Whatoblock.com
Login Register

Privacy Policy

How we handle your data and protect your privacy. Please read this policy carefully to understand our data practices.

Data Protection
Privacy First
Last updated: December 19, 2024

Introduction

At Whatoblock.com, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and keep your information safe when you use our cybersecurity intelligence platform.

Our platform provides four main products and services:

  • Scanners: Network scanning activity data, including UDP and TCP scanning attempts
  • Heartbeat: IP geolocation and threat intelligence data, categorizing IP addresses by threat type, location, and network characteristics
  • Botnets: Command & Control (C2) server intelligence and downloadable malware samples for security research
  • Open Data: Raw scanner result files providing access to survey data from various services and protocols

All products are accessible through our web interface and RESTful API.

Information We Collect

Personal Information

We may collect the following personal information:

  • Account Information: Username, email address, and password when you create an account
  • Profile Information: Any additional information you provide in your user profile
  • Authentication Data: Two-factor authentication codes and backup codes

Technical Information

We automatically collect certain technical information:

  • IP Addresses: Your IP address for security, analytics, and CDN optimization purposes
  • Browser Information: Browser type, version, and operating system (User Agent)
  • Usage Data: Pages visited, time spent, and interactions with our platform
  • Security Logs: Login attempts, access patterns, and security events
  • API Authentication: API keys (UUIDv4 format) for API access, token consumption records, and API request logs
  • Token Usage: Token balance, consumption history, and billing information across our products
  • CDN Data: Information collected by Cloudflare for performance optimization and security
  • Payment Data: Payment transaction information processed through our payment proccessors

Cybersecurity Data

As a threat intelligence platform, we collect and analyze data for our four main products:

  • Scanner Data: Network scanning activity including UDP and TCP scan attempts, IP addresses, ports, protocols, timestamps, and geographic information (country, ASN, organization) from scanning activity
  • Heartbeat Data: IP geolocation and threat intelligence including IP addresses, threat categories (OpenProxy, Tor Exit Node, Scanner, C2), timestamps, geographic data (country, latitude, longitude), network information (ASN, ISP, organization), and threat scores
  • Botnet Data: Command & Control (C2) server information including C2 server IP addresses, scanner IPs, botnet scores, geographic data, malware samples (when available), unique botnet identifiers, and timestamps
  • Open Data: Raw scanner result files containing IP addresses collected from network scans we initiate using our own parameters. Includes service names, protocols (TCP/UDP), ports, file metadata (MD5 hashes, file sizes, timestamps), IP counts, and file contents from various network scanning services

How We Use Your Information

We use the collected information for the following purposes:

  • Account Management: Creating and maintaining your user account
  • Security: Protecting against unauthorized access and fraud
  • API Access: Managing API authentication, token-based billing, and API request processing for all products
  • Analytics: Improving our platform and understanding usage patterns through Google Analytics
  • Communication: Sending important updates and notifications
  • Compliance: Meeting legal and regulatory requirements

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

  • Legal Requirements: When required by law enforcement
  • Security Threats: To prevent fraud, abuse, or security threats

Data Security

We implement comprehensive security measures to protect your information:

  • Encryption: All data is encrypted in transit
  • Access Controls: Strict access controls and authentication requirements
  • Regular Audits: Security audits and vulnerability assessments
  • Incident Response: Rapid response to security incidents

Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Improve our services and security

Your Rights

You have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing activities

Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your session and authentication status
  • Remember your preferences and settings
  • Analyze platform usage and performance (Google Analytics)
  • Enhance security and prevent fraud (Cloudflare Turnstile)
  • Optimize website performance (Cloudflare CDN)

For detailed information about third-party services and their cookie usage, please see the Third-Party Services section below.

Third-Party Services

Our platform integrates with the following third-party services:

  • Google Analytics: We use Google Analytics to understand platform usage, performance, and user behavior. Google Analytics may collect information such as your IP address, browser type, pages visited, and time spent on our platform. You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.
  • Cloudflare CDN: We use Cloudflare's Content Delivery Network (CDN) for improved website performance, security, and global connectivity. Cloudflare may collect technical information including IP addresses, browser information, and request data to provide these services.
  • Cloudflare Turnstile: We use Cloudflare Turnstile for bot protection and security verification. This service helps prevent automated abuse and ensures legitimate user access to our platform.
  • Stripe: We use Stripe for secure payment processing when you purchase token packages. Stripe collects and processes payment information according to their privacy policy. We do not store your complete payment card information on our servers.

Children's Privacy

Our platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our platform
  • Sending email notifications to registered users
  • Updating the "Last updated" date at the top of this policy

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

This Privacy Policy is effective as of the date listed above and applies to all users of Whatoblock.com.