Last revised on 25th May, 2018
Personal information collected
We collect information:
- When you register an account to become an InfoSec Skills user ("User"), such as your name, address, e-mail and a password.
- When you add to your profile with further information about yourself, join or post to InfoSec Skills Groups and other Member-to-Member communication.
- Like all websites, we automatically receive from your internet use information like your IP address, the URLs of sites from which you arrive or leave the InfoSec Skills website, your type of browser, your operating system, your mobile provider, your mobile device, and your ISP.
- We retain information you provide in connection with third party services available through InfoSec Skills like surveys and polls or other third-party research undertaken with your consent.
Uses of personal information
We use the information you provide to:
- Enable you to share your information and communicate with other Users or provide your personal details to third parties but only if they are offering combined services with InfoSec Skills.
- Administer your account with us and customise the service we provide to you and other Users.
- Send you service or promotional communications through email and notices on the InfoSec Skills website or newsletters.
- We do not sell, rent, or otherwise provide your personal identifiable information (PII) to any third parties for marketing purposes.
- We do not make your contact information viewable to other Users nor do we publish your profile.
Please note that in order to deliver certain services (for example, InfoSec Skills Premium Services), we may share information with third parties. For example, to process subscription payments made by you, we share some of your information with the payment processing company we use.
Your information choices
You can review, enhance or edit your personal information through your personal profile page.
Your obligations to other Users
Personal information you provide will be secured with industry standards and technology. Since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to InfoSec Skills. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications at all times.
The Information Commissioner's Office (ICO) regulates data protection and e-privacy in the UK and there is much useful guidance on their website (http://www.ico.org.uk).
How to contact us
If you have any questions or comments please email us at email@example.com or contact us at InfoSec Skills Limited, Atlantic House, Imperial Way, Reading RG2 0TD
The mission of InfoSec Skills is to provide online and onsite training courses and professional certification to businesses and their workforces and to the general public. Being part of InfoSec Skills means that we collect personal information for the registered account holder ("User").
Information about yourself:
InfoSec Skills does not share any of your information with other users of the InfoSec Skills service unless required for 3rd party exam registration and invigilation.
We do not share your activity with any other users of the InfoSec Skills service.
Of course, maintaining your trust is our top concern, so we adhere to the following principles to protect your privacy:
- We do not rent, sell, or otherwise provide your personally identifiable information to third parties for marketing purposes.
- We do not share any information you have not chosen to share, nor do we publish your InfoSec Skills profile to other parties, unless compelled by law, or as necessary to enforce our User Agreement or protect the rights, property, or personal safety of InfoSec Skills, its Users, and the public.
- All information that you provide will be protected with industry standard protocols and technology.
Please read this policy and send questions, concerns and suggestions to: firstname.lastname@example.org.
- Information collected by InfoSec Skills.
- How InfoSec Skills uses your information.
- Your information choices.
- Your obligations as a User.
- Important information regarding service eligibility.
- How to contact us.
- Personal Information Collected.
We collect your personal information in the following ways:
In order to become a User, you must provide us the following information to create an account: name, address, email address, and password. Like other passwords, you should choose one that is known only by you. You acknowledge that this information is personal to you, and by creating an account on InfoSec Skills, you allow InfoSec Skills, to identify you for login and account management purposes.
In order to communicate with you, InfoSec Skills retains your email and physical address.
We may collect information through the InfoSec Skills website or through our customer service website in order to, among other things, accurately categorise and respond to customer inquiries and investigate breaches of our terms.
We may collect information about the fact that you use certain features and functionality of InfoSec Skills, interact with third party platform applications, click on ads, or participate in research initiatives like polling and surveys on InfoSec Skills.
On 26 May 2011, the UK rules about cookies on websites changed. This site uses session cookies, which are essential for certain functions of this site to operate and you consent to the use of this type of cookie if you add products to your cart. You may delete and block all cookies from this site, but parts of the site may not work correctly. We do not use 3rd party tracking cookies. For further information about cookies please visit allaboutcookies.org.
We use session cookies to track the contents of your shopping cart. A cookie is a tiny data file that resides on your computer, mobile phone, or other device, and allows us to recognise you as a User when you return to the InfoSec Skills website using the same computer and web browser so that you can continue your ordering process from where you left off. “Session” cookies are used to identify a particular visit to the InfoSec Skills website. Session cookies expire after a short time or when you close your web browser. You can remove or block cookies using the settings in your browser, but in some cases that may impact your ability to use some InfoSec Skills functions. Another type of cookie, known as a "persistent" cookie, is set once you've logged in to your InfoSec Skills account. The next time you visit the InfoSec Skills website, the persistent cookie will allow us to recognise you as an existing User, so you will not need to log in before using the Services. By creating a new order, by adding items to your cart, you consent to the use of a "persistent" cookie, for the purpose of remembering your cart contents for subsequent visits only. In order to access or change any of your private information (like a credit card number), however, you must log in securely again with your password even if your computer contains your persistent cookie.
Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or accept specific types of cookie. InfoSec Skills does not store any personally identifiable information in any type of cookie.
We do not serve any third-party advertisements on the site.
Log files, IP addresses and information about your computer and mobile device
Due to the communications standards on the internet, when you visit the InfoSec Skills website we automatically receive the URL of the site from which you came and the site to which you are going when you leave InfoSec Skills. InfoSec Skills also receives the internet protocol ("IP") address of your computer (or the proxy server you use to access the World Wide Web), your computer operating system and type of web browser you are using, mobile device operating system (if you are accessing InfoSec Skills using a mobile device), as well as the name of your ISP or your mobile carrier. We use this information to analyse overall trends to help improve our service. The linkage between your IP address and your personally identifiable information is not shared with third parties without your permission, except as described in Section "Compliance with Legal Process", below.
If you link your InfoSec Skills account to another account or service, or use other, third-party sites or services in conjunction with your InfoSec Skills account, we may collect information related to your use of third party sites and services accessed through InfoSec Skills or when you access InfoSec Skills through a third-party site or service.
Rights to Access, Correct and Eliminate Information About You
You have a right to access, modify, correct and eliminate the data you supplied to InfoSec Skills. If you update any of your information, we may keep a copy of the information that you originally provided to us in our archives for uses documented in this policy. You may request deletion of your information at any time by contacting InfoSec Skills customer service. We will respond to your request within 30 days.
Uses of personal information
Consent to InfoSec Skills Processing Information About You
InfoSec Skills Communications
As described in the User Agreement, we will communicate with you through email, newsletter and notices posted on the InfoSec Skills website. We may send you a series of emails that help inform new Users about the features of the Services, and we will also send you service messages relating to the functioning of the Services. We may also send you messages with promotional information directly or on behalf of our partners, unless you have opted out of receiving promotional information.
You can change your e-mail and contact preferences at any time by logging into your account and changing your settings related to your email notification choices.
Please be aware that you cannot opt-out of receiving service messages from InfoSec Skills.
Other User Communications
You are responsible for communications to other InfoSec Skills Users. InfoSec Skills will not send any communications to other Users about you.
We use information provided to us (or to third parties with whom it offers combined services) to customise your experience on our website, for example, when you login to your account.
Sharing Information with Third Parties
InfoSec Skills takes the privacy of our Users very seriously, and we do not sell, rent, or otherwise provide your personally identifiable information to third parties for marketing purposes. Further, we will only share your personally identifiable information with third parties to carry out your instructions or to provide the Services unless compelled by law, or as necessary to enforce our User Agreement or protect the rights, property, or personal safety of InfoSec Skills, its Users, and the public. For example, we use a credit card processing company to bill Users for fees. These third parties do not retain, share, or store any personally identifiable information except to provide these services, and they are bound by confidentiality agreements limiting the use of your information.
We may provide aggregated anonymous data about the usage of the Services to third parties for purposes that we deem, in our sole discretion, to be appropriate.
Polls and Surveys
Polls and Surveys may be conducted by InfoSec Skills, InfoSec Skills Users or third parties. As a User, you may be invited to participate in polls and surveys from the InfoSec Skills website. Your selection may be random, or it may be based on your non-personally identifiable information, such as job title, geography, company size and/or industry. Whether or not you decide to participate in a poll or survey is completely up to you.
After you complete a poll, you will be given access to the aggregate responses of the poll on a results page. Further, InfoSec Skills may follow up with you via email regarding your participation.
We may use third parties to deliver incentives to you to participate in surveys or polls. If the delivery of incentives requires your contact information, you may be asked to provide personally identifiable information to the third party fulfilling the incentive offer, which will only be used for the purpose of delivering incentives and/or verifying your contact information. It is up to you whether you provide this information, or whether you desire to take advantage of an incentive.
We will not disclose any personally identifiable information to any third parties in connection with the conduct of any polls or surveys. Your consent to use any personally identifiable information for the purposes set forth in the poll or survey will be explicitly requested by the party conducting it.
Testimonials placed through InfoSec Skills
If you provide any testimonials about the InfoSec Skills Services, we may post those testimonials in connection with our promotion of these services to third parties. Testimonials may include your name and other personal information that you have provided.
