1. What Data We Get
2. How We Get Data About You
3. What We Use Your Data For
4. Who We Share Your Data With
6. Your Rights
7. Updates & Contact Info
We collect certain data from you directly, like information you enter yourself, data about your consumption of content, and data from third-party platforms you connect with CyberSec Training Program (CSTP). We also collect some data automatically, like information about your device and what parts of our Services you interact with or spend time using. All data listed in this section is subject to the following processing activities: collecting, recording, structuring, storing, altering, retrieving, encrypting, pseudonymizing, erasing, combining, and transmitting.
We may collect different data from or about you depending on how you use the Services. Below are some examples to help you better understand the data we collect.
When you create an account and use the Services, including through a third-party platform, we collect any data you provide directly, including:
The data listed above is stored by us and associated with your account.
When you access the Services (including browsing content), we collect certain data by automated means, including:
The data listed above is collected through the use of server log files and tracking technologies, as detailed in the “Cookies and Data Collection Tools” section below. It is stored by us and associated with your account.
If you are a CyberSec Training Program (CSTP) Business enterprise or corporate prospect, in addition to information you submit to us, we may collect certain business contact information from third-party commercial sources.
We use tools like cookies, web beacons, and similar tracking technologies to gather the data listed above. Some of these tools offer you the ability to opt out of data collection.
CyberSec Training Program (CSTP) uses the following types of Data Collection Tools for the purposes described:
Strictly Necessary: These Data Collection Tools enable you to access the site, provide basic functionality (like logging in or accessing content), secure the site, protect against fraudulent logins, and detect and prevent abuse or unauthorized use of your account. These are required for the Services to work properly, so if you disable them, parts of the site will break or be unavailable.
Functional: These Data Collection Tools remember data about your browser and your preferences, provide additional site functionality, customize content to be more relevant to you, and remember settings affecting the appearance and behavior of the Services (like your preferred language or volume level for video playback).
Performance: These Data Collection Tools help measure and improve the Services by providing usage and performance data, visit counts, traffic sources, or where an application was downloaded from. These tools can help us test different versions of CyberSec Training Program (CSTP) to see which features or content users prefer and determine which email messages are opened.
Advertising: These Data Collection Tools are used to deliver relevant ads (on the site and/or other sites) based on things we know about you like your Usage and System Data (as detailed in Section 1), and things that the ad service providers know about you based on their tracking data. The ads can be based on your recent activity or activity over time and across other sites and services. To help deliver tailored advertising, we may provide these service providers with a hashed, anonymized version of your email address (in a non-human-readable form) and content that you share publicly on the Services.
Social Media: These Data Collection Tools enable social media functionality, like sharing content with friends and networks. These cookies may track a user or device across other sites and build a profile of user interests for targeted advertising purposes.
We use your data to do things like provide our Services, communicate with you, troubleshoot issues, secure against fraud and abuse, improve and update our Services, analyze how people use our Services, serve personalized advertising, and as required by law or necessary for safety and integrity. We retain your data for as long as it is needed to serve the purposes for which it was collected.
We use the data we collect through your use of the Services to:
Provide and administer the Services, including to facilitate participation in educational content, issue completion certificates, display customized content, and facilitate communication with other users (Account Data; Shared Content; Learning Data; System Data; Usage Data; Approximate Geographic Data);
Process payments to instructors and other third parties (Student Payment Data; Instructor Payment Data);
Process your requests and orders for educational content, products, specific services, information, or features (Account Data; Learning Data; Student Payment Data; System Data; Communications and Support);
Communicate with you about your account by (Account Data; Shared Content; Learning Data; Sweepstakes, Promotions, and Surveys; System Data; Communications and Support):
Responding to your questions and concerns;
Sending you administrative messages and information, including messages from instructors, students, and teaching assistants; notifications about changes to our Service; and updates to our agreements;
Sending you information, such as by email or text messages, about your progress in courses and related content, rewards programs, new services, new features, promotions, newsletters, and other available instructor-created content (which you can opt out of at any time);
Sending push notifications to your wireless device to provide updates and other relevant messages (which you can manage from the “options” or “settings” page of the mobile app);
Manage your account and account preferences and personalize your experience (Account Data; Learning Data; Student Payment Data; Instructor Payment Data; System Data, Usage Data, Cookie Data);
Facilitate the Services’ technical functioning, including troubleshooting and resolving issues, securing the Services, and preventing fraud and abuse (Account Data; Student Payment Data; Instructor Payment Data; Communications and Support; System Data; Approximate Geographic Location);
Verify the identity of instructors (Account Data; Instructor Payment Data);
Solicit feedback from users (Account Data; Communications and Support);
Market products, services, surveys, and promotions (Account Data; Learning Data; Sweepstakes, Promotions, and Surveys; Usage Data; Cookie Data);
Market Subscription Plans to prospective customers (Account Data; Learning Data; Cookie Data);
