Legal Information for Cyber Nomad
At Cyber Nomad, we prioritize transparency and trust with our clients. This section provides essential information regarding our legal standing, including our Privacy Policy, Terms of Service, Training Use, and Compliance Statement. Each area is designed to clarify how we operate and ensure the protection of your data and interests.
Privacy Policy
For detailed information regarding how we collect and use personal data, please refer to our Privacy Policy. It outlines our commitments to privacy and your rights concerning your information.
Terms of Service
Our Terms of Service set forth the agreed-upon expectations for all users engaging with our services. Please review these terms carefully before participating in our services.
Training Use
This section details how our training programs work, including participant expectations and our commitment to providing a secure and effective learning environment.
Compliance Statement
We adhere to all relevant regulations and standards to ensure our practices are compliant and uphold the highest industry standards. Our Compliance Statement is available for review to maintain accountability and trust.
If you have questions regarding our legal practices or would like further information, please do not hesitate to reach out to us.
Privacy Policy, Training Use, and Compliance Statement
Cyber Nomad LLC (“Cyber Nomad,” “we,” “us,” or “our”) is a hybrid organization delivering nonprofit programs and for-profit cybersecurity training and services. We are committed to protecting your information while maintaining high standards of legal compliance, ethical cybersecurity practice, and workforce development integrity.
1. Information We Collect
We may collect:
- Personal Information (e.g., name, email, contact details, payment or donation data)
- Student & Program Data (e.g., enrollment, progress, certifications, participation)
- Technical Data (e.g., IP address, device type, usage analytics, activity within training systems)
2. How We Use Information
We use information to:
- Deliver cybersecurity training, education, and contracted services
- Process payments, donations, and grants in compliance with IRS and funding requirements
- Track program outcomes for workforce, audit, and grant reporting
- Maintain secure, monitored training environments
- Improve services, platform performance, and user experience
- Comply with federal, state (Alaska), and contractual obligations
3. Student Data & FERPA-Aligned Practices
Cyber Nomad applies FERPA-informed principles to protect participant data:
- Limit collection to what is necessary
- Restrict access to authorized personnel and approved partners
- Maintain confidentiality of student records and performance data
- Use de-identified or aggregated data for reporting whenever possible
4. Cybersecurity Training & Acceptable UseAuthorized Use
Participants may only access assigned systems and perform activities within defined training environments.
Prohibited Use
Participants may not:
- Access unauthorized systems or external networks
- Use training tools or skills for illegal or unethical purposes
- Attempt to evade monitoring, controls, or safeguards
Monitoring
All training environments may be logged, monitored, and audited to ensure safety, compliance, and instructional integrity.
5. Assumption of Risk & Liability (Alaska-Aligned)
By participating in Cyber Nomad programs, you acknowledge:
- Cybersecurity training may involve simulated attacks, defensive operations, and controlled system interaction
- There are inherent risks in technical environments, including system errors or unintended disruptions within authorized labs
To the fullest extent permitted by Alaska and federal law:
- You assume all risks associated with participation
- You release and hold harmless Cyber Nomad LLC. and its affiliates from claims arising from participation, except in cases of gross negligence or willful misconduct
- Cyber Nomad is not liable for indirect, incidental, or consequential damages, including misuse of skills learned outside program scope
You accept full responsibility for how you apply cybersecurity knowledge beyond authorized training environments.
6. Ethical Use & Legal Compliance
Participants agree to:
- Comply with all applicable U.S. laws, including the Computer Fraud and Abuse Act (CFAA)
- Follow responsible disclosure practices
- Maintain confidentiality of systems, labs, and participant data
- Uphold professional cybersecurity and workforce ethics
7. DoD / NIST-Aligned Security Practices
Cyber Nomad training and operations are informed by:
- NIST cybersecurity principles (risk management, least privilege, audit logging)
- DoD-aligned ethical training standards
We implement safeguards including:
- Role-based access control
- Activity monitoring and audit logging
- Risk-based security practices
8. Data Sharing
We do not sell personal data. We may share information with:
- Trusted service providers (e.g., platforms, payment processors)
- Grantors, auditors, and workforce partners
- Government entities or authorities when legally required
9. Grant & Regulatory Compliance (CFR / OMB)
Cyber Nomad aligns with:
- 2 CFR Part 200 (Uniform Guidance)
- Federal and Alaska audit, reporting, and compliance requirements
We ensure:
- Data minimization for program delivery and reporting
- Secure record retention aligned with grant and IRS rules
- Internal controls to prevent fraud, waste, and abuse
- Responsible management of subrecipients and vendors
Data may be disclosed in aggregated or de-identified form for reporting and public impact.
10. Data Security
We apply administrative, technical, and organizational safeguards consistent with industry cybersecurity best practices.
No system can guarantee absolute security.
11. Your Rights
You may:
- Opt out of communications
- Request access, correction, or deletion of your data
- Ask how your data is used in programs, services, or reporting
12. External Links
We are not responsible for third-party privacy practices.
13. Updates
This policy may be updated to reflect legal, regulatory, or operational changes. Updates will be posted with an effective date.
14. Contact
anna.london@cyber-nomad.com
These terms outline the conditions under which Cyber Nomad LLC provides cybersecurity services, including risk assessments, incident response, and governance support to organizations and families in Alaska. By engaging with our services, clients agree to adhere to the parameters set forth herein.
Service Scope and Acceptance
Clients acknowledge that all services will be detailed in written agreements. The use of our website or services constitutes acceptance of these terms and any subsequent modifications.
Limitation of Liability
Cyber Nomad LLC will not be liable for indirect or consequential damages arising from the use of our services. Clients must ensure their internal controls and oversight are maintained.
Confidentiality and Client Cooperation
We treat all client information as confidential, sharing data only with client consent or as required by law. Clients are expected to cooperate fully, especially during incident response and forensic analysis.
Governing Law
These Terms and Conditions are governed by the laws of the State of Alaska. Any legal disputes will be resolved in accordance with these laws.
For further details or specific inquiries, please consult the relevant sections in our Privacy Policy and Terms of Service.
Common Questions
What is the cost associated with consulting services?
Consulting costs vary based on complexity and duration. Typically, we provide a detailed pricing strategy after an initial consultation.
How does the consultation process work?
The consultation begins with an assessment of your specific needs and concerns. We then outline strategies that best align with your goals, ensuring clarity and alignment before proceeding.
What kind of support can I expect during our engagement?
You will receive ongoing support tailored to your specific project. This includes strategy adjustments and risk assessments as new information surfaces.
Do you offer any guarantees for your services?
While we can't guarantee outcomes, we commit to delivering comprehensive and actionable insights based on thorough analysis and expertise.
How do you ensure confidentiality in our dealings?
Confidentiality is paramount. We adhere to strict protocols to safeguard all sensitive information exchanged during our engagements.
What should I do if I have additional legal questions?
For legal inquiries, it's recommended to consult a qualified legal professional or utilize legal service organizations like GoDaddy’s legal document services.
Can I modify the scope of our engagement after we've started?
Yes, if your priorities or objectives shift, we can reassess and adjust our strategy as necessary to align with your current needs.
How frequently can I expect updates during a project?
We believe in transparency. You will receive regular updates—typically weekly or biweekly—depending on the project's pace and requirements.