Last Updated: January 14, 2022
Effective Date: July 13, 2017
The Services include CYBRScore Assessments, CYBRScore Labs, and CYBRScore Training. Leveraging the NICE framework, the Services create a complete end-to-end experience, delivering targeted, outcome-oriented cyber security training experiences that provide End Users with confidence to get the job done.
In a world of recognized certifications and written knowledge-based exams, our solutions stand out by providing real insight into actual on-ground cyber security skills, and the capability to support your knowledge base with demonstrated skills. The Services’ offerings include turnkey and custom training, hands-on labs, and performance assessment for individual skill set and defined job-role competencies.
TCS’ system administrators have access to the Collected Information although it is against TCS’ policy for TCS system administrators to access this information unless they are required to do so as a part of supporting the Services.
The Collected Information from the Services contains information passed to and generated and recorded by the Services for certain information for End Users of the Services including a unique identifier for each End User (“Student ID”), a course identification number for each course taken, the start time and end time of each course taken, the duration of each course taken, a submission status, and scoring data for the course.
The Student ID of an End User is linked to a payment token (“Voucher ID”) that is provided by Authorizing System. Authorizing Systems may be operated and controlled by third parties other than TCS such as payment and voucher processing service Vendors, End-Customers, and other third parties. TCS does partner with certain Vendors who do operate Authorizing Systems. While the Collected Information does include the Voucher ID for each course taken by an End User, the Voucher ID does not contain any personally identifiable information for any End User or End-Customer. The Voucher ID is only an identifier provided by the Authorizing System for a particular End User. The Voucher ID itself does not contain any personally identifiable information. Please see Section 5 (Information We DO NOT Collect) for information that may be collected by Authorizing Systems.
In addition, the Services may collect information provided by End Users and as such the Collected Information may include the following information for each End User:
TCS may collect personally identifiable information from you when communicating with you as part of a technical support call or email conversation (“Support Information”). Such Support Information may be requested verbally over the phone or in the email conversation.
The Services do not collect, store or retain any information provided to or generated by any Authorizing Systems such as payment or credit card information. Authorizing System providers do not have access to Collected Information.
TCS uses the Collected Information for operating the Services. TCS may disclose the results of your CYBRScore Assessments to the Authorizing System and to the End-Customer that authorized or paid for your CYBRScore Assessment (e.g., your employer). Except as set forth in this Section 6.1, no Collected Information from the Services are ever disclosed to any third parties.
Collected Information (excluding Name and Email Addresses) may be De-identified and aggregated, stored, and used by TCS (“De-identified Aggregated Information”). “De-identified” means information that does not identify any individual or entity and with respect to which there is no reasonable basis from which the information can be used to identify an individual or entity. De-identified Aggregated Information may be used by TCS for purposes of improving the Services or creating other products and services which may include the De-identified Aggregated Information. TCS may license or sell the De-identified Aggregated Information to its Channel Partners or other third parties
TCS does not make any Support Information available to any third party for any purposes except for any Support Information that may be provided to Channel Partners, Trainers or Vendors who are performing services for TCS in support of the Services.
We will ONLY disclose Collected Information maintained or generated by the Services to a regulatory body or law enforcement agency, and then only in circumstances where required by law or regulation or where a legitimate court order has been obtained from a court of competent jurisdiction.
Except for the Voucher ID, your name and email address that is electronically provided to TCS by the Authorizing Systems, all other Collected Information is either entered into the Services by End Users, or is generated by the Services including Student IDs, course identification numbers, start time and end time of courses taken, the duration of each course taken, submission status, and scoring data for CYBRScore Assessments, CYBRScore Labs, and CYBRScore Training.
Once a training class, lab, or assessment has been completed by an End User, the Collected Information passed to or generated by such event may not be corrected or altered.
If you object to scoring data or results generated by the Services, you should send an email to CYBRScoreSupport@comtechtel.com requesting more information on how your results were prepared.
You may “opt-out” from having your Collected Information included in TCS’s De-identified Aggregated Information by sending an email to CYBRScoreSupport@comtechtel.com requesting that it be removed. Before doing so, please understand that none of your personally identifiable information is included in our De-identified Aggregated Information, only demographic information that is not unique to you and scoring results. If you have any additional questions or concerns, feel free to send an email to the above address.
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the Collected Information as part of the Services.