While the GDPR is changing how everyone handles and processes your personal information, we value your privacy and have always attempted to limit what information is collected, and how it is used. That said, the GDPR is making us take a fresh look at everything we do, so this document is being updated as necessary.
The CTIN Training Center services are provided by the Cyber Threat Intelligence Network, Inc., located in Arizona (USA). We do not rent or sell your information to anyone else. However, your information may be stored in systems that we do not own in the course of necessary business. Most information is stored indefinitely, unless you ask us to delete it, except as otherwise noted. The list below is current as of February 1, 2021.
Usage data and the free CTIN Training Center
• The free version of training on the CTIN Training Center does not collect, send, or store any of your information by default.
• All data collected by usage tracking is completely anonymous. Your email address and/or Site URL/Address are not attached to the usage data captured by our systems.
Your credit card information
• If you use PayPal, they send us your name or business name, and your email address, which is no more than you’ve already provided at checkout.
Your physical address
• We don’t need your physical address, other than your country and zip/postal code. This is for validating your credit card information (via Stripe).
• Our transaction database will store any address information you provide for the purpose of displaying it on your invoices. We have no intention of sending you mail.
Your email address
• When you make a purchase, your email will be stored as part of your user account. This allows you to manage your purchased products, license keys, invoices, etc.
• Additionally, your email address is recorded in the license database, so that automated service notifications can be sent to you. There is no opt-out on these short of full account deletion, as it is purely transactional email: license activation, low credit notifications, and subscription reminders.
• If you leave a comment on our site, we collect your IP address, and browser user agent to aid in spam detection.
• Comments and related metadata are stored indefinitely so that we can recognize and automatically approve any follow-up comments instead of holding them for moderation.
• An anonymized string created from your email address (also called a hash) will be provided to the Gravatar service to see if you have set a profile picture. After approval of your comment, your profile picture is visible to the public in the context of your comment.
• This website uses Google Fonts. As such, Google logs requests for related CSS and font files.
• If you submit a question via the contact form or the help button, it will capture information about your browser, your IP address, and the page you are viewing. This helps so that we don’t tell you to go read something you already saw. The IP address and browser information allows us to assist you more quickly with purchase and login issues. This information, along with your message and email address will be stored in our mailbox.
• This site retains security logs of every log-in attempt made. This information, including the public IP address, username and the status of your attempt, is used to help prevent unauthorized system access and maintain a high quality of service for everyone.
• Currently, we use servers hosted by InMotionHosting. We aggregate and index our logs.
We employ various security measures to ensure that no one gains unauthorized access to your information. If someone ever does hack our servers, we will contact you via email as fast as humanly possible.
This site does not specifically target or market to children under the age of 13 years old.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obligated to keep for administrative, legal, or security purposes. Data erasure requests should also be sent via the contact form. If you have other questions about information not covered here, send us an email and we’ll be glad to clarify.