Privacy Policy

Your privacy matters to us. Here's how we protect it.

Last updated: January 6, 2026

No Tracking Cookies

We don't use cookies to track you

Anonymous Analytics

Aggregated data only, no personal info

No Data Sales

We never sell your information

Introduction

CVEDatabase.com ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you visit our website at cvedatabase.com. We believe in transparency and have designed our services with privacy as a core principle.

Information We Collect

1. Analytics Data (Anonymous)

We use Vercel Analytics, a privacy-friendly analytics service that:

  • Does not use cookies
  • Does not collect personally identifiable information
  • Does not track you across websites
  • Uses a temporary hash (discarded after 24 hours) to count unique visitors
  • Collects only aggregated, anonymous data like page views and country

2. Local Storage (Your Device Only)

We use your browser's local storage to enhance your experience. This data never leaves your device:

  • Theme preference - Your dark/light mode choice
  • Recent searches - Your recent CVE search history
  • Viewed CVEs - Recently viewed vulnerabilities for quick access
  • Analysis state - Bulk analysis inputs (for convenience)

You can clear this data at any time through your browser settings.

3. Contact Information (Only When Provided)

If you contact us via email or our contact form, we collect only the information you voluntarily provide (such as your email address and message content) to respond to your inquiry.

What We Do NOT Collect

  • IP addresses (not stored or logged)
  • Personal identification information
  • Tracking cookies or advertising identifiers
  • Cross-site browsing behavior
  • User accounts or passwords (we don't have user accounts)
  • Payment or financial information

Third-Party Services

Vercel (Hosting & Analytics)

Our website is hosted on Vercel. Vercel Analytics collects anonymous, aggregated data to help us understand site usage. Vercel's privacy policy is available at vercel.com/legal/privacy-policy

Supabase (Database)

We use Supabase to store CVE data and blog posts. No personal user data is stored. Supabase's privacy policy is available at supabase.com/privacy

Google Fonts

We use Google Fonts to display text. Google Fonts does not set cookies or collect personal information. More information at developers.google.com/fonts/faq/privacy

Your Rights

Depending on your location, you may have the following rights:

  • Right to Access - Request information about data we hold about you
  • Right to Deletion - Request deletion of your personal data
  • Right to Opt-Out - Opt out of data processing (though we process minimal data)
  • Right to Portability - Request a copy of your data in a portable format

Since we collect minimal anonymous data, most of these rights are automatically satisfied. For local storage data, you can manage or delete it directly in your browser settings.

Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated "Last modified" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@brilliantdog.io

Website: cvedatabase.com/contact

Privacy-First by Design