Last modified: April 30, 2022
Table of Contents
- What Data We Get
- How We Get Data About You
- What We Use Your Data For
- Who We Share Your Data With
- Your Rights
- Jurisdiction-Specific Rules
- Updates & Contact Info
WHAT DATA WE GET
We collect certain data from you directly, like information you enter yourself, data about your participation in courses, and data from third-party platforms you connect with us. We also collect some data automatically, like information about your device and what parts of our Services you interact with or spend time using.
DATA YOU PROVIDE TO US
We may collect different data from or about you depending on how you use the Services. Below are some examples to help you better understand the data we collect.
When you create an account and use the Services, including through a third-party platform, we collect any data you provide directly, including:
Account Data: In order to use certain features (like enrolling in a course), you need to create a user account. When you create or update your account, we collect and store the data you provide, like your full name, email address, and password, and assign you a unique identifying number (“Account Data”).
Profile Data: You can also choose to provide profile information like a photo, headline, website link, social media profiles, or other data. Your Profile Data will be publicly viewable by others.
Shared Content: Parts of the Services may let you interact with other users or share content publicly, including by posting reviews on a course page, asking or answering questions, sending messages to students or instructors, or posting photos or other work you upload. Such shared content may be publicly viewable by others depending on where it is posted.
Course Data: When you enroll in and take courses, we collect certain data including which courses, assignments and quizzes you’ve started and completed; your exchanges with instructors, teaching assistants, and other students; and essays, answers to questions, and other items submitted to satisfy course requirements.
Student Payment Data: If you make purchases, we collect certain data about your purchase (such as your name and zip code) as necessary to process your order. You must provide certain payment and billing data directly to our payment processing partners, including your name, credit card information, billing address, and zip code. For security, we do not collect or store sensitive cardholder data, such as full credit card numbers or card authentication data.
Data About Your Accounts on Other Services: We may obtain certain information through your social media or other online accounts if they are connected to your CyberCertify account. If you login to CyberCertify via Facebook or another third-party platform or service, we ask for your permission to access certain information about that other account. For example, depending on the platform or service we may collect your name, profile picture, account ID number, login email address, location, physical location of your access devices, gender, birthday, and list of friends or contacts.
Those platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service decide to give us.
If you access or use our Services through a third-party platform or service, or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.
The data listed above is stored by us and associated with your account.
DATA WE COLLECT THROUGH AUTMATED MEANS
When you access the Services (including browsing courses), we collect certain data by automated means, including:
System Data: Technical data about your computer or device, like your IP address, device type, operating system type and version, unique device identifiers, browser, browser language, domain and other systems data, and platform types (“System Data”).
Usage Data: Usage statistics about your interactions with the Services, including courses accessed, time spent on pages or the Service, pages visited, features used, your search queries, click data, date and time, and other data regarding your use of the Services (“Usage Data”).
Approximate Geographic Data: An approximate geographic location, including information like country, city, and geographic coordinates, calculated based on your IP address.
The data listed above is collected through the use of server log files and tracking technologies, as detailed in the “Cookies and Data Collection Tools” section below. It is stored by us and associated with your account.
HOW WE GET DATA ABOUT YOU
We use tools like cookies, web beacons, analytics services, and advertising providers to gather the data listed above. Some of these tools offer you the ability to opt out of data collection.
CyberCertify uses the following types of cookies:
Preferences: cookies that remember data about your browser and preferred settings that affect the appearance and behavior of the Services (like your preferred language).
Security: cookies used to enable you to log in and access the Services; protect against fraudulent logins; and help detect and prevent abuse or unauthorized use of your account.
Functional: cookies that store functional settings (like the volume level you set for video playback).
Session State: cookies that track your interactions with the Services to help us improve the Services and your browsing experience, remember your login details, and enable processing of your course purchases. These are strictly necessary for the Services to work properly, so if you disable them then certain functionalities will break or be unavailable.
Some of the third-party partners who provide certain features on our site may also use Local Storage Objects (also known as flash cookies or LSOs) to collect and store data.
