Privacy Policy

CyberNinja ("CyberNinja," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit the getcyber.ninja website, use the CyberNinja mobile application, or interact with our related services.

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.

CyberNinja is the data controller for the Services. We are based in Ireland and can be reached at [email protected].

We collect the following categories of information:

• Account Data – name, email address, username, and authentication tokens.

• Learning Activity – lesson progress, quiz responses, achievement history, XP totals, and streak data.

• Device & Technical Data – device type, operating system, app version, IP address, and diagnostic information.

• Usage Data – interactions with our website and app, including page views and feature usage.

We process your information to:

• Deliver and personalize cybersecurity lessons and recommendations.

• Track progress, award XP, and power achievement dashboards.

• Authenticate logins, secure accounts, and detect suspicious activity.

• Provide customer support and improve existing features.

• Send important administrative messages and, with your consent, newsletters.

We do not sell your personal information. We may share data with:

• Service providers that support the Services (e.g., hosting, analytics, payment processors).

• Law enforcement when required by law or to protect rights, safety, or property.

All service providers are contractually obligated to safeguard your data appropriately.

We retain personal data only as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, and enforce agreements.

Account data is retained while your account is active and for up to 12 months after deletion unless a longer period is required by law.

We implement administrative, technical, and physical safeguards—including encryption in transit, access controls, and continuous monitoring—to protect your data.

Despite these efforts, no method of transmission or storage is completely secure. Please protect your login credentials.

Depending on your jurisdiction, you may have the right to access, correct, delete, or export personal data, withdraw consent, or lodge a complaint with a supervisory authority.

EU/EEA residents may lodge a complaint with the Irish Data Protection Commission (dataprotection.ie).

If you have questions about this Privacy Policy, please contact:

[email protected]