🚀 Cyber Phoenix is moving to LEXX. Click here to access it directly: lexx.com

LEXX Privacy Policy

Learning Exchange, Inc. d/b/a LEXX (“LEXX,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information when you visit our websites, create an account, purchase or use our products, courses, channels, software applications, or related services (collectively, the “Services”), communicate with us, or otherwise interact with us.

This Privacy Policy also explains your rights and choices regarding your personal information.

1. Scope

This Privacy Policy applies to personal information we collect online and offline in connection with the Services. It does not apply to third-party websites, services, or applications that are not owned or controlled by LEXX, even if they are linked from our Services.

If you are using the Services on behalf of a company or other organization, that organization may control certain account information and content associated with your use of the Services.

2. Personal Information We Collect

We collect personal information from you directly, automatically when you use the Services, and from third parties.

A. Information you provide directly

We may collect:

  • name, username, employer, job title, and contact information such as email address, phone number, and mailing address;
  • account credentials and profile information;
  • billing information, subscription details, and transaction history;
  • information you provide when registering for courses, events, demos, newsletters, or other communications;
  • communications you send to us, including customer support inquiries, survey responses, evaluations, reviews, and feedback;
  • content, files, prompts, submissions, and other information you upload, post, or transmit through the Services; and
  • any other information you choose to provide.

B. Information collected automatically

When you use the Services, we and our service providers may automatically collect:

  • device and browser information, operating system, IP address, language settings, and approximate location derived from IP address;
  • usage information, including pages viewed, links clicked, features used, referring URLs, crash data, log files, and time stamps;
  • information about your interactions with our emails, advertisements, or communications; and
  • cookie, pixel, SDK, local storage, and similar technology data.

C. Information from third parties

We may receive personal information from:

  • payment processors and billing partners;
  • analytics, advertising, and marketing partners;
  • identity, fraud-prevention, and security vendors;
  • social media platforms or single-sign-on providers, if you choose to connect or log in through them; and
  • corporate or enterprise customers that provide user details for account provisioning.

3. Categories of Personal Information

Depending on how you interact with us, we may collect the following categories of personal information:

  • identifiers and contact information;
  • commercial information, including products or subscriptions purchased;
  • payment and transaction information;
  • internet or other electronic network activity information;
  • geolocation data derived from IP address;
  • professional or employment-related information;
  • audio, electronic, or visual information you submit to us;
  • inferences drawn from your usage or preferences; and
  • other information you voluntarily provide.

We do not knowingly collect sensitive personal information for the purpose of inferring characteristics about you. If we collect sensitive personal information in limited circumstances, we use it only as reasonably necessary to provide requested Services, ensure security, comply with law, or for other permitted purposes.

4. How We Use Personal Information

We may use personal information to:

  • provide, maintain, operate, support, and improve the Services;
  • create and manage accounts;
  • process subscriptions, payments, renewals, and refunds;
  • communicate with you about your account, transactions, service updates, support requests, and security matters;
  • provide courses, certifications, channels, events, and related content;
  • personalize your experience and remember your preferences;
  • analyze usage, troubleshoot errors, monitor performance, and improve functionality;
  • send newsletters, promotions, surveys, and other marketing communications, subject to your choices;
  • prevent fraud, abuse, and security incidents;
  • enforce our Terms of Use and other legal agreements;
  • comply with legal obligations and protect our rights, users, personnel, and the public; and
  • create aggregated or de-identified information that does not reasonably identify you.

We may combine information collected from different sources for these purposes.

5. Legal Bases for Processing (EEA/UK Only)

If the GDPR or UK GDPR applies to our processing, we rely on one or more of the following legal bases:

  • performance of a contract with you, such as providing the Services and processing payments;
  • our legitimate interests, such as improving the Services, securing our systems, preventing fraud, and communicating with customers about similar offerings;
  • your consent, where required by law, including for certain cookies or marketing activities; and
  • compliance with legal obligations.

Where we rely on legitimate interests, we balance those interests against your rights and freedoms.

6. How We Disclose Personal Information

We may disclose personal information to:

  • vendors and service providers that help us operate the Services, including hosting, support, payment processing, analytics, marketing, communications, security, and fraud-prevention vendors;
  • instructors, content providers, or enterprise administrators where necessary to deliver Services you or your organization requested;
  • professional advisers such as auditors, insurers, and legal counsel;
  • government authorities, regulators, courts, and law enforcement where required by law or necessary to protect rights or safety;
  • actual or prospective buyers, investors, lenders, or other participants in a merger, financing, reorganization, sale of assets, or similar transaction; and
  • other parties at your direction or with your consent.

