Privacy Policy
Last Updated: February 09, 2026
Quick Navigation
1. Introduction
Welcome to CYBRIXEN ("we," "our," or "us"). We operate the cybersecurity training platform accessible at cybrixen.com (the "Service").
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.
We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this Privacy Policy or our practices with regard to your personal information, please contact us at info@cybrixen.com.
2. Definitions
- Personal Data: Any information that relates to an identified or identifiable individual.
- Processing: Any operation performed on Personal Data, whether or not by automated means.
- Data Controller: The natural or legal person who determines the purposes and means of processing Personal Data.
- Service: The CYBRIXEN website and all related cybersecurity training services.
- User: An individual who uses our Service.
- GDPR: General Data Protection Regulation (EU) 2016/679.
- CCPA: California Consumer Privacy Act.
3. Data We Collect
We collect several types of information for various purposes to provide and improve our Service to you.
3.1 Information You Provide Directly
When you register for an account, we collect:
- Email Address: Used for account identification and communication
- Full Name: For personalization and certificate generation
- Password: Stored as a cryptographic hash (never in plain text)
- Profile Information: Optional data you choose to provide
3.2 Information from Google Authentication
When you sign in with Google, we collect:
- Email address
- Name
- Google profile picture URL (optional)
- Google user ID (for authentication)
We only request basic profile information. You can control what information Google shares with us through your Google account settings.
3.3 Automatically Collected Information
When you access our Service, we automatically collect:
- Usage Data: Pages visited, time spent, features used
- Device Information: Browser type, operating system, IP address
- Learning Progress: Course completion, test scores, certifications earned
- Technical Data: Error logs, performance metrics
4. How We Use Your Information
We use the collected data for various purposes:
| Purpose | Legal Basis |
|---|---|
| To create and manage your account | Contractual necessity |
| To provide cybersecurity training and certifications | Contractual necessity |
| To process payments for certifications | Contractual necessity |
| To send important updates about the Service | Legitimate interest |
| To improve our platform and user experience | Legitimate interest |
| To prevent fraud and ensure security | Legal obligation & Legitimate interest |
| To comply with legal obligations | Legal compliance |
5. Payment Information
For paid certifications and services, we collect payment information through secure third-party payment processors. We do not store complete credit card information on our servers.
5.1 Payment Processors
We use reputable payment processors including:
- Stripe
- PayPal
- Other PCI-DSS compliant providers
5.2 Data Handling
- We NEVER store complete credit card numbers, CVV codes, or PINs
- We DO store:
- Transaction IDs
- Payment method type (card, PayPal, etc.)
- Last 4 digits of card (for identification only)
- Billing address (if provided)
- Purchase history and receipt data
5.3 Security Standards
All payment processing complies with:
- PCI-DSS (Payment Card Industry Data Security Standard)
- SSL/TLS encryption for data transmission
- Secure tokenization for sensitive data
6. Data Protection & Security
We implement appropriate technical and organizational security measures to protect your personal data.
6.1 Security Measures
- Encryption: All data in transit uses TLS 1.2+ encryption
- Hashing: Passwords are hashed using bcrypt with unique salts
- Access Controls: Strict role-based access to sensitive data
- Regular Audits: Security assessments and penetration testing
- Database Security: Firewalled databases with limited access
- Backup Encryption: Regular encrypted backups
6.2 Data Breach Procedures
In the event of a data breach, we will:
- Immediately investigate and contain the breach
- Notify affected users within 72 hours (where required by law)
- Report to relevant authorities as required
- Implement corrective measures to prevent recurrence
7. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this policy.
| Data Type | Retention Period |
|---|---|
| Account Information | As long as account is active + 2 years after inactivity |
| Learning Progress & Certifications | Indefinitely (for verification purposes) |
| Payment Transaction Data | 7 years (for tax and legal compliance) |
| Technical Logs | 1 year |
| Marketing Communications Data | Until consent is withdrawn |
8. Your Data Protection Rights
Depending on your location, you may have the following rights:
Right to Access
Request copies of your personal data
Right to Rectification
Request correction of inaccurate data
Right to Erasure
Request deletion of your data
Right to Restrict
Request restriction of processing
Right to Data Portability
Receive your data in a structured format
Right to Object
Object to processing of your data
To exercise any of these rights, please contact us at info@cybrixen.com. We will respond within 30 days.
8.1 California Residents (CCPA)
California residents have specific rights under the CCPA, including:
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of sale of personal information
- Right to non-discrimination for exercising rights
10. Third-Party Services
We use third-party services that may collect information about you:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Google Authentication | User authentication | View |
| Stripe | Payment processing | View |
| Google Analytics | Website analytics | View |
| Email Service Providers | Communication | View |
11. Children's Privacy
Our Service is not intended for children under 16 years of age.
We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
If we learn we have collected personal information from a child under 16, we will delete that information promptly.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy on this page
- Sending an email notification (if you have provided an email)
- Updating the "Last Updated" date at the top of this Privacy Policy
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
13. Contact Us
If you have any questions about this Privacy Policy, please contact us:
Email: info@cybrixen.com
By using our Service, you acknowledge that you have read and understood this Privacy Policy.
CYBRIXEN Assistant
How can I help you today?
Welcome to CYBRIXEN Assistant
Click on any question above to see the detailed answer here.
Contact Support Team
We'll respond to your email within 24 hours