policy / 01

$cat privacy.md

last updated · May 10, 2026

This privacy policy explains how goodhacker.in ("the site") handles information from visitors and prospective clients. The site is operated by Shubham Kumar, an independent cybersecurity consultant based in Durg, Chhattisgarh, India.

What I collect

Contact form data. Name, email, subject, service interest, and the message you submit.
Server logs. Standard request data — IP address, user-agent, timestamps — retained for security and abuse-prevention purposes.
Cookies. The site uses a single first-party cookie to remember your Tweaks panel preferences (accent, density, scanlines). No third-party tracking cookies are set.

What I do with it

Reply to your inquiry and discuss the engagement you asked about.
Send a written proposal, statement of work, or quote when relevant.
Diagnose abuse, scraping, or attempted intrusion against the site.

I do not sell, rent, or share your information with third parties for marketing. I do not subscribe you to any mailing list without explicit consent.

How long I keep it

Inquiry emails and any subsequent correspondence are retained for the duration of the engagement plus three years for tax and audit purposes. Server logs roll off within 30 days unless flagged for security review.

Your rights

Request a copy of any personal data I hold about you.
Request correction or deletion of that data.
Withdraw consent for further communication at any time.

To exercise any of these rights, email shubham@goodhacker.in with the subject line "PRIVACY REQUEST". I respond within 30 days.

Security

The site is served over HTTPS. Inquiry submissions are transmitted over encrypted channels. As a security professional, I take reasonable administrative and technical precautions appropriate to the volume and sensitivity of the data — but no system is invulnerable, and you should avoid sending unencrypted secrets, credentials, or production keys via the contact form.

Third-party services

Form submission. The contact form on the site posts to a serverless email forwarder.
Outbound links (LinkedIn, Twitter, Google Scholar) are operated by their respective providers under their own policies.
Fonts. Typeface files are served by Google Fonts.

Changes

I may update this policy as the practice evolves. Substantive changes will be reflected in the "last updated" timestamp above and, where appropriate, flagged on the site.

Contact

Questions about this policy? Email shubham@goodhacker.in.