Privacy Policy

Your privacy matters to us. Here's how we protect it.

Last updated: April 16, 2026

Cookie Choices

Optional analytics and advertising technologies are controlled by consent

Measurement & Ads

We may use Google Analytics, Google AdSense, and other ad providers in line with your consent and applicable law

No Data Sales

We never sell your information

Introduction

CVEDatabase.com ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you visit our website at cvedatabase.com. We believe in transparency and have designed our services with privacy as a core principle.

Information We Collect

1. Analytics and Advertising-Related Data

We use Vercel Analytics for privacy-friendly operational metrics. We may also use Google Analytics 4, Google AdSense, and Ezoic or related consent and ad-technology providers to understand site usage, support monetization, and improve performance where allowed by your consent choices and applicable law.

  • Usage data may include page views, engagement events, browser type, and approximate location
  • Google Analytics on this site is intended to operate only when the relevant consent choice is available
  • Google AdSense, Ezoic, and their providers may process device, browser, and ad-performance information to serve or measure ads
  • We do not directly sell your personal information
  • You can review available consent choices through the site banner, footer settings, or partner consent prompts where shown

2. Local Storage (Your Device Only)

We use your browser's local storage to enhance your experience. This data never leaves your device:

  • Theme preference - Your dark/light mode choice
  • Recent searches - Your recent CVE search history
  • Viewed CVEs - Recently viewed vulnerabilities for quick access
  • Analysis state - Bulk analysis inputs (for convenience)

You can clear this data at any time through your browser settings.

3. Contact Information (Only When Provided)

If you contact us via email or our contact form, we collect only the information you voluntarily provide (such as your email address and message content) to respond to your inquiry.

What We Do NOT Collect

  • Payment or financial credentials for ordinary browsing of the site
  • User passwords or account credentials that we manage ourselves
  • Sensitive personal information unless you voluntarily send it to us
  • Any more personal information than is necessary to operate, secure, and support the service

Third-Party Services

Vercel (Hosting & Analytics)

Our website is hosted on Vercel. We also use Vercel Analytics for privacy-friendly, aggregated operational insight. Vercel's privacy policy is available at vercel.com/legal/privacy-policy

Supabase (Database)

We use Supabase to store CVE data and blog posts. No personal user data is stored. Supabase's privacy policy is available at supabase.com/privacy

Google Analytics

If you consent to analytics cookies, we may use Google Analytics 4 to understand site usage, page performance, and navigation trends. Google's privacy information is available at policies.google.com/privacy

Google AdSense

We may use Google AdSense to display and measure advertisements. Google's privacy and advertising information is available at policies.google.com/technologies/ads

Ezoic and Consent Management Providers

Where used, we may also work with Ezoic for ad delivery, measurement, and monetization. Ezoic's consent tooling and related privacy providers may be used to manage advertising-related consent choices where required. Learn more at g.ezoic.net/privacy/cvedatabase.com

Google Fonts

We use Google Fonts to display text. Google Fonts does not set cookies or collect personal information. More information at developers.google.com/fonts/faq/privacy

Your Rights

Depending on your location, you may have the following rights:

  • Right to Access - Request information about data we hold about you
  • Right to Deletion - Request deletion of your personal data
  • Right to Opt-Out - Opt out of data processing (though we process minimal data)
  • Right to Portability - Request a copy of your data in a portable format

Since we collect minimal anonymous data, most of these rights are automatically satisfied. For local storage data, you can manage or delete it directly in your browser settings.

Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated "Last modified" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@cvedatabase.com

Website: cvedatabase.com/contact

Privacy-First by Design