Daily Breach
Website: www.dailybreach.in

Last updated on: 1st January 2026

 

Introduction

Daily Breach respects your privacy and values the trust you place in us. This Privacy Policy explains how we collect, use, store, share and protect your personal data when you access or use our website www.dailybreach.in or interact with us through any other digital means. Daily Breach is a cyber security news and analysis platform which provides articles, insights and updates on cyber risks, data breaches, policy developments and technology trends. In the course of operating this platform and communicating with readers, we may process certain personal data relating to you.

 

We seek to comply with the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000 along with the rules and directions issued under them, to the extent applicable. By accessing or using www.dailybreach.in you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree with this Policy, you should not use our website or related services.

 

Scope and applicability

This Privacy Policy applies to personal data that we collect in digital form through our website, email, contact forms and other online communication channels that we control. It covers personal data collected when you browse our website, read our content, contact us, subscribe to any updates, or otherwise interact with Daily Breach in a digital environment.

 

The Policy applies where such personal data is processed in India, or is connected with any activity related to offering of content or services to individuals in India. It does not apply where you use the website purely for personal or domestic purposes without any commercial or professional element. It also does not apply to information that you have independently and deliberately made publicly available in a manner that is not restricted by access controls.

 

Definitions

For ease of understanding, the following expressions are used in this Privacy Policy.

• “Personal data” means any data about an individual who is identifiable by or in relation to such data.
• “Data Principal” means the individual to whom the personal data relates.
• “Data Fiduciary” means the person who alone or in conjunction with others determines the purpose and means of processing personal data.
• “Processing” includes collection, recording, storing, organising, using, sharing, transferring, erasing or otherwise dealing with personal data.
• “Applicable law” refers to the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000 and the rules made thereunder, to the extent relevant.

For the purposes of this website, Daily Breach acts as a Data Fiduciary in respect of the personal data it processes, and you, as a visitor or user of the website, are a Data Principal.

 

Categories of personal data collected

Depending on how you interact with Daily Breach, we may collect and process different types of personal data.

• Contact and identification data: This may include your name, email address, mobile number and any other contact details that you voluntarily share with us. It may also include information like your professional role, organisation or area of interest, where you choose to provide such details for networking, collaboration, or communication.
• Communication data: This includes the content of emails, messages and submissions that you send to our official email addresses or through contact forms on the website. It covers queries, feedback, collaboration proposals, complaints or any other communication you choose to initiate with us.
• Usage and technical data: When you visit the website, certain technical information may be collected automatically through server logs and standard internet technologies. This may include your IP address, approximate location based on IP, device type, operating system, browser type and version, date and time of access, pages visited, time spent on pages, referrer information and similar usage data.
• Cookies and analytics data: We may use cookies and similar technologies to collect information about how users interact with our website. This can include page views, click patterns, scroll behaviour and aggregate statistics relating to user engagement. Such data is generally used in an aggregated or pseudonymised manner for analytics and improvement of our services.

We do not intentionally seek to collect sensitive financial information, passwords, or government identification numbers through this website. If such information is received inadvertently, we take reasonable steps to restrict its use and delete it in a secure manner.

 

Sources of personal data

We collect personal data from three main sources. First, we collect data directly from you when you provide it voluntarily, for example when you send us an email, fill a contact form, request information, or subscribe to any communication from Daily Breach. Second, we collect certain technical and usage data automatically from your device when you access our website, through server logs and cookies. Third, we may also access limited information from publicly available sources, such as your public profile on professional or social platforms, when you interact with our official pages or contact us using those channels.

 

Legal basis and purposes of processing

We process personal data only for lawful purposes and in a manner that is fair and reasonable. The main legal bases we rely on are your consent where required, and other legitimate and lawful grounds recognised under applicable law.

• Processing based on consent

In many situations, especially where we collect personal data directly from you for specific purposes, we rely on your consent. We provide you with a clear and reasonably accessible notice describing the personal data that will be collected and the purposes for which it will be used, and we seek your consent before proceeding, wherever such consent is required by law.

 

Based on your consent, we may use your personal data to respond to your queries, to communicate with you about articles, events, webinars, collaborative opportunities or calls for submissions, and to send newsletters or updates if such features are offered and you choose to subscribe. You are free to withdraw your consent at any time by writing to us or using any unsubscribe or opt out option provided. Withdrawal of consent does not affect processing that has already taken place before such withdrawal, but we will stop further processing for the specific purposes for which consent was withdrawn, subject to legal or contractual requirements.

