IW
IntelWatchers

Legal

Privacy Policy

Last updated: January 2025

IntelWatchers ("we", "us", or "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights. IntelWatchers is operated as a community platform for security research — we collect only what is necessary to run the service.

1. What We Collect

Account Information

When you register, we collect:

  • Username (public)
  • Email address (private — not displayed publicly)
  • Password (stored as a bcrypt hash — never readable)
  • Optional: display name, bio, website, Twitter/X handle, GitHub handle, avatar image

Content You Publish

Articles, tags, and excerpts you publish are stored and displayed publicly on the platform. IOCs extracted from your articles are indexed in the public IOC database and attributed to the source article.

Usage Data

We record article view counts (a simple integer counter per article — no per-user tracking). We do not use cookies for behavioral tracking or advertising. Standard server access logs may be retained for security monitoring purposes for up to 30 days.

Contact Form

If you contact us via the contact form or email, we retain your name, email address, and message content to respond to your inquiry and for record-keeping. We do not add you to any mailing list without explicit consent.

2. What We Do Not Collect

  • We do not use advertising tracking cookies or third-party ad networks
  • We do not sell, rent, or trade your personal information to third parties
  • We do not track your browsing behavior across other websites
  • We do not collect payment information — IntelWatchers is free to use
  • We do not require a real name or government-issued ID

3. How We Use Your Data

We use the data we collect solely to:

  • Operate and secure your account (authentication and authorization)
  • Display your public profile and published articles
  • Process publisher access requests (admin review of your account status)
  • Send transactional communications related to your account or submissions (no marketing emails)
  • Monitor for abuse, spam, or policy violations
  • Improve platform functionality and resolve technical issues

4. Data Storage & Security

Data is stored in a PostgreSQL database hosted on infrastructure with encryption at rest. Passwords are hashed using bcrypt — we never store or have access to your plaintext password. Authentication uses short-lived JSON Web Tokens (JWTs).

We implement reasonable security measures to protect data against unauthorized access. However, no system is perfectly secure. If you discover a security vulnerability, please report it responsibly to security@intelwatchers.org.

5. Public Content

Your username, published articles, and optional profile information (bio, display name, social links, avatar) are publicly visible. IOCs extracted from your published articles are displayed publicly in the IOC database with a link back to your article. Do not include personal information you wish to keep private in public-facing fields.

6. Third-Party Services

IntelWatchers may use the following third-party services in platform operation:

Hosting providerServer infrastructure to run the application. Bound by their own privacy and data processing policies.
Database hostingPostgreSQL database provider. Data is stored within the EU/US depending on provider region.
File storageFor uploaded images (avatars, article banners). Uploaded files may be served via CDN.

We do not integrate with social login providers, analytics platforms (e.g. Google Analytics), or advertising networks.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access

Request a copy of the personal data we hold about you.

Correction

Update or correct inaccurate information via your account settings.

Deletion

Request deletion of your account and associated personal data.

Portability

Request your data in a machine-readable format.

Objection

Object to processing of your data in certain circumstances.

Withdrawal

Withdraw consent at any time where processing is consent-based.

To exercise any right, contact us at privacy@intelwatchers.org. We will respond within 30 days.

8. Data Retention

Account data is retained for as long as your account is active. Upon account deletion, personal data is removed within 30 days. Published articles may be retained in anonymized or pseudonymized form if they are cited by other content — you can request full removal by contacting us. Server access logs are retained for up to 30 days for security purposes.

9. Children

IntelWatchers is not directed at children under 16. We do not knowingly collect personal information from anyone under 16. If you believe a child has registered on the platform, please contact us and we will remove the account promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via the platform. Continued use after changes are posted constitutes acceptance of the revised policy.

Privacy inquiries: privacy@intelwatchers.org

Disclosure & DisclaimerTerms of UseContact