Privacy Policy

Effective: April 2026·Applicable to: rothackers.com·Contact: privacy@rothackers.com

TL;DR — The short version

ROT Independent Security Research Lab operates the Rot Hackers public site and Rot Hackers Academy. Public pages can be browsed without an account. Academy, LMS, feedback, contact, and certificate features may process the data needed to operate those services. We do not sell personal data.

1. Who We Are

This Privacy Policy applies to rothackers.com, operated by ROT Independent Security Research Lab under the public Rot Hackers brand and Rot Hackers Academy training division. References to "we", "us", or "our" refer to ROT Independent Security Research Lab. For questions, contact privacy@rothackers.com.

2. What Data We Collect

2.1 Data You Provide Directly

If you use a contact form, create an account, enroll, submit feedback, verify a certificate, or send us an email, we may collect:

Your name (if provided)
Your email address
Authentication and account details needed for LMS access
Course enrollment, progress, certificate, or review information
The content of your message

This data is used to respond to inquiries, provide LMS access, issue certificates, operate feedback features, and maintain platform security.

2.2 Automatically Collected Data

Like all web servers, our hosting infrastructure may automatically log:

IP address (anonymized where possible)
Browser type and version
Operating system
Pages visited and timestamps
Referring URL

These server logs are used for security monitoring, debugging, and DDoS mitigation. They are retained for a maximum of 30 days and then deleted.

2.3 Data We Do NOT Collect

We do not require registration to browse public pages.
We do not store full payment card details on rothackers.com.
We do not build advertising profiles.
We do not collect biometric or sensitive personal data.

3. Cookies & Local Storage

This website uses cookies and browser storage for security, login sessions, preferences, and analytics. Where analytics or advertising scripts are enabled, those providers process data under their own policies. We do not sell personal data.

Type	Purpose	Retention
Functional	Theme preferences, UI state	Session / localStorage
Analytics	Aggregated page view and performance analytics	90 days aggregated
Session	Authentication and LMS access	Session / configured expiry

You can disable cookies via your browser settings at any time. Disabling cookies will not affect your ability to browse this website.

4. How We Use Your Data

We process data only for the following legitimate purposes:

To operate and maintain this website.
To respond to contact form inquiries or emails you send us.
To provide academy enrollment, LMS access, reviews, and certificate verification.
To monitor and protect the security and integrity of the website.
To analyze anonymized, aggregated website traffic to improve content.
To comply with applicable legal obligations.

We do not use your data for automated decision-making or profiling.

6. Security Measures

As a security research organization, we take data security seriously. Our website implements:

HTTPS/TLS encryption for all traffic (HSTS enforced)
Strict Content Security Policy (CSP) and security headers
X-Frame-Options, X-Content-Type-Options, and Referrer-Policy controls
DDoS protection via Cloudflare
Regular security reviews of the codebase

No system is 100% secure. If you discover a security vulnerability in rothackers.com, please report it responsibly to security@rothackers.com.

7. Data Retention

Server logs: 30 days, then permanently deleted.
Contact form submissions: retained for up to 12 months or until the inquiry is resolved, whichever is sooner.
Academy/LMS account and certificate records: retained while needed to provide access, verify credentials, resolve disputes, and meet legal obligations.
Anonymized analytics: 90-day rolling window.

8. Your Rights

Under applicable privacy laws (including the Information Technology Act, 2000 and associated rules in India, and where applicable the GDPR), you have the right to:

Access — request a copy of personal data we hold about you.
Rectification — request correction of inaccurate or incomplete data.
Erasure — request deletion of your personal data (subject to legal retention obligations).
Restriction — request that we limit processing of your data in certain circumstances.
Objection — object to processing based on legitimate interests.
Portability — receive your data in a machine-readable format.

To exercise any of these rights, email privacy@rothackers.com. We will respond within 30 days.

9. Children's Privacy

Our tools and website are intended for security professionals and researchers aged 18 and above. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has provided us their personal data, please contact us at privacy@rothackers.com and we will delete it promptly.

10. International Users

ROT Independent Security Research Lab is based in India. If you access this website from the European Economic Area (EEA), United Kingdom, United States, or any other jurisdiction, your data may be transferred to and processed in India. By using this website, you consent to this transfer. We take reasonable steps to ensure equivalent data protection standards apply.

11. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will revise the "Effective" date at the top of this page. We encourage you to review this page periodically. Continued use of the website after changes constitutes acceptance of the revised policy.

