Privacy Policy

Effective Date: May 17, 2025
Last Updated: November 5, 2025

Who We Are

Our website address is: https://appsecwriteups.com.
This blog is maintained by Jivan Magare, an individual security researcher. It features educational articles, bug bounty writeups, and cybersecurity tutorials. Visitors are welcome to read and comment on posts, but only the site administrator (Jivan Magare) has access to log in or publish content.

Educational Use and Responsible Disclosure

All content published on this website including bug bounty writeups, cybersecurity tutorials, and ethical hacking guides is intended strictly for educational purposes. The primary goal is to help aspiring security researchers and bug bounty hunters learn how to responsibly identify, report, and remediate security vulnerabilities.

Any vulnerability writeups shared on this site are based on Jivan’s personal findings and have already been reported through responsible disclosure programs to the affected organizations. These issues were fixed before publication, and no active vulnerabilities are disclosed.

We do not promote illegal hacking or unauthorized access to systems. Visitors are expected to use the information on this site ethically and within the legal boundaries of their respective regions. The content is provided in good faith to promote cybersecurity awareness and help secure web and mobile applications.

If you are a company or organization mentioned in a writeup and have concerns about any content, please contact us at contact@appsecwriteups.com.

Comments

When visitors leave comments on the site, we collect the data shown in the comments form such as your name, email address, website (optional), and the comment itself. We also collect your IP address and browser user agent string to help with spam detection.

An anonymized hash of your email address may be sent to the Gravatar service to check if you are using it. Once your comment is approved, your Gravatar profile picture (if any) is publicly visible alongside your comment.

Comment Moderation & Privacy Policy

To maintain the quality of discussion and protect readers:

  • All comments are subject to manual moderation before publication.
  • Comments containing fake email addresses, inappropriate language, offensive content, spam, or misleading information will be deleted without notice or response.
  • The submitted name and email address are collected only for moderation and anti-spam purposes. Emails are never shared publicly or used for marketing.
  • By submitting a comment, you acknowledge and agree that your input may be stored, reviewed, and potentially published based on moderation outcomes.
  • If a comment is flagged or found to violate our content guidelines, it may be permanently removed.
  • Comments submitted are stored indefinitely unless you request removal.

By commenting, you agree to these terms and acknowledge our full Privacy Policy.

Media

If you upload images in your comment (if allowed), please avoid including embedded location data (EXIF GPS). Visitors to the website can download and extract such data from images.

Cookies

If you leave a comment, you may opt to save your name, email address, and website in cookies. This is for your convenience, so you do not have to fill in your details again when leaving another comment. These cookies will last for one year.

A temporary cookie may also be set to determine if your browser accepts cookies, but it contains no personal data and is discarded when you close your browser.

Note: User registration and login functionality are disabled. Only the site owner has administrative access. No visitors or readers can log in or create content on the site.

Embedded Content from Other Websites

Articles on this site may include embedded content (e.g., videos, code snippets, tweets, etc.). Embedded content from other websites behaves the same way as if you visited that site directly. These third-party sites may collect data about you, use cookies, and monitor your interaction with the embedded content.

Advertising and Monetization (Updated)

We do not display any third-party advertisements or use external monetization services on our website. Previously, we used third-party ad networks (such as Monetag) to display various ad formats including interstitial, vignette, popunder, and in-page ads. However, all advertisements have now been permanently removed to ensure a cleaner, safer, and distraction-free user experience.

Data Collection

We currently do not share, sell, or transmit any user information to advertising partners or third-party monetization platforms. No data related to ad targeting, measurement, or behavioral tracking is being collected on this website.

Redirection and External Links

Our website may still contain non-advertising external links to trusted resources, research references, or third-party tools. These links are provided for informational purposes only. We do not control or take responsibility for the content or policies of external sites.

User Experience Commitment

This change reflects our commitment to providing a privacy-focused and secure browsing environment. By removing ads, we aim to ensure that visitors have a seamless experience without pop-ups, redirects, or unwanted downloads.

Contact

If you previously experienced any advertisement or redirection issue while visiting our website, please let us know at contact@appsecwriteups.com so we can verify and maintain a completely ad-free experience.

Who We Share Your Data With

We do not share your data with any third-party services, except for the following:

  • Automated spam detection services to protect the website from spam and abuse.
  • Gravatar (for comment avatars), if you choose to use this service.
  • Google Analytics, which we use to track and analyze website traffic and user behavior. Google Analytics may collect information such as your IP address, browser type, device information, and pages visited. This data helps us improve user experience but does not personally identify you.

If you request a password reset (admin only), your IP address may be included in the reset email.

How Long We Retain Your Data

If you leave a comment, the comment and its metadata are stored indefinitely. This allows us to recognize and automatically approve any future comments.

Since user registration is disabled, no personal user accounts or profiles are stored beyond public comments.

Your Rights Over Your Data

If you have left comments on the site, you can request that we erase your data. Unfortunately, we are unable to provide an exported file of your personal data. To exercise these rights or if you have any questions or concerns regarding your data, please contact us at Email: contact@appsecwriteups.com

Please note that this Privacy Policy may be updated from time to time. Any changes will be reflected on this page with an updated “Effective Date.” We encourage you to review this policy periodically to stay informed about how we are protecting your information.

Where Your Data Is Sent

Visitor comments may be checked through an automated spam detection service to protect the website from spam and abuse.