Home Browse Reports Submit Report Sign In

Privacy Policy

Last updated: February 01, 2026

At BlacklistAlert ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (collectively, the "Service").

This policy is designed to comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws. By using our Service, you consent to the practices described in this Privacy Policy.

1 Information We Collect

1.1 Information You Provide

  • Account Information: When you create an account, we collect your name, email address, and authentication credentials (when using Google OAuth, we receive your basic profile information).
  • Report Submissions: Information you provide when submitting fraud reports, including descriptions, evidence, and contact details.
  • Communications: Content of messages when you contact us for support or feedback.

1.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device identifiers.
  • Usage Data: Pages visited, time spent, click patterns, search queries.
  • Log Data: Server logs recording access times, referring URLs, and errors.
  • Location Data: General geographic location based on IP address.

1.3 Information from Third Parties

  • OAuth Providers: Basic profile information from Google when you sign in.
  • Analytics Services: Aggregated usage statistics from our analytics providers.

2 How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Services: To operate, maintain, and improve the Service;
  • Account Management: To create and manage your account;
  • Content Moderation: To review and verify submitted reports;
  • Communication: To respond to inquiries and provide support;
  • Security: To detect, prevent, and address fraud, abuse, and security issues;
  • Analytics: To analyze usage patterns and improve user experience;
  • Legal Compliance: To comply with legal obligations and enforce our terms;
  • Notifications: To send service-related communications (with your consent for marketing).

Legal Basis for Processing (GDPR)

We process your data based on: (a) your consent, (b) performance of a contract, (c) compliance with legal obligations, and (d) our legitimate interests in operating and improving the Service.

3 Data Protection & Security

We implement robust security measures to protect your information:

  • Encryption: All data is encrypted in transit using TLS/SSL and at rest using AES-256;
  • Access Controls: Strict access controls limit employee access to personal data;
  • Secure Infrastructure: Our servers are hosted in SOC 2 compliant data centers;
  • Regular Audits: We conduct regular security assessments and penetration testing;
  • Incident Response: We have procedures to detect, report, and respond to data breaches.

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but will notify you of any breach affecting your data as required by law.

4 Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

Types of Cookies We Use

Type Purpose Duration
Essential Required for basic functionality and security Session
Functional Remember preferences and settings 1 year
Analytics Understand usage patterns and improve service 2 years

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect Service functionality.

5 Data Sharing & Third Parties

We may share your information with:

Service Providers

Third parties that help us operate the Service, including:

  • Cloud hosting providers (data storage and processing)
  • Analytics services (usage analysis)
  • Authentication providers (Google OAuth)
  • Email service providers (communications)

Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal process or government requests;
  • Protect our rights, privacy, safety, or property;
  • Investigate potential violations of our terms;
  • Respond to lawful requests from public authorities.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

We Do Not Sell Your Data

BlacklistAlert does not sell, rent, or trade your personal information to third parties for marketing purposes.

6 Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Right to Access

Request a copy of your personal data we hold.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your data ("right to be forgotten").

Right to Restrict Processing

Request limitation of how we use your data.

Right to Data Portability

Request your data in a portable, machine-readable format.

Right to Object

Object to processing based on legitimate interests.

Right to Withdraw Consent

Withdraw consent at any time where consent is the legal basis.

Right to Complain

Lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days (or as required by applicable law).

7 Data Retention

We retain your information for as long as necessary to:

  • Provide the Service and fulfill the purposes described in this policy;
  • Comply with legal obligations and resolve disputes;
  • Enforce our agreements and protect our legal rights;
  • Maintain accurate business records.

Account data is retained while your account is active and for up to 3 years after deletion to comply with legal requirements. Fraud reports may be retained longer due to their public interest nature.

8 International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission;
  • Adequacy decisions for countries with equivalent data protection;
  • Privacy Shield certification where applicable;
  • Binding corporate rules for intra-group transfers.

9 Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete that information immediately.

If you believe a child has provided us with personal information, please contact us at [email protected].

10 Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website;
  • Updating the "Last updated" date;
  • Sending an email notification (for significant changes);
  • Displaying a prominent notice on the Service.

We encourage you to review this policy periodically. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

11 Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

BlacklistAlert Privacy Team

Email: [email protected]

Address: 123 Security Plaza, Suite 500, San Francisco, CA 94102

For EU residents, you may also contact your local data protection authority if you have concerns about our data practices.

For European Union Residents

This Privacy Policy complies with the General Data Protection Regulation (GDPR). As a data subject in the EU, you have additional rights including the right to lodge a complaint with your local supervisory authority. Our Data Protection Officer can be reached at [email protected].

Terms of Service About Us Back to Home