Privacy Policy

Last Updated: May 6, 2025

Table of Contents

1. Introduction

Welcome to the Master Netflow Security Platform. We understand the importance of your personal information and are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cybersecurity training and tools platform.

By accessing or using the Master Netflow Security Platform, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please do not use our platform.

This Privacy Policy applies to all information collected through our platform, including any associated mobile applications, websites, or services.

2. Information We Collect

2.1 Information You Provide to Us

We may collect the following types of information when you register for an account, use our services, or otherwise interact with our platform:

Account Information: Name, email address, password, company name, professional details, and account creation date
Profile Information: Job title, department, profile photo, professional biography, skills, certifications, and other information you choose to provide
Authentication Information: Two-factor authentication setup details, recovery codes, authentication app preferences, and security questions
Training Information: Course progress, assessment results, certification data, training history, completion rates, time spent on modules, and quiz scores
Communication Preferences: Email notification settings, in-app notification preferences, newsletter subscriptions, and preferred communication channels

2.2 Information We Collect Automatically

When you visit or use our platform, we may automatically collect certain information, including:

Usage Data: Information about how you interact with our platform, including pages visited, features used, actions taken, time spent on pages, navigation paths, frequency of visits, and engagement patterns
Device Information: Information about your device, including device type, operating system, browser type, browser version, screen resolution, device identifiers, IP address, time zone settings, and mobile network information
Location Data: General location information inferred from your IP address. We do not collect precise GPS location unless you explicitly grant permission
Login Information: Date, time, duration of your sessions on our platform, login/logout events, session identifiers, and authentication methods used

2.3 Information From Third Parties

We may receive information about you from third parties, including:

Business Partners: Information shared by our business partners, such as when your employer provides a list of employees to be enrolled in our training platform
Identity Verification Services: Information to verify your identity when you register for our services
Public Sources: Publicly available information such as social media profiles, professional directories, and other public records

3. How We Use Your Information

We use the collected information for various purposes, including:

Service Provision

To provide, maintain, and improve our platform and services, including processing transactions, managing your account, and delivering the features you request

User Management

To create and manage your account, authenticate your identity, and maintain a record of your activities and progress

Security

To detect, prevent, and address technical issues, security breaches, potentially prohibited or illegal activities, and enforce our terms and policies

Communications

To send administrative information, technical notices, security alerts, support messages, and updates about our services

4. Information Sharing and Disclosure

We may share your personal information in the following situations:

Important: We require all third parties to respect the security of your personal information and to treat it in accordance with applicable laws. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

5. Data Security

We implement appropriate technical, organizational, and physical safeguards designed to protect the security, confidentiality, and integrity of your personal information. Our security measures include:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Secure software development practices
  • Regular security training for our employees
  • Physical security controls for our facilities
  • Continuous monitoring for unauthorized access attempts

However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. It is your responsibility to keep your login credentials confidential and to notify us immediately of any unauthorized access to or use of your account.

6. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

Data Category
Retention Period
Reason for Retention
Account Information
For the duration of your account, plus up to 12 months after account closure
To provide our services and maintain continuity if you choose to reactivate your account
Training Records
Up to 7 years after completion
To provide certification verification and maintain compliance records
Payment Information
Up to 10 years
To comply with tax and accounting obligations
Communication Records
Up to 3 years
To maintain service quality and address any disputes

When we no longer need personal information, we will delete or anonymize it. If this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.

7. Your Rights

Depending on your location, you may have certain rights regarding your personal information, including:

Right to Access

The right to request access to the personal information we hold about you and receive a copy of it

Right to Rectification

The right to request correction of inaccurate personal information or completion of incomplete personal information

Right to Erasure

The right to request deletion of your personal information, subject to certain exceptions

Right to Data Portability

The right to receive a copy of your personal information in a structured, commonly used, machine-readable format

8. International Data Transfers

Our platform operates globally, which means your information may be transferred to, stored, and processed in countries outside of the country in which you reside. Data protection laws in these countries may differ from those in your country.

When we transfer your personal information internationally, we take appropriate safeguards to ensure that your personal information receives an adequate level of protection, including:

  • Using approved standard contractual clauses
  • Implementing binding corporate rules
  • Adopting privacy shield certifications where applicable
  • Obtaining your explicit consent in specific cases

By using our platform, you consent to the transfer of your personal information to countries outside your country of residence, including the United States, which may have different data protection rules.

