Last Updated: 9th February 2020
This document provides a readable summary of our licence agreement and terms of service. It is backed by our policy framework, including our privacy and cookies policy. This document will be updated as the site and services it provides access to are changed.
The Cyber FastTrack program is executed by the SANS Institute and Helical Levity Ltd who will hold, control and process your data. Cyber FastTrack is identified as the service provider.
After the first stage of the program, the CTF, top performers may be invited to apply for a scholarship or other prizes. There are eligibility criteria for this stage and the selection of participants remains at the disgresion of the service provider. To be eligible for the full scholarship application you must:
If you are concerned with whether you are eligible to participate or have queries regarding the policies of participation outlined please contact email@example.com.
By registering an account and agreeing to the End-User Licence Agreement you will be provided with access to one or more stages of the program. Your level of access will depend on your performance compared to other participants and the identified eligibility criteria. The service provider may provide you with access to a platform with content, training materials, challenges or games. By registering and using your account you agree:
Based on your participation in the program you may receive additional opportunities such as access to training products, material or scholarships. Each of these will be governed by their own terms and conditions and you may accept or decline these, though doing so may impede your progress in the program. This agreement does not default you to accepting further terms and conditions.
As part of this program, subject to eligibility criteria and your performance, you may be granted access to infrastructure providing security related puzzles or challenges. As part of these challenges you may be required to apply unusual tools or use patterns to services to uncover logic flaws or issues. With your licence you are provided permission to undertake the activities covered in each of the ‘briefings’ against the defined targets. As covered in the product specific licences and user guides it is not acceptable to attempt denial of service attacks, or to purposefully attempt to cause damage to the infrastructure or data. It is also deemed a violation of acceptable use to identify flaws and to purposefully attempt to damage or disrupt other platform users, or their data.
Uncovering security flaws and learning about cyber security vulnerabilities will require use of certain tools that can only be used in a context where permission has been given by the target party, as is provided here. In severe circumstances where error cannot be blamed, violation of these terms could result in rejection from the program, or prosecution. If you are unsure of the activity you are undertaking at any time please contact firstname.lastname@example.org.
This program and the associated tools, services and sites used within it are designed to identify your potential for the cyber security profession. Based on your eligibility and performance in the aforementioned tools and challenges you may be awarded a scholarship, or a prize.
The program administrative staff use a number of criteria to identify winners and their announced rankings and awards are final. If you have any queries regarding the awards or your eligibility please contact email@example.com.
The program reserves the right to withdraw a prize or opportunity at any time. The award of prizes, scholarships or other opportunities are contingent on adherence to the program terms of service, and ethical and legal conduct.
If you have any questions about this Agreement or any associated policy, please contact firstname.lastname@example.org.
Last Updated: 14 February 2019
Your information is being collected by Cyber FastTrack to help run and deliver information security talent assessment and training programs. The program is delivered by Escal Institute of Advanced Technologies (SANS Institute) and Helical Levity Ltd. These parties respectively act as a processor and controller of your data, which means storing your provided data, analysing it or deleting it.
This program and the prior mentioned parties will maintain information that you provide to us, and data collected during your interaction with the provided services. This is collected for the operational purposes of security and safeguarding, but primarily for the running of the talent identification, training and competitions outlined on the website.
For the running of the competition, or for purposes of recognition, or further training & career opportunities very specific data on your performance and contact information may be passed to additional parties beyond those identified above. These parties are government organisations at the state or federal level. The information would be provided to government officials to allow them to recognise top performers and competition winners, which may in turn lead to them contacting you to invite you to a reception or for further related opportunities.
Additionally, winners of the scholarships will be provided with the process to receive their award from Scholarship America (www.scholarshipamerica.org). We will provide information on winners to enable them to validate the eligibility and entitlement of winners.
Other organisations, such as cyber security employers may offer prizes which you could be eligible for. In the event that these become available and applicable to you we will contact you to ask for your consent to provide your data for you to receive your prize or scholarship.
We will always ask for your permission before sending your information to any other organisation, or for any use case other than what is outlined above. We may send you information related to our programs and further suitable opportunities for you, which you may terminate at your discretion.
We get your information from your registration form, from your use of the website and materials, and from details of your progress in the program. For us to process your data we need to get your consent or permission to use your information on behalf of all those involved. We can't enrol you in the program without your registration information, and we also need to monitor your progress.
Whether you choose to join or leave the program is entirely up to you. The only effect of asking us to delete your information would be that you are no longer able to be a member of the program. You are entitled to do this at any point in support of your right to be forgotten.
You must meet the program eligibility criteria in order to participate, including the criteria that you are of an age which can consent to provide your data. For this reason we may ask for your date of birth or other personal information to validate your eligibility at a suitable stage in the program.
We've tried to make this notice easy to read, but you can always contact the Data Protection Officer via email@example.com who will help explain things further and will answer your questions.
We hold information which you provided on registration and information gathered as you progress through the program including:
Your name, email address, access credentials, subscription preferences, your IP address and cookie data, gender, school, date of birth, whether you have any disability that we can assist you with when accessing the program, your ethnic group, the date of enrolment onto the program, details of how you have progressed on the program, the scores that you have achieved via the challenges and exams, and how you are using the web sites that make up the Cyber FastTrack program.
As outlined in the policy above, we will provide information to state and federal government departments in support of the program talent identification, competition and prizes. The information provided will predominantly be high level information, though if you are a prize winner your name, contact details and performance information may be shared.
We also collect data to monitor the site and make sure it stays safe for everyone to use. For example, we may check for misuse of the platform or try to detect if abusive language is being used. This is against the program code of conduct.
If you change your mind about allowing us to use your information you simply need to tell us by emailing firstname.lastname@example.org. We will then take you through a couple of quick steps to confirm you want to delete your information and leave the program.
We'll update you when this has been done or in exceptional circumstances if we can't do this.
We need it to run the program, training and competitions outlined on this site. SANS Institute, Helical Levity Ltd and associated state or federal bodies will need your data to run the competition, assess eligibility and to award prizes.
If you don't want us to hold your information you will no longer be able to participate in the program, and we will delete your records from the system.
As cyber security experts we are very aware of the risks around data security. We carry out regular security assessments to make sure your information is secure. We follow all the standard industry practises to make sure we hold your information as securely as possible.
We keep your information for five years or until you ask us to delete it if this is sooner and you wish to leave the program. If the circumstances arise where we need to keep the data longer we will tell you and explain why.
You have a right to have a copy of the information which we hold on you or to transfer your information. You can make a request for a copy of your data through the support channel and any data that is available to transfer will be made clear to you as you use the platform. You can action this through the platform.
If at any time you want further information, or you need help understanding what you can and cannot request, or if you want to make a complaint, the Data Protection Officer can help you with this.
The Data Protection Office is Sharon Heys and she can be contacted via the support channel. Please email email@example.com and ask to be put in contact with the Data Protection Officer.
If you still aren't happy with our response you can complain to the Information Commissioners Office.