Last updated: May 2026
Who we are
ThreatNote is an independent cybersecurity editorial platform operated from India. Our website address is https://threatnote.com. ThreatNote publishes practitioner-grade cybersecurity analysis, regulatory interpretation, and advisory content for the Indian security community.
What data we collect and why
Newsletter subscription If you subscribe to the ThreatNote Briefing, we collect your email address for the sole purpose of sending you the weekly digest. Subscription is voluntary. Your email is processed by Substack (a US-based service) under their privacy policy available at substack.com/privacy. We do not sell, share, or trade your email address. You can unsubscribe at any time using the link in every email, after which your data is deleted from our mailing list.
Website analytics We use WP Statistics to understand how our content is read. WP Statistics processes data locally on our server — it does not send your data to third parties. No personally identifiable information is retained in our analytics.
Security monitoring We use Wordfence for website security. Wordfence may process IP addresses for threat detection purposes. Their privacy policy is available at wordfence.com/privacy-policy.
Server logs Our hosting provider (GoDaddy) automatically records standard server logs including IP addresses, browser type, and pages visited. These logs are retained for a limited period for security and operational purposes. We do not use these logs to identify individual visitors.
Cookies
ThreatNote uses minimal cookies. We do not use advertising cookies or tracking cookies. The cookies we set are:
- Session cookies — temporary, deleted when you close your browser
- Security cookies — set by Wordfence for protection against malicious traffic
- Cache cookies — set by LiteSpeed Cache for site performance
We do not use cookies to track you across other websites. We do not serve third-party advertising.
Embedded content
Some articles may embed content from third-party sources such as YouTube or Twitter. Embedded content behaves as if you visited those platforms directly and may set their own cookies. We have no control over third-party data practices.
Your rights
Regardless of your location, you have the right to:
- Know what personal data we hold about you
- Request correction or deletion of your data
- Withdraw consent for newsletter subscription at any time
- Lodge a complaint with your relevant data protection authority
Indian residents: Under the Digital Personal Data Protection Act 2023, you have the right to access, correct, and erase your personal data, and to nominate a representative for these rights.
EU/EEA residents: Under GDPR, your lawful basis for newsletter processing is consent (Article 6(1)(a)). You may withdraw consent at any time without affecting the lawfulness of prior processing.
Data retention
- Newsletter subscribers: retained until unsubscription
- Server logs: retained per GoDaddy’s standard retention period
- Analytics data: aggregated, retained for 90 days then pruned automatically
Children
ThreatNote is not directed at individuals under 18. We do not knowingly collect data from minors.
Changes to this policy
We may update this policy as our platform evolves. Material changes will be noted with an updated date at the top of this page.