[xocipher]_
  • Tools
  • FAQ
  • About
  • Get in Touch

// LEGAL

Privacy Policy

How Xocipher collects, uses, and protects your personal data.

Last updated: July 3, 2026

Xocipher ("Xocipher", "I", "me", "we") is operated by an individual developer based in Sweden. This Privacy Policy explains what personal data is collected through xocipher.com (the "Site") and any software distributed from it (the "Tools"), why it's collected, and what rights you have over it under the EU General Data Protection Regulation (GDPR) and applicable Swedish law.

Contents

  1. 1. Data Controller
  2. 2. Data We Collect
  3. 3. Legal Basis for Processing
  4. 4. How We Use Your Data
  5. 5. Sharing & Third Parties
  6. 6. International Transfers
  7. 7. Data Retention
  8. 8. Your Rights
  9. 9. Cookies & Tracking
  10. 10. Children's Privacy
  11. 11. Security
  12. 12. Changes to This Policy
  13. 13. Contact

1. Data Controller

For the purposes of GDPR, the data controller responsible for your personal data is the individual developer operating Xocipher, based in Sweden. Xocipher is operated as an individual. You can reach the controller using the contact details in Section 13.

2. Data We Collect

Xocipher collects only the personal data you choose to give us. Specifically:

  • Contact form submissions: name, email address, and the content of any message you send via the contact form on this Site.
  • Direct email: if you email us directly, we receive your email address, name (if provided), and message content.

All fonts used on this Site are self-hosted rather than loaded from a third-party font service, so no font-related data is sent to Google or any other font provider.

As of this policy's publication, the contact form is a front-end placeholder and does not yet transmit data to a backend or third-party service. Once it is wired up to an email delivery service, this policy will be updated to name that service.

We do not currently use analytics, advertising trackers, or session-recording tools on this Site. If that changes, this policy will be updated before any such tool goes live.

3. Legal Basis for Processing

We process your personal data under the following legal bases (GDPR Art. 6):

  • Consent (Art. 6(1)(a)): when you voluntarily submit the contact form or email us.
  • Legitimate interest (Art. 6(1)(f)): to respond to your inquiry and operate a functioning, secure website.

4. How We Use Your Data

Personal data you provide is used solely to:

  • Respond to your inquiry, message, or request;
  • Notify you about tools or updates you've asked to hear about;
  • Maintain records of correspondence for our own reference.

We do not sell, rent, or use your data for advertising purposes.

5. Sharing & Third Parties

We do not share your personal data with third parties except where necessary to operate the Site (e.g. hosting infrastructure, such as Cloudflare), or where required by law. If a future version of the contact form uses a third-party form or email delivery service, that provider will be named here before it goes live.

6. International Transfers

Cloudflare is used to host and serve this Site and may process data (such as your IP address) outside the European Economic Area, including in the United States. Where this occurs, Cloudflare relies on its own applicable safeguards (such as EU-US Data Privacy Framework participation or standard contractual clauses). Fonts are self-hosted rather than loaded from a third-party font service, so no separate international transfer occurs as a result of font loading.

7. Data Retention

Contact form and email correspondence is retained only as long as reasonably necessary to respond to your inquiry and keep a record of it, and is deleted or anonymized when it is no longer needed for that purpose, unless a longer retention period is required by law.

8. Your Rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you;
  • Request correction of inaccurate data;
  • Request erasure of your data ("right to be forgotten");
  • Request restriction of processing;
  • Object to processing based on legitimate interest;
  • Request data portability;
  • Lodge a complaint with a supervisory authority: in Sweden, the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY), imy.se.

To exercise any of these rights, contact us using the details in Section 13.

9. Cookies & Tracking

This Site does not currently set its own cookies or use tracking technologies. Fonts are self-hosted, and hosting infrastructure (Cloudflare) may be subject to its own cookie or logging practices, governed by its own privacy policy.

10. Children's Privacy

This Site and the Tools are not directed at children under 16, and we do not knowingly collect personal data from children under that age. If you believe a child has provided us with personal data, contact us and we will delete it.

11. Security

We take reasonable technical measures to protect any personal data we hold. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time, for example as the Tools or contact mechanisms evolve. The "Last updated" date at the top of this page will reflect the most recent revision. Material changes will be reflected here before taking effect.

13. Contact

Questions about this Privacy Policy, or requests relating to your personal data, can be sent to contact@xocipher.com.

[xocipher]

Offensive-security automation & bug bounty tooling.

Site

Home Tools FAQ About Contact

Legal

Privacy Policy Terms of Service EULA

© Xocipher. All rights reserved.

Tools are intended for use only within engagements and bug bounty programs you are personally authorized to test.