1. Our Commitment: Privacy by Design
CyberNavy is built on the principle of minimal data collection. We collect no personally identifiable information (PII) unless you voluntarily provide it via the contact form.
This policy applies to all visitors from all countries, including residents of the European Union (GDPR) and California, USA (CCPA).
2. Data We Do NOT Collect
We do not collect or store:
- Your name, email address, or any personal identifier
- Your full IP address (only an anonymized daily hash for rate-limiting the CyberPeace Pledge)
- Browsing behavior or cross-site tracking data
- Payment information (this is a free, non-commercial site)
- Device fingerprints or persistent identifiers
3. Data We Collect (Anonymous Only)
Server Logs
Our hosting provider (O2switch) automatically records standard server access logs including anonymized IP addresses, request dates, pages visited, and browser type. These logs are retained for a maximum of 30 days for security purposes and are not shared with third parties.
CyberPeace Pledge
When you sign the CyberPeace Pledge, we store in a local JSON file:
- Your selected country flag (voluntarily provided)
- Your world region (derived from country selection)
- A cryptographically random 8-character seal
- The date and time of signature
- An anonymized daily rate-limit token (one-way SHA-256 hash of your IP + today's date โ mathematically impossible to reverse to your IP)
No name, email, or full IP address is stored. The pledge is completely anonymous.
Session Cookie
A temporary session cookie (expires when you close your browser) is used solely to prevent duplicate pledge submissions on the same day. It contains no personal data.
4. Cookies
This site uses one functional cookie only: a PHP session cookie (cn_sess) used for security (CSRF protection). No analytics cookies, no advertising cookies, no third-party trackers.
You may disable cookies in your browser settings. The site remains fully functional without cookies, except that the pledge form CSRF protection will not work.
5. No Third-Party Services
This site does not use:
- Google Analytics, Meta Pixel, or any tracking service
- Social media share buttons (which track visitors)
- CDN services that collect user data
- Advertising networks
6. Your Rights (GDPR โ EU/EEA Residents)
Under the General Data Protection Regulation, you have the right to:
- Access any data we hold about you (practically none)
- Erasure ("right to be forgotten") โ contact us to remove your pledge entry
- Portability of your data in machine-readable format
- Object to processing
- Lodge a complaint with the CNIL (France): www.cnil.fr
7. Your Rights (CCPA โ California Residents)
Under the California Consumer Privacy Act, California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell, trade, or transfer any personal information โ we barely collect any.
8. Data Security
All data is hosted exclusively on O2switch servers located in France (EU). The site uses HTTPS/TLS encryption for all connections. Pledge data is stored in a local JSON file with no remote access.
9. Children's Privacy
This site is intended for adults with an interest in cybersecurity. We do not knowingly collect data from children under 13 (COPPA) or under 16 (GDPR).
10. Contact
For any privacy-related request or question, please use our Contact page. We will respond within 30 days.