1. Since November 2013, StopTheHacker (STH) has been a wholly owned subsidiary of
CloudFlare, Inc. This privacy policy outlines our general policy and practices for the
types of information CloudFlare gathers in the course of offering its STH products and
services, how we use it and the notice and choice affected individuals have regarding our
use of and their ability to correct that information.!
CloudFlare privacy & security policy
CloudFlare!will!not!sell,!rent,!or!give!away!any!of!your!personal!information!without!
your!consent.!It!is!our!overriding!privacy!principle!that!any!personal!information!
you!provide!to!us!is!just!that:!personal!and!private.!We!do!not!presume!that!you!are!
granting!us!permission!to!share!your!personal!information!with!third!parties!
wanting!to!sell!you!products!or!services!that!you!have!not!requested.!In!order!for!us!
to!provide!some!of!the!services!we!do!we!may!on!occasion!need!to!provide!
information!you!supply!us!to!external!parties.!While!these!third!parties!will!have!
access!to!customer!information!in!order!to!perform!the!functions!CloudFlare!
contracts!to!them,!such!data!may!not!be!used!by!them!for!other!purposes.!
CloudFlare!may!need!to!purge!information!from!its!system!from!time!to!time,!and!
does not promise to keep any information beyond what is required by applicable law or
regulation.!
CloudFlare's!website!and!services!are!not!intended!for,!or!designed!to!attract,!
individuals!under!the!age!of!18.!CloudFlare!does!not!knowingly!collect personally
identifiable information from any person under the age of 18.!
PERSONS TO WHOM THIS PRIVACY POLICY APPLIES
This privacy policy applies to visitors to our website, users of CloudFlare's services, and
information we collect from visitors to the websites of users of CloudFlare's services. Our
users' websites may have their own Privacy Policies and may not be covered by
CloudFlare's policy. We encourage visitors to these third party websites to make
themselves aware of their privacy policies.!
INFORMATION DESIGNATED AS PUBLIC
As part of our service, our users may decide to provide information specifically to be
shared with third parties. For example, they may allow us to build statistical reports based
on what malicious visitors have visited your site or how many visitors’ computers may
have been infected by a particular site. In cases such at these, we will try to make it clear
whenever any information our users provide us will be made public. Even when our users
give us permission to make certain information public, we will still protect the
Comment [1]: Explains that STH is now a
CloudFlare company/
Deleted: Privacy Policy ... [1]
Deleted: . We may, however, share
information about our customers in the
following circumstances: ... [2]
Comment [2]: A core principle from
CloudFlare’s privacy policy.
Deleted: to enable the work of some of our
service providers. From time to time, STH
may contract with third parties for performance
of some of its business functions. Examples
may include marketing analysis and customer
service functions.
Deleted: their
Comment [3]: Deletions here are captured
elsewhere in the policy.
Deleted: ... [3]
Deleted: STH!collect!about!its!customers?
Deleted: ... [4]
Comment [4]: Added from CloudFlare
policy.
Deleted: and!retain
Deleted: it!receives!about!its!customers!
Comment [5]: Added from CloudFlare
policy/
2. information designated private (such as name, email address, IP address, and other
information specifically tagged to the user's identity) from being disclosed.!
INFORMATION COLLECTION
CloudFlare is the owner of the information collected through the STH Service. As
visitors browse our web site, or our user's websites if they have STH installed, we
sometimes log these visitors' interactions in order to provide a better service (e.g., using
visitor log data in order to detect new threats). Some examples of the types of information
we collect for STH services include:!
• Customer Provided Data. Customers using STH services that require registration
may provide identifying or payment information (such as a name, email or
mailing address, credit card information, account password, etc.).
!
• Information Tracked with Cookies. For information on what we track with
cookies see the section specifically on cookies below.
!
• Server Log Data. STH’s servers may automatically log information from a
customer’s browser during a visit to our website. The resulting server logs may
include information such as a customer’s web requests, IP address, browser type,
browser language, the date and time of web requests and cookies that may
uniquely identify the customer’s browser.
!
