1. Information We Collect
We collect information you provide directly to us, including your name, email address, company details, job title, and payment information when you register for an account or subscribe to our services. We also automatically collect certain information when you use our platform, such as your IP address, browser type, device information, pages visited, and usage patterns. When you use our phishing simulation and training features, we collect data related to campaign interactions, training completion, and security awareness metrics for your organization.
2. How We Use Your Information
We use the information we collect to: deliver and maintain the Munitron platform and its features; process payments and manage subscriptions; generate security awareness reports, risk scores, and analytics for your organization; send you service-related communications, product updates, and security alerts; improve and optimize our platform, training content, and AI-powered simulations; comply with legal obligations and enforce our terms of service; and provide customer support and respond to your inquiries.
3. Phishing Simulation Data
When your organization conducts phishing simulations through Munitron, we collect data about employee interactions with simulated phishing emails, including open rates, click-through rates, credential submission events, and training completion. This data is used exclusively to assess and improve your organization's security posture. Individual employee simulation data is accessible only to authorized administrators within your organization. We do not use individual employee simulation results for any purpose outside of providing our services to your organization.
4. OSINT & Threat Intelligence Data
Our platform collects and processes publicly available information (OSINT) to enrich company profiles and generate targeted phishing simulations. This includes publicly available company information, domain records, and other open-source data. All OSINT data collection is conducted through lawful means using publicly accessible sources. This data is used solely to improve the realism and effectiveness of security awareness training for your organization.
5. Information Sharing
We do not sell, rent, or trade your personal information. We may share your information with: trusted third-party service providers who assist in operating our platform (payment processors, hosting providers, email delivery services) under strict contractual obligations; law enforcement or regulatory bodies when required by law or to protect our rights; and affiliated entities in connection with a merger, acquisition, or sale of assets, with prior notice to affected users.
6. Data Security
We implement industry-standard security measures to protect your information, including encryption in transit (TLS/SSL) and at rest, access controls, regular security audits, and secure infrastructure. While we strive to protect your data, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security. We promptly notify affected parties in the event of a data breach in accordance with applicable laws.
7. Data Retention
We retain your information for as long as your account is active or as needed to provide our services. Campaign and training data is retained for the duration of your subscription to enable historical reporting and trend analysis. Upon account termination, we will delete or anonymize your data within 90 days, unless retention is required by law or for legitimate business purposes. You may request earlier deletion by contacting us.
8. Your Rights
Depending on your jurisdiction, you may have the right to: access the personal information we hold about you; correct inaccurate or incomplete information; request deletion of your personal data; withdraw consent for data processing; object to or restrict certain processing activities; request data portability in a structured, machine-readable format; and lodge a complaint with a supervisory authority. To exercise any of these rights, contact us at privacy@munitron.com.
9. Cookies & Tracking
We use cookies and similar tracking technologies to enhance your experience, analyze platform usage, and personalize content. Essential cookies are required for the platform to function. Analytics cookies help us understand how you use our services. You can manage your cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of the platform.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we implement appropriate safeguards in accordance with applicable data protection laws, including standard contractual clauses and other approved transfer mechanisms, to ensure your information receives an adequate level of protection.
11. Children's Privacy
Munitron is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information promptly. If you believe we have inadvertently collected such information, please contact us immediately.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on our platform and updating the "Last Updated" date. Your continued use of Munitron after such changes constitutes your acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at privacy@munitron.com.