Back to HabeSec
Privacy Policy
Last updated: May 2026
Summary:
We do not store your logs. We do not sell your data.
We do not track you. Uploaded files are deleted immediately after analysis.
IP addresses are anonymized before processing.
1. Who We Are
HabeSec is an adversarial log security assessment tool powered by the HABE engine,
developed as part of MSc research in cybersecurity.
Contact: habesec.research@proton.me
2. What Data We Collect
- Uploaded log files processed in memory only. Never written to disk. Deleted immediately after analysis.
- IP addresses in your logs anonymized before reaching any model. Last octet replaced with XXX (GDPR Article 25).
- Scan results held in server memory only for your session. Not persisted between server restarts.
- Server access logs Railway.app may retain standard HTTP access logs for up to 30 days.
3. What We Do NOT Collect
- No tracking cookies or analytics services
- No user accounts or profiles
- No sale or sharing of data with third parties
- No log file content stored on disk at any point
4. Legal Basis for Processing (GDPR)
Article 6(1)(b) processing necessary for the performance of a service you requested.
5. Data Retention
- Uploaded files: Deleted immediately after processing.
- Scan results: Server memory only cleared on restart or after 24 hours.
- anonymized IPs: Never stored processed in memory only.
6. Your Rights Under GDPR
You have the right to access, delete, and request confirmation of data deletion.
Contact: habesec.research@proton.me
7. Data Security
- HTTPS / TLS encryption for all data in transit
- IP anonymization before any model processing
- Rate limiting and input sanitisation against abuse
8. Third Party Services
- Railway.app hosting provider. See railway.app/legal/privacy
- No analytics, advertising, or tracking services used.
9. Contact
Email: habesec.research@proton.me
GitHub: github.com/ag3los/HABE
Back to HabeSec