Privacy Policy

1. Introduction

Specter Systems ("we", "us", or "our") operates the spectersystems.org website and the Specter Systems threat intelligence platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

2. Data Controller

Data Controller: Specter Systems LLC

Data Protection Officer: sage@spectersystems.org

Jurisdiction: United States

3. Information We Collect

• Account Data: Username, email, password hash.
• Threat Data: Anonymized attacker behavior, IP addresses (hashed), tool signatures. All payloads are scrubbed for PII before storage.
• Usage Data: Pages visited, language preference, session cookies.
• Contact Data: Name, email, message (if you use the contact form).

4. How We Use Your Data

• To provide and maintain the platform.
• To generate threat intelligence and risk scores.
• To communicate with you about your account or inquiries.
• To comply with legal obligations.

5. Data Retention

Account data is retained until you delete your account. Threat data is retained according to your subscription tier (7 days to 1 year). Contact messages are retained for 2 years.

6. Your Rights (GDPR / CCPA)

• Right to access your data.
• Right to rectification.
• Right to erasure ("Right to be forgotten").
• Right to data portability.
• Right to object to processing.

To exercise these rights, contact sage@spectersystems.org.

7. Cookies

We use essential cookies for login sessions and language preference. We do not use third-party tracking cookies. See our Cookie Policy.

8. Security

We implement industry-standard measures including TLS encryption, password hashing (SHA-256), and PII shredding. However, no method is 100% secure.

9. Changes to This Policy

We may update this policy. Changes are posted here with a revised date.

10. Contact

Questions? Email sage@spectersystems.org.