Last updated: 14/01/2021
The Service does not store any personally identifiable information (such as name, email address or a user ID), nor any personal information (such as location).
The Service collects an anonymous identifier that is intended to uniquely identify a particular wireless local area network ("WLAN"). This is done by creating a one-way cryptographic digest from the SSID (commonly known as the "WiFi network name") of the currently connected WLAN and the BSSID of the access point that the device is connected to. This cryptographic digest (or "hash") is generated on your device and is transmitted securely to the Service, where it is used as a "network identifier". At no point is the SSID or BSSID used to derive the digest transferred off of the device.
The Service also collects the IP address that is used to connect to the Service from the smartphone applications alongside the network identifier.
This information is used for the delivery of the Service as it allows us to collate results of IP reputation providers and associate them with the same network over time. This information is also used for research purposes, studying the effect that communicating indications of compromise to end users has on remediation activities.
The NetStinky iOS Application and the NetStinky Android Application can optionally utilise background location permissions for improved service delivery. This is due to both platforms requiring location access in order to fetch the SSID ("WiFi network name") of the currently connected network. This is used in order to track changes to the current network, such that the NetStinky application can automatically check newly connected networks or re-check those that have not been checked recently.
Your network identifier will not be transmitted to any 3rd parties. Your combined network identifier and IP address information may be used in aggregate for the purposes of academic research or publication. The IP address you use to connect to the Service will be used to submit queries to 3rd party IP reputation providers in order to determine if the IP address has recently displayed indications of compromise.
THE SERVICE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SERVICE OR THE USE OR OTHER DEALINGS IN THE SERVICE.
If you have any questions, concerns or other inquiries regarding this policy or the use of information please contact us at firstname.lastname@example.org