Privacy Policy
Your privacy matters to us. Learn how we protect and handle your personal information.
Data Protection Commitment and GDPR Compliance
Shield Academy is committed to protecting your personal data and respecting your privacy rights. This privacy policy explains how we collect, use, store, and protect your personal information in accordance with the General Data Protection Regulation (GDPR) and Finnish data protection laws.
We operate under the principle of data minimization, collecting only the information necessary to provide our cybersecurity education services and improve your learning experience. Your trust is essential to our mission of delivering professional cybersecurity training.
Information We Collect
Personal Information You Provide
When you interact with our services, we may collect personal information that you voluntarily provide, including:
Contact details such as name, email address, and phone number when you submit inquiries through our contact forms. Course enrollment information including educational background and professional experience when relevant to program selection. Communication preferences for receiving course updates and educational content.
Automatically Collected Information
We automatically collect certain technical information when you visit our website:
Website usage data including pages visited, time spent on pages, and navigation patterns. Technical information such as IP address, browser type, device information, and operating system. Cookie data as described in our Cookie Policy to enhance website functionality and user experience.
Legal Basis for Processing
We process personal data based on legitimate interest for providing educational services and responding to inquiries. Consent for marketing communications and optional data processing activities. Contractual necessity when enrolling in courses or engaging our services. Legal obligations under Finnish and EU law for record keeping and compliance.
How We Use Your Information
Service Provision and Communication
Responding to your inquiries and providing information about our cybersecurity courses. Processing course enrollment applications and managing educational services. Communicating course schedules, updates, and relevant educational content. Providing technical support and assistance with our services.
Website Improvement and Analytics
Analyzing website usage patterns to improve user experience and educational content delivery. Conducting performance monitoring to ensure optimal website functionality. Developing new features and services based on user needs and feedback. Ensuring website security and preventing unauthorized access or misuse.
Marketing and Educational Content
Sending relevant educational content and course information to interested prospects with consent. Providing updates about new cybersecurity training programs and industry developments. Personalizing content based on expressed interests and professional background. Marketing communications can be opted out of at any time through unsubscribe links or contact requests.
Data Protection and Security Measures
Technical Safeguards
Encryption of data in transit and at rest using industry-standard protocols. Secure hosting infrastructure with regular security updates and monitoring. Access controls limiting data access to authorized personnel only. Regular security audits and vulnerability assessments to maintain protection standards.
Organizational Measures
Staff training on data protection principles and GDPR compliance requirements. Documented data processing procedures and privacy impact assessments. Regular review and updates of privacy policies and data handling practices. Incident response procedures for potential data breaches or security events.
Data Retention and Storage
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected. Contact form data is typically retained for two years unless deletion is requested earlier. Website analytics data is aggregated and anonymized for long-term analysis. All data storage complies with Finnish and EU data residency requirements.
Your Rights Under GDPR
Access and Portability Rights
Right to access personal data we hold about you and receive a copy in a structured format. Right to data portability allowing transfer of your data to another service provider. Right to information about how your data is being processed and for what purposes.
Correction and Deletion Rights
Right to rectification of inaccurate or incomplete personal data. Right to erasure (right to be forgotten) when data is no longer necessary for original purposes. Right to restriction of processing in certain circumstances.
Objection and Consent Rights
Right to object to processing based on legitimate interests. Right to withdraw consent at any time for consent-based processing. Right to object to direct marketing and automated decision-making.
Exercising Your Rights
Contact us using the information provided to exercise any of these rights. We will respond to valid requests within one month. You have the right to lodge a complaint with the Finnish Data Protection Authority if you believe your rights have been violated.
Your Rights and Opt-Out Instructions
You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:
Avoid filling out contact forms, account registrations, or any data-submitting features. Disable cookies through your browser settings (see our Cookie Policy for more details). Contact us directly to request the deletion of any previously shared personal data.
We respect your privacy choices. If you would like us to delete your data, please reach out to us at the contact details provided on our Contact page. We will process your request promptly.