Contact | RSS | EN → VI
Privacy

Privacy policy

Last updated: 2026-05-02

Things Worth Sharing (cloudsecop.net) is a personal blog. We respect your privacy and only collect data when it's genuinely needed.

1. What we collect

When you subscribe

  • Email address — to send you a confirmation and the weekly digest.
  • Preferred language (VI / EN) and form source (header / footer / post) — to deliver content in the right language and see which forms convert.
  • IP hash (SHA-256 with salt, the raw IP is never stored) — used only for rate-limiting.
  • User agent — to help detect spam bots.
  • Turnstile token — Cloudflare's captcha, verifies you're human. Does not track you across sites.

When you read

  • Cloudflare Web Analytics records anonymous page views, referrers, and country. No cookies, no personal identifiers.
  • Cloudflare edge logs briefly keep your IP for DDoS protection; they expire per Cloudflare's policy.

2. What we do NOT collect

  • No tracking pixels.
  • No advertising or A/B testing cookies.
  • No Google Analytics, Meta Pixel, or third-party trackers.
  • We don't sell, trade, or "share with partners".

3. Storage

Subscriber emails and related fields are stored in Cloudflare D1, provisioned in the APAC region. Rate-limit buckets auto-expire after 24 hours. Digest history is kept for up to 6 months.

4. Your rights

  • Unsubscribe any time via the "Unsubscribe" link at the bottom of every email, or by emailing khavan.work@gmail.com.
  • Access or delete: send an email from the address you subscribed with and we'll respond within 7 days.

5. Third-party services

  • Cloudflare — hosting, DNS, CDN, Turnstile, Web Analytics.
  • Resend — sends confirmation and digest emails. Receives only your email and the message content, nothing else.

6. Changes

When we update this policy, we change the "Last updated" date above. Substantive changes are announced to subscribers by email.

7. Contact

Any privacy question — khavan.work@gmail.com.