Privacy Policy

At PCI-U, LLC dba Data Security University (DSU), we’re committed to protecting and respecting your privacy.

This Policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure.

We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.

Any questions regarding this Policy and our privacy practices should be sent to [email protected]u.com or by writing to  Data Security University at 2870 Peachtree Rd, #363, Atlanta, GA 30305.

Who are we?

We’re Data Security University (DSU) a company dedicated to helping small and midsized businesses (SMBs) understand what measures are recommended to safeguard their company’s data and comply with applicable privacy and data protection regulations and standards.  Although Data Security University does not sell any particular security products or services, our partners and customers are oftentimes engaged in the sale of such products and services.

DSU does not directly promote our educational services to the public.  Instead, we have found that the fastest path to serve SMBs is through large enterprises such as Internet Service Providers, Credit Card Processors, POS companies, Financial Services Companies, Retail chains, Franchisor and Franchisee Associations, and Managed Service Providers.  DSU “white labels” its educational website through enterprises such as these that you work or interact with so that you may receive the benefit of learning about Data Security standards regulations, and precautions.

How do we collect information from you?

We obtain information about you when you use our white label website, for example, when you take one of our patent pending Assessment Tools, you register to receive an email submission of your confidential results along with your customized action plan.

What type of information is collected from you?

The personal information we collect might include your name, email address, IP address, telephone number along with commercial information such as your Merchant ID number and the name of your company. By taking any one of our Assessment tools, you are answering questions regarding your company and you may further request to have vendors reach out to you upon your request and authorization.  Should you initially make a decision online to discuss your need for a product or service with a vendor, any subsequent purchase made will be conducted with this third party vendor outside of the site.  As such, we do not monitor through our site any record of a subsequent purchase.  Any purchase on your part is conducted offline directly with the vendor.

How is your information used?

We may use your information to:

  • Provide you with an email copy of your Assessment Test Results;
  • If you are a Franchisee accessing an Assessment Test through your Franchisor’s white labeled site, your Franchisor may also receive a copy of your Assessment Test Results and Action Plan given their interest in seeing that your Franchisee location is fulfilling its contractual security obligations and that the overall brand is being protected;
  • Notify you of changes to our services;
  • Send you communications which you have requested and that may be of interest to you.

We review our retention periods for personal information on a regular basis and retain Assessment Test results for you to have as a baseline in the event that you lose or wish to compare your prior results. We will hold your personal information on our systems for as long as it is necessary for the relevant activity.

Who has access to your information?

We provide your data to only those vendor companies that you authorize us to provide your data to such as our customers or third party vendor partners.  We otherwise will not sell or rent your information to third parties for marketing purposes.

When you are using our secure online white label site, it is hosted and maintained by a reputable and secure third party vendor.  If you have any questions regarding these relationships, please contact us.

We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to such third party or as part of any business restructuring or reorganisation, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our customers. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.

Your choices

You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about the vital work we do to help safeguard your privacy and data and about new and exciting security products and services which are being offered, then you can select your choices by ticking the relevant boxes situated on the form on which we collect your information.

We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted. You can change your marketing preferences at any time by contacting us by email at: [email protected].

How you can access and update your information

The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: [email protected] or write to us at:  Data Security University at 2870 Peachtree Rd, #363, Atlanta, GA 30305.

You have the right to ask for a copy of the information Data Security University holds about you (we may charge $15.00 for information requests) to cover our costs in providing you with details of the information we hold about you.

Security precautions in place to protect the loss, misuse or alteration of your information

When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information is encrypted and protected with the following software, CloudFlare.  When you are on a secure page, a lock icon will appear on the top of web browsers such as Chrome and Microsoft Edge – this is produced through our SSL certification by Let’s Encrypt.

Non-sensitive details (your email address etc.) and your Assessment Test results are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make commercially reasonable efforts to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Profiling

We may analyze your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and security risk.

The process of anonymization and pseudonymization may be used at times to develop helpful analytics, trends, and statistics to help to better understand cyber crime and seek a better means to underwrite risks and combat ID theft and fraud.

Use of ‘cookies’

Like many other websites, our Data Security University website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognize you when you visit. They collect statistical data about your onsite actions and patterns and do not identify you as an individual.

It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our website.

Links to other websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

16 or Under

We are concerned about protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ it would be very unlikely that you would have a bonafide commercial reason for you to use this site.  However, should there be a valid reason why you are accessing our site, please get your parent/guardian’s permission beforehand whenever you provide us with personal information.

Transferring your information outside of Europe

As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU such as the U.S. where the home office of our company resides.  Countries such as the U.S.  may not have similar data protection laws to the UK or EU.  By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.

Review of this Policy

We keep this Policy under regular review. This Policy was last updated in February 2018.