9. Third-Party Services

Our platform may contain links to third-party websites or services that are not owned or controlled by Master Netflow. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.

Third-Party Services We May Use

Analytics
  • Google Analytics
  • Mixpanel
  • Hotjar
Hosting and Infrastructure
  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Google Cloud Platform
Payment Processing
  • Stripe
  • PayPal
Customer Support
  • Zendesk
  • Intercom

10. Children's Privacy

Our platform is not intended for use by children under the age of 16. We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and become aware that your child has provided us with personal information, please contact us, and we will take steps to remove that information from our systems.

If we learn that we have collected personal information from a child under the age of 16 without verification of parental consent, we will promptly take steps to delete that information from our servers.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy.

We will also notify you of material changes via email (to the email address associated with your account) or through a notice on our platform prior to the changes becoming effective. We encourage you to review this Privacy Policy periodically for any changes.

Your continued use of our platform after we post any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

Policy Update History

May 6, 2025
Comprehensive update to improve clarity and reflect new features
January 15, 2025
Updated to reflect changes in data processing practices
June 10, 2024
Initial policy published

12. Contact Us

If you have any questions about this Privacy Policy, or if you would like to exercise any of your rights regarding your personal information, please contact us at:

Email

privacy@masternetflow.com

Postal Address

Master Netflow Inc.
Attn: Privacy Officer
7090 Edmonds Street, Suite 1807
Burnaby, BC
V3N 0C6
Canada

Phone

+1 (604) 417-6062

Data Protection Officer

dpo@masternetflow.com

We will respond to your inquiry within 30 days. If we require more time, we will inform you of the reason and extension period in writing.

13. Cookie Policy

Our platform uses cookies and similar tracking technologies to track activity on our platform and hold certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier.

Types of Cookies We Use

Essential Cookies

Required for the operation of our platform. These cookies are necessary for the platform to function properly and cannot be switched off in our systems.

Examples:
  • Session cookies
  • Authentication cookies
  • Security cookies

Analytical/Performance Cookies

Allow us to recognize and count the number of visitors and see how visitors move around our platform. This helps us improve how our platform works.

Examples:
  • Google Analytics cookies
  • Performance tracking cookies
  • Error monitoring cookies

Functionality Cookies

Enable us to personalize content for you, greet you by name, and remember your preferences (e.g., your choice of language or region).

Examples:
  • Language preference cookies
  • Theme preference cookies
  • User customization cookies

Targeting Cookies

Record your visit to our platform, the pages you have visited, and the links you have followed. We may use this information to make our platform and the advertising displayed on it more relevant to your interests.

Examples:
  • Advertising cookies
  • Social media sharing cookies
  • Marketing analytics cookies

Managing Cookies

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our platform.

Most web browsers allow some control of cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

To opt out of being tracked by Google Analytics across all websites, visit Google Analytics Opt-out Browser Add-on.

14. Data Processing Agreement

For enterprise customers who act as data controllers under applicable data protection laws, we offer a Data Processing Agreement (DPA) that addresses data protection requirements. The DPA reflects our commitment to comply with applicable data protection laws and regulations when processing personal data on behalf of our customers.

Our DPA covers key areas including:

  • Data processing instructions and limitations
  • Confidentiality obligations
  • Security measures
  • Data subject rights
  • Data breach notification procedures
  • Audit rights
  • Return or deletion of data
  • Sub-processor management

To request our Data Processing Agreement, please contact our sales team at enterprise@masternetflow.com.

15. Regulatory Compliance

We are committed to complying with applicable data protection laws and regulations, including but not limited to:

GDPR

The General Data Protection Regulation (EU) 2016/679, which applies to the processing of personal data of individuals in the European Union and European Economic Area.

CCPA/CPRA

The California Consumer Privacy Act and California Privacy Rights Act, which provide California residents with specific rights regarding their personal information.

HIPAA

The Health Insurance Portability and Accountability Act, which establishes standards for protecting sensitive patient health information in the United States.

LGPD

The Lei Geral de Proteção de Dados, Brazil's data protection law that regulates the processing of personal data in Brazil.

We regularly review our privacy practices to ensure ongoing compliance with these and other applicable laws and regulations.

Home Terms of Service Contact Us

© 2025 Master Netflow Inc. All rights reserved.