Last updated: July 2026
This policy explains what personal information the Phishing Field Training platform collects, why, and how it's protected. It applies to anyone completing training through this site on behalf of an approved client organization.
@example.com is recorded as belonging to "example.com") — not manually entered or independently verified beyond that.Training data exists to give your employer visibility into phishing-readiness across their organization. Your individual results (email, scores, completion time) are visible to designated administrators at your own company through the admin dashboard. We do not sell, rent, or share this data with any other client company, advertiser, or unrelated third party.
Training records are stored in a Cloudflare D1 database associated with this application. Authentication is handled entirely by Google or Microsoft using industry-standard OAuth — Shiryon Security never receives or stores your password.
This site uses a small number of cookies, all of which are strictly necessary for it to function — there are no advertising, analytics, or tracking cookies of any kind.
Because these cookies are essential to signing in and using the platform at all, there's no option to decline them and continue using the site — declining would be equivalent to not being able to log in. You can still block or delete cookies through your browser's own settings, but doing so will prevent you from staying signed in.
Training records are retained for as long as your organization maintains an active engagement with Shiryon Security, so results remain available for reporting and repeat-training comparison. If your organization's engagement ends, associated records are deleted within a reasonable period thereafter. If you'd like your individual data removed sooner, contact your company administrator or reach out using the details below.
Two categories of third-party service providers support this platform:
Depending on where you're located, you may have rights to access, correct, or request deletion of your personal data. To make a request, contact your company administrator, who can escalate to Shiryon Security, or reach us directly using the contact details below.
We may update this policy from time to time as the platform evolves. The "Last updated" date at the top reflects the most recent revision.
Questions about this policy or your data should be directed to your company's IT or security administrator, or to Shiryon Security directly through your existing points of contact.