PRIVACY POLICY

PRIVACY POLICY

The meaning of Privacy Policy: Privacy Policy is an internal statement that governs the handling of personal information. It is a manual on the collection and the use of the data, as well as any specific rights the data subjects may have.




The privacy of our visitors is important to us. This page represents our commitment on that issue and informs you how we use personal information collected on this site. At Hackersprey, we value your trust & respect your privacy. This privacy statement (“Privacy Statement”) applies to the treatment of personally identifiable information submitted by, or otherwise obtained from, you in connection with the associated application (”Application”). By using or otherwise accessing the Application, you acknowledge that you accept the practices and policies outlined in this Privacy Statement.




This Policy has been drafted in accordance with the applicable data protection laws, rules and regulations but not limited to General Data Protection Regulation, 2018 (“GDPR”), the Information Technology Act, 2000 (“IT Act”) and the Information Technology (Reasonable Security Practices and Procedures And Sensitive Personal Data or Information) Rules, 2011 (“IT Rules”), collectively referred to as “Data Protection Laws”




Data We Collect

We collect the following Data about you when you use or otherwise interact with our Products:

Personal data

  • imgName (first name/last name/full name)
  • imgEmail ID (both personal and professional)
  • imgTitle

Additional Data

  • imgProfile/display picture
  • imgCountry, state, postal code, or city of residence.
  • imgTelephone number (home/work/mobile number)
  • imgTelephone number (home/work/mobile number)
  • imgPostal or other physical addresses
  • imgDate of birth
  • imgGender
  • imgName(s) of the school/university (including grades and graduation year)
  • imgName(s) of the workplace
  • imgJob position/designation (including salary)
  • imgResume/CV
  • imgInformation related to social profiles, such as Facebook, Google, GitHub, etc.

Passive Collection

  • imgCookies
  • imgPage-view activity
  • imgGeolocation data
  • imgInternet Protocol (IP) addresses
  • imgBrowser type
  • imgInternet Service Provider (ISP)
  • imgReferring/exit pages
  • imgFiles viewed on our site (e.g., HTML pages, graphics, etc.)
  • imgOperating system
  • imgDate/time stamp
  • imgClickstream data

Passively collected data does not have an expiry date and we don't delete this data. It is saved with us in log form or on tools such as Google Analytics, LinkedIn Insights, Facebook Audience Insights, and more. Additionally, when you use some of our Products, network information such as product-usage details are transmitted back to us.

The User may choose whether to provide Personal Data to Hackersprey. However, you may not be able to access certain options, offers, and services if you have not provided your Personal Data. You can signup, and therefore consent to receiving emails or newsletters from us. If you would like to discontinue receiving this communication, you can unsubscribe by using the Unsubscribe link at the end of such emails or by writing to us at email

Hackersprey's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Processing Your Personal Data

Purpose of Collecting Personal Data

  • imgProviding reports based on information collected from use of our Products
  • imgKeeping you up-to-date about latest Product announcements, software updates, software upgrades, system enhancements, special offers, and other information
  • imgProviding support and assistance for our Products
  • imgProviding the ability to create personal profile
  • imgProviding the ability to contact you if required
  • imgProviding customer feedback and support
  • imgProviding and administering opt-in events or other marketing or promotional activities on Hackersprey
  • imgBeing able to conduct surveys in order to provide you with better products and services
  • imgSupporting recruitment inquiries
  • imgSupporting recruitment inquiries
  • imgPersonalizing marketing communication and website content based on your preferences such as in response to your request for specific information on products and services that may be of interest to you meeting contract or legal obligations
  • imgUse of certain Product features
  • imgCreating or taking tests
  • imgRequesting service and support for our Products
  • imgRegistering for an event (challenge, hackathon, etc.)
  • imgParticipating in discussion groups or forums
  • imgRegistering for newsletter subscriptions

Additional Grounds for Processing Personal Data

  • imgComplying with our legal obligations, resolving disputes with users, and enforcing our agreements
  • imgProtecting, investigating, and deterring against fraudulent, harmful, unauthorized, or illegal activities

General Data Protection Regulation

It is relevant to mention that Hackersprey does not capture any HR data. This data comprises of details about any aspects of a person or HR management system. Examples of HR data are legal records, health records, and so on. However, we do capture non-HR data such as name, title, email id, and so on.

