Privacy Policy

Privacy Policy CyberExamPrep LLC Effective Date : 2025‑01‑01 (Last Revised : 2025‑04‑21)

CyberExamPrep LLC ("CyberExamPrep," "CEP," "we," "our," or "us") respects your privacy and is committed to protecting your Personal Information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit cyberexamprep.com, use our mobile applications, or interact with any related services (collectively, the "Service").

1. Information We Collect

1.1 Personal Information you provide

  • Account data – name, email address, password hash, account photo (optional).

  • Payment data – Apple ID / Google Account transaction identifiers. All card data is processed by the respective app stores; CEP receives only tokenized receipts.

  • Support data – information you include in emails or chat messages to our support team.

1.2 Information collected automatically

  • Usage data – quizzes taken, scores, progress, time‑on‑task, feature interactions.

  • Device data – device type, OS version, browser, app version, language, IP address.

  • Diagnostic data – crash logs and performance metrics (Firebase Crashlytics, Sentry).

1.3 Cookies & similar technologies

Our website uses first‑party cookies for session management and third‑party analytics cookies (Google Analytics 4) to understand aggregate usage. You can disable non‑essential cookies via the cookie banner or your browser settings.

2. How We Use Your Information

We process Personal Information to:

  1. Provide, operate, and maintain the Service.

  2. Personalize content (e.g., recommended quizzes, progress dashboards).

  3. Process transactions and verify in‑app purchases.

  4. Send transactional messages (password resets, service announcements) and, with consent, marketing communications.

  5. Monitor and prevent fraud, abuse, or security threats.

  6. Conduct analytics to improve features and user experience.

  7. Comply with legal obligations and enforce our Terms of Service.

Legal bases (GDPR): contract performance, legitimate interests (product improvement, fraud prevention), and consent (marketing emails, non‑essential cookies). You may withdraw consent at any time without affecting prior processing.

3. How We Share Information

We never sell Personal Information. We disclose it only:

  • Service providers – hosting (AWS), analytics (Google Analytics, Firebase), email (Postmark), customer support (Intercom). Providers access data solely to perform services on our behalf and are bound by confidentiality.

  • Legal compliance – if required by law or to respond to valid requests by public authorities.

  • Business transfers – in connection with a merger, acquisition, or sale of assets. We will notify you before your Personal Information becomes subject to a new privacy policy.

4. International Data Transfers

We are headquartered in the United States. If you access the Service from outside the U.S., you consent to transferring your information to the U.S. Where required, we rely on Standard Contractual Clauses or equivalent safeguards for transfers from the EEA/UK.

5. Your Rights & Choices

  • Access / portability – request a copy of the Personal Information we hold.

  • Correction / deletion – update or delete data via account settings or by contacting us.

  • Marketing opt‑out – unsubscribe link in every marketing email or adjust preferences in the app.

  • Cookie controls – manage non‑essential cookies via the banner.

  • EU/EEA & UK – right to object, restrict processing, and lodge a complaint with a supervisory authority.

  • California (CCPA/CPRA) – right to know, delete, correct, and opt out of "sharing" for cross‑context behavioral advertising (we do not share in that sense). Authorized agents may submit requests at [email protected].

We will respond to verified rights requests within 30 days.

6. Data Retention

We retain Personal Information for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Quiz analytics are anonymized or deleted after 48 months of inactivity.

7. Data Security

We employ administrative, technical, and physical safeguards including: TLS 1.3 encryption in transit, AES‑256 encryption at rest, role‑based access control, and regular security audits. No method of transmission over the Internet is 100 % secure; therefore, we cannot guarantee absolute security.

8. Children’s Privacy

The Service is not intended for children under 13 (or equivalent minimum age in your jurisdiction). We do not knowingly collect Personal Information from children. If we learn that we have collected such data, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the new version at cyberexamprep.com/privacy and update the "Last Revised" date. Material changes will be announced via in‑app notice or email at least 7 days before they take effect.

10. Contact Us

For privacy questions, data‑subject requests, or to exercise your rights:

Email : [email protected]

© 2025 CyberExamPrep LLC – All rights reserved.

Home