ZTZT.dev - Privacy Policy

Privacy Policy

At ZTZT.dev, we are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR) and ePrivacy Directive. This policy outlines how we process data and use technical cookies to ensure secure browsing.

Data Collection and Processing

ZTZT.dev collects minimal data necessary for secure operation of our cybersecurity proof of concept. We may process:

• IP Addresses: For our DNS-over-HTTPS, DNS-over-TLS and Wireguard servers, we collect no IP address at all. For other servers, where we detect malicious activity, rapid scans, non-human like behavour, bots and hackers, IP addresses are temporarily logged for security purposes but retained no longer than necessary (typically 1 hour to allow our automated analysis to run). Once the analysis is completed we no longer retain the IP address.
• Session Data: Stored in a technical cookie (__Host-PHPSESSID) to maintain secure browsing sessions.

No personal data is used for tracking, profiling, or marketing purposes.

Technical Cookies

We use a single technical cookie, __Host-PHPSESSID, which is strictly necessary for:

• Content Security Policy (CSP) nonce management to prevent Cross-Site Scripting (XSS) attacks.
• Cross-Site Request Forgery (CSRF) protection for form submissions.

This cookie is exempt from consent under GDPR and ePrivacy Directive, as it is essential for delivering the secure browsing experience you requested. It is configured with:

• Secure: Transmitted only over HTTPS.
• HttpOnly: Inaccessible to JavaScript.
• SameSite=Strict: Restricted to same-site requests.
• __Host- prefix: Ensures same-origin usage.
• 30-minute lifetime: Minimizes exposure.

No other cookies or tracking technologies are used.

Your Rights

Under GDPR, you have rights to access, rectify, erase, restrict, or object to data processing. As ZTZT.dev collects minimal data, these rights apply to IP logs or session data. Contact us at privacy@ztzt.dev to exercise your rights.

Contact Us

For questions about this policy, contact Santosh Pandit at privacy@ztzt.dev or via LinkedIn.