Hackersprey is the Controller (for the purposes of the GDPR) of your Personal Data that you provide via our product. When providing Hackersprey services for our Customers, Hackersprey is the Processor (for the purposes of the GDPR) of your Personal Data provided by and on behalf of the Customer, who is the Controller.

If you reside in the European Union (EU), then you may have additional rights with respect to your Personal Data, as further outlined below. These rights may include rights under the EU's General Data Protection Regulation (hereinafter referred as GDPR).

GDPR is designed to give EU Citizens more control over their data. It aims to use an all-encompassing privacy and security law to safeguard personal data. Irrespective of their location, GDPR applies to all the relevant controllers or processors who deal with the Personal Data of EU citizens.

California Online Privacy Protection Act (CalOppa)

CalOppa requires websites doing business with Californians to disclose their Do Not Track policies, specifically whether the website does or does not acknowledge Do Not Track settings. The data collected by Hackersprey classifies as personal data under the CalOppa and hence, the data collected is subject to the CalOppa.

Hackersprey has also given optional Do Not Track Facility. The user can control how they use cookies and tracking technologies. Our products currently do not support Do Not Track requests.

Personal Information Protection Law (PIPL)

The PIPL, regarded as China’s version of the EU General Data Protection Regulation (GDPR), lays out a comprehensive set of rules for how business operators should collect, use, process, share, and transfer personal information in China. In addition to activities within China, the PIPL exerts certain exterritorial jurisdiction over data processing activities that happen outside China if the purpose is to provide products or services to individuals located in China, or to analyze or assess the behaviors of individuals located in China.

The PIPL in China specifies additional lawful bases as binding law and provides that consent is not required for processing personal information disclosed by data subjects or other legally disclosed personal information within a reasonable scope. Hackersprey only collects personal information to the minimum requirement in order to avail our service.

Hackersprey will obtain a separate consent of data subjects in China before, if required:

  • imgproviding personal information to third parties, which for employers includes any entity outside the employing entity,
  • imgpublicly disclosing the personal information,
  • imgprocessing sensitive personal information,
  • imgusing personal information that was collected for public security for other purposes, or
  • imgtransferring personal information outside China.

When Hackersprey provides personal information outside China, it will inform the data subjects of the name of the overseas recipient, contact information, processing purpose, processing method, and types of personal information, as well as ways and procedures for data subjects to exercise the rights provided under the PIPL with the overseas recipients, and it shall obtain the data subjects separate consent.

PIPL in China emphasizes the right of data subjects to withdraw their consent and the right to restrict or refuse the processing of their personal information, and the relevant rights to refuse automated decision making which is provided by Hackersprey.

Data Protection Law in Russia

According to Federal Law No. 152-FZ on Personal Data, which is the key law governing Personal Data in Russia. Hackersprey will obtain customers’ permission before sharing data with third parties or abroad. Hackersprey shall record, systemize, accumulate, store, specify or retrieve the Personal Data of Russian Citizens by using any database located in Russian Federation. in China.

Data Protection Legislations in Pacific Economies

Australia

Complying with Australian Privacy Act of 1988, Hackersprey will only use personal information for the original purpose it was collected for. If we use or disclose personal information for a secondary purpose, the individual will be provided with a written notice of use or disclosure.

Japan

According to Act on the Protection of Personal Information (“APPI”) 2003, Hackersprey will use Personal information for a specific purpose stipulated at the time of collection. However, if personal information is used for a new purpose, consent will be obtained from the principal.

