Privacy Policy

Scholar-Secure Platform

Effective Date: February 17, 2026  |  Last Updated: February 2026

1. Introduction

This Privacy Policy describes how Cyber Viking LLC (“Company,” “we,” “us,” “our”), a California limited liability company, collects, uses, discloses, and protects your personal information when you use the Scholar-Secure Platform at scholar-secure.com and related subdomains (the “Platform”).

By creating an account or using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Platform.

Contact: [email protected]

2. Information We Collect

2.1 Information You Provide

When you register for and use the Platform, you may provide:

  • Name (first and last)
  • Email address (institutional or personal)
  • Password (stored in hashed form; we never store plaintext passwords)
  • Course enrollment information provided by your institution
  • Lab submissions, scripts, reports, and other coursework

2.2 Information Collected Automatically

When you access the Platform, we automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Login timestamps and session durations
  • Lab activity logs, including commands executed and files accessed within lab environments
  • Quiz attempts and submission timestamps
  • General usage patterns and navigation data

2.3 Information from Your Institution

Your educational institution may provide us with your name, institutional email address, student ID, and course enrollment data pursuant to a Master Services Agreement (MSA) between your institution and Cyber Viking LLC.

2.4 Information We Do NOT Collect

We do not collect:

  • Social Security numbers or government-issued identification numbers
  • Financial or payment information (all billing is handled through institutional contracts)
  • Biometric data
  • Location data beyond IP-based geolocation
  • Data from third-party analytics or advertising services

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing and operating the Platform, including provisioning lab environments, managing user accounts, and delivering educational services
  • Authenticating your identity and managing access control
  • Monitoring lab sessions for educational assessment, academic integrity verification, and security purposes
  • Generating audit logs for compliance with FERPA and institutional requirements
  • Communicating with you regarding your account, including password resets, session notifications, and service announcements
  • Improving and maintaining the Platform, including troubleshooting, performance optimization, and feature development
  • Enforcing our Terms of Service and Acceptable Use Policy
  • Complying with legal obligations and responding to lawful requests

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

4.1 With Your Institution

We share educational records, lab submissions, grades, and usage data with your institution as necessary to provide the contracted educational services and in accordance with the MSA. Your institution is the data controller for educational records governed by FERPA.

4.2 With Instructors

Your instructors and teaching assistants may access your lab submissions, quiz results, session activity, and progress data for the courses in which you are enrolled.

4.3 Legal Requirements

We may disclose your information if required by law, regulation, subpoena, court order, or other governmental request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify affected institutions in accordance with the MSA.

5. Cookies and Tracking Technologies

The Platform uses only essential session cookies required for authentication and Platform functionality. These cookies:

  • Are strictly necessary for the Platform to function
  • Maintain your authenticated session while you are logged in
  • Are configured with Secure, HttpOnly, and SameSite=Lax attributes for security
  • Do not track you across other websites
  • Are automatically deleted when your session ends or expires

We do not use third-party analytics cookies, advertising cookies, or any other tracking technologies. We do not use Google Analytics or similar services.

6. Data Security

We implement appropriate administrative, technical, and physical safeguards to protect your personal information, including:

  • All data is transmitted over encrypted connections (TLS/SSL)
  • Passwords are stored using industry-standard cryptographic hashing
  • Access to user data is restricted to authorized personnel on a need-to-know basis
  • All Platform activity is logged and monitored for security threats
  • Lab environments are sandboxed and isolated from production infrastructure
  • Network segmentation and firewall rules restrict unauthorized access
  • All infrastructure is self-hosted on systems controlled by Cyber Viking LLC; no user data is stored on third-party cloud services

While we take reasonable precautions to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

7. FERPA Compliance

Cyber Viking LLC acknowledges that student educational records are protected under the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g. In our capacity as a service provider to your institution, we:

  • Limit access to educational records to authorized personnel on a need-to-know basis
  • Maintain appropriate administrative, technical, and physical security controls for all personally identifiable information (PII)
  • Report any data breach involving PII to the affected institution within four (4) hours of discovery
  • Return or securely destroy all institution data and PII upon termination of the MSA
  • Maintain audit logs sufficient to demonstrate compliance
  • Use educational records solely for the purposes specified in the MSA

8. Data Retention

We retain your information for the following periods:

  • Account information: For the duration of your account and as required by the MSA with your institution
  • Audit logs: Minimum of one (1) year for compliance and security purposes
  • Lab submissions and coursework: As specified by the MSA with your institution
  • Session logs: Retained for security analysis and then purged in accordance with our data retention schedule

Upon termination of the MSA between Cyber Viking LLC and your institution, we will return or securely destroy all institution data and PII as specified in the MSA.

9. Your Rights

9.1 General Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate personal information
  • Request deletion of your personal information, subject to our legal and contractual obligations
  • Receive a copy of your personal information in a portable format

To exercise these rights, contact us at [email protected]. Requests related to institution data (e.g., enrollment records) should be directed to your institution, as they are the data controller for that information.

9.2 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

  • The right to know what personal information is collected, used, and shared
  • The right to request deletion of your personal information
  • The right to opt out of the sale or sharing of personal information (we do not sell or share your personal information)
  • The right to non-discrimination for exercising your privacy rights
  • The right to correct inaccurate personal information
  • The right to limit the use of sensitive personal information (we do not use sensitive personal information for purposes beyond what is necessary to provide the Platform)

To submit a request, contact [email protected]. We will verify your identity before processing any request and respond within forty-five (45) days.

10. Children’s Privacy

The Platform is not intended for children under the age of thirteen (13). We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us at [email protected] and we will promptly delete the information.

11. Third-Party Services

The Platform is built entirely on self-hosted infrastructure controlled by Cyber Viking LLC. We do not integrate with third-party analytics providers, advertising networks, or social media platforms. Your data remains on systems we directly operate and control.

The Platform may contain links to external resources for educational purposes. We are not responsible for the privacy practices of external websites. We encourage you to review the privacy policies of any external sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice via email to your registered email address or through a prominent notice on the Platform at least fourteen (14) days before the changes take effect. Your continued use of the Platform after the effective date constitutes your acceptance of the revised Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

Cyber Viking LLC
222 E El Morado Ct
Ontario, CA 91764
Email: [email protected]
Web: scholar-secure.com