We use third-party browser and mobile analytics services like Google Analytics on the Services. These services use Data Collection Tools to help us analyze your use of the Services, including information like the third-party website you arrive from, how often you visit, events within the Services, usage and performance data, and where the application was downloaded from. We use this data to improve the Services, better understand how the Services perform on different devices, and provide information that may be of interest to you.
We use third-party advertising services and other ad networks and ad servers to deliver advertising about our Services on other websites and applications you use. The ads may be based on things we know about you, like your Usage Data and System Data (as detailed in Section 1), and things that these ad service providers know about you based on their tracking data. The ads can be based on your recent activity or activity over time and across other sites and services, and may be tailored to your interests.
Depending on the types of advertising services we use, they may place cookies or other tracking technologies on your computer, phone, or other device to collect data about your use of our Services, and may access those tracking technologies in order to serve these tailored advertisements to you. To help deliver tailored advertising, we may provide these service providers with a hashed, anonymized version of your email address (in a non-human-readable form) and content that you share publicly on the Services.
When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide their own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.
WHAT WE USE YOUR DATA FOR
We use your data to do things like provide our Services, communicate with you, troubleshoot issues, secure against fraud and abuse, improve and update our Services, analyze how people use our Services, serve personalized advertising, and as required by law or necessary for safety and integrity.
We use the data we collect through your use of the Services to:
- Provide and administer the Services, including to display customized content and facilitate communication with other users;
- Process your requests and orders for courses, products, specific services, information, or features;
- Communicate with you about your account by:
- Responding to your questions and concerns;
- Sending you administrative messages and information, including messages from instructors and teaching assistants, notifications about changes to our Service, and updates to our agreements;
- Sending you information and in-app messages about your progress in courses, rewards programs, new services, new features, promotions, newsletters, and other available courses (which you can opt out of at any time);
- Sending push notifications to your wireless device to provide updates and other relevant messages (which you can manage from the “options” or “settings” page of the mobile app);
- Manage your account preferences;
- Facilitate the Services’ technical functioning, including troubleshooting and resolving issues, securing the Services, and preventing fraud and abuse;
- Solicit feedback from users;
- Market and administer surveys and promotions administered or sponsored by CyberCertify;
- Learn more about you by linking your data with additional data through third-party data providers or analyzing the data with the help of analytics service providers;
- Identify unique users across devices;
- Tailor advertisements across devices;
- Improve our Services and develop new products, services, and features;
- Analyze trends and traffic, track purchases, and track usage data;
- Advertise the Services on third-party websites and applications;
- As required or permitted by law; or
- As we, in our sole discretion, otherwise determine to be necessary to ensure the safety or integrity of our users, employees, third parties, the public, or our Services.
WHO WE SHARE YOUR DATA WITH
We share certain data about you with instructors, other students, companies performing services for us, our business partners, analytics and data enrichment providers, your social media providers, companies helping us run promotions and surveys, and advertising companies who help us promote our Services. We may also share your data as needed for security, legal compliance, or as part of a corporate restructuring. Lastly, we can share data in other ways if it is aggregated or de-identified or if we get your consent.
With Your Instructors: We share data that we have about you (except your email address) with instructors or teaching assistants for courses you enroll in or request information about, so they can improve their courses for you and other students. This data may include things like your city, country, browser language, operating system, device settings, the site that brought you to CyberCertify, and your activities on CyberCertify. If we collect additional data about you (like age or gender), we may share that too. We will not share your email address with instructors or teaching assistants. We also enable our instructors to implement Google Analytics on their course pages to track sources of traffic to their courses and optimize their course pages.
With Other Students and Instructors: Depending on your settings, your shared content and profile data may be publicly viewable, including to other students and instructors. If you ask a question to an instructor or teaching assistant, your information (including your name) may also be publicly viewable by other users depending on your settings.
With Service Providers, Contractors, and Agents: We share your data with third-party companies who perform services on our behalf, like payment processing, data analysis, marketing and advertising services (including retargeted advertising), email and hosting services, and customer services and support. These service providers may access your personal data and are required to use it solely as we direct, to provide our requested service.
