← Back to training
Shiryon Security Operations

Privacy Policy

Last updated: July 2026

This policy explains what personal information the Phishing Field Training platform collects, why, and how it's protected. It applies to anyone completing training through this site on behalf of an approved client organization.

What We Collect

How We Use It

Training data exists to give your employer visibility into phishing-readiness across their organization. Your individual results (email, scores, completion time) are visible to designated administrators at your own company through the admin dashboard. We do not sell, rent, or share this data with any other client company, advertiser, or unrelated third party.

Who Can See Your Results

Where It's Stored

Training records are stored in a Cloudflare D1 database associated with this application. Authentication is handled entirely by Google or Microsoft using industry-standard OAuth — Shiryon Security never receives or stores your password.

If you retake the training, each attempt is saved as a new record rather than overwriting the previous one, so your full history remains visible to your company's administrators.

Cookies

This site uses a small number of cookies, all of which are strictly necessary for it to function — there are no advertising, analytics, or tracking cookies of any kind.

Because these cookies are essential to signing in and using the platform at all, there's no option to decline them and continue using the site — declining would be equivalent to not being able to log in. You can still block or delete cookies through your browser's own settings, but doing so will prevent you from staying signed in.

Data Retention

Training records are retained for as long as your organization maintains an active engagement with Shiryon Security, so results remain available for reporting and repeat-training comparison. If your organization's engagement ends, associated records are deleted within a reasonable period thereafter. If you'd like your individual data removed sooner, contact your company administrator or reach out using the details below.

Third Parties

Two categories of third-party service providers support this platform:

Your Rights

Depending on where you're located, you may have rights to access, correct, or request deletion of your personal data. To make a request, contact your company administrator, who can escalate to Shiryon Security, or reach us directly using the contact details below.

Changes to This Policy

We may update this policy from time to time as the platform evolves. The "Last updated" date at the top reflects the most recent revision.

Contact

Questions about this policy or your data should be directed to your company's IT or security administrator, or to Shiryon Security directly through your existing points of contact.