WizerFamily
Sign in

Privacy Policy

Last updated: April 2026

1. About This Policy

This Privacy Policy explains how Wizer ("we", "us", or "our") collects, uses, and protects information when you use Wizer Family — a cybersecurity awareness training platform designed for families, including children under the age of 13.

Because Wizer Family is designed for use by minors, we take privacy seriously and comply with the Children's Online Privacy Protection Act (COPPA), the General Data Protection Regulation (GDPR), and applicable state privacy laws. By creating an account, the adult family head provides verifiable parental consent on behalf of any children enrolled.

Note: This is a placeholder privacy policy pending review by our legal team. It accurately describes our current data practices and will be updated before public launch.

2. Who We Are

Wizer is the data controller responsible for your information. You can reach our privacy team at privacy@wizer-training.com.

3. Information We Collect

Family Head (adult account holder)

  • Full name and email address
  • Password (stored as a one-way cryptographic hash — we cannot read it)
  • Two-factor authentication secret (used only to verify login)
  • Parental/guardian consent timestamp
  • Email verification status and timestamp
  • Last login timestamp

Family Members (learners, including children)

We deliberately collect minimal data for family members. Specifically:

  • A label chosen by the family head — this is typically a nickname or role (e.g., "Kid 1", "Grandma") and is not required to be a real name
  • Training progress data: video watch intervals, PDF views, quiz answers
  • Completion timestamp and certificate token (if training is completed)

We do not collect the name, email address, date of birth, or any other personally identifiable information from family members.

Automatically collected

  • Server-side logs for security and abuse prevention (IP addresses, request timestamps)
  • We do not use cookies for tracking or advertising. A session cookie is used solely to keep the family head logged in.

4. How We Use Your Information

  • To provide the training service and track completion for certificates
  • To send transactional emails (email verification, password reset, completion notifications)
  • To authenticate the family head securely via password and 2FA
  • To comply with COPPA, GDPR, and other applicable laws
  • To operate, maintain, and improve our service

We do not use your data for advertising, profiling, or sale to third parties.

5. COPPA — Children Under 13

Wizer Family is designed to be used by families under the supervision of a parent or guardian. The adult family head creates the account and provides verifiable parental consent before any children are enrolled.

We collect only a label (nickname) for child learners — no name, email, or other PII. The family head may remove a child's access or permanently delete all associated data at any time from the Account Settings page.

Parents or guardians may contact us at privacy@wizer-training.com to review, update, or delete any information associated with their children.

6. Data Security

  • All data is transmitted over HTTPS (TLS 1.2+)
  • Sensitive PII fields (name, email) are encrypted at rest using AES-256-GCM
  • Passwords are hashed using bcrypt (cost factor 12) and are never stored in plaintext
  • Two-factor authentication is required for all family head accounts
  • Our database is hosted on Neon (a SOC 2-compliant Postgres provider)

7. Data Retention

We retain your data for as long as your account is active. When you delete your account, all associated data — including family member progress, certificates, and personal information — is permanently deleted within 30 days.

Server logs may be retained for up to 90 days for security purposes.

8. Sharing and Third Parties

We share data only with the following service providers, and only as necessary to operate:

  • Resend — transactional email delivery (receives recipient email address and email content only)
  • Neon — database hosting (stores all data in encrypted form)
  • Vercel — application hosting and edge CDN
  • Wistia — video hosting and delivery (no personal data from learners is sent to Wistia; video playback is anonymous)

We do not sell, rent, or trade your data with any third parties.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — request a copy of the data we hold about you
  • Rectification — correct inaccurate personal data
  • Erasure — request permanent deletion of your account and all associated data
  • Portability — receive your data in a portable format
  • Objection — object to processing of your personal data

You can exercise your erasure rights directly from the Account Settings page. For all other requests, contact us at privacy@wizer-training.com.

10. Changes to This Policy

We may update this policy as our service evolves or as legal requirements change. We will notify family heads of material changes by email. Continued use of the service after notice constitutes acceptance of the updated policy.

11. Contact

For privacy questions, data requests, or COPPA-related inquiries, please contact:

Wizer Privacy Team

Email: privacy@wizer-training.com