New Zealand

In compliance with Privacy Act 1993, Hackersprey will not use or disclose personal information without taking reasonable steps to validate that it is accurate, complete relevant, up to date, and not misleading, it will not use the information for a purpose other than the one it was collected for Personal information will not be disclosed unless:

  • imgAssociated with, or directly related to the original purpose of collection
  • imgInformation was obtained from a publicly available publication
  • imgIt is directed to and approved by the individual concerned; and
  • imgApproved by the Privacy Commissioner

Republic of Korea

According to Personal Information Protection Act (‘PIPA’); Act on the Promotion of Information and Communications Network Utilization and Information Protection (‘Network Act’); and, Act on the Use and Protection of Credit Information (‘Credit Information Act’), Hackersprey will process personal information:

  • imgin a lawful and fair manner
  • imgin accordance with the specified and intended purpose.

Provided the information is unidentifiable and consent was provided for an intended purpose, exceptions apply where:

  • imgPurpose is likely to infringe upon the data subject’s interest; is required for legal proceedings or used as part of statistics and/or academic research..
  • imgProvided the information is unidentifiable and consent was provided for that purpose.

Data Protection Laws of ASEAN Member Nations

Malaysia

As per Malaysia’s Personal Data Protection Act of 2010, the processing of personal data by a Hackersprey will be in compliance with the following Personal Data Protection Principles:

  • imglawful purpose directly related to an activity of the data user
  • imgnecessary for or directly related to that purpose; and
  • imgadequate but not excessive in relation to that purpose

Singapore

In respect of Singapore’s Personal Data Protection Act of 2012, Hackersprey may use personal data about an individual collected before the appointed day for the purposes for which the personal data was collected unless (a) consent for such use is withdrawn.

Philippines

Philippines’ Data Privacy Act of 2012, Hackersprey will process personal information, subject to compliance with the requirements of this Act and other laws allowing disclosure of information to the public and adherence to the principles of transparency, legitimate purpose and proportionality.

Thailand

As per Thailand’s Personal Data Protection Act (2019), Hackersprey will not collect, use, or disclose Personal Data, unless the data subject has given consent prior to or at the time of such collection, use, or disclosure, except the case where it is permitted. The collection of Personal Data shall be limited to the extent necessary in relation to the lawful purpose. In collecting the Personal Data, Hackersprey will inform the data subject, prior to or at the time of such collection, except the case where the data subject already knows of such details. Hackersprey will not collect Personal Data from any other source, apart from the data subject directly.

Mali

In accordance with Law No. 2013- 015 of Protection on the Personal Data, Hackersprey will notify of data processing before processing and will ensure data security.

Mauritius

As per Data Protection Act 2017, Hackersprey will register with agency, and all processing processor required.

Togo

Hackersprey with respect to Law 2019-014 Data of Personal Protection the Relating to the Protection of Personal Data Controller will ensure that entity of third parties to whom data are transmitted can be verified to prevent unauthorized disclosures.

Nigeria

In compliance with Nigeria Data Protection Regulation 2019, Hackersprey will take adequate measures to protect data.

Eligibility

Services on the site would be available globally. Persons who are “incompetent to contact” within the meaning of the Indian Contract Act, 1872 including minors, undischarged insolvents, persons of unsound mind, persons involved in sale and purchase of goods banned in their territory, or persons who are involved in activities barred by law.

Services on the Site would be available to only select geographies in India. Persons who are “incompetent to contract” within the meaning of the Indian Contract Act, 1872 including minors, un-discharged insolvents etc. are not eligible to use the Site.

However, if you are a minor, i.e. under the age of 18 years and over the age of 13 years, you may use the Site under the supervision of a parent or legal guardian who agrees to be bound by these Terms of Use.

Hackersprey reserves the right to terminate or refuse your registration, or refuse to permit access to the Site, if it is discovered or brought to its notice that you are a minor.

Children Privacy Policy

Our services are not directed to children below 16 years of age. We do not knowingly collect Personal Information from children. If we become aware that a child has provided us with Personal Information, we will take steps to delete such information. If you become aware that a child has provided us with Personal Information, please contact us through our Grievance Officer.