With Business Partners: We have agreements with other websites and platforms to distribute our Services and drive traffic to CyberCertify.
With Analytics and Data Enrichment Services: As part of our use of third-party analytics tools we share certain contact information, Account Data, System Data, Usage Data (as detailed in Section 1), or de-identified data as needed. De-identified data means data where we’ve removed things like your name and email address and replaced it with a token ID. This allows these providers to provide analytics services or match your data with publicly-available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customized manner.
To Administer Promotions and Surveys: we may share your data as necessary to administer, market, or sponsor promotions and surveys you choose to participate in, as required by applicable law (like to provide a winners list or make required filings), or in accordance with the rules of the promotion or survey.
For Advertising: If we decide to offer advertising in the future, we may use and share certain System Data and Usage Data with third-party advertisers and networks to show general demographic and preference information among our users. We may also allow advertisers to collect System Data through Data Collection Tools (as detailed in Section 2.1), and to use this data to offer you targeted ad delivery to personalize your user experience (through behavioral advertising) and undertake web analytics. Advertisers may also share with us the data they collect about you. To learn more or opt out from participating ad networks’ behavioral advertising, see Section 6.1 (Your Choices About the Use of Your Data) below. Note that if you opt out, you’ll continue to be served generic ads.
For Security and Legal Compliance: We may disclose your data to third parties if we (in our sole discretion) have a good faith belief that the disclosure is:
Permitted or required by law;
Requested as part of a judicial, governmental, or legal inquiry, order, or proceeding;
Reasonably necessary as part of a valid subpoena, warrant, or other legally-valid request;
Required to detect, prevent, or address fraud, abuse, misuse, potential violations of law (or rule or regulation), or security or technical issues; or
Reasonably necessary in our discretion to protect against imminent harm to the rights, property, or safety of Udemy, our users, employees, members of the public, or our Services.
During a Change in Control: If CyberCertify undergoes a business transaction like a merger, acquisition, corporate divestiture, or dissolution (including bankruptcy), or a sale of all or some of its assets, we may share, disclose, or transfer all of your data to the successor organization during such transition or in contemplation of a transition (including during due diligence).
After Aggregation/De-identification: we can disclose or use aggregate or de-identified data for any purpose.
We use appropriate security based on the type and sensitivity of data being stored. As with any internet-enabled system, there is always a risk of unauthorized access, so it’s important to protect your password and to contact us if you suspect any unauthorized access to your account.
CyberCertify takes appropriate security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal data that we collect and store. These measures vary based on the type and sensitivity of the data. Unfortunately, however, no system can be 100% secured, so we cannot guarantee that communications between you and CyberCertify, the Services, or any information provided to us in connection with the data we collect through the Services will be free from unauthorized access by third parties. Your password is an important part of our security system, and it is your responsibility to protect it. You should not share your password with any third party, and if you believe your password or account has been compromised, you should change it immediately and contact email@example.com with any concerns.
You have certain rights around the use of your data, including the ability to opt out of promotional emails, cookies, and collection of your data by certain analytics providers. You can update or terminate your account from within our Services, and can also contact us for individual rights requests about your personal data. Parents who believe we’ve unintentionally collected personal data about their underage child should contact us for help deleting that information.
Your Choices About The Use Of Your Data
You can choose not to provide certain data to us, but you may not be able to use certain features of the Services.
To stop receiving promotional communications from us, you can opt out by using the unsubscribe mechanism in the promotional communication you receive or by changing the email preferences in your account. Note that regardless of your email preference settings, we will send you transactional and relationship messages regarding the Services, including administrative confirmations, order confirmations, important updates about the Services, and notices about our policies.
The browser or device you use may allow you to control cookies and other types of local data storage. Your wireless device may also allow you to control whether location or other data is collected and shared.
To get information and control cookies used for tailored advertising from participating companies, see the consumer opt-out pages for the Network Advertising Initiative and Digital Advertising Alliance, or if you’re located in the European Union, visit the Your Online Choices site. To opt out of Google’s display advertising or customize Google Display Network ads, visit the Google Ads Settings page.
