N
NBR Audit Checker
How it works
Privacy-first by design

Your TIN never leaves your browser

Here's exactly what happens — step by step — when you check a TIN on this site, and what (little) data we collect.

1

You open the page

Your browser downloads the website code and the audit list (audit.json — about 87,685 TIN records published by NBR). The list is delivered as a static file from our CDN, just like an image or a stylesheet.

2

You type your TIN

The 12-digit TIN you type lives only in your browser's memory. There is no auto-save, no background sync, no 'as-you-type' API call. Nothing is transmitted while you type.

3

The match runs locally

When you press Check Status, JavaScript running on your device looks your TIN up in the list it already downloaded. No request is sent to our server with your TIN — the answer is computed entirely on your machine.

4

You see the result

Found or not found, the result is rendered locally. We never see your TIN, your result, your IP-to-TIN linkage, or anything that could identify you.

Visual: where your data goes

  ┌──────────────────────────────┐
  │     Your browser (you)       │
  │                              │
  │   TIN: 1234•••••5678  ◄──────┼── stays here, always
  │           │                  │
  │           ▼                  │
  │   match against audit.json   │
  │           │                  │
  │           ▼                  │
  │   "Selected" / "Not selected"│
  └──────────────┬───────────────┘
                 │
                 │  (only the static files travel
                 │   over the network — never your TIN)
                 ▼
  ┌──────────────────────────────┐
  │     Our CDN / web host       │
  │   serves: HTML, JS, CSS,     │
  │           audit.json         │
  └──────────────────────────────┘

You can verify this yourself: open your browser's DevTools → Network tab, type a TIN, and press Check Status. You'll see no request carrying your TIN.

About our analytics

To understand how people use the site (e.g. how many visits, how many lookups happen), we run a small, self-hosted analytics instance — not Google Analytics, not Meta Pixel, no third-party trackers.

  • Hosted by me personally on agent-analytics.asif.dev — data never goes to a third party.
  • No cookies. No fingerprinting. No cross-site tracking.
  • No personal data. We never log your TIN, your name, or your IP linked to any lookup.
  • What we do count: anonymous page views and how many times the "Check Status" button is pressed (without the TIN).

The tech, briefly

Frontend
React + TanStack Start
Hosting
Edge CDN (static files)
Database
Single audit.json file in your browser
Analytics
Self-hosted, cookieless
Source data
NBR press release (28 Apr 2026)
Backend lookups
None — 100% client-side
← Back to TIN Checker