Skillnod
Menu
Legal

Privacy Policy

This policy explains how Skillnod handles personal information for website users and customers using our enterprise platform services.

Contact Privacy Team Contact Support

Last updated: February 21, 2026

This Privacy Policy applies to Skillnod services operated by Skillnod in Australia, including the Skillnod website and platform modules for security awareness training, skills assessments, corporate surveys, and phishing simulations.

1. Scope and Roles

In most customer deployments, the customer organization acts as data controller and Skillnod acts as data processor, handling personal data on documented customer instructions for service delivery.

Skillnod may also act as controller for limited business information related to account management, security operations, contractual administration, support, and legal obligations.

2. Information We Process

Depending on service configuration, we may process the following categories of information:

  • Account and user profile data (name, business email, role, department).
  • Training records (assignments, completion status, due dates, reminders, attestation events).
  • Skills assessment data (scores, competency indicators, progress records).
  • Corporate survey data (responses, response metadata, organizational reporting fields).
  • Phishing simulation data (campaign participation, report/click events, simulation outcomes).
  • Technical and security metadata (log events, device/session data, diagnostic information).
  • Support and communication records (tickets, support correspondence, service requests).

3. How We Use Information

We process information to:

  • Provide, operate, maintain, and secure the Skillnod services.
  • Deliver analytics and reporting requested by customer administrators.
  • Support customer onboarding, configuration, troubleshooting, and service continuity.
  • Detect, investigate, and mitigate security incidents or misuse.
  • Meet contractual, legal, and regulatory obligations.

4. Processor Instructions and Subprocessors

Where Skillnod acts as processor, we process personal data based on customer instructions and applicable contractual terms, including data processing addenda where agreed.

Skillnod may use vetted subprocessors for infrastructure and operational support. Subprocessor details are available on request and can be shared under NDA as part of due diligence.

5. International Data Transfers

Personal data may be processed in jurisdictions outside the customer's primary location. Where cross-border transfers occur, we apply safeguards designed to protect data through contractual, organizational, and technical controls appropriate to transfer risk.

6. Data Retention and Deletion

Retention periods are customer-driven for platform records and may be configured according to customer policy, contractual requirements, and lawful obligations.

Upon valid customer request, expiry of retention periods, or contract termination (subject to legal and contractual requirements), data is deleted or returned based on agreed offboarding procedures and practical service limitations.

7. Security Measures

Skillnod applies security controls designed to support confidentiality, integrity, and availability, including access controls, secure authentication practices, logging and monitoring, vulnerability handling, and encryption in transit. Additional controls may be available depending on deployment architecture.

Our security and privacy practices are designed to support customers operating under leading frameworks and programs, including those aligned with GDPR, UAE PDPL, and KSA PDPL expectations. We do not represent this statement as a formal certification claim.

8. Rights and Requests

If Skillnod acts as processor, data subject requests should generally be directed to the customer controller. Skillnod supports customers with request handling according to contractual commitments and applicable law.

Where Skillnod acts as controller, individuals may contact us to request access, correction, or deletion as applicable.

9. Children's Data

Skillnod is designed for business and enterprise use. We do not intentionally provide services to children or knowingly collect personal information from children for consumer purposes.

10. Updates to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The latest version will be posted on this page with an updated effective date.

11. Contact

For privacy inquiries, due diligence requests, or rights-related questions, contact:
[email protected]
For general support requests:
[email protected]