• Processing based on legitimate and lawful purposes

In some cases, we may process personal data without obtaining fresh consent, where such processing is allowed by applicable law and is necessary for legitimate purposes. These purposes can include compliance with legal obligations, responding to lawful directions or orders from regulatory or law enforcement authorities, maintaining network and information security, detecting or preventing fraud, cyber incidents or misuse of our website, and maintaining internal records, logs and documentation as required.

 

In all such cases, we will seek to balance these legitimate interests with your rights and reasonable expectations, and will avoid processing in a manner that is unfair or excessively intrusive.

 

How we use personal data

We use the personal data collected through Daily Breach for several interrelated purposes. The primary purpose is to operate, maintain and improve our website and services. This includes delivering content, ensuring that the website functions correctly across devices, and improving navigation, layout and performance based on usage patterns and feedback.

 

We also use personal data to communicate and engage with you. This includes replying to emails and messages, handling your queries, receiving and acting on feedback, and sending you newsletters, updates or invitations to relevant events or initiatives where you have consented or requested such communication.

 

Further, we use aggregated and anonymised analytics derived from usage and technical data to understand readership trends, measure the performance of different types of content, and identify topics that are most useful for our audience. This helps us align Daily Breach with our mission to simplify and explain complex cyber security issues.

 

Finally, we use personal data for security and compliance purposes. This includes monitoring our website for suspicious or malicious activity, maintaining server logs, enforcing our terms of use and complying with legal obligations, regulatory requirements or directions from competent authorities.

 

We do not engage in automated decision making that produces legal or similarly significant effects concerning you, nor do we profile individuals for targeted advertising through this website.

 

Cookies and similar technologies

Our website may use cookies and similar technologies as part of its technical operation and for analytics. Cookies are small text files that a website places on your device through your browser. They help us remember certain information about your visit and understand how users interact with the website.

 

We may use cookies to support basic preferences where implemented, to measure traffic and usage patterns in an aggregated manner, and to enhance security features. You can manage cookies through your browser settings, including deleting existing cookies or blocking future cookies. Please note that blocking certain cookies may affect the functionality or performance of parts of the website.

 

If we use third party analytics or embedded content that relies on cookies, we will take reasonable steps to ensure that such use is consistent with applicable privacy requirements, and we encourage you to review any relevant third party privacy policies where they apply.

 

Sharing and disclosure of personal data

Daily Breach does not sell your personal data to any third parties. We only share personal data where such sharing is necessary, proportionate and lawful.

 

We may share personal data with service providers and technical partners who support the operation of our website and related services, such as hosting providers, email service providers, and analytics or security vendors. These entities act as processors on our behalf and are bound by appropriate contractual obligations to handle personal data only under our instructions and to maintain suitable security standards.

 

We may also share personal data with professional advisors such as advocates, auditors or consultants where required for legitimate business, legal or compliance purposes. In addition, we may share personal data with government authorities, regulators or law enforcement agencies when we are required to do so under law, or when such disclosure is necessary to comply with lawful directions, judicial orders or regulatory processes.

 

In any other situation, we will share your personal data with third parties only if you have given your specific consent or requested us to do so.

 

Cross border transfer of personal data

Our hosting infrastructure or certain service providers may be located outside India. As a result, your personal data may be transferred to and processed in one or more foreign jurisdictions. Where such cross border transfers occur, we will take reasonable steps to ensure that the recipient is subject to obligations that provide a level of data protection that is not lower than that required under applicable Indian law, to the extent such obligations are mandated. Your use of the website signifies that you understand this possibility of cross border transfer.

 

Retention of personal data

We retain personal data only for as long as it is reasonably necessary for the purposes for which it was collected, or for such longer periods as may be required by law, regulatory requirements or legitimate business needs. The exact retention period may vary depending on the type of data and the context in which it has been collected.

 

As a general practice, we consider the time required to respond to your queries or requests, the duration of your ongoing interaction with Daily Breach, and any statutory record keeping obligations that may apply. Once the relevant purpose has been fulfilled and there is no further requirement to retain the data, we will either delete it in a secure manner or anonymise it so that it no longer identifies you. Where immediate deletion is not technically or operationally feasible, we will store the data securely and restrict access to it until deletion is possible.

 

Security measures

We implement reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration or destruction. These measures may include access controls, authentication mechanisms, logging and monitoring of system access, secure configuration of servers, periodic review of vulnerabilities, and appropriate back up and recovery practices.

