Privacy Policy

Our project is part of the Open Worldwide Application Security Project (OWASP). This privacy policy will explain how our project uses the personal data we collect from you when you use our website.

Topics:

What data do we collect?

Our project collects the following data:

How do we collect your data?

You directly provide our project with the data we collect when you browse our website.

How will we use your data?

Our project collects your data so that we can:

We rule out any sharing of your data with anybody outside our project.

How do we store your data?

Our site securely stores your IP address in access_log files (this log is destroyed after 28 days). Your anonymized IP address and browser information are stored long-term in a self-hosted Matomo database.

What are your data protection rights?

Our project would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access - You have the right to request copies of your personal data. We may charge you a fee for this service.

The right to erasure - You have the right to request that we erase your personal data, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at [email protected].

How do we use cookies?

Our project uses cookies to understand how our users use our website. We use it to focus our resources on the most important content, keeping in mind the popular browsers and devices used by our visitors.

Subprocessors

Changes to our privacy policy

Our project keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 6 December 2021.

How to contact us?

If you have any questions about our project’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, then please understand that we’re a volunteer driven project trying to write rules to protect our users from malicious attacks. That is our priority. But feel free to contact us and we’ll make sure we have a response for you in due time.

Please email us at [email protected].

How to contact the appropriate authority?

Should you wish to report a complaint or if you feel that our project has not addressed your concern in a satisfactory manner, you may contact the authorities.

Please pick one country’s privacy authority as you see fit.