The Anti-Phishing Working Group (APWG) is committed to protecting the privacy of its visitors and members. We consider your privacy to be of the utmost importance; accordingly, we keep the data we collect from you to a minimum, and use it only to provide you with the services we offer.
If you would like to know more about the APWG and what we do, please visit our home page. If you want to report a phishing case, please follow the instructions for submitting phishing email at https://apwg.org/reportphishing/.
When you visit our website, your web browser automatically sends information (such as your IP address and the type of web browser you are using) to our web server. We keep this information in our logs and use it to send you the web page you are trying to access, as well as for research purposes and the administration of our web server. We do not use this information to personally identify you.
We also use Google Analytics to generate statistics about visitor activity on our website. The following privacy statement from the Google Analytics Terms of Service applies only to information collected for use by Google Analytics:
We will only share information we collect about your use of our website with third parties in a limited number of circumstances:
With Google Analytics as described above
With researchers for research purposes
When required to do so by law
In the event that we need to investigate abuse of our website.
We will not share this information in any other circumstances. Please refer to the Google Analytics Privacy Statement for information about the circumstances under which Google may share information collected about your usage of our site with third parties.
If you are a visitor, we do not use any of the information we collect about your visit to our website to personally identify you, and thus we cannot provide you access to any data generated from your visits to our website.
(applies to our main site as well as member only sites)
When you apply for membership in the APWG, we collect some personal information from you, such as your name, phone number, and email address. We also collect information about the organization you belong to, such as the name of the organization, URL, and postal address. This information is collected in order to provide you with the services we offer to members, and is retained indefinitely unless you cancel your membership and explicitly ask for the deletion of your data and your organization’s data.
If you wish to grant membership access to additional employees from your organization, we will also collect some personal information about them, such as their names and email addresses. We use this information to manage APWG memberships. We will retain this information indefinitely unless you ask us to remove it; you may do so by contacting us at firstname.lastname@example.org.
If you use our member sites, on your first visit we will ask you for some personal information, such as your full name and email, and you will be issued a username and a password. In subsequent visits to our website, you will have to log in with your username and password. The email address you provide when you create your member account will be used only for password recovery and to send you system notices.
We will only share information about you or your organization with third parties as required by law, for research purposes, or if you give us your explicit consent to do so.
Given that our primary mission is to combat phishing-related identity theft and fraud, we may from time to time be contacted by other organizations with relevant information. This information might be useful to a member organization currently dealing with a phishing attack or other security breach. In this case, we will neither confirm nor deny your membership in the APWG, but instead we will contact you directly and ask your permission to make the appropriate introduction. No introductions will be made without your consent.
A member organization’s primary contact person can see and edit the information we have on file for that organization by logging into our members only site, located at https://members.apwg.org. If you are the primary contact for your organization and you wish to have your information removed completely, please contact us at email@example.com. Affiliates of member organizations who have been granted membership access to our site will need to contact their organization’s primary contact person if they wish to have their information removed.
The security of your personal information is important to us, and we have implemented reasonable security measures to prevent unauthorized access and misuse of the information we collect from you. If you have reason to believe that your information has been compromised in any way, please contact us at firstname.lastname@example.org