We may also disclose de-identified or aggregated information that does not identify you.

7. Sales, Sharing, and Targeted Advertising

We do not sell personal information for monetary consideration.

We may use cookies, pixels, or similar technologies that may constitute “sharing” for cross-context behavioral advertising or “targeted advertising” under certain state privacy laws. Where required, we provide opt-out rights, honor applicable preference signals we are required to recognize, and offer any disclosures required by applicable law.

8. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • keep the Services functioning;
  • remember preferences and settings;
  • understand usage and improve performance;
  • measure the effectiveness of communications or campaigns; and
  • where permitted, support marketing and advertising.

Cookies may be session-based or persistent. You can control cookies through your browser settings and, where available, through our cookie banner or preference center.

If required by applicable law, we obtain consent before using non-essential cookies.

Global Privacy Control / Opt-Out Preference Signals

If required by applicable law, we honor browser-based opt-out preference signals, such as Global Privacy Control, with respect to eligible devices and browsers.

9. Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, maintain business and tax records, comply with law, resolve disputes, prevent fraud, and enforce our agreements. Retention periods vary depending on the nature of the information, the sensitivity of the data, the purposes for which it was collected, and applicable legal requirements.

When we no longer need personal information, we will delete it, de-identify it, or securely store it and isolate it from further use, as appropriate.

10. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your credentials and for using reasonable security measures on your own devices and networks.

11. International Data Transfers

LEXX is based in the United States and may process personal information in the United States and other countries where we or our service providers operate. Those countries may have data protection laws different from those in your jurisdiction.

Where required by law, we use appropriate safeguards for international transfers, such as contractual protections or other recognized transfer mechanisms.

12. Your Choices

You may choose not to provide certain personal information, but that may limit your ability to use some features of the Services.

You may:

  • update certain account information through your account settings;
  • unsubscribe from marketing emails by using the unsubscribe link in those messages;
  • manage cookie preferences through your browser settings and, where available, our cookie controls; and
  • request access, correction, deletion, or other rights as described below.

We may still send you transactional or service-related communications, such as billing notices, password resets, support messages, and security alerts.

13. U.S. State Privacy Rights

Residents of certain U.S. states may have rights, subject to exceptions and verification, including the right to:

  • confirm whether we process their personal information;
  • access or obtain a copy of personal information;
  • correct inaccuracies;
  • delete personal information;
  • obtain a portable copy of certain personal information;
  • opt out of the sale or sharing of personal information, targeted advertising, or certain profiling activities; and
  • appeal our decision if we deny a rights request.

To exercise applicable rights, contact us at Ben@lexx.com or Andre@lexx.com. We may need to verify your identity before processing your request. Authorized agents may submit requests where permitted by law.

If we deny your request, you may appeal by emailing Ben@lexx.com or Andre@lexx.com with the subject line “Privacy Rights Appeal.”

California notices: If the California Consumer Privacy Act applies to us, California residents may have the right to know the categories of personal information we collect, the categories of sources, the business or commercial purposes for collection and disclosure, and the categories of third parties to whom we disclose personal information. They may also have rights to request deletion, correction, and access to specific pieces of personal information, and to opt out of sale or sharing where applicable. We will not discriminate against you for exercising applicable privacy rights.

14. EEA/UK Privacy Rights

If you are located in the EEA, Switzerland, or the UK, and applicable law applies, you may have the right to:

  • request access to your personal information;
  • request correction of inaccurate or incomplete information;
  • request erasure in certain circumstances;
  • request restriction of processing in certain circumstances;
  • object to processing based on our legitimate interests, including direct marketing;
  • request data portability where applicable; and
  • withdraw consent where processing is based on consent.

You also have the right to lodge a complaint with your local data protection authority.

To exercise these rights, contact us at Ben@lexx.com or Andre@lexx.com.

15. Children’s Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information in violation of applicable law, contact us at Ben@lexx.com or Andre@lexx.com, and we will take appropriate steps.

16. Third-Party Services

The Services may contain links to third-party websites, plug-ins, or services. This Privacy Policy does not apply to third parties, and we are not responsible for their privacy practices. Please review their privacy policies before providing them with personal information.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version and revise the “Last Updated” date above. Where required by law, we will provide additional notice.

18. Contact Us

Learning Exchange, Inc. d/b/a LEXX
c/o The Corporation Trust Company
Corporation Trust Center, 1209 Orange Street
Wilmington, DE 19801

Email: Ben@lexx.com; Andre@lexx.com