Privacy Policy

Your trust is the foundation of our platform

Digital Netizenship protects individual learners, team administrators, and licensed trainers with rigorous security, transparent practices, and privacy-by-design controls that satisfy global regulations.

Effective date: January 28, 2025

1. Who we are

Digital Netizenship Inc. (“Digital Netizenship”, “we”, “us”) provides gamified cybersecurity awareness missions and facilitator resources for individuals, coaches, consultants, and small organizations. We act as a data controller for information we collect directly (for example, learner or facilitator account details and billing records) and, where applicable, as a data processor for optional participant information that customers choose to capture through our hosted forms and training dashboards.

2. Scope

This Privacy Policy explains how we handle personal information when you browse our websites, sign up for a free account, unlock paid courses, access facilitator or team dashboards, receive updates, or interact with our customer success team. If you enter into a separate Data Processing Agreement (“DPA”) with us, the DPA controls where it conflicts with this policy.

3. Information we collect

We collect the following categories of information:

  • Account data: name, email, role, organization, password hashes, license tier, and communication preferences for individual learners, team admins, or licensed trainers.
  • License and billing data: billing contacts, payment method, tax identifiers, transaction history, and records needed for invoicing.
  • Optional participant data: names, emails, survey responses, and acknowledgements when you choose to capture them through our hosted forms or templates.
  • Usage data: device/browser details, IP address, download activity, referral URLs, and interactions with our websites, emails, and support resources.
  • Support communications: questions, attachments, meeting notes, and other information you share with customer success or support.

4. How we use information

We use personal information to:

  • Provide access to Moodle dashboards, learner portals, and downloadable mission files tailored to your license.
  • Process payments, manage renewals, and send contractual or transactional notices.
  • Send product updates, release notes, facilitation tips, and marketing emails where permitted by law.
  • Respond to support requests, troubleshoot issues, and improve our missions, documentation, and customer experience.
  • Analyze aggregated usage trends to inform product decisions and maintain platform reliability.
  • Protect our services against abuse or fraud and comply with applicable legal requirements.

5. Legal bases

Where the GDPR/UK GDPR applies, our processing is based on: (a) performance of a contract (delivering and supporting your course access or license); (b) legitimate interests (for example, improving security, preventing abuse, and communicating with active customers); (c) consent (for optional marketing or participant submissions); and (d) compliance with legal obligations (such as taxation and accounting). We rely on equivalent lawful bases under other global privacy laws.

6. How we share information

We do not sell or rent personal data. We share information only with:

  • Service providers: carefully vetted vendors that host our infrastructure, process payments, deliver emails, provide analytics, or support customer success.
  • Your organization or clients: facilitators and stakeholders you designate to access shared folders, reports, or hosted forms.
  • Professional advisors and authorities: when required to comply with law, enforce our agreements, or respond to valid legal requests.
  • Business transactions: prospective buyers or investors in connection with a merger, acquisition, or other corporate transaction, subject to confidentiality obligations.

7. Data security

We maintain administrative, technical, and physical safeguards—including encryption, access controls, monitoring, vulnerability management, and staff training—to protect the information we process. If we discover unauthorized access, we will notify affected customers without undue delay.

8. Data retention

We retain facilitator account and billing records for as long as your license or trial remains active and for a reasonable period thereafter to meet legal or contractual obligations. Optional participant data is retained according to the settings you select and can be deleted or exported on request. Support tickets are typically retained for up to 24 months to improve our services.

9. International transfers

Digital Netizenship primarily stores data in the United States. When we transfer personal data from the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, we rely on Standard Contractual Clauses (and the UK Addendum where applicable) together with additional safeguards.

10. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or restrict processing of your personal data, withdraw consent, or object to certain processing activities. You can exercise these rights through your administrator settings or by contacting us. We respond to verifiable requests within 30 days (or the timeframe mandated by local law).

California residents may designate an authorized agent to submit requests and will not receive discriminatory treatment for exercising privacy choices. If you participate in a program managed by a coach, consultant, or employer, please direct requests to that facilitator; we will support them in fulfilling applicable obligations.

11. Cookies and similar technologies

We use strictly necessary cookies to maintain sessions, analytics cookies to understand feature adoption, and preference cookies to remember language and accessibility settings. You can manage cookie settings through your browser or via our in-app preferences panel.

12. Subprocessors

We publish a regularly updated list of subprocessors (including hosting, email delivery, customer support, analytics, and payment vendors) at digital-netizenship.org/legal/subprocessors. Customers will be notified of material changes in advance and may object in accordance with contractual terms.

13. Changes to this policy

We may update this policy to reflect operational, legal, or regulatory changes. We will notify administrators via email or in-app alerts before material updates take effect. Continued use of the services after the effective date constitutes acceptance of the revised policy.

14. Contact us

If you have questions or would like to request a signed DPA, please contact:

  • Email: privacy@digital-netizenship.org
  • Security Hotline: +1 (855) 555-0114
  • Mail: Digital Netizenship Inc., Attn: Privacy, 901 Congress Ave, Suite 500, Austin, TX 78701 USA

If you are an individual located in the EEA or UK, you may also lodge a complaint with your local supervisory authority. We are committed to resolving any concerns promptly.