Learn more about you by linking your data with additional data through third-party data providers and/or analyzing the data with the help of analytics service providers (Account Data; Data About Your Accounts on Other Services; Usage Data; Cookie Data);
Identify unique users across devices (Account Data; System Data; Cookie Data);
Tailor advertisements across devices (Cookie Data);
Improve our Services and develop new products, services, and features (all data categories);
Analyze trends and traffic, track purchases, and track usage data (Account Data; Learning Data; Student Payment Data; Communications and Support; System Data; Usage Data; Approximate Geographic Data; Cookie Data);
Advertise the Services on third-party websites and applications (Account Data; Cookie Data);
As required or permitted by law (all data categories); or
As we, in our sole discretion, otherwise determine to be necessary to ensure the safety or integrity of our users, employees, third parties, the public, or our Services (all data categories).
We share certain data about you with instructors, other students, companies performing services for us, CyberSec Training Program (CSTP) affiliates, our business partners, analytics and data enrichment providers, your social media providers, companies helping us run promotions and surveys, and advertising companies who help us promote our Services. We may also share your data as needed for security, legal compliance, or as part of a corporate restructuring. Lastly, we can share data in other ways if it is aggregated or de-identified or if we get your consent.
With Your Instructors: We share data that we have about you (except your email address) with instructors or teaching assistants for educational content you access or request information about, so they can improve their content for you and other students. This data may include things like your country, browser language, operating system, device settings, the site that brought you to CyberSec Training Program (CSTP), and certain activities on CyberSec Training Program (CSTP), like enrolled courses and course review. We will not share your email address with instructors or teaching assistants. (Account Data; System Data; Usage Data; Approximate Geographic Data)
With Other Students and Instructors: Depending on your settings, your shared content and profile data may be publicly viewable, including to other students and instructors. If you ask a question to an instructor or teaching assistant, your information (including your name) may also be publicly viewable. Note that within CorpU Open, all chat rooms, message boards, news groups, or other public forums available to participants are publicly visible to other participants, so you shouldn’t post any confidential or proprietary information through those features. (Account Data; Profile Data; Shared Content)
With Service Providers, Contractors, and Agents: We share your data with third-party companies who perform services on our behalf, like payment processing, fraud and abuse prevention, data analysis, marketing and advertising services (including retargeted advertising), email and hosting services, and customer services and support. These service providers may access your personal data and are required to use it solely as we direct, to provide our requested service. (All data categories)
With CyberSec Training Program (CSTP) Affiliates: We may share your data within our corporate family of companies that are related by common ownership or control to enable or support us in providing the Services. (All data categories)
With Business Partners: We have agreements with other websites and platforms to distribute our Services and drive traffic to CyberSec Training Program (CSTP). Depending on your location, we may share your data with these trusted partners. (Account Data; Learning Data; Communications and Support; System Data)
With Credit-Granting Organizations for Continuing Education: If you take a course to fulfill a continuing professional education requirement, we may share that information upon request of the organization granting the continuing education credit. (Account Data; Learning Data)
With Analytics and Data Enrichment Services: As part of our use of third-party analytics tools like Google Analytics and data enrichment services like ZoomInfo, we share certain contact information or de-identified data. De-identified data means data where we’ve removed things like your name and email address and replaced it with a token ID. This allows these providers to provide analytics services or match your data with publicly-available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customized manner. (Account Data; System Data; Usage Data; Cookie Data)
To Administer Promotions and Surveys: We may share your data as necessary to administer, market, or sponsor promotions and surveys you choose to participate in, as required by applicable law (like to provide a winners list or make required filings), or in accordance with the rules of the promotion or survey. (Account Data; Sweepstakes, Promotions, and Surveys)
For Advertising: If we decide to use an advertising-supported revenue model in the future, we may use and share certain System Data and Usage Data with third-party advertisers and networks to show general demographic and preference information among our users. We may also allow advertisers to collect System Data through Data Collection Tools (as detailed in Section 2.1), to use this data to offer you targeted ad delivery to personalize your user experience (through behavioral advertising) and to undertake web analytics. Advertisers may also share with us the data they collect about you. To learn more or opt out from participating ad networks’ behavioral advertising, see Section 6.1 (Your Choices About the Use of Your Data) below. Note that if you opt out, you’ll continue to be served generic ads. (System Data)
For Security and Legal Compliance: We may disclose your data (all data categories) to third parties if we (in our sole discretion) have a good faith belief that the disclosure is:
Requested as part of a judicial, governmental, or legal inquiry, order, or proceeding;
Reasonably necessary as part of a valid subpoena, warrant, or other legally-valid request;
Required to detect, prevent, or address fraud, abuse, misuse, potential violations of law (or rule or regulation), or security or technical issues;
Reasonably necessary in our discretion to protect against imminent harm to the rights, property, or safety of CyberSec Training Program (CSTP), our users, employees, members of the public, or our Services;
Required or permitted by law.
