Privacy Policy

Last updated: 2026-04-16 | Applies to: cyber.koscak.ai

What we collect

We collect minimal data and only what is necessary to deliver the service you requested:

• Email address - when you subscribe to the newsletter or request a report. Stored in our Cloudflare D1 database, encrypted at rest.
• URL you submit for scanning - processed during the scan and not permanently stored after the result is returned.
• Cloudflare Web Analytics - cookieless, anonymous page-view counts. No IP address stored, no cross-site tracking, no fingerprinting. GDPR-safe by design.

What we do not collect

• Cookies (none set on this site)
• Third-party tracking pixels
• Advertising identifiers
• Social login data
• Payment data (handled entirely by Stripe or direct bank transfer; we never see card numbers)

Legal basis (GDPR Art. 6)

• Consent (Art. 6(1)(a)) - newsletter subscription. You gave explicit, informed, affirmative consent via our double opt-in flow.
• Contract (Art. 6(1)(b)) - delivering a paid report you ordered.
• Legitimate interest (Art. 6(1)(f)) - anonymous analytics to understand which content is useful.

How long we keep your data

• Newsletter email: until you unsubscribe or request deletion, whichever comes first.
• Order records: 7 years (EU accounting law requirement).
• Anonymous analytics: 30 days rolling window (Cloudflare default).

Your rights under GDPR

You have the right to: access your data, correct inaccuracies, request deletion, restrict processing, data portability, and withdraw consent at any time. To exercise any of these, email hello@koscak.ai with the subject "GDPR request". We respond within 30 days.

Third-party processors

• Cloudflare - hosting, CDN, D1 database, analytics. EU data center option enabled. DPA available at cloudflare.com.
• Mailchannels - transactional email delivery for confirmations. Processes email address only. No marketing use.
• Anthropic - Claude API used to draft editorial content internally. No personal data from users is sent to the Anthropic API.

Data deletion

To delete your data completely, email hello@koscak.ai with subject "delete". We will process within 72 hours and confirm by reply.

Unsubscribe

Every email we send includes an unsubscribe link in the footer. Clicking it removes you immediately. No confirmation required, no "are you sure" loops.

Contact

Data controller: koscak.ai
Contact: hello@koscak.ai