CyberDesserts

Learn Cybersecurity By Doing
Last updated: 8 April 2026

Privacy Policy

Covers cyberdesserts.com and blog.cyberdesserts.com.

Who we are

CyberDesserts is a cybersecurity skills platform. We publish hands-on labs, career guides, and a blog to help people build practical security skills. If you need to reach us: info@cyberdesserts.com.

What we collect

It depends on what you do on the site.

If you browse the site, our third-party analytics collects which pages you visit, how you got here, how long you stay, and basic device and browser information. No account or login is required, and we do not ask for your name or email to read content.

If you take the security readiness assessment, a third-party form provider collects your responses and, if you choose to provide it, your email address for receiving results.

On every page, a third-party advertising pixel runs for conversion tracking and remarketing. The pixel provider may collect data about your visit, including your IP address and browsing behaviour on our site, to serve relevant ads across their platforms. You can opt out of ad targeting through your ad preferences or by using browser-level controls.

Blog content loads from our content management system via API. Your browser makes those requests directly, and we cache the responses in your browser's localStorage to speed things up. No personal information is stored in that cache.

How we use it

Analytics tells us which content is useful and which is not. We use it to decide what to write more of, spot broken pages, and understand where our readers come from.

Assessment data is used to generate your score and, if you provided your email, to send you the results. We also review aggregate assessment trends (not individual responses) to improve the questions over time.

Advertising pixel data is used for measurement and to reach people who have visited the site with relevant content on the pixel provider's platforms.

We do not sell your data, share it with data brokers, or use it for purposes beyond what is described here.

Cookies and local storage

We do not run a cookie consent management platform. When you dismiss the cookie notice on the site, a flag is saved in your browser's localStorage so you do not see it again. That is the extent of our cookie management.

Beyond that flag, the main tracking technologies on the site are the analytics script and the advertising pixel, both of which may set their own cookies. Your browser's built-in controls are the best way to manage these. Most browsers let you view, block, or delete cookies and restrict third-party tracking.

Legal bases (UK GDPR)

For visitors in the UK and EU, we rely on the following:

  • Legitimate interests: running analytics to understand site usage, maintaining security, and operating the platform.
  • Consent: when you voluntarily submit assessment responses or provide your email address for results delivery.

For advertising pixel tracking, we rely on legitimate interests for measurement. You have the right to object to this processing. See "Your rights" below.

Who processes the data

We use third-party services to run the site, including our hosting provider, analytics provider, form provider, advertising pixel provider, and content management system. These providers act under contract and are required to handle data appropriately. Some of these services operate outside the UK/EU, in which case transfers rely on Standard Contractual Clauses or equivalent safeguards.

How long we keep it

Assessment responses are kept for up to 12 months for benchmarking purposes, then deleted or anonymised. You can ask us to delete yours sooner. Analytics data follows provider retention defaults, typically 12 to 24 months. The localStorage data in your browser stays until you clear it yourself.

Your rights

Depending on where you are, you can ask us to access, correct, delete, or export your data. You can also object to processing or withdraw consent you have previously given. To make a request, email info@cyberdesserts.com.

If you believe we have handled something incorrectly, you can complain to your local data protection authority (in the UK, that is the ICO).

Everything else

This site is not aimed at children. Do not submit a child's personal information through the assessment or by email.

We use HTTPS across the site. No system is perfectly secure, but we take reasonable steps to protect what we hold.

We may update this policy from time to time. The date at the top tells you when it last changed.