Since November 2013, StopTheHacker (STH) has been a wholly owned subsidiary of CloudFlare, Inc. This privacy policy outlines our general policy and practices for the types of information CloudFlare gathers in the course of offering its STH products and services, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information.!

CloudFlare privacy & security policy

CloudFlare!will!not!sell,!rent,!or!give!away!any!of!your!personal!information!without!

your!consent.!It!is!our!overriding!privacy!principle!that!any!personal!information!

you!provide!to!us!is!just!that:!personal!and!private.!We!do!not!presume!that!you!are!

granting!us!permission!to!share!your!personal!information!with!third!parties!

wanting!to!sell!you!products!or!services!that!you!have!not!requested.!In!order!for!us!

to!provide!some!of!the!services!we!do!we!may!on!occasion!need!to!provide!

information!you!supply!us!to!external!parties.!While!these!third!parties!will!have!

access!to!customer!information!in!order!to!perform!the!functions!CloudFlare!

contracts!to!them,!such!data!may!not!be!used!by!them!for!other!purposes.!

CloudFlare!may!need!to!purge!information!from!its!system!from!time!to!time,!and!

does not promise to keep any information beyond what is required by applicable law or regulation.!

CloudFlare's!website!and!services!are!not!intended!for,!or!designed!to!attract,!

individuals!under!the!age!of!18.!CloudFlare!does!not!knowingly!collect personally identifiable information from any person under the age of 18.!

PERSONS TO WHOM THIS PRIVACY POLICY APPLIES

This privacy policy applies to visitors to our website, users of CloudFlare's services, and information we collect from visitors to the websites of users of CloudFlare's services. Our users' websites may have their own Privacy Policies and may not be covered by CloudFlare's policy. We encourage visitors to these third party websites to make themselves aware of their privacy policies.!

INFORMATION DESIGNATED AS PUBLIC

As part of our service, our users may decide to provide information specifically to be shared with third parties. For example, they may allow us to build statistical reports based on what malicious visitors have visited your site or how many visitors’ computers may have been infected by a particular site. In cases such at these, we will try to make it clear whenever any information our users provide us will be made public. Even when our users give us permission to make certain information public, we will still protect the

Comment [1]: Explains that STH is now a CloudFlare company/

Deleted: Privacy Policy ... [1]

Deleted: . We may, however, share information about our customers in the following circumstances: ... [2]

Comment [2]: A core principle from CloudFlare’s privacy policy.

Deleted: to enable the work of some of our service providers. From time to time, STH may contract with third parties for performance of some of its business functions. Examples may include marketing analysis and customer service functions.

Deleted: their

Deleted: ... [3]

Comment [3]: Deletions here are captured elsewhere in the policy.

Deleted: STH!collect!about!its!customers?

Deleted: ... [4]

Deleted: and!retain

Deleted: it!receives!about!its!customers!

Comment [4]: Added from CloudFlare policy.

Comment [5]: Added from CloudFlare policy/

information designated private (such as name, email address, IP address, and other information specifically tagged to the user's identity) from being disclosed.!

INFORMATION COLLECTION CloudFlare is the owner of the information collected through the STH Service. As visitors browse our web site, or our user's websites if they have STH installed, we sometimes log these visitors' interactions in order to provide a better service (e.g., using visitor log data in order to detect new threats). Some examples of the types of information we collect for STH services include:!

• Customer Provided Data. Customers using STH services that require registration may provide identifying or payment information (such as a name, email or mailing address, credit card information, account password, etc.). !

• Information Tracked with Cookies. For information on what we track with cookies see the section specifically on cookies below. !

• Server Log Data. STH’s servers may automatically log information from a customer’s browser during a visit to our website. The resulting server logs may include information such as a customer’s web requests, IP address, browser type, browser language, the date and time of web requests and cookies that may uniquely identify the customer’s browser. !

• Information Received from Others. CloudFlare may receive data that customers of the STH website have provided to third parties, such as vendor partners of STH. While such third parties may have their own privacy policies, we will, for our part, treat all such information as if it were provided directly from the customer to STH under this Privacy Policy.!

BILLING INFORMATION

CloudFlare collects and maintains certain information from our users for the purposes of billing. We may report this information to third party processors for the limited purpose of receiving payment. CloudFlare does not store full credit card numbers or personal account numbers (PANs).!

CORRECTIONS TO PERSONAL INFORMATION

This web site makes it easy to correct any mistakes in your personal information at any time. Whenever possible, we will give you an opportunity to review and change any information you provide to us. If you notice a mistake in the information you provide us, you can always revise it. This can be done either online or contacting us directly.!

Comment [6]: Added from the CloudFlare policy.

Deleted: number!of!sources.!!These

Comment [7]: We reorganized this section to parallel the CloudFlare policy.

Deleted: A.!!!!!!!!Data!Inputted!by!the!