 

While we strive to adopt security practices aligned with industry norms, no system is completely immune from risks. You are also advised to take normal precautions while using the internet, such as keeping your devices secure, using strong passwords and avoiding sharing sensitive information through unsecured channels.

 

Personal data breach management

In the event of a personal data breach affecting our systems or services, we will act promptly to investigate and mitigate the incident. This will typically involve identifying the cause of the breach, containing its impact, assessing the nature and extent of the risk to affected individuals, and taking corrective measures to prevent recurrence.

 

Where applicable law requires, we will also notify the relevant authority and, where necessary, inform affected individuals of the breach, along with information on steps they may take to protect themselves. The exact process and timelines will follow the legal requirements in force at that time.

 

Children’s personal data

Daily Breach is designed primarily for adult readers, including students, professionals, researchers and policy enthusiasts. We do not knowingly collect personal data from children below the age of eighteen years. If we become aware that personal data of a child has been collected inadvertently without appropriate consent from a parent or lawful guardian, we will take reasonable steps to delete such data.

 

If we ever introduce services specifically targeted at children, we will update this Privacy Policy and implement any additional measures required by law, including parental consent mechanisms where applicable.

 

Your rights as a Data Principal

Subject to conditions and limitations under applicable law, you may have certain rights in relation to your personal data. These can include the right to obtain a summary of the personal data being processed about you, the right to seek information regarding the processing activities undertaken in respect of your personal data, the right to request correction or updating of inaccurate or incomplete personal data, and the right to request deletion of personal data in specific circumstances, such as where the purpose of processing has been fulfilled and retention is no longer required.

 

Where processing is based on your consent, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing carried out before such withdrawal. You also have the right to register a grievance with us if you are dissatisfied with the way we handle your personal data, and to approach appropriate authorities in accordance with law if you are not satisfied with our response.

 

Exercising your rights

You may exercise your rights or raise any request relating to your personal data by contacting us using the details given in the “Contact and grievance redressal” section below. Please clearly describe your request and provide sufficient details to help us identify you and the relevant data. We may ask you for additional information, if needed, to verify your identity and to ensure that the request is genuine and not abusive.

 

We will examine and respond to your request within a reasonable period, taking into account the complexity and nature of the request and any statutory time limits that may apply. In some cases, we may not be able to fully comply with your request, for example where it conflicts with legal obligations, third party rights or important public interest considerations. In such situations, we will inform you of the position, to the extent permitted by law.

 

Your duties as a Data Principal

While interacting with Daily Breach, you are expected to provide accurate, authentic and complete information wherever personal data is required. You should not impersonate another person, misrepresent your identity, or provide information that you know to be false or misleading. You should also avoid filing frivolous or malicious grievances or requests. These duties align with the broader responsibilities placed on individuals under Indian data protection and cyber laws.

 

Third party links and content

Our website may contain links to third party websites, platforms or services which are not operated or controlled by Daily Breach. This Privacy Policy does not apply to such external sites. Their handling of personal data is governed by their own privacy policies and terms of use. Your use of such third party sites is at your own discretion and risk, and we encourage you to review their privacy policies before sharing any personal data there.

 

Compliance with Information Technology Act, 2000

We recognise and respect the obligations relating to privacy and confidentiality under the Information Technology Act, 2000 and the rules framed under it. We do not intentionally disclose personal information in breach of any legal duty or contractual obligation. Where we receive lawful directions or requests from competent authorities under the IT Act or other applicable laws, we will comply with such directions in the manner and to the extent required, subject to applicable safeguards and procedures.

 

Changes to this Privacy Policy

We may revise this Privacy Policy from time to time to reflect changes in law, technology, our practices or other operational reasons. Whenever we make significant changes, we will update the “Last updated” date at the top of this document. Where appropriate, we may also provide a more prominent notice on the website. Your continued use of www.dailybreach.in after the updated Policy comes into effect will be treated as your acceptance of the revised terms.

 

Contact and grievance redressal

We have appointed a Grievance Officer to handle queries and grievances relating to privacy and personal data. If you have any request, concern or complaint regarding this Privacy Policy or our handling of your personal data, you may contact:

 

Grievance Officer
Advocate Amal Singh
Contact Number: +91 90447 90516
Email: amal@dailybreach.in

 

Please mention “Privacy Request” or “Data Protection Grievance” in the subject line of your email or message, so that we can route it appropriately. We will acknowledge and address your concern within a reasonable time, keeping in view the timelines prescribed under applicable law. If you are not satisfied with our response, you may explore further remedies available under Indian law.