Threat ActorsThe GameTrends
CyberPrism Logo

CyberPrism.App

Illuminating vulnerabilities from every angle

CyberPrism Privacy Policy

Last Updated: February 2026

1. Introduction

CyberPrism ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how our mobile application (the "App") handles data when you use our cybersecurity vulnerability tracking and analysis service.

Key Privacy Principle: We do not collect personal information that identifies you. Your bookmarks, notes, and preferences are stored locally on your device or on your mobile platform's personal cloud. We do collect anonymous usage analytics to improve the App — this data is not linked to your identity, as described in this policy.

2. About CyberPrism

CyberPrism is a mobile application designed to help cybersecurity professionals track and analyze vulnerabilities. The App provides:

  • CVE (Common Vulnerabilities and Exposures) tracking and analysis
  • Vulnerability analysis across multiple cybersecurity frameworks (MITRE, NIST, etc.)
  • Threat intelligence and threat actor information
  • Bookmark functionality for saving important vulnerabilities
  • PDF report generation
  • AI-powered breach analysis tools (premium feature)

3. Information We Do NOT Collect

We do not collect, store, or process:

  • Personal identification information (name, email, phone number)
  • Device identifiers (IDFV, Android ID)
  • Precise or coarse location data
  • Advertising identifiers (IDFA/GAID)
  • Any information that personally identifies you

Note: We do collect anonymous usage analytics and device information as described in Section 4.3 below.

4. Information We Do Collect

4.1 Vulnerability Data (Public Information Only)

  • CVE entries and vulnerability details from public databases
  • Threat intelligence information from public sources
  • Security analysis data generated by our AI systems

Important: This data is publicly available cybersecurity information, not personal data about you.

4.2 Technical Information (Minimal)

  • API requests to fetch vulnerability data (no personal identifiers)
  • Error logs for app functionality (no personal data included)
  • App version and basic device compatibility information for service delivery

4.3 Analytics and Usage Data

CyberPrism uses Google Firebase Analytics to understand how users interact with the App. This helps us improve features and user experience.

Automatically collected data:

  • Device information (model, operating system version, screen resolution, language)
  • App version and update events
  • Approximate geographic location (country/region level, derived from IP address — your IP address is not stored)
  • Session information (app opens, session duration, engagement time)
  • Screen views and navigation patterns

Usage events we track:

  • Feature usage: which features you use (bookmarks, analyses, search, notifications)
  • Search queries: the text you enter when searching for vulnerabilities, threat intelligence, or other content
  • Subscription interactions: when you view the subscription screen, make a purchase, or restore purchases
  • Notification interactions: when you open the app through a push notification

Complete list of analytics events we collect:

EventParametersContains Personal Info?
Bookmark addedItem type (CVE or threat intel), item IDNo — public CVE identifiers or internal article IDs
Bookmark removedItem type (CVE or threat intel), item IDNo
Tab switchTab name (Home, Intel, More)No — static string, no user data
Paywall viewedSource screenNo — screen source identifier
Subscription purchasedProduct IDNo — product SKU only
Subscription restoredNoneNo
Notification openedNotification type, item IDNo — notification category and content ID
Analysis runAnalysis type, CVE IDNo — analysis name and public CVE ID
Search executedSearch query text, result countNo — users search for CVEs, malware names, etc.
Automatic device telemetryDevice model, OS version, app version, session data, screen viewsNo — standard anonymous device telemetry

No user ID, email, name, phone number, or account identifier is ever sent to analytics. Analytics data is anonymous and not linked to your identity.

Important notes:

  • Analytics data is processed by Google LLC under their Firebase Terms of Service and Google Privacy Policy
  • Analytics data is retained for 14 months, after which it is automatically deleted
  • We do NOT use advertising identifiers (IDFA/GAID) and do NOT serve ads
  • We do NOT sell or share analytics data with third parties beyond Google's processing
  • On iOS, analytics respects your device's tracking preferences

5. How Your Data is Stored

5.1 Local Storage Only

  • All your bookmarks, notes, and preferences are stored locally on your device using secure local storage (Hive database)
  • No personal data is transmitted to our servers
  • You have complete control over your data

5.2 Optional Cloud Synchronization

If you choose to enable cloud sync:

  • iOS: Uses Apple's iCloud with your Apple ID (we do not have access to your Apple ID or iCloud data)
  • Android: Uses Google Drive for cloud backup of your bookmarks. When you sign in with Google, the app receives only an access token to read and write files in your Google Drive. We do not receive, store, or have access to your Google account email address.
  • Only your bookmarks and app preferences are synchronized
  • All sync is handled directly by Apple/Google - we never see your cloud data

6. Data We Access from Third Parties

6.1 Vulnerability Databases

We fetch publicly available vulnerability information from:

