Privacy Policy

The short version

• We do not offer accounts, and you do not need to identify yourself to read anything on this site.
• If you submit a breach page’s case-review form, the details you enter are sent to the law firm investigating that breach to assess your potential eligibility.
• We use Google Analytics, which sets cookies and collects standard usage data, to understand how the site is used.
• Our hosting provider keeps standard server logs (including IP addresses) for security and reliability.
• We do not sell or rent your personal information, and we do not run advertising trackers.
• You can opt out of analytics and control cookies, and — depending on where you live — request access to or deletion of your information.

Who we are

Data Breach Desk (the “Site”) is operated by Aligned Intelligence Inc. (“we,” “us,” or “our”). For the purposes of applicable data-protection law, Aligned Intelligence Inc. is the controller of personal information processed through the Site. You can reach us using the details in the Contact section below.

Accounts

We do not provide user accounts, logins, or profiles, and you do not need to register or identify yourself to read anything on this site.

Information you provide to us

Case-review form

Each breach page has an optional case-review form. If you choose to submit it, we collect your name, your email address, and your answer to whether you received a breach notice, along with which breach page you submitted from. We transmit that information by email to the law firm investigating that breach so it can assess your potential eligibility and contact you about it. We do not sell it or build a separate marketing database from it; the investigating firm then handles it under its own privacy and professional-responsibility obligations. Submitting the form does not create an attorney-client relationship.

Contacting us

If you email us directly — for example, to report an error, make a privacy request, or ask a question — we receive your email address, your name if you provide it, and the contents of your message, and we use that only to respond to and act on your request.

Information collected automatically

Server logs

Our hosting provider (Vercel) automatically records standard log data each time a page is requested: your IP address, browser type and user-agent string, the page or file requested, the date and time, and the referring URL. These logs are used to operate, secure, and troubleshoot the Site and are retained according to the hosting provider’s own policies.

Analytics (Google Analytics)

We use Google Analytics 4, a web-analytics service provided by Google LLC, to understand how visitors find and use the Site so we can improve it. Google Analytics sets cookies and collects information such as the pages you view, the approximate location derived from your IP address, your device and browser type, referral source, and how you move through the Site. This information is aggregated and used for statistical analysis; we do not use it to identify you personally.

Google processes this data on our behalf and may use it subject to Google’s Privacy Policy. For more on how Google uses data from sites that use its services, see policies.google.com/technologies/partner-sites. You can opt out of Google Analytics across all sites by installing the Google Analytics Opt-out Browser Add-on.

Cookies and similar technologies

A cookie is a small text file stored on your device by your browser. We use cookies for the following purposes:

• Analytics cookies. Set by Google Analytics to distinguish visitors, measure usage, and remember your session. These are not strictly necessary for the Site to function.
• Essential cookies. If present, these support core functionality and security. We do not use cookies for advertising or cross-site behavioral tracking.

You can control or delete cookies through your browser settings, and you can set most browsers to refuse cookies or alert you when one is set. Blocking analytics cookies will not affect your ability to read the Site. Where required by law, we will ask for your consent before setting non-essential cookies.

How we use information

We use the information described above to:

• Operate, maintain, secure, and improve the Site;
• Understand aggregate usage and traffic patterns through analytics;
• Respond to messages you send us and act on requests, including corrections to a breach summary;
• Detect, prevent, and investigate fraud, abuse, security incidents, and technical problems; and
• Comply with legal obligations and enforce our terms.

How we share information

We do not sell or rent personal information, and we do not share it for cross-context behavioral advertising. We share information only in these limited circumstances:

• Service providers. With vendors that operate the Site on our behalf — currently our hosting provider (Vercel) and our analytics provider (Google) — who may process data only as needed to provide their service.
• Legal and safety. When we believe disclosure is required by law, subpoena, or legal process, or is necessary to protect the rights, property, or safety of Aligned Intelligence Inc., our users, or the public.
• Business transfers. In connection with a merger, acquisition, financing, or sale of assets, subject to this policy.

Data retention

We keep personal information only as long as needed for the purposes described in this policy. Correspondence you send us is retained for as long as needed to handle your request and for a reasonable period afterward. Server logs and analytics data are retained according to our hosting and analytics providers’ retention settings and policies, after which they are deleted or aggregated.

Your privacy rights

California (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect, to request access to or deletion of that information, to correct inaccurate information, and to not be discriminated against for exercising these rights. We do not sell or “share” personal information as those terms are defined under California law. To exercise a right, contact us using the details below; we will verify your request before acting on it.

EEA, UK, and other regions

If you are in the European Economic Area, the United Kingdom, or another region with comprehensive data-protection law, you may have the right to access, correct, delete, restrict, or object to our processing of your personal information, and to data portability. Where we rely on consent (such as for non-essential cookies), you may withdraw it at any time. You also have the right to lodge a complaint with your local supervisory authority. Our processing is based on our legitimate interests in operating and improving the Site, on your consent where applicable, and on compliance with legal obligations.

How to exercise your rights

Send your request to the contact address below. We will respond within the timeframe required by applicable law.

Do Not Track and Global Privacy Control

Some browsers offer a “Do Not Track” (DNT) signal or a Global Privacy Control (GPC) signal. Because there is no common industry standard for how to interpret DNT, we do not currently respond to DNT signals. Where required by law, we treat a recognized GPC signal as a valid opt-out request.

Children’s privacy

The Site is intended for adults and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we will delete it.

Data security

We use reasonable administrative, technical, and organizational measures designed to protect information against loss, misuse, and unauthorized access. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

International data transfers

We operate in the United States, and our service providers may process information in the United States and other countries. If you access the Site from outside the United States, you understand that your information may be transferred to and processed in countries whose data-protection laws may differ from those of your country.

Links to other sites

We link to official Attorney General filings on government websites and host copies of public filing PDFs. We are not responsible for the content or privacy practices of external sites; visiting them is subject to their own policies.

Changes to this policy

We may update this policy from time to time. When we make material changes, we will revise the “Last updated” date above and, where appropriate, provide a more prominent notice. Your continued use of the Site after an update takes effect means you accept the revised policy.

Contact us

Questions about this policy, or want to make a privacy request or report an error? Contact us at info@alignedintelligence.ai. If you are writing about a specific breach page, please include its web address so we can find it quickly.