hashmama@crypto:~$ cat /etc/privacy/policy.md
$ cat /etc/privacy/policy.md
=== PRIVACY POLICY ===
Data protection and privacy standards
=========================================

🔒 Privacy Policy

Protecting your privacy while providing world-class cryptographic education and tools

hashmama@crypto:~$ view privacy_policy.txt
$ view privacy_policy.txt
=== PRIVACY POLICY CONTENT ===
Comprehensive data protection and privacy standards
=========================================

1. Information Collection & Processing

Direct Information Collection

HashMama collects information you provide directly through our cryptographic tools and educational services, including:

  • • Educational Data: Course progress, quiz results, and learning analytics from our hashing tutorials
  • • Tool Usage: Anonymous statistics on hash function usage, algorithm preferences, and performance metrics
  • • Communication: Name, email, and institutional affiliation for educational support and updates
  • • Research Data: Anonymized usage patterns for improving cryptographic education tools
Technical Note: All cryptographic operations (hashing, key generation, collision analysis) are performed client-side using Web Crypto API. No sensitive data is transmitted to our servers.

2. Data Security & Cryptographic Standards

Industry-Leading Security Measures

As a company specializing in cryptographic education, we implement the highest standards of data protection:

  • • End-to-End Encryption: All data transmission uses TLS 1.3 with strong cipher suites
  • • Client-Side Processing: Hash functions, HMAC operations, and key derivation occur locally in your browser
  • • Zero-Knowledge Architecture: We cannot access your cryptographic inputs, outputs, or private keys
  • • Secure Infrastructure: AWS-based hosting with SOC 2 Type II compliance and regular security audits
Security Standard: Our cryptographic implementations follow NIST FIPS 180-4 (SHA-2), FIPS 202 (SHA-3), and RFC 5869 (HKDF) standards.

3. Data Storage & Geographic Location

United States-Based Operations

HashMama LLC operates from Sheridan, Wyoming, with data processing facilities located within the United States:

  • • Primary Location: Sheridan, Wyoming, United States (44.7972° N, 106.9562° W)
  • • Data Centers: AWS US-East-1 (N. Virginia) and US-West-2 (Oregon) regions
  • • Compliance: GDPR, CCPA, and Wyoming data protection laws
  • • Retention: Educational data retained for 3 years, usage analytics for 1 year
Legal Framework: Operating under Wyoming LLC laws with registered agent services in Sheridan County.

4. Educational Analytics & Research

Improving Cryptographic Education

We collect anonymous analytics to enhance our educational tools and advance cryptographic knowledge:

  • • Learning Analytics: Course completion rates, difficulty assessments, and concept mastery tracking
  • • Tool Performance: Hash function execution times, algorithm popularity, and error rate analysis
  • • Research Contributions: Anonymized data shared with academic institutions for cryptographic research
  • • Publication: Research findings published in peer-reviewed cryptography conferences and journals
Research Ethics: All research activities follow institutional review board (IRB) guidelines and maintain participant anonymity.

5. Your Rights & Data Control

Complete Data Sovereignty

As a user of our cryptographic education platform, you maintain full control over your data:

  • • Access Rights: Complete transparency into all data we collect about you
  • • Correction Rights: Ability to update, modify, or correct any inaccurate information
  • • Deletion Rights: Complete removal of your data from our systems upon request
  • • Portability: Export your educational progress and learning data in standard formats
Exercise Your Rights: Contact our Data Protection Officer at privacy@hashmama.com or use our automated data control panel.

6. Third-Party Services & Integrations

Minimal External Dependencies

We maintain strict control over third-party services to ensure your privacy:

  • • Analytics: Self-hosted Plausible Analytics with zero data sharing to third parties
  • • Infrastructure: AWS services with strict data processing agreements and zero data mining
  • • Payment Processing: Stripe with PCI DSS Level 1 compliance and encrypted payment data
  • • No Advertising: Zero third-party advertising networks or tracking pixels
Vendor Selection: All third-party services undergo rigorous privacy and security assessments before integration.

7. Policy Updates & Communication

Transparent Policy Management

We maintain transparency in all privacy policy changes and communications:

  • • Version Control: All policy changes tracked with Git and publicly accessible revision history
  • • Notification System: Email notifications for significant policy changes affecting user data
  • • Review Period: 30-day advance notice for major changes with opportunity for user feedback
  • • Documentation: Comprehensive privacy documentation available in multiple formats and languages
Change Log: Current version: 2.1.0 | Last updated: January 24, 2024 | Next review: April 24, 2024

Contact Information

Data Protection Officer:

privacy@hashmama.com

+1 (307) 672-XXXX

Legal Department:

legal@hashmama.com

PO Box XXXX, Sheridan, WY 82801

Response Time: All privacy inquiries responded to within 48 hours during business hours (Mountain Time).