Legal

Privacy Policy

Last updated: January 2025 · Effective immediately upon publication.

1. Who We Are

Security Cyber is a student-founded offensive security practice operated by Charlie Collins, based in the United Kingdom. Website: securitycyber.uk. Contact: charlie@securitycyber.uk

2. What Data We Collect

This website does not collect personal data automatically beyond what is standard in web server infrastructure. Specifically:

  • Contact form submissions — name, organisation or project, email, and message content you voluntarily submit via our contact form. This is processed to respond to your enquiry.
  • Cloudflare analytics — Security Cyber uses Cloudflare Pages hosting, which may collect anonymised, aggregated traffic data (page views, country, browser type). This data does not identify individuals and is not shared with Security Cyber in personally identifiable form.
  • Google Analytics — this site loads Google Analytics to understand broad site usage. Google may set analytics cookies or collect usage signals according to its own privacy policy.
  • Live feed data — the CVE and news feeds are fetched in your browser from public source APIs where available (NIST NVD, CISA, and public RSS feeds). If a source blocks browser access, the page shows a clear feed-status card rather than a blank area.
  • Local storage — we store a single boolean (sc_cookie_ok) in your browser's localStorage to remember your cookie consent preference. This never leaves your device.

3. How We Use Your Data

  • Contact form submissions are used solely to respond to your enquiry.
  • We do not sell, rent, or share personal data with any third parties for marketing purposes.
  • We do not build profiles or engage in behavioural advertising.

4. Data Storage & Security

Contact form submissions are processed by our own Cloudflare Worker and stored in a private Cloudflare D1 database. Data is transmitted securely over HTTPS. We retain enquiry data only as long as necessary to respond and for reasonable follow-up.

5. Cookies

This site stores a localStorage consent preference and also loads Google Analytics, which may set analytics cookies. It does not use advertising cookies or behavioural advertising profiles.

6. Third-Party Tools

This site integrates the following third-party services whose own privacy policies apply:

  • Cloudflare — hosting, CDN, DNS, and serverless Worker processing
  • Google Analytics — aggregated site usage measurement
  • NIST / CISA — CVE feed data is fetched from their public APIs
  • Resend — transactional email delivery for contact form notifications

7. Your Rights (UK GDPR)

Under UK GDPR, you have the right to:

  • Request access to personal data we hold about you
  • Request correction or erasure of your data
  • Object to processing in certain circumstances
  • Lodge a complaint with the ICO: ico.org.uk

To exercise any of these rights, contact: charlie@securitycyber.uk

8. Children

This website is not directed at children under the age of 13. We do not knowingly collect personal data from minors.

9. Changes to This Policy

We may update this policy from time to time. The date at the top of this page will reflect the most recent revision. Continued use of the site after changes constitutes acceptance.

10. Contact

Questions about this policy? Reach us at charlie@securitycyber.uk or via the contact form.

We use cookies. Privacy policy.