Privacy Policy & Terms of Service

Privacy Policy

1. Information We Collect

BlueCyber collects information you provide directly to us, including:

• Contact information (name, email, phone number)
• Professional information (company, role, training goals)
• Training performance data (metrics, scores, completion status)
• Skills Passport data (competency ratings, tool proficiency)
• Payment information (processed by third-party payment processors)

2. How We Use Your Information

We use the information we collect to:

• Provide training services and issue certifications
• Create and maintain Skills Passports
• Connect candidates with employers and recruiters
• Deliver SOC services and incident response
• Improve our services and develop new offerings
• Communicate with you about services, updates, and promotions

3. Data Sharing and Disclosure

We may share your information with:

• Employers and Recruiters: Skills Passport data shared only with your explicit consent
• Service Providers: Third parties who assist with business operations (see Section 8)
• Legal Requirements: When required by law or to protect our rights

Do Not Sell or Share

We do not sell your personal information to third parties. We do not share your personal information for cross-context behavioral advertising or targeted advertising purposes. If we ever engage in retargeting advertising, we will update this policy and provide opt-out mechanisms.

4. Data Security

We implement industry-standard security measures including encryption (TLS 1.3), access controls, multi-factor authentication, and regular security audits. However, no system is 100% secure. We cannot guarantee absolute security of your data.

5. Your Privacy Rights

Depending on your location, you may have the following rights under applicable privacy laws including GDPR, CCPA/CPRA (California), VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), and UCPA (Utah):

• Access your personal data and obtain a copy
• Correct inaccurate data
• Request deletion of your data (subject to legal obligations)
• Opt out of the sale or sharing of personal information
• Opt out of targeted advertising
• Opt out of profiling in furtherance of automated decision-making
• Withdraw consent for Skills Passport sharing at any time
• Appeal a denial of your privacy request

To exercise these rights, contact us at [email protected]. We will respond within the timeframes required by applicable law. We will not discriminate against you for exercising your privacy rights.

6. Data Retention

We retain your data for as long as necessary to provide services and comply with legal obligations. Skills Passport data is retained for verification purposes unless you request deletion. Training records may be retained for up to 7 years for compliance and audit purposes.

7. Children and Minors

Our services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us immediately at [email protected].

For applicants ages 13-17: Parental or guardian consent is required for enrollment in our programs. We collect only information necessary for training delivery and require a parent/guardian signature on all enrollment agreements for minors.

8. Third-Party Service Providers

We use the following categories of third-party service providers to operate our business:

• Analytics: Google Analytics (website usage analysis)
• Email Communications: Email service providers for transactional and marketing emails
• Payment Processing: Secure third-party payment processors (we do not store credit card numbers)
• Scheduling: Calendly (appointment booking)
• Cloud Infrastructure: Secure cloud hosting providers
• Customer Support: Help desk and CRM tools

These providers are contractually bound to protect your information and use it only for the purposes we specify.

9. International Data Transfers

BlueCyber is headquartered in Arlington, Virginia, USA. If you access our services from outside the United States, your information may be transferred to, stored, and processed in the United States. By using our services, you consent to such transfer. We implement appropriate safeguards for international transfers as required by applicable law.

Terms of Service

1. Acceptance of Terms

By accessing or using BlueCyber services, you agree to be bound by these Terms of Service. If you do not agree, do not use our services.

2. Services Provided

BlueCyber provides:

• Cybersecurity training and certification programs
• Skills validation and verification services
• Talent placement and recruiting services
• Managed SOC and MDR services
• Incident response and readiness drills

3. User Responsibilities

You agree to:

• Provide accurate and complete information
• Maintain the confidentiality of your account credentials
• Not share access to training environments
• Not misrepresent your Skills Passport or certifications
• Comply with all applicable laws and regulations

4. Intellectual Property

All content, materials, and intellectual property provided through BlueCyber services remain our property or that of our licensors. You may not copy, reproduce, distribute, or create derivative works without explicit permission.

5. Limitation of Liability

BlueCyber shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of our services. Our total liability shall not exceed the amount paid by you for the specific service giving rise to the claim.

6. Termination

We reserve the right to suspend or terminate your access to our services for violation of these Terms or for any other reason at our discretion. Upon termination, your right to use our services ceases immediately.

7. Modifications

We may modify these Terms at any time. Continued use of our services after changes constitutes acceptance of the modified Terms.

Cookie Policy

What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our services.

Cookie Categories We Use

We use the following categories of cookies:

• Essential Cookies: Required for core website functionality including authentication, security, and form submissions. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors use our site using Google Analytics. These track page views, session duration, and traffic sources. You can opt out of these.
• Preference Cookies: Remember your settings such as cookie consent choices and display preferences.

Your Cookie Choices

When you first visit our site, you will see a cookie consent banner allowing you to accept or decline non-essential cookies. You can change your preferences at any time by:

• Clearing your browser cookies and revisiting our site
• Using your browser settings to block or delete cookies
• Using browser extensions that manage cookie consent

Note that disabling essential cookies may affect website functionality.

Email & Communications Policy

Newsletter Communications

By subscribing to our newsletter, you consent to receive periodic emails about cybersecurity training, career resources, industry insights, and promotional offers from BlueCyber.

• We will never share your email address with third parties for their marketing purposes
• You can unsubscribe at any time by clicking the "unsubscribe" link in any email
• Unsubscribe requests are processed within 10 business days as required by CAN-SPAM
• Even after unsubscribing from marketing emails, you may still receive transactional emails related to your account or enrolled programs

SMS/Text Communications

If you opt in to receive SMS/text messages from BlueCyber (such as class reminders or review requests):

• You provide express written consent to receive text messages at the phone number provided
• Message frequency varies; message and data rates may apply
• Reply STOP to any message to opt out at any time
• Reply HELP for assistance
• Consent is not a condition of purchase