Skip to main content

Last updated: 1 June 2025

Overview

CISO Daily (“we”, “us”, “our”) operates cisodaily.com. This policy explains what information we collect when you visit the site, how we use it, and your rights in relation to it.

We do not sell your data. We do not run advertising networks. We collect the minimum information necessary to operate the site.

Information We Collect

Automatically Collected Data

When you visit cisodaily.com, our hosting infrastructure automatically logs standard access information including IP addresses, browser type, referring URLs, and pages visited. This data is used solely for security monitoring and aggregate traffic analysis. Logs are retained for 30 days.

Cookies

We use a small number of cookies strictly necessary for site functionality — specifically, a preference cookie to remember your light/dark theme choice. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

Email Subscriptions

If you subscribe to our newsletter, we collect your email address. We use it only to send the publication you signed up for. You can unsubscribe at any time via the link in any email.

How We Use Your Information

We use the information we collect to:

  • Operate and improve the site
  • Detect and prevent abuse or security incidents
  • Send the newsletter to subscribers who have opted in
  • Comply with legal obligations

We do not use your information for profiling, behavioural advertising, or any automated decision-making.

Third-Party Services

The site is hosted on Cloudflare Pages. Cloudflare processes request data as part of their infrastructure and content delivery network. Refer to Cloudflare’s Privacy Policy for details.

We do not embed social media tracking pixels, Google Analytics, or other third-party analytics services.

Data Retention

Server access logs are deleted after 30 days. Email subscriber records are retained until you unsubscribe, at which point they are deleted within 7 days.

Your Rights

Under GDPR and UK data protection law, you have the right to:

  • Access the personal data we hold about you
  • Rectification of inaccurate data
  • Erasure of your data (“right to be forgotten”)
  • Restriction of processing in certain circumstances
  • Data portability
  • Object to processing

To exercise any of these rights, contact us. We will respond within 30 days.

Changes to This Policy

We may update this policy from time to time. Material changes will be noted at the top of this page with a revised date. Continued use of the site after changes constitutes acceptance of the updated policy.

Contact

For privacy-related requests or questions, use our contact page.