Privacy Policy
Effective date: June 6, 2026
This policy explains how VibeSec Advisory handles data for a public research site, Skill Library, newsletter, downloads, and optional workspace features.
01.What We Collect
If you browse the site, we may receive basic request metadata such as IP address, user agent, requested URL, timestamp, and security logs through hosting and security providers.
If you subscribe, download a resource, or use an optional workspace feature, we collect the information needed for that action, such as email address, download metadata, and workspace selections.
We do not ask for sensitive company secrets, credentials, source code, regulated personal data, or private customer records through public content pages.
02.How We Use Data
We use data to operate the site, send requested updates, deliver downloads, prevent abuse, understand which public resources are useful, and improve the field guide.
The site uses first-party, privacy-preserving analytics for resource usage. No third-party tracking cookies are used, and we do not use localStorage or sessionStorage for analytics.
Download and usage records may include a user-agent class, requested resource, timestamp, and first-party event metadata. We do not use analytics cookies or embedded third-party newsletter widgets in the Skill Library download flow.
We do not sell personal information. We do not use public-site data to run a service funnel or public checkout path.
04.Service Providers
The site uses providers such as Cloudflare for hosting and security, Substack or email infrastructure for newsletter delivery, Stripe only if legacy payment records need to be reconciled, and first-party endpoints for downloads and optional workspace features.
Service providers process data only as needed to operate the site, secure it, deliver requested resources, or comply with law.
Where GDPR and UK GDPR require transfer safeguards, VibeSec Advisory relies on provider data-processing terms, including Standard Contractual Clauses when applicable.
05.AI Processing
VibeSec Advisory may use AI tools to draft, edit, summarize, or review public content. Public content is reviewed before publication.
Do not send secrets or sensitive system details through public forms or newsletter flows.
06.Security
VibeSec Advisory uses reasonable technical and organizational safeguards for public-site data. No website can guarantee perfect security.
If you believe you found a security issue affecting the site, email security@vibesecadvisory.com with a clear description and reproduction steps.
07.Your Choices
You can unsubscribe from email updates. You can also ask to access, correct, or delete personal information associated with newsletter or download records by emailing privacy@vibesecadvisory.com.
Some records may be retained where needed for security, abuse prevention, or legal compliance.
08.Changes
This Privacy Policy may change as the site changes. The effective date at the top of the page shows when this version was last updated.
Contact
Privacy questions can be sent to privacy@vibesecadvisory.com.