Chawkr
Chawkr
ClusterHawk
Threat Intel
About
Contact
Future Developments

Privacy Policy

Effective as of: 2025-09-07

Last updated: 2025-09-07

At Chawkr ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our IP threat intelligence and detection platform.

Chawkr OÜ, a company registered in Estonia, is the controller of personal data relating to your account and use of our platform. For IP address datasets that you submit for analysis, we act as a processor on your behalf and process the data only to provide the requested services.

1. Information We Collect

We collect several types of information from and about users of our platform, including:

  • Personal Information: Name, email address, and contact information when you create an account, subscribe to our service, or contact us. This information is securely stored with our identity management provider.
  • Usage Data: IP addresses from which you access our platform (including login IP addresses) for security and operational purposes. This data is used internally for platform security, unauthorized access detection, and service improvement.
  • Analytical Data: Information about how you use our platform, including log data, device information, browser type and analytical metrics collected through our hosting provider, as well as IP addresses and related network information that you submit for analysis through our platform.
  • Payment Information: Credit card details or other financial information necessary for processing payments are securely handled by external payment processor (Stripe) and are not stored directly on our servers.

2. How We Use Your Information

We use the information we collect for various purposes, including:

  • Providing, operating, and maintaining our platform and services
  • Improving, personalizing, and expanding our platform
  • Understanding and analyzing how you use our platform
  • Developing new products, services, features, and functionality
  • Processing transactions and sending related information, including confirmations and invoices
  • Communicating with you about updates, security alerts, and support messages
  • Providing customer support and responding to inquiries
  • Monitoring and securing our platform, including detecting and preventing unauthorized access, fraud, and other security threats

As an EU-based company, we process your personal data under the following lawful bases:

  • Contract: to provide and operate our platform.
  • Legitimate interests: to secure, improve, and develop our services.
  • Legal obligation: to comply with tax, accounting, and other laws.
  • Consent: where required, for example if you opt into receiving certain communications.

3. Data Security

We implement appropriate technical and organizational measures to protect the security, integrity, and confidentiality of your personal information. These measures include encryption, access controls, regular security assessments, and employee training.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security of your data.

4. Sharing Your Information

We may share your information in the following situations:

  • Service Providers: We utilize third-party service providers for specific functions, including identity management and payment processing (Stripe). These providers have access to your personal information only to perform these tasks on our behalf and are obligated to protect your data.
  • Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.
  • Legal Obligations: We may disclose your information where required to do so by law or in response to valid requests by public authorities.
  • With Your Consent: We may share your information with your consent or at your direction.

5. Retention of Your Information

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. The retention period varies depending on the type of information and the subscription plan you choose. After this period, your personal information will be securely deleted or anonymized.

For example, account data is retained for the duration of your subscription and up to 12 months after cancellation. Payment-related records are kept for 7 years in accordance with Estonian tax law. Support requests are retained for 24 months. IP datasets are retained according to your subscription tier, as described in our Terms of Service.

6. Data Processing of IP Addresses

When you submit IP addresses for analysis through our platform, we process this data to provide our analysis and threat detection services. We may retain this data for the following purposes:

  • Training and improving our machine learning models
  • Generating aggregated statistics and insights
  • Maintaining historical data for trend analysis

The retention period for IP address data varies by subscription tier, as outlined in our Terms of Service.

Automated Processing / Profiling: We do not use automated processing or profiling.

  • Our models may generate predictions, such as the likelihood that an IP address is associated with certain malicious infrastructure or threat actors. These predictions are provided as analytical insights only and are not used to make decisions that have legal or similarly significant effects on individuals.

7. Your Data Protection Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information:

  • Right to Access: The right to request copies of your personal information.
  • Right to Rectification: The right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure: The right to request that we delete your personal information in certain circumstances.
  • Right to Restrict Processing: The right to request that we restrict the processing of your personal information in certain circumstances.
  • Right to Data Portability: The right to request that we transfer your personal information to another organization or directly to you.

8. Supervisory Authority & Contact

If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection authority. Our lead supervisory authority is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).

Other regions with local privacy laws may have additional rights. We do not sell or share personal information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that differ from your country's laws. We take appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy.

Where we transfer personal data outside the EEA/UK (for example, to our authentication provider Auth0 or payment processor Stripe), we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

10. Cookies and Tracking Technologies

We use only essential cookies that are necessary for our website to function properly. These cookies enable core functionality such as authentication and payment processing. We do not use any non-essential cookies for analytics, marketing, or tracking purposes.

Essential cookies are placed by our authentication service and payment processor to maintain secure login sessions and process transactions. These cookies are necessary for the security and functionality of our services.

You can manage cookies through your browser settings, including deleting cookies or blocking them entirely. However, please note that if you configure your browser to block essential cookies, some features of our website like logging in or payment processing may not function properly.

When you first visit our website, we display a notice informing you about our use of essential cookies. This notice is provided for transparency and informational purposes only. You can acknowledge this notice to dismiss it, but this acknowledgment is not required to use our services.

Our platform is not directed to children under the age of 16, and we do not knowingly collect personal data from them. If we become aware that a child under this age has provided us with personal information, we will take steps to delete it promptly.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and the relevant supervisory authority in accordance with applicable law.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the version information. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: [email protected]