During a Change in Control: If CyberSec Training Program (CSTP) undergoes a business transaction like a merger, acquisition, corporate divestiture, or dissolution (including bankruptcy), or a sale of all or some of its assets, we may share, disclose, or transfer all of your data to the successor organization during such transition or in contemplation of a transition (including during due diligence). (All data categories)
After Aggregation/De-identification: We may disclose or use aggregated or de-identified data for any purpose.
We use appropriate security based on the type and sensitivity of data being stored. As with any internet-enabled system, there is always a risk of unauthorized access, so it’s important to protect your password and to contact us if you suspect any unauthorized access to your account.
CyberSec Training Program (CSTP) takes appropriate security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal data that we collect and store. These measures vary based on the type and sensitivity of the data. Unfortunately, however, no system can be 100% secured, so we cannot guarantee that communications between you and CyberSec Training Program (CSTP), the Services, or any information provided to us in connection with the data we collect through the Services will be free from unauthorized access by third parties. Your password is an important part of our security system, and it is your responsibility to protect it. You should not share your password with any third party, and if you believe your password or account has been compromised, you should change it immediately and contact our Support Team with any concerns.
You have certain rights around the use of your data, including the ability to opt out of promotional emails, cookies, and collection of your data by certain third parties. You can update or terminate your account from within our Services, and can also contact us for individual rights requests about your personal data. Parents who believe we’ve unintentionally collected personal data about their underage child should contact us for help deleting that information.
You can choose not to provide certain data to us, but you may not be able to use certain features of the Services.
To stop receiving promotional communications from us, you can opt out by using the unsubscribe mechanism in the promotional communication you receive or by changing the email preferences in your account. Note that regardless of your email preference settings, we will send you transactional and relationship messages regarding the Services, including administrative confirmations, order confirmations, important updates about the Services, and notices about our policies.
If you’re located in the European Economic Area, you may opt out of certain Data Collection Tools by clicking the “Cookie settings“ link at the bottom of any page.
The browser or device you use may allow you to control cookies and other types of local data storage. To learn more about managing cookies. Your wireless device may also allow you to control whether location or other data is collected and shared.
Apple iOS, Android OS, and Microsoft Windows each provide their own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings on that platform.
If you have any questions about your data, our use of it, or your rights, contact us at [email protected]
You can access and update your personal data that CyberSec Training Program (CSTP) collects and maintains as follows:
To update data you provide directly, log into your account and update your account at any time.
To terminate your account:
If you have any issues terminating your account, please contact our Support Team.
We recognize the privacy interests of children and encourage parents and guardians to take an active role in their children’s online activities and interests. Individuals younger than 18 years of age, but of the required age for consent to use online services where they live (for example, 13 in the US or 16 in Ireland), may not set up an account, but may have a parent or guardian open an account and help them access appropriate content. Individuals younger than the required age for consent to use online services may not use the Services. If we learn that we’ve collected personal data from a child under those ages, we will take reasonable steps to delete it.
When we make a material change to this policy, we’ll notify users via email, in-product notice, or another mechanism required by law. Changes become effective the day they’re posted. Please contact us via email or postal mail with any questions, concerns, or disputes.
Copyright © 2023 CyberSec Trainings Program (CSTP). All Rights Reserved