Deleted: .!!Anyone

Deleted:

... [5]

Deleted: !!Regardless!of!whether!a!customer’s!experience!of!the!STH!website!

involves!registration!or!the!creation!of!a!

purchase!order,

Deleted: send!one!or!more!“

Deleted: ”!to!visitors!to!the!site!in!order!to!uniquely!identify!their!browsers.!!STH!

can!then!use!these

Comment [8]: We made the cookie section separate and explicit.

Deleted: to!track!customer!preferences.

Deleted: ... [6]

Deleted: !

Deleted: record

Deleted: !they!receive

Deleted: !

Deleted: Internet!Protocol

Comment [9]: Deleted customer communications as superfluous.

Deleted: ... [7]

Deleted: !!STH

Deleted: !

Comment [10]: Added from the CloudFlare policy.

Comment [11]: Added from the CloudFlare policy.

COOKIES

Our site uses "cookies" in order to provide a better service to our users. Cookies are placed by your browser on your computer's hard drive to assign a unique identification for your computer. CloudFlare does not store information we consider personal or private in a cookie. This eliminates the chance of other sites reading our cookies and learning your personal or private information, without permission. For example, we may use cookies to help direct you to the appropriate part of our web site, by indicating that you are a repeat visitor to our site. We also may use that information to present you with services which are easy-to-use and customized to your preferences.

STH only stores Temporary Session IDs in cookies. These Temporary Session IDs map to customer data stored on our servers. For example, we send one or more cookies to visitors to the STH site in order to uniquely identify their browsers so that we can remember customer preferences.

If you do not want CloudFlare or other websites to use cookies, you can disable them within your browser. Some portions of the STH website are still functional without cookies; however, many parts of the website will not function properly. You may delete CloudFlare's cookies through your browser's cookie manager. Be aware that this will reset your session, disable auto-login, and may adversely affect other functions on the CloudFlare website and services.!

As part of our service, may place cookies on the browsers of your visitors to your CloudFlare-protected sites. STH provides a Trust Seal [https://www.stopthehacker.com/features/#3664] for use on our customers’ websites. Displaying the Seal shows visitors that the website is protected by STH’s advanced security product and scanned regularly. When your website displays the STH Trust Seal, CloudFlare may place cookies on the browsers of your visitors to your STH-protected sites. We do this to in order to track malicious visitors, to reduce the chance of blocking legitimate users, and to provide customized services.!

DATA AGGREGATION

CloudFlare may aggregate data we acquire about our users. When our users display the STH Trust Seal, we may aggregate data about our users and the visitors to their sites. For example, we may assemble data to determine how spiders crawl the Internet and whether they are engaged in malicious activity. If we assemble this sort of data and provide it to external parties, our user's personal information (such as their name, email address, IP address, and other information specifically tagged to your identity) will never be attached to or included in the aggregated data. Please note, public data our users provide us, such as log files of their site's visitors, may be included in the aggregate data, reports and statistics.!

Comment [12]: Our policy regarding cookies are treated in its own section for enhanced clarity, as opposed to being included in the list above.

Comment [13]: Reorganized and relocated from original section 2.

PROMOTIONAL PARTNERS

From time to time, CloudFlare may notify you about an offer from one of our promotional partners (e.g., Apps Marketplace partners) via our website or email. While we may target particular types of users for these offers, we will do all of the targeting within our system. Our business partners will not have any access to the targeting information, including the names of the people who may be interested in a particular product or service. Until you affirmatively respond to a promotional offer, we will not reveal any identifying information about you to any of these partners.!

Note these partners may have their own Privacy Policies and may not be covered by CloudFlare's policy.!!

THIRD PARTY WEBSITES

The CloudFlare website, STH website, and the other websites contain links to the sites of third parties. Please be aware that we are not responsible for the privacy practices of these external sites. We encourage users to be aware when they leave our website and to read the privacy statements of other websites. We cannot guarantee that these third parties abide by the privacy principles outlined here.!

LAW ENFORCEMENT

It is possible that CloudFlare may be required by court order to provide information about our customers. CloudFlare may also be required to provide information pursuant to law, applicable regulation, subpoena or other legal process. It is CloudFlare's corporate policy to ensure adherence to the due process of law in all such legal requests. If we are ever required to provide information under these circumstances, we will, whenever possible, attempt to inform users whose information we are compelled to reveal.!

DATA SECURITY, DATA INTEGRITY, AND ACCESS

CloudFlare takes all reasonable steps to protect our users' information from loss, misuse and unauthorized access, disclosure, alteration and destruction. We have put in place appropriate physical, electronic and managerial procedures to safeguard and secure such information. CloudFlare only processes personal information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. CloudFlare allows our users and website visitors access to their personal information and allows them to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.!

Comment [14]: Added since CloudFlare offers apps.

Comment [15]: Added from CloudFlare policy.

Comment [16]: Added from CloudFlare policy.

Comment [17]: Added from CloudFlare policy.

