Privacy Policy
This Privacy Policy explains how Byteshark LLC ("Byteshark," "we," "us," or "our"), an Oahu-based cybersecurity company, collects, uses, and protects information when you visit byteshark.tech, contact us, join a waitlist, or use our tools and services, including the Whitetip phishing checker.
1. Who we are
Byteshark LLC is the controller responsible for your information. You can reach us at contact@byteshark.tech for any privacy question or request.
2. Information we collect
- Information you send us. When you email us, request a quote, or join a waitlist, we receive your email address, your message, and anything you choose to include.
- Whitetip submissions. When you use Whitetip, we receive the email or text message you forward or submit for analysis, including its headers, body, links, and attachments, and the email address you send it from. These messages may contain personal information about you and about third parties (senders, recipients, and people mentioned in the message).
- Engagement information. For paid services (security testing, malware analysis, insurance readiness, research briefs), we receive the information you and your organization provide so we can perform the work, governed by our engagement agreement.
- Technical information. Like most websites and services, our hosting and infrastructure providers may automatically log technical data such as IP address, browser type, and timestamps for security and reliability.
3. Whitetip and Blacktip — how we use forwarded messages
When you submit a message to Whitetip, we analyze its contents to produce a phishing verdict and explanation and return that result to you.
We also use signals derived from submitted messages to improve our detection and to develop and train Blacktip, our forthcoming phishing-simulation and training product. Before any submission is used for these purposes, we take steps to strip personal information (such as names, email addresses, and other identifying details) so that what we retain reflects the techniques and patterns of an attack rather than the identity of any individual.
We do not sell the contents of your messages, and we do not use them to contact the senders or recipients. If you do not want your submissions used to improve detection or train Blacktip, contact us at contact@byteshark.tech and we will honor that request. {{Confirm the opt-out mechanism and whether it is opt-in or opt-out with counsel.}}
4. How we use information
- To provide, operate, and improve our tools and services.
- To respond to your inquiries and deliver work you've engaged us for.
- To develop new products, including Blacktip, using de-identified data as described above.
- To secure our systems, prevent abuse, and comply with legal obligations.
5. How we share information
We do not sell your personal information. We share it only with:
- Service providers who host our infrastructure and help us operate, under confidentiality obligations. {{List key sub-processors, e.g. AWS, email provider.}}
- Legal and safety recipients, when required by law or to protect our rights, users, or the public.
- A successor in the event of a merger, acquisition, or sale of assets.
6. Data retention
We keep information only as long as needed for the purposes above or as required by law. De-identified detection data derived from Whitetip may be retained longer because it no longer identifies you. {{Set specific retention periods with counsel.}}
7. Security
We use technical and organizational measures appropriate to our size to protect information, including isolating analysis environments and limiting access. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.
8. Your choices and rights
Depending on where you live, you may have rights to access, correct, delete, or restrict use of your personal information, and to opt out of certain processing. To make a request, email contact@byteshark.tech. We will respond as required by applicable law. {{Add state-specific disclosures (e.g. CCPA/CPRA) if you serve California residents.}}
9. Cookies and analytics
This website uses only what is necessary to serve the pages. {{Update this section if you add analytics, embeds, or cookies.}}
10. Children
Our services are intended for businesses and adults. We do not knowingly collect personal information from children under 13 (or the age defined by your local law).
11. Changes to this policy
We may update this policy from time to time. We will revise the "last updated" date above, and material changes will be reflected on this page.
12. Contact us
Questions or requests? Email contact@byteshark.tech.