Last Updated: November 26, 2025

1. Overview

Disrupt The Loop (disrupttheloop.com) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and interact with our research program.

Core Privacy Principle: We collect only information necessary for research collaboration and partnership evaluation. We do not monetize personal data, engage in behavioral tracking for commercial purposes, or participate in surveillance paradigms.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

• Contact Us: Name, email address, institutional affiliation, message content
• Request NDA Access: Name, email, institutional affiliation, position/title, professional credentials, intended use of materials
• Submit Partnership Inquiries: Professional background, research interests, collaboration goals, institutional resources
• Execute NDA: Legal name, signature, date, institutional authorization (if applicable)

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain technical information:

• Log Data: IP address, browser type, operating system, access times, pages viewed, referring URL
• Cookies: Small data files stored on your device (see Section 9 for details)
• Analytics Data: Aggregate usage statistics (page visits, time on site, navigation paths)

Important: We do NOT collect sensitive personal information such as Social Security numbers, financial data, medical information, or precise geolocation data.

3. How We Use Your Information

We use collected information solely for the following purposes:

3.1 Research Collaboration

• Evaluate potential academic, clinical, legal, or technical partnerships
• Provide access to NDA-protected research materials
• Facilitate communication regarding collaboration opportunities
• Schedule consultations and partnership discussions

3.2 Website Operation

• Respond to inquiries and provide customer support
• Improve website functionality and user experience
• Analyze aggregate usage patterns to optimize content
• Maintain website security and prevent abuse

3.3 Legal Compliance

• Comply with legal obligations and regulatory requirements
• Enforce our Terms and Conditions and NDA agreements
• Protect intellectual property rights
• Respond to lawful requests from authorities

We do NOT use your information for:

• Targeted advertising or behavioral profiling
• Sale or rental to third parties
• Unrelated commercial purposes
• Surveillance or monitoring beyond website security

4. Information Sharing and Disclosure

4.1 No Sale of Personal Data

We do NOT sell, rent, or trade your personal information to third parties for commercial purposes.

4.2 Limited Disclosure Circumstances

We may share your information only in these specific circumstances:

• Service Providers: Trusted third-party vendors who assist with website hosting, email delivery, or analytics (under strict confidentiality agreements)
• Institutional Partners: If you represent an institution and request partnership discussions, we may share your inquiry with relevant institutional contacts (with your consent)
• Legal Requirements: When required by law, subpoena, court order, or government investigation
• Protection of Rights: To enforce our legal rights, investigate potential violations, or protect against fraud or security threats
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with continued privacy protection obligations)

4.3 Aggregate Data

We may share anonymized, aggregated statistical data that cannot identify individuals (e.g., “50% of visitors are from academic institutions”).

5. Data Security

We implement reasonable security measures to protect your information:

• Encryption: SSL/TLS encryption for data transmission
• Access Controls: Limited access to personal data on need-to-know basis
• Secure Storage: Protected servers with industry-standard safeguards
• Regular Audits: Periodic security assessments and updates

Important Limitation: No method of internet transmission or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information only as long as necessary for the purposes described in this policy:

• Contact Inquiries: Retained for 2 years or until resolved
• NDA Agreements: Retained for duration of confidentiality period (5 years) plus any legal hold requirements
• Partnership Communications: Retained for duration of collaboration discussions plus 3 years
• Website Logs: Retained for 90 days (unless required for security investigations)

After retention periods expire, we securely delete or anonymize your information.

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Correction

You may request access to the personal information we hold about you and request corrections of any inaccuracies.

7.2 Deletion

You may request deletion of your personal information, subject to legal retention requirements and ongoing contractual obligations (e.g., executed NDA agreements).

7.3 Opt-Out

You may opt out of future communications by contacting us or using unsubscribe links in emails.

7.4 Data Portability

You may request a copy of your personal information in a structured, machine-readable format.

7.5 Restriction of Processing

You may request that we restrict processing of your personal information under certain circumstances.

To Exercise Your Rights: Contact us at privacy@disrupttheloop.com. We will respond within 30 days.

8. Children’s Privacy

This website is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will promptly delete it.

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality (e.g., session management, security)
• Analytics Cookies: Collect aggregate usage statistics to improve website (e.g., Google Analytics)

We do NOT use:

• Advertising or tracking cookies for behavioral profiling
• Third-party cookies for cross-site tracking
• Cookies to collect sensitive personal information

9.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect website functionality.

10. Third-Party Links

Our website may contain links to third-party websites (e.g., academic references, research citations). We are not responsible for the privacy practices of those websites. Please review their privacy policies before providing information.

11. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. By using this website, you consent to such transfers. We ensure appropriate safeguards are in place consistent with applicable data protection laws.

12. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information (subject to exceptions)
• Right to opt-out of sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising privacy rights

To exercise CCPA rights, contact privacy@disrupttheloop.com.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to access, rectification, erasure, and restriction of processing
• Right to data portability and to object to processing
• Right to withdraw consent and lodge complaints with supervisory authorities

Our legal basis for processing your information includes:

• Consent: When you voluntarily provide information or agree to cookies
• Legitimate Interests: For research collaboration, website operation, and security
• Legal Obligations: For compliance with applicable laws

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “Last Updated” date. Continued use of the website after changes constitutes acceptance of the revised policy.

For material changes affecting your rights, we will provide prominent notice or seek your consent as required by law.

15. Anti-Surveillance Commitment

Consistent with our research ethics, we explicitly reject surveillance paradigms:

• We do not use vulnerability prediction methods on website visitors
• We do not analyze user behavior for psychological profiling
• We do not monetize vulnerability data
• We do not engage in manipulative design or coercive practices

Our framework is designed to expose such practices, not perpetuate them.

16. Contact Information

17. Consent

By using this website, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy.