Privacy Policy

Last Updated: February 22, 2026

At RoyalSnek, we practice what we preach. We do not sell your data, we do not track you for advertisements, and we only collect the minimum information necessary to secure our services and facilitate responsible vulnerability disclosures.

1. Information We Collect

We collect information in two categories to ensure our platform remains secure and functional:

A. For All Visitors (Automated Collection)
  • Network Identifiers: IP addresses and request headers processed via our security provider, Cloudflare.
  • Security Cookies: Essential cookies (such as __cf_bm) used solely for bot mitigation and session integrity.
  • Device Fingerprinting: Browser characteristics used to detect automated bot activity and DDoS patterns.
B. For Registered Users
  • Identity: Full name and email address.
  • Security: Encrypted (hashed) passwords. We never store passwords in plain text.

2. How We Use Your Data

Your data is processed strictly for the following purposes:

  • Threat Prevention: Utilizing Cloudflare’s edge network to detect and block malware, DDoS attacks, and unauthorized access attempts.
  • Disclosure Coordination: Verifying if advisories have been accessed by relevant stakeholders (e.g., vendors) during the disclosure window.
  • Account Management: Providing access to restricted security tools and reports.

3. Third-Party Infrastructure

To provide a secure experience, we use Cloudflare as our primary infrastructure provider. Cloudflare may process your network identifiers to protect our site. We do not allow third parties to use your data for their own marketing purposes.

4. Data Retention & Shelf-Life

As of 2026, we maintain a 12-month retention policy for security-related data.

  • Unregistered Data: Technical logs and fingerprints are purged after 12 months.
  • Registered Data: Information is retained for the duration of your account and for 12 months following account closure.

Why 12 months? This duration is essential for our mission. Coordinated disclosures often take a full year to resolve, and we must be able to audit access logs to confirm if a vendor has engaged with our security advisories.

5. Automated Protection & Appeals

We use automated tools to prevent spamming and data mining. These tools may occasionally block access based on IP reputation or suspicious request patterns.

Right to Appeal

If you believe your access was restricted in error, please contact us at support@royalsnek.com. We manually review all access appeals.

6. Your Rights

You have the full right to manage your personal data:

  • Access & Portability: Request a copy of all information we have collected about you in a machine-readable format.
  • Deletion/Correction: Request that we edit or remove your data via our support ticket system.

Note: Deletion of identity data will result in the immediate termination of your registered account and access to restricted services.

7. Changes to this Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes, we will notify registered users via email or by posting a prominent notice on our website.

Our Privacy DNA
  • No Marketing: We never send newsletters or promotional ads.
  • No Data Selling: Your data is never sold to third parties.
  • Encryption: All data is encrypted in transit (via TLS) and at rest.
2026 Compliance

This policy is designed to meet GDPR, CCPA/CPRA, and 2026 global privacy standards regarding "Security as a Legitimate Interest."

By using RoyalSnek, you acknowledge the collection of essential security telemetry (IPs/Fingerprints) via Cloudflare required to keep our community safe.