What This Is About

We built CVE Brief to help security professionals stay informed about critical vulnerabilities. This page explains what information we collect, why we need it, and how we protect your privacy.

The short version: We only collect what we need to make the service work well, and we never sell your information to anyone.

Information We Collect

What You Give Us

• Your Email: If you subscribe to our newsletter, we'll use your email to send you daily vulnerability updates.
• Messages: If you contact us with questions or feedback, we'll keep a record of our conversation.

What We Automatically Track

• How You Use the Site: We use Google Analytics (only with your permission) to see which pages are popular, how long people stay, and which CVEs get the most attention. This helps us make the site better.
• Your Preferences: We remember if you prefer light or dark mode, which CVEs you've starred, and which ones you've dismissed. This stays on your device and makes your experience smoother.
• Basic Tech Stuff: Your browser type, device info, and IP address - the usual web analytics stuff.

What We Do With Your Information

Pretty simple - we use it to:

• Send you the daily CVE briefings you signed up for
• Figure out what's working and what isn't on the site
• Remember your preferences so you don't have to reset them every time
• Let you know about important service updates (we won't spam you)
• Keep the site secure and running smoothly

Who Else Gets to See Your Info

We work with a few other companies to make CVE Brief work:

• Google Analytics: Helps us understand how people use the site so we can make it better. We only share this data if you say it's okay through that consent popup.
• Usercentrics: The company that handles that consent popup you see. They make sure we're following privacy laws properly.
• Email Services: We'll use email companies like SendGrid or Mailgun to actually send your newsletters (when we launch that feature).

When We Might Share Your Information

We don't sell your information to anyone, period. The only times we'd share it:

• Service Providers: The companies listed above that help us run the site
• Legal Stuff: If we're legally required to share it, or if someone's doing something harmful and we need to protect ourselves or others

How We Keep Your Info Safe

Security is obviously important to us (we're a security news site!). Here's what we do to protect your information:

• Everything is encrypted when it travels between your browser and our servers
• We store data securely and only let authorized people access it
• We regularly check our security and keep everything updated
• Only people who actually need access to your info get it

Your Rights (The Good Stuff)

You're in control of your information. Here's what you can do:

• See Your Data: Ask us what information we have about you
• Fix Mistakes: Tell us if something's wrong and we'll correct it
• Delete Everything: Want us to forget you exist? Just ask
• Unsubscribe: Stop getting emails anytime with one click
• Take Your Data: Want to move to another service? We'll help you export your data

About Cookies and Tracking

When you first visit CVE Brief, you'll see a popup asking about cookies. Here's what that's all about:

What We Track:

• Essential Stuff: Things like remembering if you prefer dark mode and which CVEs you've starred. We need these to make the site work properly.
• Analytics: Google Analytics helps us see which parts of the site people use most. We only turn this on if you say yes.
• Your Settings: We save your preferences right on your device so you don't have to set them every time.

Changing Your Mind: You can update what you're okay with anytime. Look for the consent settings or just clear your browser cookies if you want to start fresh.

One Site Only: Our consent setup only works for cvebrief.com. If we ever add other domains, you might see the popup again.

How Long We Keep Your Info

We don't hoard data. We keep your email until you unsubscribe or ask us to delete it. Everything else gets cleaned up when it's no longer useful.

Where Your Data Goes

Since we use services like Google Analytics, your data might travel to other countries. Don't worry - we make sure it's protected wherever it goes.

Kids and Privacy

CVE Brief is made for security professionals, not kids. We don't knowingly collect information from anyone under 13.

When This Policy Changes

If we need to update this policy, we'll post the new version here and update the date at the top. We're not going to email you about privacy policy changes - who likes that spam?

Questions?

If you have questions about privacy or want to exercise any of your rights, just reach out:

• Email: [email protected]
• Website: cvebrief.com

We'll get back to you as soon as we can.