window. By turning on the TLS 1.3 feature, traffic to and from your website will be served over the TLS 1.3 protocol when supported by clients." Please note that the padlock symbol in your browser window for external websites you visit never indicates the websites trust/authenticity level, only that the connection between you and the server is encrypted. It also does not denote whether the server is using Full (no cert checking) or Strict (cert is checked) mode of SSL. We use the strict mode. The benefit of using strict mode for TLS/SSL is that it prevents man in the middle attacks.
    "0-RTT is a feature that improves performance for clients who have previously connected to your website. It allows the client's first request to be sent before the TLS connection is fully established, resulting in faster connection times."

  • Opportunistic Encryption Enabled: "Opportunistic Encryption allows browsers to benefit from the improved performance of HTTP/2 by letting them know that your site is available over an encrypted connection. Browsers will continue to show "http" in the address bar, not "https"."

  • Perfect Forward Secrecy (PFS) Enabled (View our latest Qualys SSL Labs report):
    Forward Secrecy Yes (with most browsers) ROBUST
    ssl_ecdh_curve X25519:P-256:P-384:P-224:P-521;
    ssl_prefer_server_ciphers on;

  • Secure Google Results (powered by Google) Retrieved With Strong Protocol (QUIC) Enabled (View Secure Google Results Qualys SSL Labs report):
    Forward Secrecy Yes (with modern browsers)
    Authenticated using QUIC (a strong protocol)
    Google Internet Authority G3 (issuer)
    X25519 (a strong key exchange)
    AES_128_GCM (a strong cipher)
    sha256RSA (signature algorithm)
    sha256 (signature hash algorithm)
    ECC (256 Bits public key)
    ECDSA_P256 (public key parameters)

  • Advanced Onion Routing for Tor Enabled
    "Onion Routing allows routing traffic from legitimate users on the Tor network through Cloudflare's onion services rather than exit nodes, thereby improving privacy of the users and enabling more fine-grained protection. When this setting is enabled, the response to HTTPS requests coming from the Tor Browser will include an "alt-svc" header containing the address of one or more onion services operated by us. The Tor Browser establishes a Tor circuit with one of our onion services and, after a verification step by the browser, the subsequent requests will be routed through the onion service instead. This allows us to distinguish individual circuits and only challenge circuits that show unusual behavior, while keeping users' anonymity intact."

  • Automatic HTTPS Rewrites Enabled: Fixes mixed content by changing "http" to "https" for all resources or links

  • Always use HTTPS Enabled: "Redirect all requests with scheme "http" to "https". This applies to all http requests to the zone."

  • Firewall Security Level High Enabled: Blocks data harvesting bots / additional firewalls and protections in place

  • Browser Integrity Check Enabled: "Evaluate HTTP headers from your visitors browser for threats. If a threat is found a block page will be delivered. Browser Integrity Check looks for requests with HTTP headers commonly used by spammers, bots, and crawlers such as requests with a missing or non-standard user agent. If a threat is found, Cloudflare will present a block page."

  • Challenge Passage Enabled: 5 Minutes
    "Specify how long a visitor with a bad IP reputation is allowed access to your website after completing a challenge. After the Challenge Passage TTL expires the visitor in question will have to pass a new Challenge."

  • Always Online Enabled
    "If your server goes down, Cloudflare will serve your website's static pages from our cache."

  • Unmetered DDoS Mitigation Enabled: "Cloudflare will stand in front of your website regardless of attack size or duration."

  • Under Attack Mode Available: Helps mitigate DDoS attacks (unmetered)

  • HTTP/2 + IPv6 or IPv4 Enabled:
    HTTP/2 improves page load times by:
    "Connection multiplexing: Multiple resources can be retrieved in a single network request. Responses are sent when resources are available (sometimes out of order), to avoid slowing down page rendering. HTTP header compression: HTTP requests are simplified to avoid resending headers, and compression is applied to headers that must be sent. HTTP/2 Server Push: Allows Cloudflare to provide content to clients without waiting for a request. This can improve the time to retrieve a resource by "pushing" the responses it thinks the client will need into its cache."
    "Enable IPv6 support and gateway / IPv6 Compatibility"

  • Brotli Compression Enabled:
    Speed up page load times for your visitor's HTTPS traffic by applying Brotli compression.

  • Auto Minify Enabled:
    Reduces file sizes

    What do we use your information for?

    Any of the information we collect from you may be used in one of the following ways:

    🔒 To personalize your experience
    Your information helps us to better respond to your individual needs.

    🔒 To improve our website
    We continually strive to improve our website offerings based on the information and feedback we receive from you.

    🔒 To improve customer service
    Your information helps us to more effectively respond to your customer service requests and support needs.

    🔒 To process transactions

    Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.

    🔒 To send periodic emails

    The email address you provide may be used to send you information, respond to inquiries, and/or other requests or questions.

    Note: If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.

    How do we protect your information?

    We use encryption and firewalls to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.

    Do we use cookies?

    Yes, but not for tracking purposes. Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

    We use cookies to help us remember and process the items in your shopping cart and understand and save your preferences for future visits.

    You may notice a __cfduid cookie during your browsing sessions on the Website. This cookie is set by our CDN, Cloudflare, as a security feature. It does not store any personally identifiable information and remembers if you completed a captcha so that you do not need to keep doing so.

    The cookies we use in our online shopping store are available on the privacy and cookies policy on that URL.

    Do we disclose any information to outside parties?

    We are incorporated on an island nation, we do not store connection logs, and we cannot be compelled to hand over data we do not have. We do maintain security logs to block spammers or those trying to interfere with our availability. We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.

    Terms and Conditions

    Please also visit our Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our website at Terms and Conditions

    Your Consent

    By using our site, you consent to our websites privacy policy.

    Changes to our Privacy Policy

    If we decide to change our privacy policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.

    This policy was last modified on 12/2018