Privacy & data note
This note explains, in plain language, what zerodaysecurity.org does with your information, across both the marketing site and the AI security assessment. It is written with the EU/UK GDPR and US state privacy laws (such as the California CCPA/CPRA) in mind.
What stays in your browser
When you use the AI security assessment, your questionnaire answers and the assessment document are generated and stored entirely in your browser. The document content, including your gap analysis, is never sent to our servers. If you close the tab, your answers are saved locally on your device so you do not lose them; clearing your browser data removes them.
What we collect, and why
- Contact details you submit (name, work email, organization, and your message or area of interest), so we can reply to your enquiry and follow up about our services.
- Assessment lead details (institution name, market, work email and optional phone), to send you a copy of your assessment, to offer a working session, and to follow up about AI security.
- Assessment signals (your answers, your computed risk tier and maturity level), to understand demand and improve the tool. We do not store the full generated document.
We collect this only after you give consent, and only the minimum needed for the purposes above.
Advertising measurement
This site may use the Meta Pixel, which sets cookies and reports page visits to Meta so we can measure our advertising. It never sees your assessment answers or your generated document, those stay in your browser. You can block it with standard tracker-blocking browser settings or extensions without affecting the site or the tool.
Lawful basis & retention
For visitors in the EU/UK, we process your details on the basis of your consent (and our legitimate interest in responding to enquiries you initiate). We keep them only as long as needed to follow up on your interest, after which they are deleted. You can withdraw consent and ask us to delete your data at any time.
Your rights
Depending on where you live, you may have the right to access, correct, delete, or port your personal data, to object to or restrict its processing, and to opt out of "sale" or "sharing" of personal information (we do not sell your data). To exercise any of these, contact us using the details below and we will respond as required by law.
Who can see it
Your details are stored on Zero Day Security's own infrastructure (Cloudflare) and shared only with the Zero Day Security team. If you book a session, your name and email are shared with our scheduling provider (Cal.com) to create the booking. Enquiry and assessment notifications are delivered through our email provider (Resend). We do not sell your data.
The optional "Ask" feature
If you use the optional side-question box in the assessment, your typed question is sent to our AI provider to generate an answer about AI security and our services. Please do not enter confidential or personal data into that box.
Contact
To make a data request or ask a question about this note, email hello@zerodaysecurity.org or call +1 (437) 663-8446.