Privacy Policy
Introduction
InterSecLab is committed to protecting your privacy and security.
Our work focuses on in-depth research on a range of topics related to digital security to protect individuals from unauthorized surveillance, which is closely linked to how we choose to protect the personal data of visitors to our website.
This Privacy Policy applies to personal data collected by InterSecLab through its website interseclab.org or, as described below, by other means during its activities and services, regardless of the country where you are located.
References to ‘we’, ‘us,’ and ‘our’ are to InterSecLab. Our contact details can be found at the end of this policy.
Data collection
We may collect personal information about you while you:
- Access our website.
- Contact us through various forms of communication (email, social media, and others).
Third-Party Service Providers
We use GoDaddy as our web hosting provider. When you visit our website, GoDaddy may automatically collect certain technical information including your IP address and server logs. This information is used to generate aggregate, non-identifiable data. Server logs are rotated every 7 days to remove old data, and access to logs is restricted to support personnel only
For more information about GoDaddy’s hosting data collection practices, please visit their Hosting Log Data article.
GoDaddy acts as a data processor on our behalf in accordance with their Data Processing Addendum.
Use of cookies
Cookies are small text files which are downloaded to your device when you visit a website. When a user returns to the same website, the browser retrieves and sends this file to the website’s server.
Find more information about cookies at www.allaboutcookies.org.
On our website we collect four cookies:
| Cookies | Purpose | Duration | Owner |
|---|---|---|---|
| _scc_session | Session management - maintains anonymized information about your browsing session to enable core website functionality and user experience. | Expires when the browser is closed | Interseclab.org |
| _tccl_visitor | Store anonymized statistics - track and analyze the behavior of visitors on the website to improve user experience and functionality | 1 year | GoDaddy |
| _tccl_visit | Store anonymized statistics - track a visitor's navigation and behavior on the website to understand visitor usage patterns, optimize user experience, and enhance site performance. | 30 minutes | GoDaddy |
| __cf_bm | Bot management - identifies and mitigates automated traffic to distinguish legitimate users from malicious bots and protect the website from attacks | 30 minutes | Cloudflare, Inc. |
Social Media Information
We maintain social media accounts on Mastodon, BlueSky and Instagram to share information about our organization.
When you interact with our social media content (likes, comments, shares, messages) are subject to the privacy policies of the respective social media platforms. We do not control how these platforms collect, use, or share your information.
For more information about their privacy policies:
Mastodon: https://mastodon.social/privacy-policy
BlueSky: https://bsky.social/about/support/privacy-policy
Instagram: https://www.instagram.com/legal/privacy
How do we use information collected?
Information collected through our website is used exclusively for analytical purposes to evaluate website performance and to enhance user experience. No data is used to track or profile individual users.
By accessing the website, you accept the terms described herein.
Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Legitimate Interest: To ensure the security, proper functioning, and continuous improvement of our website (technical logs and analytics).
- Consent or Contractual Necessity: When you contact us, we process your data to respond to your inquiries, based on your consent or the necessary steps to fulfill your request.
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:
- Server logs are automatically rotated and deleted every 7 days.
- Contact data is retained for three years after the last interaction.
Your Data Protection Rights
You have the following rights regarding your personal data:
- Right of access: you have the right to request a copy of your personal data.
- Right to rectification or erasure: you have the right to have incorrect personal data corrected, or request your data be deleted in some circumstances.
- Right to restriction of processing: you have the right to prevent further processing for the time being if certain requirements are met.
- Right to object: you have the right to object to processing in some circumstances.
- Right to data portability: you have the right to receive your personal data in a machine-readable format in order to forward it or have it forwarded to another controller if certain requirements are met.
You can request this by sending an email to contact@interseclab.org
Changes and updates to this Privacy Policy
We reserve the right to change this policy whenever we deem it necessary. The date of the last update and publication will always be stated at the end of the document.
If you have any question regarding this policy, please contact us at contact@interseclab.org.
Page last updated:
16 December 2025