12. Contact Us

Data Controller: ROT Independent Security Research Lab

Location: Chennai, Tamil Nadu, India

Privacy inquiries: privacy@rothackers.com

Security vulnerabilities: security@rothackers.com

General contact: support@rothackers.com

Terms & Conditions Disclaimer ← Back to Home

← rothackers.com

Privacy Policy

Effective: April 2026·Applicable to: rothackers.com·Contact: privacy@rothackers.com

TL;DR — The short version

1. Who We Are

2. What Data We Collect

2.1 Data You Provide Directly

If you use a contact form, create an account, enroll, submit feedback, verify a certificate, or send us an email, we may collect:

Your name (if provided)
Your email address
Authentication and account details needed for LMS access
Course enrollment, progress, certificate, or review information
The content of your message

This data is used to respond to inquiries, provide LMS access, issue certificates, operate feedback features, and maintain platform security.

2.2 Automatically Collected Data

Like all web servers, our hosting infrastructure may automatically log:

IP address (anonymized where possible)
Browser type and version
Operating system
Pages visited and timestamps
Referring URL

These server logs are used for security monitoring, debugging, and DDoS mitigation. They are retained for a maximum of 30 days and then deleted.

2.3 Data We Do NOT Collect

We do not require registration to browse public pages.
We do not store full payment card details on rothackers.com.
We do not build advertising profiles.
We do not collect biometric or sensitive personal data.

3. Cookies & Local Storage

Type	Purpose	Retention
Functional	Theme preferences, UI state	Session / localStorage
Analytics	Aggregated page view and performance analytics	90 days aggregated
Session	Authentication and LMS access	Session / configured expiry

You can disable cookies via your browser settings at any time. Disabling cookies will not affect your ability to browse this website.

4. How We Use Your Data

We process data only for the following legitimate purposes:

To operate and maintain this website.
To respond to contact form inquiries or emails you send us.
To provide academy enrollment, LMS access, reviews, and certificate verification.
To monitor and protect the security and integrity of the website.
To analyze anonymized, aggregated website traffic to improve content.
To comply with applicable legal obligations.

We do not use your data for automated decision-making or profiling.

6. Security Measures

As a security research organization, we take data security seriously. Our website implements:

HTTPS/TLS encryption for all traffic (HSTS enforced)
Strict Content Security Policy (CSP) and security headers
X-Frame-Options, X-Content-Type-Options, and Referrer-Policy controls
DDoS protection via Cloudflare
Regular security reviews of the codebase

No system is 100% secure. If you discover a security vulnerability in rothackers.com, please report it responsibly to security@rothackers.com.

7. Data Retention

Server logs: 30 days, then permanently deleted.
Contact form submissions: retained for up to 12 months or until the inquiry is resolved, whichever is sooner.
Academy/LMS account and certificate records: retained while needed to provide access, verify credentials, resolve disputes, and meet legal obligations.
Anonymized analytics: 90-day rolling window.

8. Your Rights

Under applicable privacy laws (including the Information Technology Act, 2000 and associated rules in India, and where applicable the GDPR), you have the right to:

Access — request a copy of personal data we hold about you.
Rectification — request correction of inaccurate or incomplete data.
Erasure — request deletion of your personal data (subject to legal retention obligations).
Restriction — request that we limit processing of your data in certain circumstances.
Objection — object to processing based on legitimate interests.
Portability — receive your data in a machine-readable format.

To exercise any of these rights, email privacy@rothackers.com. We will respond within 30 days.

9. Children's Privacy

10. International Users

11. Changes to This Policy

12. Contact Us

Data Controller: ROT Independent Security Research Lab

Location: Chennai, Tamil Nadu, India

Privacy inquiries: privacy@rothackers.com

Security vulnerabilities: security@rothackers.com

General contact: support@rothackers.com

Terms & Conditions Disclaimer ← Back to Home

Privacy Policy

1. Who We Are

2. What Data We Collect

2.1 Data You Provide Directly

2.2 Automatically Collected Data

2.3 Data We Do NOT Collect

3. Cookies & Local Storage

4. How We Use Your Data

5. Data Sharing & Third Parties

6. Security Measures

7. Data Retention

8. Your Rights

9. Children's Privacy

10. International Users

11. Changes to This Policy

12. Contact Us

Privacy Policy

1. Who We Are

2. What Data We Collect

2.1 Data You Provide Directly

2.2 Automatically Collected Data

2.3 Data We Do NOT Collect

3. Cookies & Local Storage

4. How We Use Your Data

5. Data Sharing & Third Parties

6. Security Measures

7. Data Retention

8. Your Rights

9. Children's Privacy

10. International Users

11. Changes to This Policy

12. Contact Us