• Information Received from Others. CloudFlare may receive data that customers
of the STH website have provided to third parties, such as vendor partners of
STH. While such third parties may have their own privacy policies, we will, for
our part, treat all such information as if it were provided directly from the
customer to STH under this Privacy Policy.!
BILLING INFORMATION
CloudFlare collects and maintains certain information from our users for the purposes of
billing. We may report this information to third party processors for the limited purpose
of receiving payment. CloudFlare does not store full credit card numbers or personal
account numbers (PANs).!
CORRECTIONS TO PERSONAL INFORMATION
This web site makes it easy to correct any mistakes in your personal information at any
time. Whenever possible, we will give you an opportunity to review and change any
information you provide to us. If you notice a mistake in the information you provide us,
you can always revise it. This can be done either online or contacting us directly.!
Comment [6]: Added from the CloudFlare
policy.
Comment [7]: We reorganized this section
to parallel the CloudFlare policy.
Deleted: number!of!sources.!!These
Deleted: A.!!!!!!!!Data!Inputted!by!the!
Deleted: .!!Anyone
Deleted:
... [5]
Deleted: !!Regardless!of!whether!a!
customer’s!experience!of!the!STH!website!
involves!registration!or!the!creation!of!a!
purchase!order,
Comment [8]: We made the cookie section
separate and explicit.
Deleted: send!one!or!more!“
Deleted: ”!to!visitors!to!the!site!in!order!
to!uniquely!identify!their!browsers.!!STH!
can!then!use!these
Deleted: to!track!customer!preferences.
Deleted:
... [6]
Deleted: !
Deleted: record
Deleted: !they!receive
Deleted: !
Deleted: Internet!Protocol
Comment [9]: Deleted customer
communications as superfluous.
Deleted: ... [7]
Deleted: !!STH
Deleted: !
Comment [10]: Added from the CloudFlare
policy.
Comment [11]: Added from the CloudFlare
policy.
3. COOKIES
Our site uses "cookies" in order to provide a better service to our users. Cookies are
placed by your browser on your computer's hard drive to assign a unique identification
for your computer. CloudFlare does not store information we consider personal or private
in a cookie. This eliminates the chance of other sites reading our cookies and learning
your personal or private information, without permission. For example, we may use
cookies to help direct you to the appropriate part of our web site, by indicating that you
are a repeat visitor to our site. We also may use that information to present you with
services which are easy-to-use and customized to your preferences.
STH only stores Temporary Session IDs in cookies. These Temporary Session IDs map
to customer data stored on our servers. For example, we send one or more cookies to
visitors to the STH site in order to uniquely identify their browsers so that we can
remember customer preferences.
If you do not want CloudFlare or other websites to use cookies, you can disable them
within your browser. Some portions of the STH website are still functional without
cookies; however, many parts of the website will not function properly. You may delete
CloudFlare's cookies through your browser's cookie manager. Be aware that this will
reset your session, disable auto-login, and may adversely affect other functions on the
CloudFlare website and services.!
As part of our service, may place cookies on the browsers of your visitors to your
CloudFlare-protected sites. STH provides a Trust Seal
[https://www.stopthehacker.com/features/#3664] for use on our customers’ websites.
Displaying the Seal shows visitors that the website is protected by STH’s advanced
security product and scanned regularly. When your website displays the STH Trust Seal,
CloudFlare may place cookies on the browsers of your visitors to your STH-protected
sites. We do this to in order to track malicious visitors, to reduce the chance of blocking
legitimate users, and to provide customized services.!
DATA AGGREGATION
CloudFlare may aggregate data we acquire about our users. When our users display the
STH Trust Seal, we may aggregate data about our users and the visitors to their sites. For
example, we may assemble data to determine how spiders crawl the Internet and whether
they are engaged in malicious activity. If we assemble this sort of data and provide it to
external parties, our user's personal information (such as their name, email address, IP
address, and other information specifically tagged to your identity) will never be attached
to or included in the aggregated data. Please note, public data our users provide us, such
as log files of their site's visitors, may be included in the aggregate data, reports and
statistics.!
