Included in the Phished Academy, users can find an entire section dedicated to their personal profiles. They get an overview of the data we have collected and what we do with it. Through this platform they can exercise their privacy rights.

In practice, this is possible if the administrator gives permission. However, we do not recommend this as organisations benefit from training as many of their employees as possible.

We were set up in April 2018, just before this regulation came into force. In other words, we have had the GDPR in place since day one. As a cybersecurity company, privacy and online safety are of paramount importance. We are 100% GDPR compliant.

Currently, all data is stored on a Google Cloud server within the EEA (within Belgium). There is an option to store data in specific countries. This is the most secure way of working.

We do not process personal data when we make automated decisions (such as determining who receives which simulation and when), so we are fully compliant with the GDPR legislation.