Family Cybersecurity

Privacy

How Family Cybersecurity handles data: short answer — we don't.

Short answer: no tracking around here.

We’re a parent-facing cybersecurity program. It would be a poor fit for our brief to track you.

What we do, plainly

  • Cloudflare-only analytics, cookieless, no profile. We use Cloudflare Web Analytics. It loads a small JavaScript beacon from cloudflareinsights.com to record pageviews and page-load timing. It sets no cookies, doesn’t fingerprint, doesn’t build a cross-site profile, and doesn’t share data with advertising networks. Your IP is truncated by Cloudflare before it’s stored.
  • No advertising trackers. No Facebook Pixel. No Google Analytics. No retargeting beacons. No conversion-pixel network.
  • No cookies set by us. A small set of Cloudflare-managed cookies may exist on the connection layer for performance and bot mitigation; those are not used to profile you.
  • No newsletter sign-up without your explicit action. If you submit the contact form, it goes straight into our own collector (no third-party forms provider). It is used solely to respond to your enquiry.
  • No selling, no sharing, no surprise integrations. Your contact info is for our team and the volunteer experts you’re matched with — nothing else.

What we use, when we use it

  • Cloudflare — hosts the site and provides server-side analytics. Their privacy posture is on their site.
  • Our own form collector — the contact form at /contact/ posts to an endpoint we run on Cloudflare. Your submission goes into a database we own. No third-party forms provider sees it. We chose to build this ourselves specifically so that filling in our form doesn’t expose you to anyone outside the Family Cybersecurity volunteer team.
  • No font requests at all. We name Roboto and Roboto Slab in our CSS, but we don’t load font files from anywhere — not from Google, not even from our own server. If you have those fonts installed (most Android/ChromeOS users do), your browser uses them; otherwise it falls back to your operating system’s default sans-serif. Either way, your IP doesn’t go anywhere for type.
  • Email-address obfuscation. Cloudflare auto-injects a small script (email-decode.min.js) that obfuscates the [email protected] link in our HTML so scrapers can’t harvest it. The script runs only to re-render the address for you to click. It doesn’t track and doesn’t talk to anyone outside Cloudflare.
  • Spam protection on the contact form. The /contact/ form uses Cloudflare Turnstile, a privacy-preserving challenge that confirms you’re a person rather than a bot. It loads a small script from challenges.cloudflare.com. Turnstile is Cloudflare’s alternative to reCAPTCHA, built specifically to avoid the privacy problems of the alternatives: it doesn’t profile you across sites and isn’t used to build an advertising profile. It runs only on the contact page, and only to keep our inbox free of automated spam.

How long we keep your submission

Contact-form submissions are hard-deleted from our database once they’re more than a year old. If you’d like us to delete yours sooner, write to us at the email below and we’ll remove it the same day.

What we don’t have

  • Comments
  • Like buttons
  • Social-media share widgets
  • Embedded videos that auto-load tracking
  • “We’ve updated our cookie policy” banners

Children’s data

If you’re a parent enrolling in our programs, we don’t collect or process information about your child. The programs are for parents to use offline with their families.

Your rights under data-protection law

If you live in the EU/UK, Cayman Islands, California, or another jurisdiction with similar rules, you have the right to:

  • See what we hold about you.
  • Correct anything wrong.
  • Delete it (we’ll do this within a day of asking, and automatically after a year).
  • Object to our processing it, or port it to another service.
  • Complain to your data-protection authority if you think we’ve handled something badly. We’d rather you write to us first — we’ll fix it faster than they will.

Email [email protected] for any of the above.

  • Visiting the site: legitimate interest in measuring whether people find the content useful (Cloudflare Web Analytics, no profile-building).
  • Submitting the contact form: your consent, signalled by the consent checkbox.
  • Cloudflare’s bot-mitigation cookies (if they appear): legitimate interest in keeping the site online and free of abuse.

Cloudflare may process data outside your country (they operate a global edge network). They participate in the EU Standard Contractual Clauses and the UK International Data Transfer Addendum, which are the standard legal mechanisms for cross-border transfers.

Last updated: 2026-06-18.

Questions, requests, corrections

Anything to do with your data or this policy: [email protected].

We’ll respond personally — no ticket queue, no auto-reply chain.