Comment [12]: Our policy regarding
cookies are treated in its own section for
enhanced clarity, as opposed to being included
in the list above.
Comment [13]: Reorganized and relocated
from original section 2.
4. PROMOTIONAL PARTNERS
From time to time, CloudFlare may notify you about an offer from one of our
promotional partners (e.g., Apps Marketplace partners) via our website or email. While
we may target particular types of users for these offers, we will do all of the targeting
within our system. Our business partners will not have any access to the targeting
information, including the names of the people who may be interested in a particular
product or service. Until you affirmatively respond to a promotional offer, we will not
reveal any identifying information about you to any of these partners.!
Note these partners may have their own Privacy Policies and may not be covered by
CloudFlare's policy.!
!
THIRD PARTY WEBSITES
The CloudFlare website, STH website, and the other websites contain links to the sites of
third parties. Please be aware that we are not responsible for the privacy practices of these
external sites. We encourage users to be aware when they leave our website and to read
the privacy statements of other websites. We cannot guarantee that these third parties
abide by the privacy principles outlined here.!
LAW ENFORCEMENT
It is possible that CloudFlare may be required by court order to provide information about
our customers. CloudFlare may also be required to provide information pursuant to law,
applicable regulation, subpoena or other legal process. It is CloudFlare's corporate policy
to ensure adherence to the due process of law in all such legal requests. If we are ever
required to provide information under these circumstances, we will, whenever possible,
attempt to inform users whose information we are compelled to reveal.!
DATA SECURITY, DATA INTEGRITY, AND ACCESS
CloudFlare takes all reasonable steps to protect our users' information from loss, misuse
and unauthorized access, disclosure, alteration and destruction. We have put in place
appropriate physical, electronic and managerial procedures to safeguard and secure such
information. CloudFlare only processes personal information in a way that is compatible
with and relevant for the purpose for which it was collected or authorized by the
individual. CloudFlare allows our users and website visitors access to their personal
information and allows them to correct, amend or delete inaccurate information, except
where the burden or expense of providing access would be disproportionate to the risks to
the privacy of the individual in the case in question or where the rights of persons other
than the individual would be violated.!
Comment [14]: Added since CloudFlare
offers apps.
Comment [15]: Added from CloudFlare
policy.
Comment [16]: Added from CloudFlare
policy.
Comment [17]: Added from CloudFlare
policy.
5. SAFE HARBOR FRAMEWORK
CloudFlare participates in the U.S.-E.U. Safe Harbor framework and the U.S.-Swiss Safe
Harbor as set forth by the United States Department of Commerce. This applies to all
personal information received by CloudFlare whether in electronic, paper, or verbal
format. As part of our participation in the Safe Harbor, we have agreed to TRUSTe
dispute resolution for disputes relating to our compliance with the Safe Harbor Privacy
Framework. If you have any complaints regarding our compliance with the Safe Harbor
you should first contact us (as provided below). If contacting us does not resolve your
complaint, you may raise your complaint with TRUSTe by Internet here, fax to 415-520-
3420, or mail to TRUSTe Safe Harbor Compliance Dept., click here for mailing address.
If you are faxing or mailing TRUSTe to lodge a complaint, you must include the
following information: the name of company, the alleged privacy violation, your contact
information, and whether you would like the particulars of your complaint shared with
the company. For information about TRUSTe or the operation of TRUSTe's dispute
resolution process, click here or request this information from TRUSTe at any of the
addresses listed above. The TRUSTe dispute resolution process shall be conducted in
English.!
NOTIFICATION OF CHANGES
We will always maintain the overriding principle that we will not sell, rent, or give away
any personal information you share with us without your consent. We do not believe we
will need to change that principle going forward. However, if we do need to change any
other aspect of the policy, we will post changes on this website along with the effective
date of those changes.!
Sidebar:!
Keeping your information private and secure
• We will never sell, rent, or give away your personal information without your
permission!
• We track visitors to our site and yours as a feature of the STH Trust Seal in order
to keep malicious visitors away!
• If we aggregate data, we will not reveal your private information!
Have questions?
