Privacy Policy

Last updated: April 28, 2026

1. Overview

Security Posture Analyzer ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our passive security reconnaissance tool.

2. Information We Collect

2.1 Domain Scan Data

When you use our security scanning tool, we process the domain names you submit for analysis. This data is used solely to perform the requested security checks and is not stored permanently on our servers. Scan results are temporarily cached in your browser's session storage and are automatically cleared when you close the browser or start a new scan.

2.2 Analytics Data

With your consent (managed through our cookie consent banner), we use Google Analytics 4 to collect anonymous usage statistics. This helps us understand how visitors interact with our tool and improve user experience. The data collected includes:

  • Pages visited and time spent on each page
  • General geographic location (country/region level)
  • Device type and browser information
  • Referring website (how you found us)

This data is anonymized and does not personally identify you.

2.3 Feedback Data

When you submit feedback through our contact form, we collect the information you provide, including your name, email address, rating, and message. This information is used solely to respond to your feedback and improve our services.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To perform security scans and provide you with analysis results.
  • Service Improvement:To understand usage patterns and enhance our tool's functionality.
  • Communication: To respond to your feedback, questions, or support requests.
  • Security: To protect against unauthorized access and maintain data security.

4. Data Storage and Security

We implement appropriate technical and organizational measures to protect your data:

  • All data transmission is encrypted using HTTPS/TLS 1.3
  • Scan results are stored only in your browser's session storage, not on our servers
  • We enforce strict Content Security Policy (CSP) headers to prevent data exfiltration
  • We do not sell, trade, or rent your personal information to third parties

5. Cookies and Tracking

We use cookies and similar technologies for the following purposes:

  • Essential Cookies: Required for the website to function properly (e.g., language preference).
  • Analytics Cookies: Used with your consent to collect anonymous usage statistics via Google Analytics 4.
  • Advertising Cookies: Used with your consent to display personalized advertisements via Google Ad Manager and Google Ad Exchange.

You can manage your cookie preferences at any time by clicking the cookie settings button at the bottom-left of the page.

6. Advertising and Ad Personalization

We display advertisements on our website through Google Ad Manager and Google Ad Exchange (AdX). These advertising services use cookies and similar technologies to serve ads and measure their effectiveness.

6.1 Google Ad Manager / Ad Exchange

We use Google Ad Manager to display ads on our website. Google may use cookies and other tracking technologies to:

  • Serve personalized ads based on your interests and browsing history
  • Measure ad performance and viewability
  • Prevent ad fraud and invalid traffic
  • Limit the number of times you see the same ad

6.2 Ad Personalization Opt-Out

You can opt out of personalized advertising by:

Even if you opt out of personalized ads, you may still see non-personalized (contextual) ads based on the content of the page you are viewing.

6.3 IAB Transparency and Consent Framework

For users in the European Economic Area (EEA) and United Kingdom, we comply with the IAB Europe Transparency and Consent Framework (TCF) v2.2/v2.3. This framework standardizes how publishers obtain, manage, and signal user consent for digital advertising. Your consent preferences are stored and respected across all advertising partners.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to certain types of data processing

To exercise these rights, please contact us using the information provided below.

8. Third-Party Services

We use the following third-party services:

9. Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us through the feedback form available on our website or email us at privacy@hushstackcambodia.site.

12. Legal Basis (GDPR)

For users in the European Economic Area (EEA), our legal basis for collecting and using personal information depends on the specific context:

  • Consent: For analytics cookies and optional features
  • Contract: To provide the security scanning service you request
  • Legitimate Interests: To improve our services and ensure security
  • Legal Obligation: To comply with applicable laws