Privacy Policy

1. Data Controller Information

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and applicable Spanish data protection legislation (LOPDGDD, LSSI-CE), we inform you:

Data Controller: RUBEN CARPI PASTOR

Tax ID (NIF): 20486958F

Activity: Self-employed professional

Address: Valencia (Valencia), Spain

Website: https://troyanosyvirus.com

Contact email: contacto@troyanosyvirus.com

TroyanosYVirus is a professional Cyber Threat Intelligence (CTI) platform that collects, analyzes and publishes security telemetry from honeypot sensors.

2. Data We Collect

2.1. Automatically collected visitor data:

IP address (anonymized for analytics)

Browser and device type

Pages visited and time spent

Country of origin (approximate geolocation)

2.2. Security telemetry data (honeypots):

This site publishes data obtained from our honeypot sensor network, including:

IP addresses that have interacted with our honeypots

Commands executed by attackers

Credentials used in brute force attacks

Captured malware samples

Connection metadata (ports, protocols, timestamps)

2.3. Considerations regarding IP addresses:

IP addresses may constitute personal data under the GDPR. We are aware of this nature and apply the corresponding legal bases for their publication. Published IPs correspond exclusively to activity detected by honeypot systems and may belong to compromised devices, proxies, VPNs or automated infrastructure, without their presence implying attribution of responsibility to their owner.

3. Legal Basis for Processing

We process data based on:

a) Consent (Art. 6.1.a GDPR):

Analytical and preference cookies

Contact forms (if applicable)

b) Legitimate interest (Art. 6.1.f GDPR):

Website security

Publication of security telemetry for cybersecurity research and defense

Contribution to the collective security of the Internet

Fraud and attack prevention

The legitimate interest in publishing security telemetry data is based on the need to share threat intelligence with the cybersecurity community for the protection of the general interest. We apply proportionality measures and offer a review procedure via contacto@troyanosyvirus.com.

c) Legal obligation (Art. 6.1.c GDPR):

Log retention for security purposes (Art. 12.2 LSSI-CE)

4. Security Telemetry Data

The telemetry data published on this platform is obtained through honeypot sensors that record unsolicited interactions with decoy systems. Publication of this data is carried out with the following guarantees:

Data comes exclusively from interactions with honeypot systems

No definitive attribution of criminal activity is made to any person or entity

Data may contain false positives resulting from automated analysis

A review procedure is offered to request removal or correction of data

Data is provided for research and defense purposes, not for retaliation

Review procedure:

Any person who believes a published IP affects them may request a review by sending an email to contacto@troyanosyvirus.com indicating the IP, the reason for the request, and documentation proving ownership.

5. Cookies

For detailed information about cookies used on this site, please see our Cookie Policy.

Summary of cookies used:

Technical (cookie_consent, locale): required for operation, 1 year

Analytics (_ga, _gid): Google Analytics 4 with IP anonymization, up to 2 years

6. User Rights

Under GDPR, you have the right to:

**a) Access (Art. 15 GDPR):** Obtain confirmation of whether we process your data and access it.

**b) Rectification (Art. 16 GDPR):** Request correction of inaccurate data.

**c) Erasure (Art. 17 GDPR):** Request deletion of your data ("right to be forgotten").

**d) Restriction (Art. 18 GDPR):** Request restriction of processing in certain cases.

**e) Portability (Art. 20 GDPR):** Receive your data in a structured format.

**f) Objection (Art. 21 GDPR):** Object to processing based on legitimate interest.

**g) Automated decisions (Art. 22 GDPR):** We do not make automated decisions that produce legal effects on you.

How to exercise your rights:

Send an email to contacto@troyanosyvirus.com indicating:

Your full name

Right you wish to exercise

Copy of ID/Passport (to verify identity)

We will respond within 30 days maximum.

Complaint to supervisory authority:

If you believe your rights have been violated, you can file a complaint with the Spanish Data Protection Agency (www.aepd.es) or your local supervisory authority.

7. Data Security

We implement technical and organizational measures to protect data:

HTTPS/TLS encryption for all communications

Secure storage on EU servers

Restricted access to personal data

Encrypted backups

Security monitoring

Visitor IP anonymization in analytics

8. International Transfers

Google Analytics:

We use Google Analytics 4 with IP anonymization enabled. Google complies with Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to the US.

Servers:

Our main servers are located in the European Union.

9. Data Retention

Website access logs: 12 months (Art. 12.2 LSSI-CE)

Analytics cookies: maximum 2 years

Contact data: until consent withdrawal

Honeypot telemetry data: indefinite retention (threat intelligence data)

10. Minors

This website is not intended for minors under 14 years old. We do not knowingly collect data from minors. If you are a parent or guardian and believe your child has provided us with personal data, contact us for its removal.

11. Changes

We reserve the right to modify this privacy policy. Changes will take effect upon publication on the website. The date of the last update is indicated at the beginning of this document.