Privacy Policy - ThreatListPro | We Don't Collect Your Data

🛡️

We Do NOT Collect Your Data

ThreatListPro does not collect, store, track, or share any of your personal information. Your privacy is fully protected.

What We Do NOT Collect

Unlike many websites, ThreatListPro does not use any tracking or data collection mechanisms. Here's what we specifically do NOT collect:

🚫

No Cookies

We don't use tracking cookies or any persistent storage on your device

🚫

No Analytics

No Google Analytics, no tracking pixels, no third-party scripts

🚫

No Personal Data

We don't collect your name, address, phone number, or any personal details

🚫

No Browsing History

We don't track which pages you visit or how you use our site

🚫

No IP Logging

We don't log or store your IP address when you visit our website

🚫

No Data Sharing

We don't share, sell, or transfer any information to third parties

💳 How Payment Works

When you subscribe to ThreatListPro, your payment is processed entirely by Stripe—a trusted, industry-leading payment processor. We never see or store your payment details.

🔐 Stripe Handles Everything

💳 We Never See Your Card

✅ PCI-DSS Compliant

ℹ️ What Stripe Receives

Stripe processes your payment and provides us only with a subscription confirmation. Your credit card number, billing address, and other payment details remain securely with Stripe and are never transmitted to ThreatListPro servers.

Your API Key & Service Access

After subscribing, you receive a unique API key that allows your firewall to access our blocklist. This API key is:

🔑 About Your API Key

Your API key is a randomly generated string that grants access to the blocklist service. It is not linked to any personal information. If you cancel your subscription, the API key simply stops working—no personal data exists to delete.

✅ Our Privacy Promise

We do NOT use cookies or tracking technologies
We do NOT collect personal information
We do NOT use analytics or tracking scripts
We do NOT store your payment information
We do NOT share data with third parties
We do NOT log your IP address or browsing activity
Stripe handles all payment processing securely
Your API key is not linked to personal data

Why We Don't Collect Data

As IT professionals ourselves, we understand the importance of privacy. We built ThreatListPro to solve a technical problem—stopping VPN brute force attacks—not to harvest user data.

We believe in providing a simple, focused service without unnecessary data collection. You pay for access to our blocklist, and that's the entire relationship. No tracking, no profiling, no data mining.

Your privacy isn't just a policy—it's built into how we operate.

GDPR Compliance (EU Residents)

The General Data Protection Regulation (GDPR) governs how companies handle personal data of individuals in the European Union. Because ThreatListPro does not collect or process personal data from our website visitors, the majority of GDPR obligations simply do not apply to our service. However, for full transparency, here is how we address GDPR requirements.

Legal Basis for Processing

The only personal data processed in connection with ThreatListPro is your email address and payment method, and that processing is performed by Stripe, our payment processor, under the legal basis of contractual necessity (Article 6(1)(b) GDPR). You provide this data directly to Stripe in order to receive the subscription service you requested. We do not store this data ourselves.

Your Rights Under GDPR

If you are an EU resident, you have the following rights:

Right of access — to know what personal data is held about you.
Right to rectification — to correct inaccurate personal data.
Right to erasure ("right to be forgotten") — to have your personal data deleted.
Right to restriction of processing — to limit how your data is used.
Right to data portability — to receive your data in a portable format.
Right to object — to object to certain types of processing.
Right to withdraw consent — to withdraw any consent previously given.

Because we do not store your personal data, many of these rights are exercised directly through Stripe. To exercise any of the above rights with respect to Stripe-held data, contact Stripe directly or contact us at the email address below and we will forward your request.

International Transfers

ThreatListPro is operated from the United States. Payment data processed by Stripe may be transferred to, and stored in, the United States. Stripe relies on Standard Contractual Clauses (SCCs) approved by the European Commission for these transfers. You can read Stripe's privacy policy at stripe.com/privacy.

CCPA Compliance (California Residents)

The California Consumer Privacy Act (CCPA) and its successor, the California Privacy Rights Act (CPRA), grant California residents specific rights regarding their personal information. ThreatListPro does not sell, rent, or share personal information, and we have never done so.

