Legal
Privacy Policy
Last updated: 18 July 2026
Who we are
Cipher Group AB ("Cipher Group", "we", "us") is a cybersecurity consultancy based in Sweden. This policy explains what data this website collects, why, and what happens to it. If you have questions, contact us at info@ciphergroup.se.
What this site collects, and why
Approximate location, for the map visual
When you load the homepage, your browser requests your approximate location from an IP-geolocation service (ipwho.is, with ipapi.co as a fallback) so the satellite map on the page can center on your region. Your IP address, approximate city, and coordinates are displayed on screen as part of that visual effect. We don't store this data, send it to our own servers, or use it for anything beyond rendering the map — it exists only in your browser for the current page view.
Password breach checker
If you use the password checker in the Services section, your password never leaves your browser. It's hashed locally using SHA-1, and only the first five characters of that hash are sent to the Have I Been Pwned API (api.pwnedpasswords.com) — a k-anonymity technique that makes it impossible for that request to reveal your actual password. We never see, store, or transmit the password itself.
Contact form and email
If you contact us through our contact form or by email, we use the information you provide — such as your name, organization, and email address — solely to respond to your inquiry. We don't add you to any marketing list unless you separately subscribe.
Newsletter subscription
If you subscribe using the form in our footer, we use your email address only to send you the updates you signed up for. You can unsubscribe at any time.
Cookies and local storage
This site does not use cookies. It uses your browser's session storage for one purpose: remembering that you've already seen the loading animation, so it doesn't replay on every page within the same browsing session. This is cleared automatically when you close the tab and is never sent to any server.
Other third-party services this site uses
Loading this site makes requests to the following third parties, each of which may log standard connection data such as your IP address simply as part of serving the request:
- Google Fonts — for the JetBrains Mono typeface
- ArcGIS (Esri) and NASA GIBS — for satellite map imagery
- unpkg.com — for the Leaflet.js mapping library
- NIST National Vulnerability Database — for the live CVE feed (public data, no personal information involved)
We don't control these services' own data practices — see their respective privacy policies for details.
What we don't do
- We don't run analytics or advertising trackers of any kind.
- We don't sell or share your data with third parties for marketing.
- We don't use cookies for tracking.
Your rights
Under the GDPR, you have the right to access, correct, delete, or export any personal data we hold about you, and to object to or restrict how we use it. To exercise any of these rights, contact us at info@ciphergroup.se. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).
Data security
As a cybersecurity company, we take the security of any data we hold seriously, and we apply the same standards we advise our clients to follow.
Changes to this policy
We'll update this page whenever how we handle data changes, and update the date above accordingly.