Privacy Policy

Last updated: {{EFFECTIVE DATE}}
Draft — not legal advice This is a starting template prepared for Byteshark and has not been reviewed by an attorney. Placeholders in {{double braces}} must be completed, and the whole document should be reviewed by qualified counsel before it is published or relied upon — especially the Whitetip and Blacktip sections, which involve processing the contents of forwarded messages.

This Privacy Policy explains how Byteshark LLC ("Byteshark," "we," "us," or "our"), an Oahu-based cybersecurity company, collects, uses, and protects information when you visit byteshark.tech, contact us, join a waitlist, or use our tools and services, including the Whitetip phishing checker.

1. Who we are

Byteshark LLC is the controller responsible for your information. You can reach us at contact@byteshark.tech for any privacy question or request.

2. Information we collect

  • Information you send us. When you email us, request a quote, or join a waitlist, we receive your email address, your message, and anything you choose to include.
  • Whitetip submissions. When you use Whitetip, we receive the email or text message you forward or submit for analysis, including its headers, body, links, and attachments, and the email address you send it from. These messages may contain personal information about you and about third parties (senders, recipients, and people mentioned in the message).
  • Engagement information. For paid services (security testing, malware analysis, insurance readiness, research briefs), we receive the information you and your organization provide so we can perform the work, governed by our engagement agreement.
  • Technical information. Like most websites and services, our hosting and infrastructure providers may automatically log technical data such as IP address, browser type, and timestamps for security and reliability.

3. Whitetip and Blacktip — how we use forwarded messages

When you submit a message to Whitetip, we analyze its contents to produce a phishing verdict and explanation and return that result to you.

We also use signals derived from submitted messages to improve our detection and to develop and train Blacktip, our forthcoming phishing-simulation and training product. Before any submission is used for these purposes, we take steps to strip personal information (such as names, email addresses, and other identifying details) so that what we retain reflects the techniques and patterns of an attack rather than the identity of any individual.

We do not sell the contents of your messages, and we do not use them to contact the senders or recipients. If you do not want your submissions used to improve detection or train Blacktip, contact us at contact@byteshark.tech and we will honor that request. {{Confirm the opt-out mechanism and whether it is opt-in or opt-out with counsel.}}

4. How we use information

  • To provide, operate, and improve our tools and services.
  • To respond to your inquiries and deliver work you've engaged us for.
  • To develop new products, including Blacktip, using de-identified data as described above.
  • To secure our systems, prevent abuse, and comply with legal obligations.

5. How we share information

We do not sell your personal information. We share it only with:

  • Service providers who host our infrastructure and help us operate, under confidentiality obligations. {{List key sub-processors, e.g. AWS, email provider.}}
  • Legal and safety recipients, when required by law or to protect our rights, users, or the public.
  • A successor in the event of a merger, acquisition, or sale of assets.

6. Data retention

We keep information only as long as needed for the purposes above or as required by law. De-identified detection data derived from Whitetip may be retained longer because it no longer identifies you. {{Set specific retention periods with counsel.}}

7. Security

We use technical and organizational measures appropriate to our size to protect information, including isolating analysis environments and limiting access. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

8. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or restrict use of your personal information, and to opt out of certain processing. To make a request, email contact@byteshark.tech. We will respond as required by applicable law. {{Add state-specific disclosures (e.g. CCPA/CPRA) if you serve California residents.}}

9. Cookies and analytics

This website uses only what is necessary to serve the pages. {{Update this section if you add analytics, embeds, or cookies.}}

10. Children

Our services are intended for businesses and adults. We do not knowingly collect personal information from children under 13 (or the age defined by your local law).

11. Changes to this policy

We may update this policy from time to time. We will revise the "last updated" date above, and material changes will be reflected on this page.

12. Contact us

Questions or requests? Email contact@byteshark.tech.

Read our Terms of Service →