Privacy Policy

This Privacy Policy describes how CISSP Study Group ("we," "our," or "us") collects, uses, and protects your information when you use our platform at CISSPStudyGroup.com (the "Service").

1. Information We Collect

1.1 Personal Information

When you create an account, we collect:

• Name and email address
• Password (encrypted and stored securely)
• Profile information you choose to provide

1.2 Usage Information

We automatically collect certain information when you use our Service:

• Study session participation and performance data
• Questions created and answered
• Community board interactions (messages, likes, replies)
• Platform usage patterns and preferences
• Device information and IP address
• Browser type and version

1.3 AI Interaction Data

When you use our AI features:

• Questions submitted to AI assistant
• AI-generated content and responses
• Usage patterns of AI features

2. How We Use Your Information

We use your information to:

• Provide and maintain our study platform services
• Create and manage your user account
• Enable study session scheduling and participation
• Generate personalized study content and recommendations
• Facilitate community interactions and collaboration
• Improve our AI-powered question generation and explanations
• Send important service updates and notifications
• Analyze usage patterns to improve our platform
• Ensure platform security and prevent abuse
• Comply with legal obligations

3. Information Sharing and Disclosure

3.1 With Other Users

Certain information is shared within the platform community:

• Your name and profile information in study sessions
• Messages and contributions to community boards
• Study achievements and progress (if you choose to share)
• Questions you create (attributed to you)

3.2 With Third Parties

We may share your information with:

• OpenAI: For AI-powered features (question generation, explanations)
• Service Providers: Hosting, analytics, and security services
• Legal Requirements: When required by law or to protect our rights

3.3 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Data Storage and Security

We implement appropriate security measures to protect your information:

• Encryption of sensitive data in transit and at rest
• Secure authentication and password protection
• Regular security audits and updates
• Limited access to personal data by authorized personnel only
• Data backup and recovery procedures

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as:

• Your account remains active
• Necessary to provide our services
• Required by law or for legitimate business purposes
• You have not requested deletion

You may request deletion of your account and associated data at any time.

6. Your Rights and Choices

You have the right to:

• Access: Request a copy of your personal information
• Correct: Update or correct inaccurate information
• Delete: Request deletion of your account and data
• Export: Receive your data in a portable format
• Opt-out: Unsubscribe from non-essential communications
• Restrict: Limit how we process your information

7. Cookies and Tracking

We use cookies and similar technologies to:

• Maintain your login session
• Remember your preferences and settings
• Analyze platform usage and performance
• Provide personalized content and features

You can control cookie settings through your browser preferences.

8. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our platform
• Sending an email notification to registered users
• Displaying a prominent notice on our website

Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

11. CISSP and Professional Context

As a platform serving cybersecurity professionals pursuing CISSP certification, we are committed to:

• Maintaining the highest standards of data protection
• Implementing security best practices
• Respecting the professional nature of our community
• Supporting ethical cybersecurity education and collaboration