Categories of Personal Information Collected

In the past 12 months, ThreatListPro has not collected any of the categories of personal information enumerated under the CCPA directly from you via our website. The only personal information associated with your subscription (email address, payment method) is collected and stored by our payment processor, Stripe, not by us.

Your CCPA Rights

Right to know — what personal information we collect, use, disclose, or sell.
Right to delete — personal information we collected from you (subject to exceptions).
Right to correct — inaccurate personal information we maintain about you.
Right to opt-out — of the sale or sharing of your personal information.
Right to non-discrimination — we will not discriminate against you for exercising any CCPA rights.

Do Not Sell My Personal Information

ThreatListPro does not sell personal information. We have no advertising partners, no data brokers, no affiliate marketers. Your data stays where it belongs: with you and your payment processor.

Data Retention

Because we do not collect personal data from our website, there is no website-based user data to retain. For operational data directly tied to your subscription, our retention practices are as follows:

Subscription records — retained by Stripe according to their own retention policy and applicable tax/accounting law (typically 7 years in the US).
API keys — stored in a key-value database linked only to an opaque customer ID. Deleted within 30 days of subscription cancellation.
API request logs — we may retain minimal aggregate usage counters (total requests per API key) for abuse prevention and service health monitoring. No IP addresses, no request payloads, no personally identifiable information is stored. Counters are retained for up to 90 days.
Email correspondence — if you email our support address, we retain your email for as long as needed to respond and for up to 12 months thereafter for quality and troubleshooting purposes.

Server Logs and Operational Data

Our web hosting provider (Cloudflare) maintains minimal edge logs for network security and DDoS mitigation purposes. These logs are controlled by Cloudflare, are typically retained for a short period (commonly 7 days or less), and are not accessed by us except in response to a specific security incident.

We do not run any analytics software (such as Google Analytics, Matomo, Plausible, or similar) on any page of this website. We do not run session recording tools. We do not run heatmap tools. We do not embed social media tracking pixels. Load the page, read the content, close the tab—nothing about your visit is recorded or analyzed by us.

Children's Privacy (COPPA)

ThreatListPro is a business-to-business security service. Our service is not directed at, nor intended for use by, children under the age of 13. We do not knowingly collect personal information from anyone under 13 in compliance with the Children's Online Privacy Protection Act (COPPA). If you believe a child has interacted with our service in a way that requires our attention, please contact us.

Changes to This Policy

We may revise this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the bottom of this page. For any material change that affects how we handle data, we will do our best to notify subscribers by email prior to the change taking effect. Because we collect no personal data from website visitors, non- material changes (such as clarifications of existing practices) may be published without individual notice.

We encourage you to review this policy periodically. Your continued use of ThreatListPro after a policy change constitutes acceptance of the revised terms.

Third-Party Services We Rely On

To operate ThreatListPro we use a small number of third-party services. Each of these services has its own privacy policy, which we encourage you to read.

Stripe — payment processing. Stripe receives your payment details and creates a subscription. stripe.com/privacy
Cloudflare — web hosting, CDN, and DDoS protection. Cloudflare operates the network edge through which traffic to our site flows. cloudflare.com/privacypolicy
SMTP2GO — transactional email delivery for account-related messages (receipt of subscription, API key issuance). smtp2go.com/privacy-policy

We do not use, and have never used, advertising networks, tracking analytics services, social media tracking pixels, A/B testing platforms, or data broker services.

Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the United States and the State of California, without regard to conflict-of-laws principles. Any disputes arising out of or in connection with this policy shall be subject to the exclusive jurisdiction of the state and federal courts located in California.

Nothing in this policy limits any non-waivable rights you may have under applicable consumer protection or privacy law in your jurisdiction.

Last Updated: April 16, 2026
This policy is effective immediately and applies to all users of ThreatListPro.

Questions About Privacy?

If you have any questions about our privacy practices, feel free to reach out.

Email: [email protected]

🔒 Privacy Policy