CVE Tools
cve.tools ← Back to home

Privacy Policy

Last updated: March 11, 2026

1. Introduction

CVE Tools ("the Service"), operated by Pavel Buchnev ("we", "us", or "our"), respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account registration data (email address, name)
  • Authentication data from third-party providers (GitHub, Google, Telegram) when you choose to sign in via OAuth
  • Communications you send to us (support inquiries, feedback)

2.2 Information Collected Automatically

  • Usage data (pages visited, features used, search queries)
  • Device and browser information (browser type, operating system)
  • IP address and approximate location
  • Cookies and similar tracking technologies

2.3 Information from Third Parties

  • Profile information from OAuth providers (GitHub username, avatar, email)
  • Payment information processed by Paddle (we do not store credit card details)

3. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Process payments and subscriptions (via Paddle)
  • Send transactional communications (account notifications, security alerts)
  • Analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues or abuse
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

  • Paddle — our Merchant of Record for payment processing. Paddle's privacy policy is available at paddle.com/legal/privacy
  • Analytics providers — to understand Service usage (e.g., Google Analytics)
  • Law enforcement — when required by law or to protect our rights

5. Cookies and Tracking

We use essential cookies to maintain your session and authentication state. We may also use analytics cookies (Google Analytics) to understand how users interact with the Service. You can control cookie preferences through your browser settings.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, legal compliance).

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption of data in transit (TLS), secure authentication mechanisms, and access controls. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your personal data
  • Object to or restrict processing of your data
  • Request data portability
  • Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us at butschster@gmail.com.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for any such transfers in compliance with applicable data protection laws.

10. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or by email. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

12. Contact

If you have questions or concerns about this Privacy Policy, contact us at butschster@gmail.com.