InfoSec Relations is an analytical publication operated by Ebenworks Private Limited (CIN: U62099DL2026PTC461045), a company incorporated under the Companies Act, 2013 and registered in New Delhi, India. This Privacy Policy explains what personal information we collect, how we use it, and the rights available to you under applicable law.
By visiting infosecrelations.com or subscribing to any of our newsletters, you agree to the practices described in this policy.
Who We Are
InfoSec Relations (infosecrelations.com) is published by Ebenworks Private Limited. Our Offensive Engineering newsletter is published at offensive.infosecrelations.com via Substack. Throughout this policy, "we," "us," and "our" refer to Ebenworks Private Limited as the data fiduciary responsible for your personal information.
For privacy-related inquiries, write to us at hello@infosecrelations.com.
Information We Collect
We collect information in two ways: information you provide directly, and information our systems collect automatically when you visit the site.
Information you provide. When you subscribe to the InfoSec Relations or Offensive Engineering newsletter, we collect your email address. When you contact us through any of our published email addresses, we retain that correspondence for the purpose of responding to you.
Information collected automatically. Our website is hosted on Ghost (Ghost Foundation), which collects standard web server logs including IP addresses, browser type, referring URLs, and pages visited. We may use privacy-respecting analytics tools to understand aggregate readership patterns. We do not build individual user profiles for advertising or commercial targeting purposes.
How We Use Your Information
We use your email address solely to deliver the newsletter editions and editorial communications you subscribed to. We use aggregated, anonymised analytics data to understand which content serves our readership and to improve the publication over time. We do not sell, rent, or share your personal information with third parties for marketing or commercial purposes under any circumstances.
Third-Party Services
Substack. Our newsletters are delivered through Substack (Substack Inc., United States). When you subscribe, your email address is stored on Substack's platform and processed in accordance with Substack's Privacy Policy, available at substack.com/privacy. This constitutes a transfer of personal data outside India to a third country.
Ghost. Our website is hosted on Ghost Pro (Ghost Foundation). Ghost processes web traffic data on our behalf as part of standard hosting operations.
LinkedIn and YouTube. We publish content and link to our profiles on LinkedIn and YouTube. Visiting those platforms subjects you to their respective privacy policies. We are not responsible for the data practices of external websites or platforms.
Cookies
Our website uses cookies and similar tracking technologies to ensure basic site functionality. This includes session cookies necessary for the site to operate correctly. We may also use analytics cookies to measure aggregate traffic and content performance. You can manage or disable cookies through your browser settings at any time. Disabling certain cookies may affect the functionality of some site features.
Data Retention
We retain your email address for as long as you remain an active subscriber. You may unsubscribe at any time using the unsubscribe link included in every newsletter edition, after which your information will be removed from our active mailing list in accordance with Substack's data deletion procedures. Web server logs are retained for a limited period for security and operational purposes and are not used to identify individual readers.
Your Rights
Under the Digital Personal Data Protection Act, 2023 (India), you have the right to obtain a summary of the personal data we hold about you, correct inaccurate or incomplete information, and withdraw consent for processing, including by unsubscribing from our newsletter.
If you are located in the European Economic Area or the United Kingdom, you may additionally have rights under the General Data Protection Regulation (GDPR), including the right to erasure, restriction of processing, and data portability.
To exercise any of these rights, contact us at hello@infosecrelations.com. We aim to acknowledge requests within 72 hours and resolve them within 30 days, or within the timeframes required by applicable law.
Grievance redressal. For grievances under the DPDP Act 2023, please write to hello@infosecrelations.com with the subject line "Data Grievance." We will endeavour to resolve all grievances within 30 days of receipt.
Children's Privacy
InfoSec Relations is a professional analytical publication intended for adult readers. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have inadvertently collected data from a minor, we will delete it promptly. If you believe a minor's data has been submitted to us, please contact hello @ infosecrelations.com.
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or in applicable law. Material changes will be noted on this page with a revised "Last updated" date. Your continued use of the site following any update constitutes acceptance of the revised policy. We encourage you to review this page periodically.
Contact
For questions about this Privacy Policy or to exercise your rights, reach us at:
Ebenworks Private Limited registered in New Delhi, India CIN: U62099DL2026PTC461045 Email: hello @ infosecrelations.com Website: infosecrelations.com