To opt out of allowing Google Analytics to use your data for analytics or enrichment, see the Google Analytics Opt-out Browser Add-on.
If you have any questions about your data, our use of it, or your rights, contact us at firstname.lastname@example.org.
Accessing, Updating, and Deleting Your Personal
You can access and update your personal data that CyberCertify collects and maintains as follows:
To update data you provide directly, log into your account and update your account at any time.
To terminate your account:
If you are a student, visit your profile settings page and follow the steps detailed here.
If you have any issues terminating your account, email us at email@example.com.
To request to access, correct, or delete your personal data, email firstname.lastname@example.org. Please allow up to 30 days for a response. For your protection, we require that the request be sent through the email address associated with your account, and we may need to verify your identity before implementing your request. Please note that we retain certain data where we have a lawful basis to do so, including for mandatory record-keeping and to complete transactions.
Our Policy Concerning Children
We recognize the privacy interests of children and encourage parents and guardians to take an active role in their children’s online activities and interests. Children under 13 (or under 16 in the European Economic Area) should not use the Services. If we learn that we’ve collected personal data from a child under those ages, we will take reasonable steps to delete it.
Parents who believe that CyberCertify may have collected personal data from a child under those ages can submit a request that it be removed to email@example.com.
If you live in California, you have certain rights related to accessing and deleting your data, as well as learning who we share your data with. If you live in Australia, you have the right to make a formal complaint with the appropriate government agency. Users outside of the United States should note that we transfer data to the US and other areas outside of the European Economic Area.
Users in California
Users who are California residents have certain rights under the California Consumer Privacy Act, (“CCPA”). If you are an eligible California user, included in these rights are:
“Right to Know” — You have the right to request to know more about the categories and specific pieces of personal information that we have collected about you and access a copy of your personal information.
“Right to Deletion” — You have the right to request deletion of personal information that we have collected about you.
“Right to Non-Discrimination” — If you choose to exercise any of your rights under CCPA, CyberCertify will treat you like all other users. In other words, there is no penalty for exercising your rights under CCPA.
To exercise any of these rights under CCPA, please email firstname.lastname@example.org. As part of the CCPA you may designate an authorized agent to make these requests on your behalf. For your protection, we require that the request be sent through the email address associated with your account, and we may need to verify you and/or your agent’s identity before fulfilling your request.
Additionally, for more information about the personal information we collect and how we collect it, please see the sections above entitled “What Data We Get” and “How We Get Data About You.”
To learn about the business and commercial purposes for which your personal information is collected and the categories of service providers who have access to your personal information, please see the sections above entitled “What We Use Your Data For” and “Who We Share Your Data With.”
Most importantly, per the CCPA, CyberCertify does not sell your personal information or the personal information of any of our users.
As a California resident, you also have the right to request certain details about what personal information we share with third parties for those third parties’ direct marketing purposes. To submit your request, send an email to email@example.com with the phrase “California Shine the Light” and include your mailing address, state of residence, and email address.
Since the internet industry is still working on Do Not Track standards, solutions, and implementations, we do not currently recognize or respond to browser-initiated Do Not Track signals.
Users in Nevada
As is the case for all of its users, CyberCertify does not sell its users’ personal information or personal data. Nonetheless, if you are a resident of Nevada, and would like to request that we do not sell your personal information, you can request to opt out of the sale of covered information by emailing firstname.lastname@example.org.
Users in Australia
If you are an Australia resident and you have a complaint, you may refer it to the office of the Australian Information Commissioner (“OAIC”). You can contact OAIC by visiting www.oaic.gov.au; forwarding an email to email@example.com; telephoning 1300 363 992; or writing to OAIC at GPO Box 5218, Sydney NSW 2001.
Users Outside of the U.S.
