🔒 Privacy Policy

Effective Date: 16 August 2025
Last Updated: 16 August 2025

At JustHackIT (“Company”, “we”, “our”, “us”), your privacy is important to us. This Privacy Policy explains how we collect, use, store, and share your information when you use our websites, products, services, Telegram bot(s), APIs, and dashboards, including but not limited to justhackit.in and its subdomains such as threatintelzz.justhackit.in (collectively, “Services”).

By accessing or using our Services, you agree to the practices described in this Policy.

1. Information We Collect

1.1 Personal Information

• Name
• Email address
• Phone number
• Telegram ID and Username (for ThreatIntelzz Bot & Dashboard access)

1.2 Technical & Usage Information

• IP address
• Browser type, device information, operating system
• Access logs, system logs, error logs (for security and troubleshooting)

1.3 Service-Specific Data

• Uploaded files (EXE, PDFs, images) for malware/security analysis
• Files are automatically deleted after 90 days
• We do not retain file metadata (hashes, filenames, timestamps) beyond this period
• Reports and analysis logs generated for user access

1.4 Payment Information

Payments are securely processed through Stripe.
We do not directly store card or UPI details. However, Stripe may retain this information as part of their service.
Through the Stripe dashboard, we may view limited card details (last 4 digits, card brand) for support and billing purposes.

2. How We Use Information

• Provide, operate, and improve our Services
• Authenticate users and verify access (via Telegram ID/Username)
• Generate and deliver security reports
• Process payments and manage subscriptions
• Communicate important updates, policy changes, and support responses
• Monitor and secure our infrastructure against fraud, abuse, and threats
• Comply with legal obligations

3. Data Sharing

We do not sell your personal data. We may share your information only in the following cases:

• Legal Authorities: If required by law, court order, or government request
• Trusted Partners: Third-party service providers strictly for service delivery (e.g., Stripe)
• Security Vendors/Feeds: For enrichment of threat intelligence data, via APIs
• Cloudflare: Used for tunneling, DNS, and DDoS protection

Note: We do not use AWS, GCP, or other third-party cloud hosting providers — our infrastructure is self-hosted.

4. Cookies & Tracking

We use cookies and third-party tracking tools, including:

• Google Analytics (site usage & analytics)
• Google AdSense & Monetag (advertising)
• Cloudflare (security & performance optimization)

You can disable cookies through your browser settings, but some features may not function properly.

For full details about how and why we use cookies, including third-party cookies and your choices, please see our Cookie Policy.

5. Data Retention

• Uploaded Files: Deleted automatically after 90 days
• Logs (system, access, error): Retained as needed for security and auditing
• Payment & Subscription Records: Retained indefinitely for compliance
• Reports for Users: Available until deleted by user or account closure

6. Security

We employ technical, organizational, and administrative measures to safeguard your data, including:

• Encryption in transit (HTTPS/TLS)
• Access control and session-based authentication tokens
• Regular monitoring for suspicious activity

No system is 100% secure, and we cannot guarantee absolute protection against unauthorized access.

7. Children’s Privacy

We do not knowingly collect personal data from children under the age of 13.
Since we cannot verify user age, any information collected from minors is treated as if provided with parental/guardian consent.
If you believe a child has provided personal data to us without consent, please contact us immediately.

8. Your Rights

Depending on applicable laws, you may have the right to:

• Access the data we hold about you
• Request correction of inaccurate information
• Request deletion of your data (subject to retention requirements)
• Opt-out of marketing or tracking tools (via browser settings or contacting us)

9. International Users

Our Services are primarily operated from India. If you are accessing the Services from outside India:

• Data Transfers: Your information may be transferred to and processed in India, where data protection laws may differ.
• GDPR (EU/EEA Users): Processing is based on consent, contractual necessity, and legitimate interests (e.g., security research). Rights include access, rectification, deletion, restriction, and objection.
• CCPA/CPRA (California, USA Users): You have the right to know what data we collect, request deletion, and opt-out of data sales (we do not sell data).
• Other Regions: We will comply with applicable local data protection laws where required.

By using our Services, you consent to the transfer and processing of your data in India.

10. Changes to this Policy

We may update this Privacy Policy at any time. Updates will be posted on our website with a revised “Last Updated” date. Continued use of our Services constitutes acceptance of the revised Policy.

11. Contact Information

For questions, concerns, or data-related requests, you may contact us:

• 📧 Support: support@justhackit.in
• 📧 Legal: legal@justhackit.in
• 📧 Grievance Officer: grievance@justhackit.in