Privacy Policy

Introduction

Exposurix ("we", "our", or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cybersecurity toolkit service.

Information We Collect

Information You Provide

• Account Information: Email address, username, full name
• Payment Information: Processed securely through third-party payment processors (we do NOT store credit card details)
• Monitored Data: Email addresses you choose to monitor for breaches

Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on the platform
• Device Information: IP address, browser type, operating system
• Cookies: Session cookies for authentication and functionality

How We Use Your Information

We use collected information to:

• Provide and maintain our service
• Monitor your specified email addresses for data breaches
• Send you security alerts and notifications
• Improve our service and develop new features
• Prevent fraud and ensure security
• Comply with legal obligations

Data Storage and Security

• Encryption: All monitored emails are encrypted using industry-standard AES-256 encryption
• Secure Storage: Data is stored on secure servers with restricted access
• Password Protection: Passwords are hashed using bcrypt (werkzeug.security)
• HTTPS: All communications are encrypted with SSL/TLS

Data Sharing

We do NOT sell, trade, or rent your personal information. We may share data only in these circumstances:

• Service Providers: Third-party services that help operate our platform (hosting, payment processing)
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In the event of a merger, acquisition, or sale of assets

Your Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Export: Download your data in a portable format
• Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at: privacy@exposurix.com

Data Retention

• Active Accounts: Data retained as long as your account is active
• Deleted Accounts: Data permanently deleted within 30 days of account deletion
• Legal Compliance: Some data may be retained longer if required by law

Cookies

We use cookies for:

• Authentication (session management)
• User preferences
• Analytics (aggregated, non-personal data)

You can disable cookies in your browser settings, but this may limit functionality.

Third-Party Services

Our service integrates with:

• Payment Processors: PayPal, NOWPayments (subject to their privacy policies)
• Breach Database: HaveIBeenPwned API (k-anonymity — your email is never sent in full)
• Hosting: Render.com, Cloudflare (encrypted data storage)

International Users

If you access Exposurix from outside Canada:

• Your data may be transferred to and stored in Canada
• By using our service, you consent to this transfer
• We comply with applicable data protection laws (GDPR, PIPEDA)

Children's Privacy

Exposurix is not intended for users under 18. We do not knowingly collect information from children. If we discover such data, we will delete it immediately.

Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the service after changes constitutes acceptance.

Contact Us

For privacy-related questions or concerns:

Email: privacy@exposurix.com
Response Time: Within 48 hours