We Value Your Privacy

D2 Cybersecurity takes your privacy seriously. Maintaining the trust of our users necessitates vigilant, responsible privacy protections. We realize that privacy is an important issue for our users providing us with their business information. Please read the following to learn more about how we collect, use, and safeguard the information you may provide to us via this site.

What Information Does D2 Cybersecurity Collect From You?

Currently no data is being collected from the D2 Cybersecurity reporting portal, insight.d2cybersecurity.com. However, at our clients request to automate the onboarding process, our portal will collect from you:

Personal identifiable information and certain institution information
Some Technical information

We will not collect any information automatically via cookies and web beacons.

Personal and Business Information

User List – the portal is designed to provide monthly and on-demand progress reports for the phishing campaigns and cybersecurity awareness training for your users. These reports contain their name, their institution email address, and the institution name provided by you to our admin. This list is currently manually uploaded into our products from outside of this portal via email received by our admin. In the future, this list can be uploaded from within this portal directly by your admin.

Technical Information

All Site Users – this portal provides the ability to login with a user-defined password for all cohort admins and JIF admins. If an admin forgets their individual password, a link would allow them to reset the password. We setup each admin with a default password, however, we do not collect any changes made to that initial password or forgotten password.

How Do We Collect Information From You?

We collect, retain and use personally identifiable and business information from you (i) by expressly requesting it from you (ii) when you contact us via email.

How is Your Information Used?

Our Use of Information – We collect, retain and use the information we collect via email or from our site using the uploaded list for legitimate business purposes only as described herein. Information collected via email or from our site is used: to provide phishing test and administer cybersecurity awareness training only, with applicable Terms of Use for our service.
Sharing Information – We do not share, sell or rent your personally identifiable and business information to any third parties. We will only disclose information we maintain, including personally identifiable information, when required to do so by law or regulation, or in response to a request from a law enforcement or governmental agency or authority.
Retention of Information – Personally identifiable and business information will be retained by D2 Cybersecurity for as long as needed to respond to user queries. All non-personally identifiable information will be retained indefinitely.

Protected Health Information, Payment Card Information and Other Sensitive Information

D2 Cybersecurity does not need, nor does it request, any protected health information (“PHI”) governed by the Health Insurance Portability and Accountability Act and its implementing regulations (“HIPAA”), nor does it need or request any non-public consumer personally identifiable information or financial information governed by the Gramm-Leach-Bliley Act (“GLBA”) or payment card information covered by the Payment Card Industry Data Security Standards (“PCI DSS”) in order to provide its products and services. You should never disclose, or allow to be disclosed, PHI, information protected by PCI DSS or GLBA, or other sensitive information to D2 Cybersecurity. In the event that a user discloses such information (which would be a violation of this Privacy Notice), you, on behalf of your organization, acknowledge that D2 Cybersecurity does not take steps to ensure its products are HIPAA or PCI compliant. All obligations of the aforementioned regulations remain solely with you, on behalf of your organization.

Modifications

We strive to maintain the accuracy of any personally identifiable or business information that may be collected from you, and will use our commercially reasonable efforts to respond promptly to update our database when you tell us the information in our database is not accurate. It is your responsibility to ensure that such information is accurate, complete and up-to-date. You may obtain from us by email the information in our records and/or files. If you wish to make any changes to any personally identifiable or business information you have provided to us, you may do so at any time by contacting us at [email protected]

Protecting Your Personally Identifiable Information

D2 Cybersecurity employs physical, electronic and managerial safeguards to protect the information we receive from you from unauthorized disclosure. This includes our requirement for user names and to access sensitive data and our use of industry-standard SSL encryption to protect data transmissions. You should not share your password with anyone. In addition, if you suspect unauthorized access to your information, it is your responsibility to contact us immediately at [email protected]. D2 Cybersecurity personnel will never ask you to divulge your password in written or electronic communications. Please be aware that Internet data transmission is not always secure and we cannot warrant that information you transmit utilizing this site is secure. Because security is important to D2 Cybersecurity, we will always make reasonable efforts to ensure the security of our systems.

Business Transfer

D2 Cybersecurity may, in the future, sell or otherwise transfer some or all of its assets to a third party. Your personally identifiable information, business information and/or technical information we obtain from you via email or this site may be disclosed to any potential or actual third party purchasers of such assets and/or may be among those assets transferred.

Visitors Under the Age of 16

Our portal and our technology platforms are not intended for persons under the age of 16. Thus, we do not intentionally gather Personal Data from visitors who are under the age of 16. If you are under the age of 16, please do not submit your Personal Data via email or using our list uploading utility.

Acceptance of These Terms

This Privacy Statement is incorporated into and subject to the terms of the Terms of Use. If you do not agree to the terms of this Privacy Statement, please do not provide us with any information and do not use this site. By using this site and voluntarily providing your personally identifiable information and business information to us, you consent to the collection and use of such personally identifiable and business information as set forth in this Privacy Policy.

Effectiveness

We reserve the right, at any time, to modify, alter, or update this policy, and any such modifications, alterations, or updates will be effective upon posting. In the event we modify this Privacy Statement, your continued use of this site will signify your acceptance of the modified Privacy Statement.

Questions?

D2 Cybersecurity will happily address any concerns or disputes about our Privacy Policy or inaccuracies regarding your personal and business information. In the event that you have a concern or wish to see recent changes regarding our Privacy Policy, you can contact us directly at [email protected]. We are committed to working with you to obtain a fair resolution of any complaint or concern about your data.