Legal

Privacy Policy

Last updated: April 18, 2026

Decryption Digest is committed to protecting your personal information. This policy explains what data we collect, why we collect it, and how you can control it. We keep this short and plain-English — no legal jargon designed to obscure what we actually do.

1. Who we are

Decryption Digest is a cybersecurity threat intelligence publication operated by Eric Bang. Our website is located at https://www.decryptiondigest.com.

For privacy-related questions, contact us at info@decryptiondigest.com.

2. Information we collect

We collect the following categories of personal information:

Newsletter subscription

When you subscribe to our newsletter, we collect your email address. This is the only piece of personal information required. We store it in a secure database to send you our weekly threat intelligence briefings.

Sponsorship inquiries

If you submit a sponsorship inquiry via our sponsor page, we collect your name, work email address, company name, and any campaign details you choose to share. This information is used solely to respond to your inquiry and is not added to our newsletter list without your explicit consent.

Usage data

We collect anonymised data about how visitors use our website — including pages visited, time spent on pages, and general geographic region (country level). This data is collected via the third-party analytics tools described in Section 4 and does not identify you individually.

3. How we use your information

We use the information we collect for the following purposes:

  • Sending the newsletter: Your email address is used exclusively to deliver our weekly threat intelligence briefings. We do not send promotional emails from third parties.
  • Responding to sponsorship inquiries: Contact information submitted through our sponsor form is used to respond to your specific inquiry. We do not add sponsor contacts to our newsletter list without consent.
  • Improving our content and website: Anonymised analytics data helps us understand which topics and posts are most useful to our audience, so we can publish better content.
  • Preventing abuse: We use technical measures (including honeypot fields in our forms) to prevent automated spam submissions.

We do not sell, rent, or trade your personal information to any third party. Ever.

4. Third-party services

We use the following third-party services to operate Decryption Digest. Each has its own privacy policy linked below.

Resend

Privacy policy →

Email delivery for our newsletter

Recipient email addresses are passed to Resend to deliver each newsletter edition.

Vercel

Privacy policy →

Website hosting and analytics

Vercel hosts our website and collects anonymised performance metrics (page views, response times). No personally identifiable information is shared.

Google Analytics

Privacy policy →

Website analytics

Collects anonymised data on page visits, session duration, and general location (country/region). IP addresses are anonymised. You can opt out via our cookie banner.

Microsoft Clarity

Privacy policy →

Session analytics and heatmaps

Records anonymised session replays and heatmap data to help us understand how users navigate the site. Personal information is masked by default. You can opt out via our cookie banner.

5. Cookies & tracking

We use cookies and similar tracking technologies on our website. When you first visit, our cookie banner gives you the option to accept or decline non-essential cookies.

Required
Essential cookies: Required for the website to function (e.g. security tokens, session state). Cannot be disabled.
Optional
Analytics cookies: Set by Google Analytics and Microsoft Clarity to collect anonymised usage data. You can decline these via our cookie banner.
Required
Performance cookies: Set by Vercel to monitor site performance and uptime. Contain no personally identifiable information.

You can manage cookies at any time via your browser settings. Note that disabling all cookies may affect site functionality.

6. Data retention

We retain your email address for as long as you remain subscribed to the newsletter. When you unsubscribe, your email address is marked as unsubscribed in our database. You can request permanent deletion at any time by emailing us at info@decryptiondigest.com.

Sponsorship inquiry data (name, email, company) is retained for up to 12 months after your inquiry is resolved, then deleted.

Anonymised analytics data is retained in accordance with the data retention policies of our analytics providers (Google Analytics default: 14 months).

7. Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate or incomplete data.
  • Deletion: Request that we delete your personal data.
  • Objection: Object to our processing of your data for certain purposes.
  • Portability: Request a machine-readable copy of your data.
  • Withdrawal of consent: Unsubscribe from the newsletter at any time.

To exercise any of these rights, email info@decryptiondigest.com. We will respond within 30 days. If you are located in the European Economic Area, you also have the right to lodge a complaint with your local data protection authority.

8. Unsubscribing

Every newsletter email contains an unsubscribe link in the footer. Clicking it immediately removes you from all future newsletter sends. You can also request removal by emailing info@decryptiondigest.com.

Unsubscribing does not delete your data immediately — your email address is marked as unsubscribed so we do not contact you again. To request full deletion, email us.

9. Security

We take reasonable technical measures to protect your personal data, including:

  • HTTPS encryption on all pages and API endpoints
  • Secure, encrypted database storage for subscriber records
  • Bearer token authentication on all internal API routes
  • No storage of payment or financial information (we do not process payments on-site)

No system is 100% secure. If you believe your data has been compromised, please contact us immediately at info@decryptiondigest.com.

10. Children's privacy

Decryption Digest is intended for security professionals and is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has submitted personal information to us, please contact us and we will delete it promptly.

11. Changes to this policy

We may update this privacy policy from time to time. When we do, we will update the “Last updated” date at the top of this page. Material changes will be communicated to newsletter subscribers via email. Continued use of the site after changes are posted constitutes acceptance of the updated policy.

12. Contact us

For any privacy-related questions, data requests, or concerns, contact us at:

Decryption Digest

Operated by Eric Bang

Email: info@decryptiondigest.com

Website: https://www.decryptiondigest.com