Compliance with Legal Process
It is possible that we may need to disclose personal information, profile information and/or information about your activities as a InfoSec Skills User when required by subpoena or other legal process, or if InfoSec Skills has a good faith belief that disclosure is necessary to (a) investigate, prevent or take action regarding suspected or actual illegal activities or to assist government enforcement agencies(b) to enforce the User Agreement, to investigate and defend ourselves against any third party claims or allegations, or to protect the security or integrity of our site and/or (c) to exercise or protect the rights, property or personal safety of InfoSec Skills, our Users, employees, or others.
Disclosures to others
We may also disclose your personal information and other information you provide to another third party as part of a reorganisation or a sale of the assets of InfoSec Skills Corporation, a subsidiary or division. Any third party to which InfoSec Skills transfers or sells InfoSec Skills assets will have the right to continue to use the personal and other information that you provide to us.
Your Information Choices
Accessing and Changing Your Account Information
You can review the personal information you provided to us and make any desired changes to the information you publish, or to the settings for your InfoSec Skills account including your email and contact preferences, at any time by logging in to your account on the InfoSec Skills website. Please be aware that even after your request for a change is processed, InfoSec Skills may, for a time, retain residual information about you in its backup and/or archival copies of its database(s).
Closing Your Account
You can close your account with InfoSec Skills by notifying customer service. If you close your account, we have no obligation to retain your information, and will delete any or all of your account information without liability. However, we may retain certain data contributed by you if InfoSec Skills believes it may be necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally identifiable data, account recovery, or if required by law. InfoSec Skills disclaims any liability in relation to the deletion or retention (subject to the terms herein) of information or any obligation not to delete the information.
If we learn that a User is deceased, we may memorialise the User's account. In these cases, we may restrict account access and/or close an account if we receive a formal request from the User's next of kin or other proper legal request to do so.
Unless you specifically ask us to delete your personal information as explained in Section “Closing Your Account”, we retain your information as long as is necessary to maintain your Infosec Skills account or to provide you with our Services. Once you have terminated your account or otherwise cease using our Services (including if we determine your account has gone inactive), we will no longer retain your information except to the extent necessary:
- to send you marketing communications in accordance with your marketing preferences (which you can change at any time);
- for our legal or regulatory compliance (e.g. maintaining records of transactions you have made with us), to exercise, establish or defend legal claims, and to protect against fraudulent or abusive activity on our Service; or
If we no longer need your information for the above purposes, we will generally delete or de-identify it in accordance with our standard data retention practices. However, there may be occasions where we are unable to fully delete or de-identify your information due to technical or other operational reasons, for example where your information has been archived onto back-up systems. Where this is the case, we will take reasonable measures to securely isolate your information from any further processing until such time as we are able to delete or de-identify it.
International Data Transfers
We may transfer your personal information to and process and store your information in other countries in compliance with applicable law. Some of these countries may have data protection laws that are different from the laws of your country (and, in some cases, may not be as protective). However, we have taken appropriate safeguards to require that your personal information remain protected.
As a User, you have certain obligations to other Users. Some of these obligations are imposed by applicable law and regulations, and others have become commonplace in user-friendly communities of like-minded members such as InfoSec Skills:
- You must not download or otherwise disseminate any information that may be deemed to be injurious, violent, offensive, racist or xenophobic, or which may otherwise violate the purpose and spirit of InfoSec Skills and its community of Users.
- You must not provide to InfoSec Skills and/or other Users information that you believe might be injurious or detrimental to your person or to your professional or social status.
- You must keep your username and password confidential and not share it with others.
- Any violation of these guidelines may lead to the restriction, suspension or termination of your account at the sole discretion of InfoSec Skills.
Children and Minors
Children are not eligible to use our service and we ask that minors (under the age of 18) do not submit any personal information to us or use the InfoSec Skills service without prior written or emailed consent by their parent(s) or legal guardian who must agree to their children's participation in courses written specifically for the 16-18-year-old age group, or in special cases, higher level courses written for 18+ age groups.
Updates and Notices
Please note that by becoming a User, you have given us your express and informed consent to transfer the data that you provide to us to the cloud and to process it in the cloud.
Using the InfoSec Skills Services after a notice of changes has been sent to you or published on our site shall constitute consent to the changed terms or practices.
In order to help secure your personal information, access to your data on InfoSec Skills is password-protected, and sensitive data (such as login details and credit card information) is protected by SSL encryption when it is exchanged between your web browser and the InfoSec Skills website or credit card processor appointed by InfoSec Skills. To protect any data, you store on our servers, InfoSec Skills also regularly audits its system for possible vulnerabilities and attacks, and we only use tier-one secured-access data centres. However, since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to InfoSec Skills. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information. Please note that emails, instant messaging, and similar means of communication with InfoSec Skills are not encrypted, and we strongly advise you not to communicate any confidential information through these means.
How to contact us