  • CISA KEV (Known Exploited Vulnerabilities) database
  • CVE databases
  • Public threat intelligence feeds

6.2 Platform Services

  • Apple App Store / Google Play Store: For subscription management (handled entirely by Apple/Google)
  • Firebase: For push notifications about new vulnerabilities and for anonymous usage analytics (see Section 4.3). To deliver push notifications, your device's push notification token (FCM or APNs token) is sent to our server — no personal data or device identifiers are included

7. How We Use Information

7.1 Vulnerability Data

  • To provide you with current vulnerability information
  • To generate AI-powered security analyses
  • To send notifications about critical vulnerabilities (if enabled)

7.2 Technical Data

  • To ensure the App functions properly
  • To fix bugs and improve performance
  • To deliver vulnerability data to your device

8. Data Sharing and Disclosure

8.1 We Do Not Share Personal Data

Since we don't collect personal data, we have nothing personal to share.

8.2 Vulnerability Information

  • The vulnerability data we provide is already publicly available
  • We may share aggregated, non-personal statistics about vulnerability trends

8.3 Legal Requirements

We may disclose information if required by law, but since we don't collect personal data, such disclosures would be limited to publicly available vulnerability information.

9. Data Security

9.1 Local Data Protection

  • All local data is stored using secure storage mechanisms provided by iOS and Android
  • Data is encrypted using platform-standard encryption
  • Only your device can access your locally stored data

9.2 Network Security

  • All API communications use HTTPS encryption
  • We use secure authentication for our vulnerability data APIs
  • No personal data is transmitted over the network

10. Your Privacy Rights and Controls

10.1 Data Control

  • View: All your data is stored locally and visible within the App
  • Export: You can export your bookmarks and notes
  • Delete: Uninstalling the App removes all local data
  • Modify: You can edit or delete any bookmarks or notes at any time

10.2 Notification Controls

  • You can enable or disable push notifications in your device settings
  • Notifications contain only vulnerability information, no personal data

10.3 Cloud Sync Controls

  • Cloud synchronization is entirely optional
  • You can enable/disable it at any time in the App settings
  • Disabling cloud sync does not affect local functionality

11. Children's Privacy

The App is designed for cybersecurity professionals and is not intended for children under 13. We do not knowingly collect any information from children. Since we don't collect personal information from any users, this protection extends to all age groups.

12. International Data Transfers

12.1 Vulnerability Data

  • Vulnerability data is sourced from international public databases
  • This data is not personal information and is publicly available worldwide

12.2 No Personal Data Transfers

Since we don't collect personal data, there are no personal data transfers to be concerned about.

13. Data Retention

13.1 Local Data

  • Data remains on your device until you delete it or uninstall the App
  • You control all retention periods for your local data

13.2 Server Data

  • We do not store personal data on our servers
  • Vulnerability data is updated regularly from public sources
  • Technical logs are retained only as long as necessary for service operation

13.3 Analytics Data

  • Anonymous usage analytics collected via Firebase Analytics are retained for 14 months, after which they are automatically deleted
  • Analytics data is processed and stored by Google LLC on their infrastructure

14. Third-Party Services

14.1 Platform Integration

  • Apple iCloud: Privacy governed by Apple's Privacy Policy
  • Google Drive: Privacy governed by Google's Privacy Policy
  • Firebase: Used for push notifications and anonymous usage analytics, governed by Google's Privacy Policy and the Firebase Terms of Service
  • App Stores: Subscription management governed by Apple/Google privacy policies

14.2 Analytics and Tracking

We use Google Firebase Analytics for anonymous usage analytics to improve the App. We do NOT use advertising services, cross-app tracking, or any other third-party tracking services. We do NOT serve ads or use advertising identifiers.

15. Changes to This Privacy Policy

15.1 Notification of Changes

  • We will update the "Last Updated" date when changes are made
  • Significant changes will be communicated through the App
  • Continued use of the App constitutes acceptance of changes

15.2 Your Options

If you disagree with changes to this Privacy Policy, you may stop using the App.

16. Contact Information

If you have questions about this Privacy Policy or our privacy practices:

17. Compliance

This Privacy Policy is designed to comply with:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Apple App Store privacy requirements
  • Google Play Store privacy requirements

18. Summary

In Plain English:

  • We don't collect personal information that identifies you
  • We collect anonymous usage analytics (via Firebase Analytics) to improve the App — this data is not linked to your identity and is automatically deleted after 14 months
  • All your bookmarks, notes, and preferences stay on your device
  • We only fetch public vulnerability information
  • You have complete control over your data
  • Optional cloud sync uses your existing Apple/Google accounts
  • You can delete everything by uninstalling the App