1. Introduction
VECERT Foundation is an independent nonprofit organization committed to advancing cybersecurity through technology, education, research, public cybersecurity resources, and threat intelligence.
We recognize that privacy is a fundamental component of digital security. This Privacy Policy explains how we collect, use, store, protect, and disclose information when you visit our website, use our public cybersecurity tools, apply for programs, make donations, participate in educational activities, or otherwise interact with our services.
By accessing or using our website, you acknowledge that you have read and understood this Privacy Policy.
2. Information We Collect
Depending on how you interact with our Services, we may collect personal information such as name, email address, organization, job title, country or region, and telephone number when voluntarily provided.
When applying for institutional programs, we may collect organization details, contact information, technical environment details, eligibility information, and supporting documentation voluntarily submitted.
If you make a donation, trusted payment providers may process billing details, donation amount, and transaction confirmation. VECERT Foundation does not store complete payment card information.
- IP address and browser type
- Device and operating system information
- Language settings and referring website
- Pages visited, session timing, and diagnostic logs
- Security logs used to protect the service
3. Public Cybersecurity Tools
When users submit URLs, domains, IP addresses, files, hashes, email addresses, or other indicators to public tools, that information may be temporarily processed for analysis.
We do not claim ownership of submitted data. Submitted information may be retained for security, operational, research, abuse prevention, or service improvement purposes in accordance with applicable laws.
4. How We Use Information
Information may be used to operate and maintain our website, improve cybersecurity services, provide requested information, deliver educational resources, process donations, evaluate institutional applications, improve Analyzer Pro 360, generate anonymous statistics, conduct cybersecurity research, prevent abuse, detect fraud, protect infrastructure, and comply with legal obligations.
5. AI, Cookies, and Analytics
Some of our services may utilize Artificial Intelligence (AI) to assist with threat classification, risk scoring, report generation, malware analysis, IOC correlation, and security recommendations. AI-generated outputs are intended to assist users and should not replace independent professional judgment.
We use cookies and similar technologies to maintain website functionality, improve performance, analyze traffic, enhance user experience, protect against abuse, and maintain security sessions.
We may use privacy-conscious analytics services to better understand website usage and improve educational resources and cybersecurity services. Analytics information is generally aggregated and does not directly identify individual users.
6. Information Sharing and International Processing
We do not sell personal information. Information may only be shared when required by law, with trusted service providers, to prevent fraud or cybercrime, to protect users or infrastructure, during investigations involving abuse of our services, or when expressly authorized by the user.
As an international nonprofit organization, information may be processed in jurisdictions outside your country of residence. Appropriate safeguards will be implemented whenever required by applicable privacy laws.
7. Data Security and Retention
Protecting information is central to our mission. We implement administrative, technical, and organizational safeguards including encryption, access controls, multi-factor authentication, network monitoring, security logging, vulnerability management, secure cloud infrastructure, and regular security assessments.
Information is retained only for as long as necessary to provide requested services, meet legal obligations, improve cybersecurity research, maintain security records, prevent abuse, and resolve disputes.
8. Your Rights
Depending on your jurisdiction, you may have the right to access your information, correct inaccurate information, request deletion, restrict processing, object to certain processing activities, request data portability, and withdraw consent where applicable.
Requests may be submitted through the contact information below.
9. Children and Third-Party Services
Our services are not directed toward children under the age required by applicable law without appropriate parental or guardian involvement. If we become aware that personal information has been collected improperly, we will take appropriate steps to delete it.
Our website may contain links to external websites and third-party services. VECERT Foundation is not responsible for the privacy practices of external services, and users should review those providers separately.
10. Changes and Contact
This Privacy Policy may be updated periodically. The latest version will always be published on our website with the updated effective date.
Privacy Team
VECERT Foundation
Email: privacy@vecertfoundation.org
Website: www.vecertfoundation.org