Legal Information

Privacy Policy

security2035.tech ("the Site") is operated by Dan Tenescu, Bucharest, Romania. This policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and Romanian Law 190/2018.

1. Data Controller

Dan Tenescu
Email: contact@security2035.tech
Bucharest, Romania

2. What Data We Collect

• Email address — required for account creation and digest delivery
• Name — optional, for personalization
• Password — stored as a bcrypt hash, never in plaintext
• Preferences — severity filters, vendor interests, category interests, digest schedule
• Session data — a session cookie for authentication (see Cookie Policy)

We do not collect: IP addresses for profiling, browser fingerprints, location data, or any data from third-party trackers.

3. Purpose and Legal Basis

• Account & authentication — to provide the service (Art. 6(1)(b) GDPR — contract performance)
• Email digest — to deliver the daily security news digest you opted into (Art. 6(1)(a) GDPR — consent)
• Preferences — to personalize your feed and digest (Art. 6(1)(b) — contract performance)

4. Data Retention

• Account data — retained until you delete your account or request erasure
• Session cookies — expire after 8 hours
• Articles — stored indefinitely (public cybersecurity news, no personal data)

5. Data Sharing

We do not sell, rent, or share your personal data with third parties. Email delivery is handled by our own mail server (Postfix) running on the same infrastructure. No external email services are used.

6. Your Rights (GDPR Articles 15–22)

You have the right to:

• Access — request a copy of your personal data
• Rectification — correct inaccurate data (via Settings)
• Erasure — request deletion of your account and all associated data ("right to be forgotten")
• Data portability — receive your data in a structured, machine-readable format
• Withdraw consent — unsubscribe from digest at any time via the link in every email
• Lodge a complaint — with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) at www.dataprotection.ro

To exercise any of these rights, contact: contact@security2035.tech

7. Security Measures

• HTTPS/TLS encryption for all traffic
• Passwords hashed with bcrypt (12 rounds)
• Session cookies: HttpOnly, Secure, SameSite=Strict
• CSRF protection on all state-changing requests
• Brute-force protection with account lockout
• No third-party scripts, trackers, or analytics

8. International Transfers

All data is processed and stored on servers located in the European Union. No data is transferred outside the EU/EEA.

Terms of Service

1. Service Description

security2035.tech is a free cybersecurity news aggregator that collects articles from public RSS feeds, classifies them by severity, tags them by category and vendor, generates AI summaries, and optionally delivers a daily email digest.

2. Content Disclaimer

All articles displayed on this site are aggregated from third-party sources. We do not author, verify, or endorse the content. Article titles, descriptions, and links belong to their respective publishers. AI-generated summaries are produced automatically from RSS feed descriptions and may contain inaccuracies.

3. Account

• Registration is free and optional
• You must provide a valid email address
• You are responsible for keeping your password secure
• We reserve the right to suspend accounts that violate these terms

4. Acceptable Use

You agree not to:

• Use automated tools to scrape or bulk-download articles
• Attempt to gain unauthorized access to the system
• Use the service for commercial redistribution of aggregated content

5. Availability

The service is provided "as is" without guarantees of uptime or availability. We may modify, suspend, or discontinue the service at any time.

6. Intellectual Property

The security2035.tech platform (code, design, branding) is the property of the operator. Third-party article content remains the property of its respective publishers.

7. Limitation of Liability

To the maximum extent permitted by law, the operator is not liable for any damages arising from the use of this service, including but not limited to reliance on aggregated content, service interruptions, or data loss.

8. Governing Law

These terms are governed by the laws of Romania and the European Union. Any disputes shall be resolved by the competent courts of Bucharest, Romania.

Cookie Policy

1. What Cookies We Use

This site uses only strictly necessary cookies:

• connect.sid — Session cookie for authentication. HttpOnly, Secure, SameSite=Strict. Expires after 8 hours. Without this cookie, login functionality would not work.

2. What We Do NOT Use

• No analytics cookies (Google Analytics, Matomo, etc.)
• No advertising cookies
• No third-party tracking cookies
• No social media cookies or embeds
• No fingerprinting or cross-site tracking

3. Local Storage

We use browser localStorage for:

• theme — your light/dark mode preference
• landing-dismissed — whether you've seen the welcome page
• personalized — your feed personalization toggle state
• cookie-consent — whether you've acknowledged this cookie notice

localStorage is not sent to the server and contains no personal data.

4. Consent

Under the ePrivacy Directive (2002/58/EC), strictly necessary cookies do not require consent. We display a notice for transparency. You can delete cookies at any time through your browser settings.

5. Contact

For questions about our cookie usage: contact@security2035.tech