Privacy Policy

Last updated: January 15, 2024

Privacy Overview

At Telecom CVEs, we are committed to protecting your privacy while maintaining the highest standards of security research and vulnerability disclosure.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our telecommunications vulnerability database and related services. We understand that security researchers and organizations trust us with sensitive information, and we take this responsibility seriously.

Our platform is designed with privacy-by-design principles, ensuring that your personal information is protected while enabling critical security research that protects global telecommunications infrastructure.

Information We Collect

  • Account information (email, name, organization) when you register
  • Vulnerability submissions and research contributions
  • Usage analytics and platform interaction data
  • Communication records when you contact our support team
  • Technical information like IP addresses and browser details

How We Use Your Information

  • To provide and improve our vulnerability database services
  • To verify and validate security vulnerability submissions
  • To communicate important security updates and notifications
  • To conduct security research and threat intelligence analysis
  • To comply with legal obligations and coordinate with law enforcement

Data Protection Measures

  • End-to-end encryption for sensitive vulnerability data
  • Multi-factor authentication for all user accounts
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance and ISO 27001 certification
  • Secure data centers with 24/7 monitoring and access controls

Information Sharing

  • We never sell your personal information to third parties
  • Vulnerability data is shared with affected vendors for remediation
  • Anonymized research data may be shared with security community
  • Legal compliance may require disclosure to authorities
  • Service providers bound by strict confidentiality agreements

International Data Transfers

As a global platform serving security researchers and organizations worldwide, we may transfer your information across international borders. We ensure all transfers comply with applicable data protection laws including:

  • GDPR (General Data Protection Regulation) for EU residents
  • CCPA (California Consumer Privacy Act) for California residents
  • PIPEDA (Personal Information Protection and Electronic Documents Act) for Canadian residents
  • Other applicable regional privacy laws

We use Standard Contractual Clauses and other approved transfer mechanisms to ensure your data receives adequate protection regardless of where it is processed.

Data Retention

We retain your information only as long as necessary to fulfill the purposes outlined in this policy:

Account Information

Retained while your account is active and for 3 years after account closure for security and legal compliance purposes.

Vulnerability Data

Retained indefinitely for historical security research, with personal identifiers removed after 7 years.

Usage Analytics

Aggregated analytics retained for 2 years, individual session data deleted after 90 days.

Communication Records

Support communications retained for 5 years for quality assurance and legal compliance.

Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

Access and Portability

Request a copy of your personal information in a machine-readable format.

Correction

Update or correct inaccurate personal information.

Deletion

Request deletion of your personal information, subject to legal and security requirements.

Restriction

Limit how we process your personal information in certain circumstances.

Objection

Object to processing based on legitimate interests or for direct marketing.

Withdraw Consent

Withdraw consent for processing where consent is the legal basis.

To exercise these rights, contact us at privacy@telco-sec.com. We will respond within 30 days of receiving your request.

Cookies and Tracking

We use cookies and similar technologies to enhance your experience and analyze platform usage:

Essential Cookies

Required for platform functionality, including authentication and security features.

Analytics Cookies

Help us understand how users interact with our platform to improve services.

Preference Cookies

Remember your settings and preferences for a personalized experience.

You can manage cookie preferences through your browser settings or our cookie preference center.

Contact Our Privacy Team

Questions about this privacy policy or how we handle your data? We're here to help.

Privacy Officer

Email: privacy@telco-sec.com

Phone: +1 (555) 123-4567

Data Protection Officer (EU)

Email: dpo@telco-sec.com

Phone: +44 20 7123 4567

You also have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.