Privacy Policy

Your privacy matters. Learn how we protect your data and respect your choices.

Our Commitment to Data Protection

At CyberGuard Academy, protecting your privacy and personal data is fundamental to our operations. This privacy policy explains how we collect, use, share, and protect your information when you interact with our cybersecurity training services and advertising partnerships.

We work with leading advertising platforms including Google, Facebook (Meta), and Microsoft to deliver relevant content and measure the effectiveness of our marketing efforts. This policy provides comprehensive details about these partnerships and your control over how your data is used.

We comply with applicable privacy regulations including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other regional privacy laws. Your rights and choices are clearly outlined below, along with easy-to-use tools for exercising control over your personal information.

Data Collection by Advertising Platforms

Google Services Data Collection

Google Analytics Data Points

  • Page views, session duration, and bounce rates
  • Device information including browser type, operating system, and screen resolution
  • IP address for geographic location determination
  • Referring website and traffic source information
  • Pages visited and user flow through our website

Google Ads Tracking

  • Conversion data including form submissions and contact requests
  • Remarketing audiences based on page visits and engagement
  • Interest categories derived from browsing behavior
  • Cross-device tracking through Google account linking
  • Retention Period: 26 months by default, configurable

Facebook/Meta Data Collection

Facebook Pixel Data

  • Page views, button clicks, and form submission events
  • User behavior patterns and engagement metrics
  • Device IDs and browser fingerprinting data
  • Location data derived from IP address
  • Cross-platform tracking across Facebook family of apps

Custom Audiences

  • Website visitor audiences for remarketing campaigns
  • Lookalike audiences based on customer characteristics
  • Engagement-based audiences from social media interactions
  • Interest targeting based on Facebook profile data
  • Retention Period: 180 days for remarketing purposes

Microsoft/Bing Data Collection

UET Tag Tracking

  • Conversion tracking for goal completion and user actions
  • Search query data and click behavior analysis
  • Demographic information for audience targeting
  • Microsoft account integration for enhanced targeting
  • Cross-service data linking within Microsoft ecosystem

Remarketing & Audiences

  • Site visitor segmentation for targeted advertising
  • Engagement metrics and interaction tracking
  • LinkedIn integration for B2B audience insights
  • Professional profile data for career-focused targeting
  • Retention Period: 390 days maximum

How We Use Your Data

Purposes of Processing

Service Delivery and Contract Fulfillment

Providing cybersecurity training programs, processing enrollments, and delivering educational content.

Marketing and Advertising Optimization

Targeting relevant advertisements, measuring campaign effectiveness, and improving marketing strategies.

Analytics and Performance Measurement

Understanding website usage, improving user experience, and optimizing content delivery.

Fraud Prevention and Security

Protecting against fraudulent activities, ensuring platform security, and maintaining data integrity.

Legal Compliance and Obligations

Meeting regulatory requirements, tax obligations, and responding to legal requests.

Legal Basis for Processing

Consent

For marketing communications, non-essential cookies, and advertising personalization based on your explicit agreement.

Legitimate Interest

For analytics, security measures, fraud prevention, and improving our services where our interests don't override your rights.

Contract Performance

For delivering training services, processing payments, and fulfilling our contractual obligations to you.

Legal Obligation

For compliance with tax laws, regulatory requirements, and responding to valid legal requests.

Vital Interests

Only in emergency situations where processing is necessary to protect someone's life or physical safety.

Data Sharing with Third Parties

Advertising Partners

Platform Partners

  • Google (Analytics, Ads, Tag Manager) for search and display advertising
  • Meta/Facebook (Pixel, Conversions API) for social media advertising
  • Microsoft (Bing Ads, Clarity) for search engine marketing
  • Programmatic advertising networks for automated ad placement
  • Retargeting platforms for cross-site advertising campaigns

Data Shared

  • Hashed email addresses for audience matching
  • Website interaction data and conversion events
  • Device identifiers and browser information
  • Geographic location data (IP-based)
  • Aggregated behavioral patterns and preferences

Service Providers and Data Transfers

Technical Providers

  • Web hosting and cloud storage services
  • Content delivery networks (CDNs)
  • Email service providers
  • Payment processors
  • Customer support platforms

Data Protection Safeguards

  • EU-US Data Privacy Framework compliance
  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions compliance
  • Data localization where required
  • Regular security assessments

International Transfers

  • United States (Privacy Framework)
  • European Union (Adequacy)
  • United Kingdom (Adequacy)
  • Other countries with appropriate safeguards
  • Regional data processing where possible

Your Rights and How to Exercise Them

GDPR Rights (EU/UK Residents)

Right to Access

Request a copy of your personal data we hold and information about how we process it.

Response time: 30 days | Free of charge

Right to Rectification

Correct inaccurate or incomplete personal data.

Response time: 30 days | We notify third parties if applicable

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data under certain circumstances.

Subject to legal obligations and legitimate interests

Right to Restrict Processing

Limit how we use your data while disputes are resolved.

Data stored but not processed during restriction

Right to Data Portability

Receive your data in machine-readable format for transfer to another service.

Applies to automated processing based on consent

Right to Object

Opt-out of processing for marketing, profiling, and legitimate interests.

We must stop unless we have compelling legitimate grounds

CCPA Rights (California Residents)

Right to Know

Know what personal information is collected, used, shared, or sold.

Includes categories, sources, and business purposes

Right to Delete

Request deletion of personal information we collected from you.

Subject to exceptions for legal compliance and business purposes

Right to Opt-Out

Opt-out of sale or sharing of personal information for targeted advertising.

Includes cross-context behavioral advertising

Right to Non-Discrimination

Equal service and pricing regardless of privacy rights exercise.

We cannot deny services for exercising privacy rights

Right to Correct

Correct inaccurate personal information maintained about you.

We will take reasonable steps to correct the information

Right to Limit Use of Sensitive Information

Limit use and disclosure of sensitive personal information.

Applies to specific categories of sensitive data

Platform-Specific Privacy Controls

Direct Platform Controls

Google My Ad Center Manage Settings →
Facebook Privacy Center Manage Settings →
Microsoft Privacy Dashboard Manage Settings →

How to Exercise Your Rights

1

Contact Form

Use our website contact form with "Privacy Request" as subject

2

Platform Settings

Use direct privacy controls on advertising platforms

3

Browser Controls

Adjust cookie and tracking settings in your browser

4

Account Deletion

Request complete account and data deletion

Data Retention and Deletion

Retention Periods

Contact Form Data

3 years from last interaction

Automatically deleted unless ongoing business relationship

Analytics Data

26 months (Google Analytics default)

Configurable retention periods, anonymized after expiration

Marketing Data

Until consent withdrawn or 2 years inactive

Remarketing audiences expire per platform policies

Legal Records

As required by law (typically 5-7 years)

Tax, contractual, and regulatory compliance

Security Logs

90 days

For fraud prevention and security monitoring

Deletion Procedures

Automatic Deletion

  • Systematic deletion after retention period expires
  • Anonymization as alternative to complete deletion
  • Backup systems purged within 30-90 days

Manual Deletion

  • Upon user request within 30 days
  • Coordination with third-party platforms
  • Verification process for security purposes

Exceptions to Deletion

  • Legal obligation to retain (tax, regulatory)
  • Legitimate business purposes (fraud prevention)
  • Freedom of expression and information
  • Public interest or scientific research