Privacy Policy
Last Updated: {{ .Date | dateFormat “January 2, 2006” }}
Overview
CVE Hub (“we,” “our,” or “us”) is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, and safeguard your information when you subscribe to our newsletter and use our website.
Information We Collect
Newsletter Subscription Information
When you subscribe to our newsletter, we collect:
- Email Address (required): Used to deliver newsletter content
- Organization (optional): Used for content personalization
- Role (optional): Used to provide relevant security insights
- Subscription Preferences: Your choices for weekly digest and critical alerts
Automatically Collected Information
- Website Analytics: We use Google Analytics to understand website usage patterns
- Technical Information: IP address, browser type, and device information for security and analytics purposes
How We Use Your Information
Newsletter Service
- Deliver weekly CVE analysis and security alerts
- Personalize content based on your role and organization
- Send critical vulnerability notifications
- Provide subscription management capabilities
Website Improvement
- Analyze website traffic and user engagement
- Improve content quality and user experience
- Monitor for security threats and abuse
Data Sharing and Disclosure
We Do Not Sell Your Information
We never sell, rent, or trade your personal information to third parties for marketing purposes.
Service Providers
We may share information with trusted service providers who assist in:
- Email delivery services
- Website analytics
- Security monitoring
Legal Requirements
We may disclose information when required by law or to protect our rights and safety.
Data Security
Protection Measures
- Encryption: All data is encrypted in transit and at rest
- Access Controls: Limited access to authorized personnel only
- Security Monitoring: Continuous monitoring for security threats
- Regular Audits: Periodic security assessments and updates
Your Rights
Data Access and Control
- Unsubscribe: One-click unsubscribe from all communications
- Access: Request access to your personal information
- Correction: Update or correct your information
- Deletion: Request deletion of your personal data
- Portability: Request a copy of your data in a portable format
GDPR and CCPA Compliance
We comply with the European General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
Data Retention
- Active Subscribers: Information retained while subscription is active
- Unsubscribed Users: Email address retained for 30 days to honor unsubscribe requests
- Analytics Data: Aggregated analytics data retained for up to 26 months
Cookies and Tracking
Essential Cookies
We use essential cookies for:
- Website functionality
- Security features
- User preferences (theme, etc.)
Analytics Cookies
Google Analytics cookies help us understand:
- Page views and user behavior
- Popular content and features
- Website performance metrics
Third-Party Services
Google Analytics
We use Google Analytics to analyze website usage. Google’s privacy policy applies to this data collection.
Email Service Provider
Newsletter delivery is handled by secure email service providers who comply with data protection regulations.
International Data Transfers
Data may be processed in countries outside your residence. We ensure adequate protection through:
- Standard contractual clauses
- Adequacy decisions
- Other appropriate safeguards
Children’s Privacy
Our service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children.
Updates to This Policy
We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “Last Updated” date.
Contact Us
For privacy-related questions or requests:
- Email: privacy@cvehub.io
- Subject Line: Privacy Policy Inquiry
Data Protection Officer
For GDPR-related inquiries, contact our Data Protection Officer at dpo@cvehub.io.
This privacy policy is effective as of the last updated date and applies to all information collected through the CVE Hub website and newsletter service.