Privacy Policy

1. Introduction

The National Cybersecurity Center (“NCC,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and mobile application (collectively, our “Website”), including any services, features, or content offered through the Website.

Please read this Privacy Policy carefully. By accessing or using our Website, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our Website.

2. Information We Collect

2.1 Personal Information You Provide

We may collect personal information that you voluntarily provide when you:

• Create an account or register on our Website
• Subscribe to newsletters, alerts, or other communications
• Contact us via email, contact forms, or other channels
• Use interactive features such as the Personal Cyber Advisor
• Upload content, photos, or profile information

This information may include:

• Name
• Email address
• Account credentials
• Profile information and photos
• Any other information you choose to provide

2.2 Information Collected Automatically

When you access our Website, we may automatically collect certain information, including:

• Device information (browser type, operating system, device type)
• IP address and approximate geographic location
• Usage data (pages visited, time spent on pages, links clicked, referring URLs)
• Cookies and similar tracking technologies (see Section 6)

2.3 Information from AI-Powered Services

When you interact with our AI-powered features, such as the Personal Cyber Advisor, we may collect the queries you submit and the responses generated. This information is used to provide and improve our services.

3. How We Use Your Information

We may use the information we collect for purposes including:

• Providing, operating, and maintaining our Website and services
• Creating and managing your account
• Sending you cybersecurity alerts, newsletters, and other communications you have opted into
• Responding to your inquiries and providing customer support
• Improving, personalizing, and expanding our Website and services
• Analyzing usage patterns to enhance user experience and Website performance
• Detecting, preventing, and addressing technical issues or security threats
• Complying with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with third-party vendors and service providers that perform services on our behalf, such as hosting, analytics, email delivery, and AI processing. These providers are contractually obligated to use your information only as necessary to provide services to us.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).

4.3 Protection of Rights

We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation in which we are involved.

4.4 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.

4.5 With Your Consent

We may share your information for any other purpose with your consent.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. When your information is no longer needed, we will securely delete or anonymize it.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your activity on our Website. Types of cookies we may use include:

• Essential cookies: Required for the Website to function properly (e.g., authentication, security)
• Analytics cookies: Help us understand how visitors interact with our Website so we can improve it
• Preference cookies: Remember your settings and preferences for future visits

You can set your browser to refuse all or some cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, some parts of our Website may become inaccessible or not function properly.

7. Third-Party Links and Services

Our Website may contain links to third-party websites, services, or content that are not operated by us. We have no control over and assume no responsibility for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

9. Children's Privacy

Our Website is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information. If you believe we may have collected information from a child under 13, please contact us.

10. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, including:

• Access: Request a copy of the personal information we hold about you
• Correction: Request that we correct inaccurate or incomplete information
• Deletion: Request that we delete your personal information, subject to certain exceptions
• Opt-out: Unsubscribe from marketing communications at any time by using the unsubscribe link in our emails or contacting us directly
• Data portability: Request a copy of your data in a structured, commonly used format

To exercise any of these rights, please contact us using the information provided below. We will respond to your request within a reasonable timeframe.

11. Colorado Privacy Rights

If you are a Colorado resident, the Colorado Privacy Act (CPA) may provide you with additional rights regarding your personal data, including the right to access, correct, delete, and obtain a portable copy of your data, as well as the right to opt out of targeted advertising, the sale of personal data, and profiling in furtherance of decisions that produce legal or similarly significant effects. To exercise these rights, please contact us at the address below.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by the “Last Updated” date at the top of this page. We encourage you to review this Privacy Policy periodically. Your continued use of our Website after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: