Privacy

Privacy Policy

This policy explains what information Zeph Tech LLC collects, how we use it, and what rights you have regarding your personal data.

If you have questions, email contact@zephtech.net at any time.

Last updated:

Who we are

Zeph Tech LLC ("we," "us," or "our") operates the website zephtech.net. We are a cybersecurity research and education publisher. Our mailing address for privacy-related correspondence is contact@zephtech.net.

This privacy policy applies to all visitors, subscribers, and users of our website, newsletters, contact forms, and related digital services.

Information we collect

We collect information in three ways: information you provide directly, information collected automatically, and information from third-party services.

Information you provide

  • Newsletter sign-up form. When you subscribe to our briefing, we collect your first name, last name, and email address. This data is processed by Netlify's form handling service and stored in their encrypted dashboard.
  • Contact form. When you send us a message, we collect your name, email address, inquiry type, and message content. We use this to respond to your inquiry.

Information collected automatically

  • Analytics data. We use Plausible Analytics, a privacy-focused analytics service that does not use cookies or track individuals across sites. Plausible collects aggregate page views, referral sources, browser type, country (from truncated IP), and device type. No personally identifiable information is stored in our analytics.
  • Server logs. Our hosting provider (Netlify) maintains standard server logs that may include your IP address, browser user-agent string, pages requested, and timestamps. These logs are used for security monitoring and are automatically rotated.

Information from third-party services

  • Google AdSense. We display advertisements through Google AdSense. Google may collect device identifiers, IP addresses, and browsing activity to serve and measure ads. See Advertising and Cookies below for details.

How we use your information

We use the information we collect for the following purposes:

  • Deliver our services. We send the nightly briefing to subscribers who request it and respond to inquiries submitted through our contact form.
  • Improve our content. Aggregate analytics data helps us understand which topics are most useful to our readers and how to improve our research coverage.
  • Maintain advertising compliance. We review Google AdSense reports to ensure advertisements are served correctly and comply with publisher policies.
  • Ensure security. Server logs help us detect and prevent unauthorized access, abuse, or security incidents.

We do not sell, rent, or trade your personal information to any third party. We do not use your email address for any purpose other than the service you specifically requested.

Advertising and cookies

Google AdSense

We use Google AdSense to display advertisements on our site. Google AdSense uses cookies and similar technologies to serve ads based on your prior visits to this site or other websites. Google's use of advertising cookies enables it and its partners to serve ads based on your visit to our site and other sites on the internet.

You may opt out of personalized advertising by visiting Google's Ads Settings. Alternatively, you can opt out of third-party vendor cookies for personalized advertising by visiting www.aboutads.info.

For more information on how Google uses data when you use our site, see How Google uses information from sites that use its services.

Cookie consent

When you first visit our site, a cookie consent banner allows you to choose which categories of cookies to accept:

  • Essential cookies. Required for basic site functionality such as remembering your consent preferences. These cannot be disabled.
  • Analytics cookies. Used by Plausible Analytics to collect aggregate usage statistics. Note: Plausible is designed to work without cookies, but enabling this category allows enhanced measurement.
  • Advertising cookies. Used by Google AdSense and its partners to serve and measure advertisements. Disabling this category means you will still see ads, but they will not be personalized to your interests.

You can change your preferences at any time by clearing your browser cookies and revisiting the site, which will display the consent banner again.

Google Consent Mode v2

We implement Google Consent Mode v2 to respect your cookie preferences. By default, all consent categories are set to "denied" until you make a choice. When you accept specific categories, we update the consent signal so Google services respond accordingly. This ensures compliance with the EU ePrivacy Directive and GDPR requirements for consent-based advertising.

Authorized seller declarations

Our ads.txt file declares authorized digital advertising sellers. We maintain this file to prevent unauthorized inventory sales and to provide transparency to advertisers about our monetization partners.

Analytics and measurement

We use Plausible Analytics, a lightweight, open-source analytics tool that is fully compliant with GDPR, CCPA, and PECR. Plausible does not use cookies, does not collect personal data, and does not track visitors across websites.

The data Plausible collects includes: page URLs, referral sources, browser and operating system type, device type, and country (derived from anonymized IP addresses). All data is aggregated, and no individual visitor profiles are created.

We do not combine analytics data with advertising identifiers or any other personal information.

Data retention

  • Form submissions. Newsletter sign-up and contact form data is stored in Netlify's encrypted dashboard. We review and delete outdated records during quarterly reviews. We retain only the data necessary to fulfill your request.
  • Analytics data. Plausible Analytics retains aggregated data indefinitely, but since no personal data is collected, this does not impact individual privacy.
  • Server logs. Netlify server logs are automatically rotated and do not persist beyond standard infrastructure retention periods.
  • Advertising data. Google manages retention of advertising-related data according to its own data retention policies. See Google's Privacy Policy for details.

Data security

We implement reasonable administrative, technical, and physical safeguards to protect your information:

  • Our site is served over HTTPS (TLS encryption) for all pages.
  • Netlify's form dashboard requires multi-factor authentication for access.
  • Administrative access is restricted to authorized members of the research operations team.
  • We regularly review access controls and security configurations.

No method of electronic transmission or storage is completely secure. If we become aware of a security breach affecting personal data, we will notify impacted individuals and relevant authorities in accordance with applicable law.

Third-party links

Our articles and guides may contain links to external websites (for example, to official regulatory sources, vendor documentation, or standards bodies). These third-party sites have their own privacy policies, and we are not responsible for their content or privacy practices. We encourage you to review the privacy policy of any external site you visit.

Children's privacy

Our site is not directed at children under the age of 13 (or under 16 in jurisdictions where GDPR applies). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at contact@zephtech.net and we will promptly delete the data.

Your rights under GDPR (European Economic Area residents)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation:

  • Right of access. You can request a copy of the personal data we hold about you.
  • Right to rectification. You can ask us to correct inaccurate or incomplete data.
  • Right to erasure. You can request that we delete your personal data, subject to legal retention obligations.
  • Right to restrict processing. You can ask us to limit how we use your data in certain circumstances.
  • Right to data portability. You can request your data in a structured, machine-readable format.
  • Right to object. You can object to our processing of your data for direct marketing or legitimate interest purposes.
  • Right to withdraw consent. Where processing is based on consent, you can withdraw that consent at any time.

To exercise any of these rights, email contact@zephtech.net. We will respond within 30 days.

You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

Your rights under CCPA (California residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

  • Right to know. You can request that we disclose the categories and specific pieces of personal information we have collected about you, the purposes for collection, and the categories of third parties with whom we share data.
  • Right to delete. You can request deletion of your personal information, subject to certain exceptions.
  • Right to opt out of sale. We do not sell personal information. However, you have the right to direct us not to sell your data, and we honor that by default.
  • Right to non-discrimination. We will not discriminate against you for exercising any of your CCPA rights.

To submit a request, email contact@zephtech.net. We will verify your identity and respond within 45 days as required by law.

International data transfers

Our website is hosted on Netlify's global content delivery network. If you access the site from outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers maintain infrastructure. We rely on standard contractual clauses and provider certifications to ensure adequate data protection for international transfers.

Changes to this policy

We review and update this privacy policy as needed to reflect changes in our practices, legal requirements, or services. When we make material changes, we update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

Contact us

If you have any questions or concerns about this privacy policy or our data practices, contact us:

We aim to respond to all privacy-related inquiries within ten business days.