Security

Transactions on the Website are secure and protected. Any information entered by the User when transacting on the Website is encrypted to protect the User against unintentional disclosure to third parties. The User’s credit and debit card information is not received, stored by or retained by the Company/ Website in any manner. This information is supplied by the User directly to the relevant payment gateway which is authorized to handle the information provided, and is compliant with the regulations and requirements of various banks and institutions and payment franchisees that it is associated with.

License and Access

Hackersprey grants you a limited sub-license to access and make personal use of the Site, but not to download (other than page caching) or modify it, or any portion of it, except with express written consent of a Company. Such limited sub-license does not include/ permit any resale or commercial use of the Site or its contents; any collection and use of any product listings, descriptions, or prices; any derivative use of the Site or its contents; any downloading or copying of information for the benefit of another merchant; or any use of data mining, robots, or similar data gathering and extraction tools. Any portion of the Site may not be reproduced, duplicated, copied, sold, resold, visited, or otherwise exploited for any commercial purpose without express written consent of the Company. You may not frame or utilize framing techniques to enclose any trademark, logo, or other proprietary information (including images, text, page layout, or form) of the Website or of the Company and/ or its affiliates without the express written consent of the Company. You may not use any meta tags or any other “hidden text” utilizing the Company’s name or trademarks without the express written consent of the Company.

You shall not attempt to gain unauthorized access to any portion or feature of the Site, or any other systems or networks connected to the Site or to any server, computer, network, or to any of the services offered on or through the Site, by hacking, ‘password mining’ or any other illegitimate means.

Directions to the User

Hackersprey is not liable for any offence committed by any of its user from any geographical location or jurisdiction as mentioned under Information Technology Act (amended upto date) 2000 or any other law in force.

You hereby agree and undertake not to host, display upload, modify, publish, transmit, update or share any information which:

  • imgBelongs to another person and to which you do not have any right;
  • imgIs grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, paodophilic, libelous, invasive of another’s privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever
  • imgHarms minors in any way
  • imgInfringes any patent, trademark, copyright or other proprietary/ intellectual property rights;
  • imgViolates any law for the time being in force
  • imgDeceives or misleads the addressee about the origin of such messages communicates any information which is grossly offensive or menacing in nature
  • imgImpersonates another person
  • imgContains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer resource
  • imgAny tool provided or used by you in the curriculum will not be misused by the User in any manner

Cookies and tracking technologies

Hackersprey uses cookies or similar technologies to analyze trends, administer its website, track users’ movements around the website, and gather information about the user base, such as location information based on IP addresses

Users can control the use of cookies in the browsers that they use. Your browser may offer you a Do Not Track option that allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not want them to track your online activities across different websites.

Our products do not support Do Not Track requests at this time, which means that we will collect information about your online activity while you are using our Products and after you leave our properties. Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. For example, in most modern browsers, you can block or delete cookies by clicking Settings = Privacy =Cookies. Instructions for blocking or deleting cookies in other browsers may be available in a browser’s privacy or help documentation.

To read more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org.

Tools

Hackersprey will be demonstrating the use of certain open source tools which are used by ethical hackers and are already available in the public domain. Along with that we will be also introducing our tools such as Remote Administration Tools (RATS), Crypters, Malware Delivery Techniques, and Server to listen for multiple incoming connections from RATs. etc. which are designed by the Hackersprey team.

Bug Bounty or CTF (Capture-the-flag) Challenge is part of the promotional activities of the Hackersprey platform. In this, we will be offering certain challenges to the individuals and will ask them to hack a particular website which will be created and hosted on the Hackersprey platform. The duration of this challenge will be 2 hours if an individual can solve or capture the flag within a given time frame and he/she submits the flag at the earliest that individual will be declared as the winner of that bug bounty or CTF Challenge.

Once a person is declared a winner of the CTF or bug bounty his payment will be made clear within one month. Suppose we kept the bounty of $400 we will only pay $400 all international conversions should be included in this amount.

Bug Bounty or CTF (Capture-the-flag) Challenge will be conducted twice a month on the HackersPrey web portal.

