This privacy policy applies to crimsh.com and the Cyber Index UA application that uses the Facebook / Instagram API to publish automated daily cybersecurity reports.

1. About the Application

Cyber Index UA is an automated system that generates and publishes daily cybersecurity threat reports for Ukraine. Reports are published to the Facebook @cyberindexua and Instagram @cyberindexua using the Meta Graph API. No user interaction is involved.

2. Data We Collect

We do not collect any personal data from visitors or users. The application does not:

• Collect, store, or process personal information of any users
• Use cookies for tracking purposes
• Request access to users’ Facebook or Instagram profiles
• Store authentication tokens beyond API operation requirements
• Share any data with third parties

3. Use of Meta / Facebook API

The application uses the following Meta Graph API permissions exclusively for automated posting:

• pages_manage_posts — to publish photo posts to the Facebook Page
• instagram_basic / instagram_content_publish — to publish posts to Instagram
• pages_read_engagement — required by Meta for page management

No user data is accessed, read, or stored through these permissions.

4. Data Sources

Report content is generated from publicly available cybersecurity feeds: CERT-UA, ThreatFox, URLhaus, CISA KEV, NVD CVE, Ransomware.live, and IODA. All data sources are public and do not contain personal information.

5. Third-Party Services

This website is hosted on GitHub Pages. GitHub may collect standard web server logs (IP addresses, access times) as part of their service. See GitHub’s Privacy Statement.

6. Data Deletion

Since we do not collect any personal data, there is nothing to delete. To revoke API access:

• Facebook: Settings & Privacy → Settings → Apps and Websites
• Instagram: Settings → Security → Apps and Websites

7. Contact

Questions? Use the contact page.