Privacy Policy

Data Protection & Transparency

Data protection and transparency are at the core of our cybersecurity certification mission. This policy outlines how we process your information in compliance with global standards, including the GDPR.

1. Data Collected

To ensure the integrity of our certifications, we collect the following data during registration and examination:

  • Identity and Contact: First Name, Last Name, and email address, provided via your LinkedIn, Google, or GitHub account.
  • Certification Journey: History of exam attempts, scores obtained, and pass/fail status.
  • Payment Data: Transactions are securely processed by Lemon Squeezy. We do not store any banking or credit card details on our own servers.

2. Purpose of Processing

Your data is used exclusively for:

  • Authentication: Verifying the real identity of exam participants.
  • Certification: Generating your official digital certificates through our partners Certifier.io or Badges.parchment.com.
  • Educational Follow-up: Providing support and sending email reminders if an exam is not completed or in case of failure, to assist in your professional progress.
  • Business Management: Ensuring payment validation for exam access.

3. Data Sharing and Storage

Your data is processed via trusted third-party services, leaders in their respective fields:

  • Identity Management: Your access is secured by Clerk.
  • Hosting: Our internal databases are secured on our Private Virtual Server (VPS) located in France.
  • Credentialing: Your identity information (Name/Email) is transmitted to Certifier or Parchment only upon successful completion of an exam for the issuance of your digital badge or certificate.

We do not sell or share your data with third parties for advertising purposes.

4. International Data Transfers

Although our site is hosted in France, we use service providers (such as Clerk and Lemon Squeezy) that may process data in the United States or other jurisdictions. We ensure that these transfers are governed by standard contractual clauses or equivalent legal frameworks to guarantee a high level of protection.

5. Your Rights and Data Deletion

In accordance with the GDPR and international privacy laws, you have the right to access, rectify, and request the total deletion of your personal data.

To exercise these rights, please send a request to: dpo@mycybermerit.com.

Important Note: Deleting your data from our systems will make it impossible for third parties (e.g., employers) to verify the authenticity of your certificates in the future.