Privacy Policy

Effective Date: May 17, 2025
Last Updated: Aug 4, 2025

Who We Are

Our website address is: https://appsecwriteups.com.
This blog is maintained by Jivan Magare, an individual security researcher. It features educational articles, bug bounty writeups, and cybersecurity tutorials. Visitors are welcome to read and comment on posts, but only the site administrator (Jivan Magare) has access to log in or publish content.

Educational Use and Responsible Disclosure

All content published on this website including bug bounty writeups, cybersecurity tutorials, and ethical hacking guides is intended strictly for educational purposes. The primary goal is to help aspiring security researchers and bug bounty hunters learn how to responsibly identify, report, and remediate security vulnerabilities.

Any vulnerability writeups shared on this site are based on Jivan’s personal findings and have already been reported through responsible disclosure programs to the affected organizations. These issues were fixed before publication, and no active vulnerabilities are disclosed.

We do not promote illegal hacking or unauthorized access to systems. Visitors are expected to use the information on this site ethically and within the legal boundaries of their respective regions. The content is provided in good faith to promote cybersecurity awareness and help secure web and mobile applications.

If you are a company or organization mentioned in a writeup and have concerns about any content, please contact us at contact@appsecwriteups.com.

Comments

When visitors leave comments on the site, we collect the data shown in the comments form such as your name, email address, website (optional), and the comment itself. We also collect your IP address and browser user agent string to help with spam detection.

An anonymized hash of your email address may be sent to the Gravatar service to check if you are using it. Once your comment is approved, your Gravatar profile picture (if any) is publicly visible alongside your comment.

Comment Moderation & Privacy Policy

To maintain the quality of discussion and protect readers:

All comments are subject to manual moderation before publication.
Comments containing fake email addresses, inappropriate language, offensive content, spam, or misleading information will be deleted without notice or response.
The submitted name and email address are collected only for moderation and anti-spam purposes. Emails are never shared publicly or used for marketing.
By submitting a comment, you acknowledge and agree that your input may be stored, reviewed, and potentially published based on moderation outcomes.
If a comment is flagged or found to violate our content guidelines, it may be permanently removed.
Comments submitted are stored indefinitely unless you request removal.

By commenting, you agree to these terms and acknowledge our full Privacy Policy.

Media

If you upload images in your comment (if allowed), please avoid including embedded location data (EXIF GPS). Visitors to the website can download and extract such data from images.

Cookies

If you leave a comment, you may opt to save your name, email address, and website in cookies. This is for your convenience, so you do not have to fill in your details again when leaving another comment. These cookies will last for one year.

A temporary cookie may also be set to determine if your browser accepts cookies, but it contains no personal data and is discarded when you close your browser.

Note: User registration and login functionality are disabled. Only the site owner has administrative access. No visitors or readers can log in or create content on the site.

Embedded Content from Other Websites

Articles on this site may include embedded content (e.g., videos, code snippets, tweets, etc.). Embedded content from other websites behaves the same way as if you visited that site directly. These third-party sites may collect data about you, use cookies, and monitor your interaction with the embedded content.

Advertising and Monetization

We use third-party advertising services (including Monetag) to display a variety of ad formats on our website, such as Interstitial ads, Vignette banners, OnClick (Popunder) ads, In-Page Push ads, and Push Notifications. These ads may appear between page views, as overlays, in the form of notifications, or as separate browser windows/tabs.

Data Collection
These third-party vendors may collect non-personally identifiable information (e.g., IP address, browser type, device data, and browsing behavior) to deliver more relevant advertisements. This data is used solely for ad targeting, measurement, and optimization by the ad networks.

Ad Display Behavior

Interstitial and Vignette Ads: May briefly interrupt the browsing experience and can typically be closed using the close (×) or cancel button.
OnClick (Popunder) Ads: May open a new browser tab or window in the background when you interact with the website.
In-Page Push Ads: Appear within the content area of the website in a notification-like style.
Push Notifications: Sent via browser notification systems (only if you explicitly allow them) and may contain promotional content. You can manage or revoke permissions for push notifications through your browser settings at any time.

Redirection to External Sites
If you click on any ad, you may be redirected to a third-party website. We do not control or take responsibility for the content, policies, or practices of these external sites.

Why We Display Ads
Our website offers all content and services free of charge. We do not impose any fees for access, usage, or subscriptions. To sustain the platform, support ongoing development, and cover operational costs, we rely on advertising as our primary revenue source. By engaging with or allowing these ads, you help us continue providing high-quality, valuable content at no cost.

Reporting Unsuitable Ads
If you notice any advertisement that is irrelevant, misleading, or unsuitable for our audience, please take a screenshot and email it to contact@appsecwriteups.com. We will report the issue to our advertising provider and request that such ads be blocked.

Note
We may consider removing or reducing ads in the future, depending on the platform’s growth and the availability of alternative revenue models. At present, advertising is essential for maintaining and improving our services.

Who We Share Your Data With

We do not share your data with any third-party services, except for the following:

Automated spam detection services to protect the website from spam and abuse.
Gravatar (for comment avatars), if you choose to use this service.
Google Analytics, which we use to track and analyze website traffic and user behavior. Google Analytics may collect information such as your IP address, browser type, device information, and pages visited. This data helps us improve user experience but does not personally identify you.

If you request a password reset (admin only), your IP address may be included in the reset email.

How Long We Retain Your Data

If you leave a comment, the comment and its metadata are stored indefinitely. This allows us to recognize and automatically approve any future comments.

Since user registration is disabled, no personal user accounts or profiles are stored beyond public comments.

Your Rights Over Your Data

If you have left comments on the site, you can request that we erase your data. Unfortunately, we are unable to provide an exported file of your personal data. To exercise these rights or if you have any questions or concerns regarding your data, please contact us at Email: contact@appsecwriteups.com

Please note that this Privacy Policy may be updated from time to time. Any changes will be reflected on this page with an updated “Effective Date.” We encourage you to review this policy periodically to stay informed about how we are protecting your information.

Where Your Data Is Sent

Visitor comments may be checked through an automated spam detection service to protect the website from spam and abuse.