Cyber Security Training and Consulting LLC is headquartered in Arizona, and in order to provide the Services to you, we must transfer your data to the United States and process it there. By visiting or using our Services, you consent to storage of your data on servers located in the United States. If you are using the Services from outside the United States, you consent to the transfer, storage, and processing of your data in and to the United States or other countries. Specifically, personal data collected in the United Kingdom (“UK”), Switzerland, and the European Economic Area (“EEA”) is transferred and stored outside those areas. Additionally, if you are located in the UK, EEA, or Switzerland, you also have the right to lodge a complaint with your data supervisory authority.
That data is also processed outside of the UK, Switzerland, and the EEA, or our service providers, including to process transactions, facilitate payments, and provide support services as described in Section 4. We have entered into data processing agreements with our service providers that restrict and regulate their processing of your data on our behalf. By submitting your data or using our Services, you consent to this transfer, storage, and processing by Udemy and its processors.
UPDATES AND CONTACT INFORMATION
When we make a material change to this policy, we’ll notify users via email, in-product notice, or another mechanism required by law. Changes become effective the day they’re posted. Please contact us via email or postal mail with any questions, concerns, or disputes.
MODIFICATIONS TO THIS POLICY
Last modified: April 30, 2022
What are cookies? Cookies are small text files stored by your browser as you browse the internet. They can be used to collect, store, and share data about your activities across websites, including on CyberCertify and SAP Litmos. Cookies also allow us to remember things about your visits to CyberCertify and SAP Litmos, like your preferred language, and to make the site easier to use.
We use both session cookies, which expire after a short time or when you close your browser, and persistent cookies, which remain stored in your browser for a set period of time. We use session cookies to identify you during a single browsing session, like when you log into CyberCertify and SAP Litmos. We use persistent cookies where we need to identify you over a longer period, like when you request that we keep you signed in.
- Authentication and security
- To log you into CyberCertify and SAP Litmos
- To protect your security
- To help detect and fight spam, abuse, and other activities that violate CyberCertify’s and SAP Litmos’ agreements
- For example, cookies help authenticate your access to CyberCertify and SAP Litmos and prevent unauthorized parties from accessing your accounts.
- To remember data about your browser and your preferences
- To remember your settings and other choices you’ve made
- For example, cookies help us remember your preferred language or the country you’re in, so we can provide content in your preferred language without asking each time you visit.
- Analytics and research
- To help us improve and understand how people use CyberCertify and SAP Litmos
- For example, cookies help us test different versions of CyberCertify and SAP Litmos to see which features or content users prefer, web beacons help us determine which email messages are opened, and cookies help us see how you interact with CyberCertify and SAP Litmos, like the links you click on.
You can opt out of some of these services through tools like the Google Analytics Opt-out Browser Add-on.
- Personalized content
- To customize CyberCertify and SAP Litmos with more relevant content For example, cookies help us show a personalized list of recommended courses on the homepage.
- To provide you with more relevant advertising
- To learn more about targeting and advertising cookies and how you can opt out, visit www.allaboutcookies.org/manage-cookies/index.html, or if you’re located in the European Union, visit the Your Online Choices site.
Please note that where advertising technology is integrated into the Services, you may still receive advertising on other websites and applications, but it will not be tailored to your interests.
When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide its own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.
What are my privacy options?
Most browsers automatically accept cookies, but you can change your browser settings to decline cookies by consulting your browser’s support articles. If you decide to decline cookies, please note that you may not be able to sign in, customize, or use some interactive features in the Services.
Flash cookies operate differently than browser cookies, so your browser’s cookie-management tools may not remove them. To learn more about how to manage Flash cookies, see Adobe’s article on managing flash cookies and Website Storage Settings panel.
To get information and control cookies used for tailored advertising from participating companies, see the consumer opt-out pages for the Network Advertising Initiative and Digital Advertising Alliance, or if you’re located in the European Union, visit the Your Online Choices site. To opt out of Google Analytics’ display advertising or customize Google Display Network ads, visit the Google Ads Settings page.
For general information about targeting cookies and how to disable them, visit www.allaboutcookies.org.
UPDATES AND CONTACT INFORMATION