DATA PRIVACY POLICY

01. DATA COLLECTION

When you use our Communication Protocol (Contact Form), we collect the strictly necessary operational data required to execute your request:

• Cryptographic Identity (Name)
• Routing Address (Email Address)
• Encrypted Payload (Message Content)

02. DATA PROCESSING

We act as the Data Controller. Your information is processed via our secure serverless infrastructure (AWS API Gateway & AWS Lambda) and temporarily stored in our encrypted DynamoDB vaults to prevent spam and abuse.

03. THIRD-PARTY SUBPROCESSORS

We utilize Amazon Web Services (AWS) as our primary subprocessor to route transactional emails via Amazon Simple Email Service (SES). AWS operates under strict compliance with SOC 2, ISO 27001, and GDPR data processing addendums.

With your explicit consent, we also activate Google Analytics 4 (operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to analyze aggregated, anonymized site usage patterns. Google LLC is certified under the EU–US Data Privacy Framework. Their privacy policy is available at policies.google.com/privacy. No analytics data is transmitted without your opt-in.

04. COOKIE POLICY

We employ a minimal, local-storage approach to state management. Your consent preference is stored in localStorage under the key crackbytes_cookie_consent — this is strictly necessary and requires no opt-in.

If you opt-in via our Consent Interface, Google Analytics 4 deploys two first-party measurement cookies: _ga and _ga_G-NRPG26BJND, each persisting for 2 years. These cookies identify returning visitors for aggregate traffic analysis. They are not deployed without your explicit accepted consent signal.

05. RIGHT TO ERASURE (GDPR)

You maintain total cryptographic sovereignty over your data. Under GDPR Article 17, you have the right to request the immediate purging of all your identifying records from our DynamoDB databases.