Privacy Notice

Privacy notice for the cyber control readiness assessment.

This notice explains what information Anansi Cyber collects through this assessment, why it is collected, how it is used, and the choices available to you. It is written for this assessment experience, not for every product or service Anansi may provide.

Effective date: April 19, 2026 Controller: Anansi Cyber Contact: contactus@anansicyber.com

Information we collect

When you use the assessment, we collect the information you choose to submit through the form and questionnaire. That currently includes:

  • Organization name.
  • Work email address.
  • Industry.
  • Renewal timing, if provided.
  • Your assessment responses, generated score, and report outputs.
  • Any explicit follow-up request you submit from the results page.

How we use that information

We use the submitted information to operate the assessment, personalize the scorecard, generate the PDF report, review submissions internally, evaluate demand for services, respond to questions, and handle follow-up you request. We may also use submissions to improve the assessment, detect abuse, protect the site, and meet legal or professional obligations.

How information is shared

We do not sell personal information or share it for cross-context behavioral advertising. We use the following categories of service providers to operate the assessment, subject to written business-purpose restrictions:

  • Form processing: Formspree (form submissions are routed through Formspree's privacy policy).
  • Email and follow-up: standard business email tooling used by Anansi Cyber to receive and respond to submissions.

We may also disclose information to professional advisers, regulators, or law enforcement where reasonably necessary, or in connection with a sale or restructuring of the business.

Retention

Assessment submissions are generally retained for up to 18 months after the last relevant interaction with the submission. We may keep information longer when needed to investigate abuse, maintain security records, comply with law, defend legal claims, or support a longer commercial relationship that you later choose to enter into.

Your choices and California rights

You can choose not to submit the assessment. If you do submit it, you may contact us at contactus@anansicyber.com to make any of the following requests:

  • Right to know the categories of personal information we have collected about you and how it has been used or shared.
  • Right to delete personal information we have collected, subject to applicable exceptions.
  • Right to correct inaccurate personal information.
  • Right to opt out of any sale or sharing of personal information for cross-context behavioral advertising. (We do not sell or share personal information for those purposes.)

These rights are provided under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA). We will not discriminate against you for exercising them. We will respond within the timeframes required by applicable law and may need to verify your identity before fulfilling a request. You may also designate an authorized agent to submit a request on your behalf.

If you request follow-up, we will use the contact details already provided to respond.

Security

No internet transmission or storage system is guaranteed to be secure, but we take reasonable steps designed to protect assessment information in transit and at rest, restrict access on a need-to-know basis, and review the assessment workflow for abuse and operational risk.

Third-party links

The assessment and report may link to third-party sites, incident reports, or external resources. Their privacy practices are governed by their own notices, not this one.

Changes

We may update this notice as the assessment evolves. The effective date at the top of this page reflects the current version.