Legal • Privacy

Privacy Policy

This policy explains how GonePhishing LLC collects, uses, and protects information when you use our website, platform, and services.

Terms of Use Disclaimer
Effective Date
February 23, 2026

Effective Date: February 23, 2026

This Privacy Policy explains how GonePhishing LLC (“GonePhishing,” “we,” “us,” or “our”) collects, uses, and protects information when you access or use the GonePhishing website, platform, training content, simulations, articles, and related services (the “Service”).

1. Information We Collect

  • Name and email address
  • Account login credentials (for authentication)
  • Organization/company name (if applicable)
  • Training participation and completion data
  • Simulation interaction metrics (e.g., clicks, reports, completion events)
  • Phone number and opt-in status for SMS training (if applicable)

2. Information We Do Not Collect

  • Passwords entered into simulated phishing pages
  • Unrelated sensitive personal information not needed for the Service
  • Payment card information (handled by third-party processors)
  • Personal data from children under 13 without authorization

3. How Information Is Used

We use information to operate and improve the Service, including to provide cybersecurity awareness training, deliver simulations, generate training reports, maintain accounts, provide support, and communicate service-related information (such as important updates or security notices).

4. Training Simulations & Credentials

Training simulations may include simulated credential entry pages. Credentials entered into these pages are not stored, reused, or authenticated against real systems. Account login credentials are handled separately for authentication purposes only.

5. Data Sharing

GonePhishing LLC does not sell personal data. Information may be shared only with:

  • Authorized organizational administrators (aggregate or authorized results, within the organization’s account)
  • Trusted service providers supporting platform operations (e.g., hosting, email delivery, analytics, payment processors)
  • Legal authorities when required by law or to protect rights, safety, and security

6. Data Retention

Information is retained only as long as reasonably necessary to provide the Service, meet reporting requirements, resolve disputes, enforce agreements, or comply with legal obligations.

7. Minors’ Privacy

The Service is not intended for children under 13. Minors aged 13–17 may participate only with authorized consent. Data from minors is handled with heightened care and minimal collection.

8. Security Measures

We implement reasonable administrative, technical, and organizational safeguards to protect information. Security is taken seriously, but no system is completely secure.

9. Security Disclaimer

While reasonable safeguards are implemented, no system or method of transmission over the Internet can be guaranteed to be completely secure. Absolute security cannot be guaranteed.

10. Your Choices

  • Update account information (where available)
  • Opt out of SMS messages by replying STOP (if applicable)
  • Discontinue use of the Service at any time

11. Changes to This Policy

This Privacy Policy may be updated periodically. Continued use of the Service constitutes acceptance of the updated policy.

12. Contact

Questions regarding privacy may be directed to info@gonephishing.com.