PcapHub

Privacy Policy

Effective date: March 2026

Overview

PcapHub is a platform for storing, searching, and sharing packet capture (PCAP) files. This policy explains what data we collect, how we use it, and your rights regarding that data. We believe in being straightforward — no legalese walls, just clear information.

What We Collect

Account Information

When you register, we collect:

  • Email address
  • Username
  • Password (stored as a bcrypt hash — we never store your actual password)

Uploaded Files

You may upload PCAP files and related metadata (titles, descriptions, tags). These files can contain captured network traffic, which may include sensitive information such as credentials, email content, private keys, or personally identifiable information (PII).

Automatically Collected Data

  • IP addresses — used for rate limiting, brute-force protection, and audit logging
  • Login timestamps and activity logs for security purposes

How We Use Your Data

We use your data to:

  • Provide and operate the PcapHub service
  • Authenticate you and manage your account
  • Protect against abuse, brute-force attacks, and unauthorized access
  • Enforce our Terms of Service
  • Improve the platform and fix issues

We do not sell your data. We do not use your data for advertising. We do not build advertising profiles.

PCAP Files and PII

PCAP files can contain sensitive network traffic data. As the uploader, you are responsible for the content of your captures. PcapHub provides a best-effort PII detection feature that flags potential sensitive information in uploads, but this is an assistive tool — not a guarantee. It may miss certain types of PII and should not be relied upon as your sole safeguard.

Before sharing any capture publicly or with others, review the contents and consider whether it contains information that should remain private.

Cookies

We use strictly functional cookies — specifically, httpOnly authentication cookies to keep you signed in. That's it. No analytics cookies, no tracking cookies, no third-party advertising cookies.

Third-Party Services

  • Gravatar— We generate an MD5 hash of your email address and send it to Gravatar (gravatar.com) to retrieve your avatar image. This is an industry-standard practice. Gravatar's privacy policy applies to their handling of that hash.
  • Cloudflare R2 — Uploaded files may be stored using Cloudflare R2 object storage. Cloudflare acts as a data processor under their terms of service.

Data Retention

  • Account data is retained for as long as your account exists
  • PCAP files are retained until you delete them or delete your account
  • Security logs (IP addresses, login attempts) are retained for a reasonable period to detect and prevent abuse
  • When you delete your account, your data (including all uploaded files) is permanently removed

Your Rights

You have the right to:

  • Access — View and download your data through your account settings
  • Deletion — Delete your account and all associated data at any time
  • Export — Request a copy of your data by emailing us
  • Correction — Update your account information through your profile settings

To exercise any of these rights, email us at [email protected].

Security

We take security seriously and implement the following measures:

  • All data in transit is encrypted via TLS
  • Passwords are hashed using bcrypt
  • Authentication uses short-lived JWTs with httpOnly cookie fallback for XSS protection
  • Rate limiting and brute-force protection on login endpoints
  • IP-based and account-based lockout for repeated failed login attempts

No system is perfectly secure. While we work to protect your data, we cannot guarantee absolute security and encourage you to use a strong, unique password.

Abuse Reporting

If you believe a capture contains illegally intercepted communications, violates your intellectual property rights, or otherwise breaches our Terms of Service, you can report it using the Report button on any capture page, or by contacting us at [email protected].

We take all reports seriously and will review them in accordance with our content moderation policies. See our Terms of Service for details on our reporting and takedown procedures.

Children

PcapHub is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

Changes to This Policy

We may update this privacy policy from time to time. When we do, we will revise the "Effective date" at the top of this page. We encourage you to review this policy periodically. Continued use of PcapHub after changes constitutes acceptance of the updated policy.

Contact

Questions or concerns about this privacy policy? Reach out to us at [email protected].