Third Party Tracking

We do not sell your Personal Information and will not share or disclose any of your Personal Information with third parties except as described in this policy. We do not share Personal Information about you with third parties for their marketing purposes (including direct marketing purposes).

Registration

To use the services provided on the website and make purchases, it is compulsory to create an account. A user may create an account on the Website which shall collect only your basic information. To create an account, you need to choose a username and password. You also have the option of linking your social media accounts, such as Your Facebook or Google Plus account with the Hackersprey account, to create your Hackersprey Account. You must keep your account and registration details current and correct for communications related to your purchases from the website

At the time of registration, the Company shall collect the following personally identifiable information about you: Name- including first and last name, email address, mobile phone number and other contact details, demographic profile (like your age, gender, address, etc.,). If you choose to link your social media account with your Hackersprey account, we collect basic information about you from those social media platforms, such as: name, age, gender, location and e-mail address. Information collected about you is subject to the Privacy Policy of the Company, which may be read as part and parcel of these Terms of Use.

You are solely responsible for protecting the confidentiality of your username and password and any activity under the account will be deemed to have been done by you. In the event you provide us with false/ inaccurate details or the Company has a reasonable ground to believe that false and inaccurate information has been furnished, we hold the right to permanently suspend your account. If any false/ misleading information is provided by any user during the registration process, then it will be the sole responsibility of the account holder only and Hackersprey will not be liable in any manner.

Payment

Hackersprey will be charging advance payment for Paid Programs. The following payment options are available on the application:

  • imgDomestic and international credit cards issued by banks and financial institutions that are part of the Visa, Master Card & Amex Card networks;
  • imgVisa & Master Card Debit cards;
  • imgNet banking/ Direct Debit payments from select banks in Indian. A list of available options will be made available at the time of the Purchase.

As prescribed by the financial institutions issuing the credit or debit cards affiliated with Visa/ Master Card/ Amex, the User will be required to submit his/ her 16- digit card number, card expiry date and 3-digit CVV number (usually on the reverse of the card) while making an online transaction. The User must also have enrolled his/ her card with VNV (Verified by Visa), MSC (MasterCard Secure Code) or any other applicable provider in order to complete the transaction. The User is hereby expressly made aware that his/ her card statements will reflect that a payment has been made in favour of the Company.

The User is further aware that in case of third party statements, including bank and credit card statements, the merchant name may appear in an abbreviated format, and the Company has not control over the same. To successfully subscribe on the Website, the User is required to complete the transaction by making the payment for the services opted for. CANCELLATION AND REFUNDS:

No refund will be provided by Hackersprey. There is no provision of refund. Access to the user will be revoked anytime it is found that course/labs/challenges are being shared with others/multiple users or course purchaser intends to copy the material/ Content. The user associated with such an account will be blocked at the same time.

Grievance Redressal Mechanism

Any complaint with regards to use, processing or disclosure of data provided by you or breach of these terms can be taken up with designated grievance redressal officer as mentioned below via post or by sending an email to img

Grievance Redressal Officer: Any complaints or concerns with regards to breach of these terms shall be immediately communicated to the designated Grievance Officer as mentioned below in writing or through email.

Grievance Redressal Mechanism

  • imgName: Mr. Vipul Mandhar
  • imgEmail: img
  • imgAddress: SCF-4,2nd Floor Sector-7C ,Chandigarh
  • imgPhone: +91-0172 403 8499

Procedure For Filing Complaint

We request the User to provide following information while filing a complaint:

  • imgIdentification of the information provided by you.
  • imgYour address, telephone number or e-mail address.
  • imgStatement that you have a good-faith belief that use of the information has been processed incorrectly or disclosed without authorization, as the case may be.
  • imgStatement, under penalty of perjury, that the information in the notice is accurate, and that you are authorized to act on behalf of the owner of the right that is allegedly infringed.

Hackersprey may reach out to you to confirm or discuss certain details about your complaint and issues raised and shall not be responsible for any communication, if addressed, to any non-designated person in this regard.