SAFE HARBOR FRAMEWORK

CloudFlare participates in the U.S.-E.U. Safe Harbor framework and the U.S.-Swiss Safe Harbor as set forth by the United States Department of Commerce. This applies to all personal information received by CloudFlare whether in electronic, paper, or verbal format. As part of our participation in the Safe Harbor, we have agreed to TRUSTe dispute resolution for disputes relating to our compliance with the Safe Harbor Privacy Framework. If you have any complaints regarding our compliance with the Safe Harbor you should first contact us (as provided below). If contacting us does not resolve your complaint, you may raise your complaint with TRUSTe by Internet here, fax to 415-520-3420, or mail to TRUSTe Safe Harbor Compliance Dept., click here for mailing address. If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: the name of company, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaint shared with the company. For information about TRUSTe or the operation of TRUSTe's dispute resolution process, click here or request this information from TRUSTe at any of the addresses listed above. The TRUSTe dispute resolution process shall be conducted in English.!

NOTIFICATION OF CHANGES

We will always maintain the overriding principle that we will not sell, rent, or give away any personal information you share with us without your consent. We do not believe we will need to change that principle going forward. However, if we do need to change any other aspect of the policy, we will post changes on this website along with the effective date of those changes.!

Sidebar:!

Keeping your information private and secure

• We will never sell, rent, or give away your personal information without your permission!

• We track visitors to our site and yours as a feature of the STH Trust Seal in order to keep malicious visitors away!

• If we aggregate data, we will not reveal your private information!

Have questions?

If you have questions about these terms or anything else about CloudFlare, please don't hesitate to contact us:!

Comment [18]: Added now that STH is Safe Harbor certified.

Comment [19]: Revised from below to match CloudFlare policy. Original section deleted.

Comment [20]: Added from CloudFlare policy.

Contact information

Attention: Trust and Safety!StopTheHacker, Inc.!665 Third Street, Suite 200!San Francisco, CA 94107!privacy@stopthehacker.com!

Policy date: September 11, 2014!

!

!

Deleted: ... [8]

Comment [21]: Change required by change of address and to match CloudFlare policy.

Page 1: [1] Deleted CloudFlare Lega 9/11/14 3:19 PM

Privacy Policy In what circumstances will StopTheHacker Inc., a Delaware corporation (“STH”) share information about its customers and website visitors with others? STH’s&only&purpose&in&collecting&information&about&its&customers&is&the&furtherance&of&the&business&it&conducts&at&and&through&the&STH&website.&&STH&never&sells&information&about&individual&customers&to&&&

Page 1: [2] Deleted CloudFlare Lega 9/11/14 3:19 PM

. We may, however, share information about our customers in the following circumstances: 1.&&&&&&&&&&&

Page 1: [3] Deleted CloudFlare Lega 9/11/14 3:19 PM

2. When data regarding individual customers are aggregated. STH may share with third parties certain aggregated, non-personal information, such as aggregated data about usage of services in a particular geographical area. In no way will such information include the identity of any STH customer. 3. For overriding considerations. STH will release information about its customers when it deems that legal or safety concerns override a customer’s reasonable expectation of privacy. For example, such a disclosure may occur in compliance with instructions from a court or requests from law enforcement officials, in order to fully enforce our Terms and Conditions of Use [link], or to protect the safety and property of others, including by coordinating with other businesses to prevent fraud and reduce credit risks. However, in no case will this include the commercial use of customers’ account information in any way inconsistent with this Privacy Policy. 4. Upon the transfer of our business. If StopTheHacker Inc. or some or all of its STH business is acquired by another company, then customer data may be transferred, by operation of law or by agreement, along with the other assets of the business. What&information&&&

Page 1: [4] Deleted CloudFlare Lega 9/11/14 3:19 PM

STH&may&&

&

Page 2: [5] Deleted CloudFlare Lega 9/11/14 3:19 PM

B.&&&&&&&&&

• &

Page 2: [6] Deleted CloudFlare Lega 9/11/14 3:19 PM

C.&&&&&&&&&

• &

Page 2: [7] Deleted CloudFlare Lega 9/11/14 3:19 PM

D. Customer Communications. When customers send email or other communication to STH, we may retain those communications in order to process requests, respond to inquiries and improve our services. E.&&&&&&&&&&

• &

Page 6: [8] Deleted CloudFlare Lega 9/11/14 3:19 PM

F. Hyperlinks. The STH website may present hyperlinks in a format that enables us to keep track of whether these links have been followed. We may use this information to improve the quality of our service and customized content and advertising for particular classes of customers. How secure is the customer information gathered by STH? We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data we maintain. We restrict access to personal information of our customers to STH’s employees, contractors and agents who need to know that information in order to operate, develop or improve our services. Please note that this Privacy Policy may change from time to time. This page will be revised to reflect any such changes and, if the changes are significant, we may or may not provide a more prominent notice (including, for example, by email notification). Each version of this Privacy Policy will be identified at the top of the page by the date of its most recent revision. Please feel free to direct any questions or concerns regarding this Privacy Policy or our treatment of customer information, via email, to support@stopthehacker.com, or by writing to us at Privacy Policy Compliance, StopTheHacker Inc., 912 El Camino Real,Suite 4,Burlingame,CA 94010,USA. When we receive formal, written complaints, it is our policy to contact the complaining customer regarding his or her concerns.