Privacy Policy

1. Introduction

Computer Security US, owned and operated by Cleared Systems, LLC ("Company," "we," "us," or "our"), is committed to protecting your privacy and ensuring the security of your personal information.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our websites and use our Services, including computersecurity.us (free cybersecurity awareness training) and phishing.computersecurity.us (phishing awareness training for organizations) (collectively, the "Services"). Please read this privacy policy carefully.

By using our Services, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

• Register for an Account: Name, email address
• Complete Training Modules: Quiz responses, module completion status, quiz scores
• Request a Certificate: Full name (as you want it to appear on your certificate)
• Make a Donation: Payment information (processed by third-party payment processor)
• Contact Us: Name, email address, message content, and any other information you choose to provide

2.2 Automatically Collected Information

When you access our Services, we automatically collect certain information about your device and usage, including:

• Log Data: IP address, browser type, operating system, access times, pages viewed, referring website addresses
• Usage Data: Training progress, module completion times, quiz attempts and scores, time spent on modules
• Cookies and Tracking Technologies: Session cookies, preference cookies, analytics cookies
• Device Information: Device type, unique device identifiers, mobile network information

2.3 Third-Party Information

We may receive information about you from third-party services such as:

• Payment processors (transaction confirmation, payment status)
• Email service providers (email delivery status, open rates)
• Analytics providers (aggregated usage statistics)

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

• Create and manage your account
• Provide access to training modules and content
• Track your training progress and completion status
• Generate and issue certificates upon successful completion
• Enable certificate verification services

3.2 Communication

• Send verification emails for account registration and certificate requests
• Provide customer support and respond to inquiries
• Send important updates about our Services
• Send optional newsletters or training updates (with your consent)

3.3 Improvement and Analytics

• Analyze usage patterns to improve our Services
• Monitor and analyze trends, usage, and activities
• Develop new features and enhance existing functionality
• Troubleshoot technical issues and improve platform performance

3.4 Security and Fraud Prevention

• Detect, prevent, and address fraud and security issues
• Prevent unauthorized certificate generation
• Enforce our Terms of Service
• Protect the rights and safety of our users and the public

3.5 Legal Compliance

• Comply with applicable laws, regulations, and legal processes
• Respond to government requests and legal inquiries
• Enforce our legal rights and obligations

4. How We Share Your Information

4.1 Public Information

The following information may be publicly accessible:

• Certificate Verification: Certificate holder's name, certificate ID, issue date, and completion status are visible through our public verification system
• Certificate Downloads: Downloaded certificates contain your name, certificate ID, issue date, and completion details

4.2 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Services:

• Email Service Providers: For sending verification emails and communications (Postmark)
• Payment Processors: For processing donations (Stripe)
• Hosting Providers: For data storage and platform infrastructure
• Analytics Providers: For understanding usage patterns and improving our Services

These service providers are contractually obligated to use your information only as necessary to provide services to us and are prohibited from using your information for their own purposes.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including:

• Compliance with legal obligations and processes
• Response to subpoenas, court orders, or legal proceedings
• Protection of our rights, property, or safety
• Prevention of fraud or security issues
• Emergency situations involving danger to persons or property

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the successor entity. We will notify you of any such change and any choices you may have regarding your information.

4.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

4.6 Aggregated or Anonymized Data

We may share aggregated or anonymized information that cannot reasonably be used to identify you. For example, we may share statistics about training completion rates or popular modules.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption: Data transmission is protected using SSL/TLS encryption
• Access Controls: Limited employee access to personal information on a need-to-know basis
• Secure Storage: Personal data is stored in secure, access-controlled databases
• Security Measures: CSRF protection, rate limiting, honeypot fields, and other anti-fraud mechanisms
• Regular Updates: Ongoing security patches and system updates
• Monitoring: Continuous monitoring for security threats and vulnerabilities

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

You are responsible for maintaining the confidentiality of your account credentials. Please notify us immediately if you become aware of any unauthorized access to your account.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Active Accounts: Account information is retained while your account is active and for a reasonable period thereafter
• Certificates: Certificate records are retained indefinitely to support our verification system
• Transaction Records: Donation transaction records are retained as required by law and accounting standards
• Communications: Support communications are retained for customer service purposes
• Log Data: Server logs and analytics data are retained for operational and security purposes

When we no longer need your information, we will securely delete or anonymize it in accordance with our data retention policies and applicable laws.

7. Your Privacy Rights

Depending on your location and applicable laws, you may have certain rights regarding your personal information:

7.1 Access and Portability

• Request access to your personal information
• Request a copy of your data in a portable format
• View your training progress and completion status through your account

7.2 Correction and Update

• Update your account information at any time
• Request correction of inaccurate or incomplete information

7.3 Deletion

• Request deletion of your personal information
• Close your account through our contact page
• Note: Certain information may be retained for legal, security, or operational purposes

7.4 Opt-Out Rights

• Unsubscribe from marketing emails using the link provided in each email
• Disable cookies through your browser settings (may affect functionality)
• Object to processing of your information for certain purposes

7.5 Exercising Your Rights

To exercise any of these rights, please contact us through our contact page. We will respond to your request within a reasonable timeframe and in accordance with applicable law. We may need to verify your identity before processing your request.

7.6 California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, use, and share, and the right to request deletion of your information. You also have the right not to be discriminated against for exercising your privacy rights.

7.7 European Privacy Rights

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, erase, restrict processing, object to processing, and data portability. You also have the right to lodge a complaint with your local supervisory authority.

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files placed on your device that enable us to recognize your browser and remember information about your visit. We use cookies and similar tracking technologies to provide, improve, and secure our Services.

8.2 Types of Cookies We Use

• Essential Cookies: Required for the operation of our Services (e.g., session management, security)
• Functionality Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how users interact with our Services
• Security Cookies: Detect fraud and protect against malicious activity

8.3 Managing Cookies

Most web browsers are set to accept cookies by default. You can choose to set your browser to remove or reject cookies. Please note that if you choose to remove or reject cookies, this may affect the availability and functionality of our Services.

8.4 Do Not Track

Some browsers include a "Do Not Track" (DNT) feature. Our Services do not currently respond to DNT signals because there is no industry standard for how to interpret such signals.

9. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services that are not owned or controlled by Cleared Systems, LLC. This Privacy Policy applies only to our Services.

We are not responsible for the privacy practices of third-party websites or services. We encourage you to review the privacy policies of any third-party sites you visit.

Third-party services we use include:

• Stripe: Payment processing (see Stripe Privacy Policy)
• Postmark: Email delivery (see Postmark Privacy Policy)

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us through our contact page.

If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

11. International Data Transfers

Your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have data protection laws that differ from your country of residence.

When we transfer your information internationally, we implement appropriate safeguards to protect your data in accordance with this Privacy Policy and applicable law.

By using our Services, you consent to the transfer of your information to countries outside your country of residence, including the United States, which may have different data protection rules.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Effective Date" at the top of this policy
• Post the updated policy on this page
• Notify you of material changes via email or through a notice on our Services

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within a reasonable timeframe in accordance with applicable law.