HaxShield Privacy Policy

Last Updated: January 20, 2026

This Privacy Policy explains how HaxShield Corp. (“HaxShield,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you access or use our website, platform, and services (collectively, the “Services”).

By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Services.

1. Who We Are

HaxShield Corp. provides security awareness training and phishing simulation services for organizations. For purposes of applicable data protection laws, HaxShield may act as a data controller for information we collect through our website and business operations, and as a data processor/service provider when we process personal information on behalf of our customers in connection with the Services.

2. Information We Collect

We may collect the following categories of information:

a. Information You Provide Directly

  • Name, email address, company name, job title
  • Account registration and login information
  • Communications with us (support requests, emails, feedback)
  • Information submitted through forms, surveys, or requests

b. Information Collected Through Use of the Services

  • Platform activity and interaction data
  • Training participation and completion information
  • Phishing simulation interactions (e.g., opens, clicks, submissions, reports)
  • Log data such as IP address, device/browser information, timestamps, and diagnostic data

c. Automatically Collected Information

  • Website usage data and performance information
  • Cookies and similar tracking technologies
  • Analytics data related to site usage patterns

d. Information from Third Parties

  • Information received through integrations (such as identity providers or LMS/HRIS systems), as authorized by the customer
  • Information from service providers that assist with hosting, analytics, communications, or billing (if applicable)

3. How We Use Information

We may use personal information to:

  • Provide, operate, maintain, and improve the Services
  • Authenticate users and manage accounts
  • Deliver training content and phishing simulations as configured by customers
  • Generate reports and analytics
  • Respond to inquiries and provide customer support
  • Monitor, prevent, and address security issues, fraud, abuse, or technical problems
  • Send service-related communications and important notices
  • Comply with legal obligations and enforce our Terms of Service

4. Customer-Controlled Data

When customers use the Services to train or test employees or other users, HaxShield may process personal information on behalf of the customer. In these cases:

  • The customer determines what data is provided to HaxShield and how it is used within the Services
  • HaxShield acts as a processor/service provider, and the customer acts as the controller/business
  • Customers are responsible for ensuring they have appropriate authority and legal basis to provide such data to HaxShield

5. Legal Basis for Processing (GDPR)

Where applicable under the General Data Protection Regulation (GDPR), we process personal information based on one or more of the following legal bases:

  • Performance of a contract
  • Legitimate interests (such as operating, securing, and improving the Services)
  • Consent (where required)
  • Compliance with legal obligations

6. Cookies and Tracking Technologies

We may use cookies and similar technologies to operate and secure our website, analyze performance and usage, and improve user experience. You can control cookies through your browser settings. Disabling cookies may affect certain features of the Services.

7. Sharing of Information

We may share personal information with:

  • Service Providers that help us operate the Services (e.g., hosting, analytics, communications, support)
  • Subprocessors/technology partners used to deliver core functionality, where applicable
  • Legal or regulatory authorities if required by law or to protect rights, safety, and security
  • Business transfer parties in connection with a merger, acquisition, financing, or sale of assets

We do not sell personal information.

8. Data Retention

We retain personal information only as long as reasonably necessary to provide the Services, fulfill contractual obligations, comply with legal requirements, resolve disputes, and enforce agreements. Retention periods may vary depending on the type of data and customer instructions/configuration.

9. Data Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Your Privacy Rights

Depending on your location, you may have rights to access, correct, delete, or request a copy of your personal information, and to object to or restrict certain processing. You may also opt out of marketing communications.

To submit a request, contact us at support@haxshield.com. We may verify your identity before responding.

11. California Privacy Rights (CCPA/CPRA)

California residents may have additional rights regarding their personal information, including the right to know, delete, or limit certain uses of personal information. HaxShield does not sell personal information and does not share personal information for cross-context behavioral advertising.

12. International Data Transfers

Your information may be transferred to and processed in the United States or other jurisdictions where we or our service providers operate. Where required, we take steps designed to ensure appropriate safeguards are in place.

13. Children’s Privacy

The Services are not intended for children under 18, and we do not knowingly collect personal information from children. If we learn that we have collected such information, we will take steps to delete it.

14. Business Transfers

If HaxShield Corp. is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction, subject to this Privacy Policy.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last Updated” date. Continued use of the Services after an update constitutes acceptance of the updated Privacy Policy.

16. Contact Us

If you have questions about this Privacy Policy or our data practices, contact:

HaxShield Corp.
Email: support@haxshield.com