Legal Information

Disclaimer

Breach House is a platform that aggregates publicly available information regarding security incidents and claims made by third parties, such as threat actors. The information presented is collected and displayed with the primary goal of alerting potential victims and organizations.

The data shown on Breach House is based on external sources and has not been independently verified by us. While we strive to present the information objectively, we do not confirm or validate the accuracy of the original claims made by third parties. By accessing or using Darkeye Industries, you acknowledge that you do so at your own risk and should treat the information with due caution.

Privacy Policy and GDPR Compliance

Darkeye Industries is firmly committed to data protection and adheres strictly to applicable regulations, including the EU's General Data Protection Regulation (GDPR).

Data Processed: We exclusively process and display publicly available metadata associated with security incidents reported by third parties. This typically includes information such as affected organization names, incident dates, reported data types (e.g., "customer emails," "employee records" - without displaying the actual data), and threat actor attributions, if publicly claimed. Crucially, we do not collect, store, process, or display sensitive personal data directly originating from the security breaches themselves. Our focus is solely on the publicly accessible information about the breaches.

Legal Basis (GDPR Article 6(1)(f)): Our legal basis for processing this limited metadata is Article 6(1)(f) of the GDPR: Legitimate Interests. We have conducted a careful assessment and determined that we have a legitimate interest in:

• Providing timely alerts to potential victims and organizations about publicly claimed security incidents, enabling them to take protective measures.
• Contributing to the broader cybersecurity ecosystem's awareness of ongoing threats and breach trends based on publicly available information.
• Facilitating security research and awareness by aggregating publicly known incident details.

Balancing Test: We believe these legitimate interests are not overridden by the interests or fundamental rights and freedoms of data subjects. This is because:

• Data Minimization: We only process metadata that is already in the public domain, often published by the threat actors themselves or news outlets. We do not seek out or publish non-public personal data.
• Limited Impact: The processing concerns information about potential breaches, not the sensitive contents of those breaches. The impact on individual privacy is minimal compared to the potential benefit of awareness and mitigation.
• Purpose: The purpose is protective and informative, aimed at mitigating harm from publicly known threats.

Transparency and Rights: This policy serves to provide transparency about our data practices. Should you believe any displayed metadata is inaccurate, pertains to you in a way that violates your rights despite its public nature, or if you have other privacy concerns related to our processing under GDPR, please contact us immediately at [email protected] to discuss rectification or other potential rights.

Terms of Use

By accessing or using the Darkeye Industries website and services ("Service"), you agree to comply with and be bound by these Terms of Use ("Terms"). If you do not agree to these Terms, you must not access or use the Service.

1. Permitted Use: You are granted a non-exclusive, non-transferable, revocable license to access and use the Service strictly for informational, research, and awareness purposes related to cybersecurity and publicly reported data breaches.
2. Prohibited Uses: You agree not to use the Service:
   • For any unlawful purpose or in violation of any applicable local, state, national, or international law.
   • To harass, abuse, defame, or harm others.
   • To attempt to gain unauthorized access to the Service, user accounts, or computer systems or networks connected to the Service.
   • To engage in any data mining, data harvesting, data extracting, scraping, or any other similar activity in relation to this Service, beyond reasonable manual access for permitted purposes.
   • To distribute, resell, or commercially exploit the Service or its content without express written permission from Darkeye Industries.
   • To reverse engineer, decompile, or disassemble any portion of the Service.
3. Disclaimer of Warranties: The Service and the information provided are offered on an "AS IS" and "AS AVAILABLE" basis. Darkeye Industries makes no representations or warranties of any kind, express or implied, as to the accuracy, completeness, reliability, or timeliness of the information contained herein. You acknowledge that the information originates from third-party claims and has not been independently verified (See Disclaimer section).
4. Limitation of Liability: To the fullest extent permitted by applicable law, Darkeye Industries, its affiliates, officers, directors, employees, agents, or licensors shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses, resulting from (a) your access to or use of or inability to access or use the Service; (b) any conduct or content of any third party on the Service; (c) any content obtained from the Service; or (d) unauthorized access, use, or alteration of your transmissions or content.
5. Intellectual Property: The Service name, logo, design, and overall appearance are the property of Darkeye Industries. The aggregated data itself originates from public sources.
6. Modifications to Terms: Darkeye Industries reserves the right to modify these Terms at any time. We will notify users of significant changes by posting the new Terms on the site. Your continued use of the Service after such changes constitutes your acceptance of the new Terms.
7. Governing Law: These Terms shall be governed and construed in accordance with the laws of [SPAIN (EUROPE)], without regard to its conflict of law provisions.
8. Contact: For any questions regarding these Terms, please contact us at [email protected].