If you have questions about these terms or anything else about CloudFlare, please don't
hesitate to contact us:!
Comment [18]: Added now that STH is
Safe Harbor certified.
Comment [19]: Revised from below to
match CloudFlare policy. Original section
deleted.
Comment [20]: Added from CloudFlare
policy.
6. Contact information
Attention: Trust and Safety!
StopTheHacker, Inc.!
665 Third Street, Suite 200!
San Francisco, CA 94107!
privacy@stopthehacker.com!
Policy date: September 11, 2014!
!
!
Comment [21]: Change required by change
of address and to match CloudFlare policy.
Deleted: ... [8]
7. Page 1: [1] Deleted CloudFlare Lega 9/11/14 3:19 PM
Privacy Policy
In what circumstances will StopTheHacker Inc., a Delaware corporation (“STH”) share
information about its customers and website visitors with others?
STH’s&only&purpose&in&collecting&information&about&its&customers&is&the&furtherance&
of&the&business&it&conducts&at&and&through&the&STH&website.&&STH&never&sells&
information&about&individual&customers&to&&
&
Page 1: [2] Deleted CloudFlare Lega 9/11/14 3:19 PM
. We may, however, share information about our customers in the following
circumstances:
1.&&&&&&&&&&
&
Page 1: [3] Deleted CloudFlare Lega 9/11/14 3:19 PM
2. When data regarding individual customers are aggregated. STH may share with
third parties certain aggregated, non-personal information, such as aggregated data about
usage of services in a particular geographical area. In no way will such information
include the identity of any STH customer.
3. For overriding considerations. STH will release information about its customers
when it deems that legal or safety concerns override a customer’s reasonable expectation
of privacy. For example, such a disclosure may occur in compliance with instructions
from a court or requests from law enforcement officials, in order to fully enforce
our Terms and Conditions of Use [link], or to protect the safety and property of others,
including by coordinating with other businesses to prevent fraud and reduce credit
risks. However, in no case will this include the commercial use of customers’ account
information in any way inconsistent with this Privacy Policy.
4. Upon the transfer of our business. If StopTheHacker Inc. or some or all of its
STH business is acquired by another company, then customer data may be transferred, by
operation of law or by agreement, along with the other assets of the business.
What&information&&
&
Page 1: [4] Deleted CloudFlare Lega 9/11/14 3:19 PM
STH&may&&
8. &
Page 2: [5] Deleted CloudFlare Lega 9/11/14 3:19 PM
B.&&&&&&&&&
• &
Page 2: [6] Deleted CloudFlare Lega 9/11/14 3:19 PM
C.&&&&&&&&&
• &
Page 2: [7] Deleted CloudFlare Lega 9/11/14 3:19 PM
D. Customer Communications. When customers send email or other communication
to STH, we may retain those communications in order to process requests, respond to
inquiries and improve our services.
E.&&&&&&&&&&
• &
Page 6: [8] Deleted CloudFlare Lega 9/11/14 3:19 PM
F. Hyperlinks. The STH website may present hyperlinks in a format that enables us
to keep track of whether these links have been followed. We may use this information to
improve the quality of our service and customized content and advertising for particular
classes of customers.
How secure is the customer information gathered by STH?
We take appropriate security measures to protect against unauthorized access to or
unauthorized alteration, disclosure or destruction of data we maintain. We restrict access
to personal information of our customers to STH’s employees, contractors and agents
who need to know that information in order to operate, develop or improve our services.
Please note that this Privacy Policy may change from time to time. This page will be
revised to reflect any such changes and, if the changes are significant, we may or may not
provide a more prominent notice (including, for example, by email notification). Each
version of this Privacy Policy will be identified at the top of the page by the date of its
most recent revision.
Please feel free to direct any questions or concerns regarding this Privacy Policy or our
treatment of customer information, via email, to support@stopthehacker.com, or by
writing to us at Privacy Policy Compliance, StopTheHacker Inc., 912 El Camino
Real,Suite 4,Burlingame,CA 94010,USA. When we receive formal, written complaints,
it is our policy to contact the complaining customer regarding his or her concerns.