ExPatch LLC ("ExPatch", "we", "us") operates this website and provides authorized offensive security, vulnerability research, and related consulting services. This policy explains what information we collect through this website and ordinary business communications.
Information We Collect
This website does not offer account registration, checkout, newsletter signup, or an embedded contact form, and it carries no third-party advertising. It does use Google Analytics to measure site traffic (see “Analytics and Cookies” below). If you email us, we receive the information you choose to send, including your name, email address, company, project details, and any files or context you provide.
Like most web servers, the systems that host this site process technical logs such as IP address, browser type, requested URL, referrer, and timestamp. The site also loads fonts from Google Fonts and uses Google Analytics, so your browser exchanges requests with Google-operated domains (see “Analytics and Cookies” below).
Analytics and Cookies
We use Google Analytics, a service provided by Google LLC, to understand how visitors use this website — for example, which pages are viewed and general device and approximate location information. Google Analytics sets cookies and collects data such as your IP address, browser and device type, the pages you request, and timestamps, and processes it on our behalf. We use this only in aggregate to measure and improve the site; we do not use it to identify you personally or to make automated decisions about you. Apart from Google Analytics, this site does not set cookies.
You can opt out at any time: install the Google Analytics Opt-out Browser Add-on, use your browser’s cookie controls, or block the analytics domains. To learn how Google handles this data, see Google’s Privacy Policy and how Google uses information from sites that use its services.
How We Use Information
We use information to respond to inquiries, evaluate potential engagements, perform authorized work, maintain business records, protect our systems, and comply with legal obligations. We do not sell personal information, and we do not knowingly share personal information for cross-context behavioral advertising.
We do not use this website to make automated decisions about visitors.
Sharing
We share information with service providers who support hosting, email, legal, accounting, security, and business operations. We also disclose information when required by law, to protect rights and safety, or as part of a business transfer.
Security and Retention
We use administrative, technical, and organizational safeguards designed to protect the information we maintain. We retain information only as long as needed for the purposes described above, unless a longer period is required for legal, tax, accounting, or dispute-resolution reasons.
Massachusetts Personal Information
ExPatch protects Massachusetts residents' personal information with safeguards designed for confidentiality, integrity, and controlled access.
Your Choices
You can contact us to request access, correction, deletion, or limitation of personal information we maintain about you. We verify requests when needed and retain information when required for legitimate business or legal purposes.
Children
This website and our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13.
Changes
Updates to this policy appear on this page. The "Last updated" date above indicates the current version.
Contact
Questions about privacy can be sent to security@expatch.llc.