Effective Date: April 28, 2025 Last Updated: April 28, 2025
The following terminology applies to this Privacy Policy ("Policy"), Terms of Service, any disclaimer notice, and any or all Agreements on this Website:
"Customer", "You", "User", "Your" refers to you, the person accessing this Website and using our Services/Products.
"Company", "Our", "We", "Us" refers to HyperPwn LLC.
"Product" refers to a unique product provided by us, including courses, labs, and e-books.
"Services" refers collectively to our website, online platform, and other offerings.
Welcome to HyperPwn LLC ("we", "us", "our"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and secure your information when you interact with our website, services, and affiliate program (collectively, the "Services"). By using our Services, you consent to the practices described in this Policy.
Legal Entity: HyperPwn LLC, a Wyoming limited-liability company.
Registered Address: 30 N Gould St, Ste R, Sheridan, WY 82801, USA
Privacy Contact: privacy@hyperpwn.com
Data Controller: HyperPwn LLC
DMCA Agent: privacy@hyperpwn.com (see Section 14)
This policy applies to personal data collected:
On our website hyperpwn.com (including courses, e‑books, and labs)
Through our affiliate program
When you communicate with customer support or use community features
Excludes: employee, contractor, or job applicant data, which are covered by separate notices.
Account & Purchases:
Required: Name, email, password.
Optional: Phone number (can be provided later through your account settings).
Affiliate Program: Tax forms (W‑9/W‑8BEN), PayPal email.
User Content: Comments, testimonials.
Support Requests: Messages and inquiries you submit.
Device & Usage: IP address, timestamps.
Payment Metadata: Transaction IDs, amounts, statuses (via Stripe).
DRM & Fraud Monitoring: VdoCipher analytics for anti-piracy protection.
Payment Processors: Stripe (for receiving payments), PayPal (for sending payouts).
Hosting Provider: Hostinger (GDPR‑compliant servers in Germany).
DRM Provider: VdoCipher.
Sensitive Data: We do not collect health, biometric, racial, or religious data.
We use first‑party cookies and localStorage for essential functions only:
| Name/Type | Location | Purpose | Expiry |
|---|---|---|---|
PHPSESSID | Cookie | Session management, login status | Browser session |
affiliate | Cookie | Tracks affiliate referrals (8/17/28 days) | 8/17/28 days |
cart | LocalStorage | Saves shopping cart items | Persistent |
currentStep | LocalStorage | Remembers checkout progress | Persistent |
email, name | LocalStorage | Pre-fills forms | Persistent |
skipPassword | LocalStorage | Streamlines gifting flow | Persistent |
You may block or delete cookies via your browser, but essential features (login, checkout, affiliate attribution) may be affected.
| Purpose | Details | Legal Basis (GDPR) |
|---|---|---|
| Provide & maintain Services | Account creation, course access, downloads | Contract |
| Process payments & payouts | Stripe, PayPal, affiliate commissions | Contract |
| Security & fraud prevention | WAF, DRM enforcement, anomaly detection | Legitimate interest |
| Personalization & analytics | Usage tracking, preferences storage | Legitimate interest |
| Marketing communications | Newsletters, promotions (opt‑in only) | Consent |
| Legal compliance | Tax reporting, subpoenas, sanctions | Legal obligation |
| Notifications | OTP codes, password resets, policy updates | Contract / legitimate interest |
Tracks clicks and attributions via the affiliate cookie.
Shares non‑PII purchase details (order date, product names, discount, commission) with affiliates.
Requires W‑9 (U.S.) or W‑8BEN (non‑U.S.) forms stored securely for payouts.
For more information, please review our Affiliate Privacy Policy and Terms of Service.
| Data Type | Retention Period |
|---|---|
| Active user accounts | While account is active + 7 years |
| Checkout‑only placeholder accounts | Deleted if inactive for 24 hours |
| Server logs & analytics | 2800 days |
| Encrypted back‑ups | 28-day rolling snapshots |
| Affiliate payout records | 8 years (tax compliance) |
| Support tickets & communications | 8 years or until resolution |
Account Creation & Temporary Accounts:
You can create an account on our website in two ways:
Through the affiliate registration page, or
During checkout, when you are prompted to enter your name, email, and password before purchasing.
Once you enter your details, you are immediately logged into our system. However, your account is considered temporary until one of the following actions happens:
You complete the Stripe payment during checkout successfully, or
You log out and log back in (which triggers a One-Time Password (OTP) email verification), or
You activate your affiliate account from the dashboard.
If none of these actions occur within 24 hours, your temporary account and all associated data will be automatically deleted.
We do not sell or share your personal data for advertising. We only share data with:
Payment Processors:
Stripe: We share your email address when creating a payment link for purchases.
PayPal: For affiliate payouts, we may share the email address and full name of the affiliate receiving the payout.
The amount paid is the commission earned minus PayPal transaction fees.
Hosting Provider: Our hosting provider (Hostinger) stores user data on GDPR-compliant servers located in Germany. While we do not "share" data explicitly with them, user data is hosted on their infrastructure.
DRM Provider (VdoCipher): When you watch video content, we share your email address, IP address at the time of viewing, full name, and user ID with VdoCipher for analytics, DRM protection, and anti-piracy purposes, under Standard Contractual Clauses (SCCs).
Law Enforcement or Government Authorities: We may disclose your data if legally required to comply with a subpoena, court order, or other legal process.
Affiliates: Limited non‑PII purchase data.
We employ:
HTTPS/TLS, firewalls, WAF.
Secure coding practices, static/dynamic analysis.
Passwords hashed with bcrypt (>=12 rounds).
OTP email for every login.
Disclaimer: No system is 100% secure. You use the Services at your own risk.
Primary storage in Germany (EU).
Transfers to U.S. processors under Standard Contractual Clauses.
Compliance with U.S. EAR and OFAC sanctions.
We comply with GDPR, UK GDPR, and Canada's PIPEDA.
You may exercise these rights by emailing privacy@hyperpwn.com:
Access, correction, deletion, restriction, portability, objection.
Withdraw consent for marketing or non‑essential cookies.
California Residents: Additional rights under CCPA.
Nevada Residents: Right to request no sale of personal data.
We verify requests via your registered email address. Response times:
28 days (GDPR)
44 days (CCPA)
The Services are intended for users aged 18 or older. We do not knowingly collect data from minors; discovered data is promptly deleted.
Nevada residents may opt-out of the sale of their personal information (although we do not sell such information).
California Civil Code Section 1798.83 permits users who are California residents to request information regarding the disclosure of personal information for direct marketing purposes.
We honor browser-based GPC signals as required by law.
By registering, you consent to receive service-related emails:
OTP codes for login security
Policy updates
Transaction receipts
Security alerts
Promotional emails are opt-in and can be unsubscribed via the provided link.
When we update this Policy:
We update the "Last Updated" date.
We post a notice banner on login.
Your continued use constitutes acceptance.
Email: privacy@hyperpwn.com
Thank you for trusting HyperPwn LLC with your data.