Privacy Policy

1. Introduction

Firewall Academy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our security awareness training platform.

This policy applies to organizational customers ("Customers") who purchase our training services, as well as their employees and authorized users ("End Users") who participate in training programs.

By using Firewall Academy, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Customer Account Information

When organizations register for our services, we collect:

• Organization name and contact details
• Account administrator names and email addresses
• Billing and payment information
• Contract and service agreement details

2.2 End User Information

For employees participating in training, we collect:

• Name and email address (as provided by your organization)
• Training progress and completion status
• Quiz and assessment responses and scores
• Course interaction data (time spent, lessons viewed)

2.3 Automatically Collected Information

When you use our platform, we automatically collect:

• Device information (IP address, browser type, operating system)
• Usage data (access times, pages viewed, features used)
• Log data for security and troubleshooting purposes

3. How We Use Your Information

We use the collected information for the following purposes:

• Deliver and administer security awareness training programs
• Track and report on training completion and compliance
• Generate reports for Customer administrators and auditors
• Provide customer support and respond to inquiries
• Improve our training content and platform functionality
• Send important notices about training deadlines and updates
• Comply with legal obligations and contractual requirements
• Ensure platform security and prevent unauthorized access

4. Information Sharing and Disclosure

We do not sell, trade, or rent personal information to third parties. We may share information in the following circumstances:

• With Your Organization: End User training data is shared with authorized administrators at your organization for compliance and reporting purposes
• Service Providers: With trusted vendors who help us operate our platform (hosting, email delivery, analytics)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of our company
• Safety and Security: To protect the rights, property, or safety of Firewall Academy, our customers, or others

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption of data in transit (TLS) and at rest
• Regular security assessments and penetration testing
• Role-based access controls and authentication
• Secure cloud infrastructure with redundancy
• Employee security training and background checks
• Incident response procedures

While we employ robust security practices, no method of transmission over the internet is 100% secure. We continuously monitor and improve our security posture.

6. Data Retention

We retain information for as long as necessary to:

• Provide our services under active customer agreements
• Support compliance and audit requirements (typically 3-7 years)
• Comply with legal and regulatory obligations
• Resolve disputes and enforce agreements

Upon contract termination, we will delete or anonymize customer data within 90 days, unless longer retention is required by law or requested by the Customer for compliance purposes.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Restriction: Request limitation of processing
• Objection: Object to certain processing activities

End Users should contact their organization's administrator to exercise these rights. Customer administrators may contact us directly.

8. Cookies and Tracking

We use cookies and similar technologies to:

• Maintain your session and authentication state
• Remember your preferences and settings
• Track training progress across sessions
• Analyze platform usage to improve our service

Essential cookies are required for platform functionality. You can control non-essential cookies through your browser settings.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including standard contractual clauses and data processing agreements, to protect your information during such transfers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify Customers of material changes by:

• Posting the updated policy on our website
• Sending email notification to account administrators
• Providing notice within the platform

Continued use of our service after the effective date constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

• Email: support@firewall-academy.com
• Through your account administrator