CipherNest

Security Tools

Privacy Policy

Your privacy is our priority. This comprehensive policy explains how we collect, use, and protect your information.

Last updated: January 18, 2026

Table of Contents

Information We Collect How We Use Information Cookies & Tracking Data Sharing & Third Parties Your Rights & Choices Data Security Measures International Data Transfers Data Retention Policies

Information We Collect

Understanding what data we gather and why

1.1 Information You Provide Directly

When you use CipherNest's services, you may provide us with certain information either directly or indirectly:

  • Account Information: If you choose to create an account, we collect your email address, username, and password hash (never stored in plain text).
  • Communication Data: When you contact our support team, we collect your name, email address, and the content of your messages.
  • Feedback & Surveys: Information you provide when participating in surveys, providing feedback, or reporting issues.

1.2 Information Collected Automatically

When you interact with our website and services, we automatically collect certain technical information:

  • Device Information: Browser type and version, operating system, screen resolution, and device characteristics.
  • Usage Data: Pages visited, time spent on pages, click patterns, and interaction with features.
  • Log Data: IP address, access times, pages requested, and HTTP response status.

1.3 Information from Third Parties

We may receive information about you from third-party services and partners:

  • Social Media Platforms: If you choose to connect your social media accounts or use social login features.
  • Analytics Providers: Aggregated usage statistics from Google Analytics and similar services.

How We Use Your Information

The purposes for which we process your data

2.1 Service Provision

We use your information to provide, maintain, and improve our services:

  • Core Functionality: Generate passwords, create QR codes, and provide security analysis tools.
  • Account Management: Manage user accounts, preferences, and saved settings.
  • Technical Support: Respond to customer inquiries and provide technical assistance.

2.2 Communication & Engagement

We use your information to communicate with you and enhance your experience:

  • Service Updates: Notify you about new features, improvements, and security updates.
  • Educational Content: Send security tips, best practices, and educational materials (with opt-out option).
  • Personalization: Customize your experience based on usage patterns and preferences.

2.3 Legal & Security Purposes

We process information to comply with legal obligations and protect our platform:

  • Security Monitoring: Detect and prevent fraud, abuse, and security threats.
  • Legal Compliance: Respond to legal requests and comply with applicable laws.
  • Platform Protection: Enforce our Terms of Service and protect user safety.

Cookies & Tracking Technologies

How we use cookies and similar technologies

3.1 Types of Cookies We Use

Essential Cookies (Required)

These cookies are necessary for the website to function properly:

  • Session Management: Maintain your login session and preferences
  • Security: Protect against CSRF attacks and ensure secure data transmission
  • Functionality: Remember your language preferences and accessibility settings

Analytics Cookies (Optional)

These cookies help us understand how users interact with our service:

  • Usage Analytics: Track page views, user flows, and feature usage
  • Performance Monitoring: Measure page load times and identify bottlenecks
  • Error Tracking: Identify and fix technical issues and bugs

Marketing Cookies (Optional)

These cookies help deliver relevant content and advertisements:

  • AdSense Integration: Display relevant advertisements based on content
  • Conversion Tracking: Measure the effectiveness of marketing campaigns

3.2 Cookie Management

You have full control over cookie settings:

  • Browser Settings: Configure cookie preferences in your browser settings
  • Cookie Banner: Manage consent preferences through our cookie banner
  • Opt-out Options: Disable non-essential cookies at any time

Data Sharing & Third Parties

When and how we share your information

4.1 When We Share Information

CipherNest is committed to protecting your privacy. We only share your information in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share information
  • Legal Requirements: When required by law, court order, or government regulation
  • Service Providers: With trusted third-party vendors who help operate our service
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

4.2 Third-Party Services

We partner with carefully selected third-party services to enhance our platform:

Google Analytics

Purpose: Website analytics and performance monitoring

Data Shared: Anonymized usage statistics, page views, user flows

Privacy Policy: Google Privacy Policy

Google AdSense

Purpose: Display relevant advertisements

Data Shared: Anonymous browsing behavior, interests (no personal information)

Privacy Policy: AdSense Privacy Policy

Cloud Infrastructure

Purpose: Secure hosting and content delivery

Data Shared: Encrypted website content and assets only

Security: SOC 2 Type II certified providers only

Your Rights & Choices

Control over your personal information

5.1 GDPR Rights (European Users)

If you're located in the European Union, you have the following rights under GDPR:

  • Right of Access: Request information about what personal data we hold about you
  • Right to Rectification: Correct inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction: Limit how we process your personal data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data for certain purposes

5.2 CCPA Rights (California Users)

If you're a California resident, you have additional rights under CCPA:

  • Right to Know: Request disclosure of personal information collected and shared
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we don't sell data)
  • Right to Non-Discrimination: Not be discriminated against for exercising CCPA rights

5.3 How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within 30 days and may require verification of your identity.

Data Security Measures

How we protect your information

6.1 Technical Security Measures

  • Encryption: All data transmission is encrypted using HTTPS/TLS 1.3
  • Client-Side Processing: Password generation happens in your browser, never on our servers
  • Secure Infrastructure: Hosted on SOC 2 Type II certified cloud infrastructure
  • Regular Audits: Continuous security monitoring and vulnerability assessments

6.2 Administrative Safeguards

  • Access Controls: Strict role-based access controls for employee data access
  • Employee Training: Regular security awareness training for all team members
  • Incident Response: Comprehensive incident response plan for security events

6.3 Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

  • Notify affected users within 72 hours of discovery
  • Provide clear information about what data was affected
  • Recommend appropriate protective actions for users
  • Report to relevant regulatory authorities as required by law

International Data Transfers

Cross-border data handling practices

CipherNest operates globally and may transfer information to countries other than your own. When we transfer personal data internationally, we ensure appropriate safeguards are in place:

7.1 Transfer Mechanisms

  • Adequacy Decisions: Transfers to countries deemed adequate by the European Commission
  • Standard Contractual Clauses: EU-approved contract clauses ensuring data protection
  • Binding Corporate Rules: Internal policies ensuring consistent data protection globally

7.2 Specific Jurisdictions

Currently, CipherNest may transfer data to the following jurisdictions:

  • United States: Primary hosting location with SOC 2 Type II certified providers
  • European Union: Content delivery network for optimal performance
  • Canada: Backup and disaster recovery services

Data Retention Policies

How long we keep your information

8.1 Retention Periods by Data Type

Account Information

Retention Period: Until account deletion or 3 years of inactivity

Purpose: Account management and security

Usage Analytics

Retention Period: 26 months (Google Analytics standard)

Purpose: Service improvement and optimization

Communication Records

Retention Period: 3 years from last interaction

Purpose: Support quality and legal compliance

Security Logs

Retention Period: 90 days (automatically purged)

Purpose: Security monitoring and threat detection

8.2 Data Deletion

When you request account deletion or data removal:

  • All personal data is permanently deleted within 30 days
  • Backups containing your data are overwritten within 90 days
  • You'll receive confirmation when deletion is complete

Contact Us

Questions about this Privacy Policy or our data practices?

Data Protection Officer

contact@ciphernest.online