ThreatInsights (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Intelligence Sharing Platform.

1. Information We Collect

Personal Information

When you register for an account, we collect:

• Name: Your full name for identification and communication
• Email Address: For account access and communications
• Company Name: Your organization’s name
• Password: Encrypted credentials for account security

Usage Information

We automatically collect certain information when you use the Platform:

• IP address and device information
• Browser type and version
• Pages visited and features used
• Time and date of access
• API usage and feature interactions

Threat Intelligence Data

Content you submit to the Platform, including:

• Threat intelligence reports
• Indicators of Compromise (IoCs)
• Comments and community contributions
• CVE analyses and breach checks

2. How We Use Your Information

Service Delivery

• Provide and maintain the Platform
• Process your threat intelligence submissions
• Manage your account and authentication
• Enable collaboration and information sharing

Communication and Marketing

We use your name, email address, and company name to:

• Send account-related notifications and updates
• Contact you about platform upgrades and premium features
• Provide information about the full ThreatInsights platform
• Offer enterprise solutions and customization options
• Send security alerts and important service announcements

Analytics and Improvement

• Analyze platform usage and performance
• Improve features and user experience
• Develop new services and capabilities
• Monitor security and prevent abuse

3. Information Sharing and Disclosure

Within the Platform

Threat intelligence you share is visible to other users based on TLP designations you select. Your name may be displayed with your contributions unless you choose to post anonymously.

Third-Party Service Providers

We may share information with service providers who assist us with:

• Hosting and infrastructure (Supabase)
• Email delivery and communications
• Analytics and monitoring
• Customer support

Legal Requirements

We may disclose information when required by law or to:

• Comply with legal obligations
• Protect our rights and property
• Prevent fraud or security issues
• Protect user safety

Business Transfers

If ThreatInsights is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit and at rest
• Secure authentication mechanisms
• Row-level security policies
• Regular security audits and monitoring
• Access controls and authentication requirements

However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Threat intelligence data may be retained longer for security research and community benefit, in accordance with TLP designations.

6. Your Rights and Choices

Access and Correction

You can access and update your account information at any time through your profile settings.

Data Deletion

You may request deletion of your account and associated data by contacting us. Some information may be retained as required by law or legitimate business purposes.

Marketing Communications

You can opt out of marketing communications about platform upgrades and premium features. However, we will still send essential service-related communications.

Anonymous Posting

You may choose to submit threat intelligence anonymously, which will hide your identity from other users.

7. Cookies and Tracking

We use cookies and similar technologies to:

• Maintain your session and authentication
• Remember your preferences
• Analyze platform usage
• Improve performance and functionality

You can control cookies through your browser settings, but disabling them may affect platform functionality.

8. Children’s Privacy

The Platform is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected such information, we will take steps to delete it.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on the Platform and updating the “Last Updated” date. Continued use of the Platform after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: