Privacy Policy

Global Learning Systems (“GLS”) Privacy Policy Overview

Effective date: 12/01/2020

This privacy policy applies to the privacy practices for www.globallearningsystems.com and www.keystoneondemand.com (collectively referred to as ‘website’) and owned and operated by Bancroft Technology Group Inc., and its affiliates Keystone Learning Systems LLC and Global Learning Systems LLC (collectively “Global Learning Systems”, “GLS”, “we”, “our”, “us “). This privacy policy describes how Global Learning Systems collects and uses the personal information a user or “you” provide on our web site. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.

Information Collection, Use and Sharing

GLS is the sole owner of the information collected on its web site. We only have access to collect information that you voluntarily provide us via email or other direct contact from you. GLS will not sell, share, or rent this information to others in ways different from what is disclosed in this statement.

Although we make every effort to preserve your privacy, we may need to disclose personal information when we have a good-faith belief that such action is necessary to comply with a court order or other legal process served on us.

GLS provides online training to employee-users of our customers. We contract with our customers to provide this service, and we will not use the personal information collected from users in a way different than for which it was contracted. In order to access our training programs, the user or the customer must provide contact information, including their names and e-mail addresses at a minimum. Depending on what our company customers need for human-resource management and verification, we may also collect employee numbers, titles, departments, divisions and groups. This information is used only to track users’ progress on the training program or programs for which they registered (or authorized by their employer) and to report that information to their employers. Users are not asked or required to provide information such as income level, gender or unique identifiers (e.g., Social Security numbers).

GLS collects non-personally identifiable information, including but not limited to browser type, IP address, operating system, the date and time of visits, the pages visited on the site, time spent viewing the site, and return visits to the site. We use Google Analytics, a service that records non-personally identifiable data such as browser type, operating system, the date and time of a visit, where visitors came from, the pages visited on this website, the time spent viewing site, where visitors went when they left the site, and return visits to the site. 

We aggregate this non-personally identifiable data to better understand how visitors use our site, and to help manage, maintain, and report on use of our website. We may share this non-personally identifiable data with third parties for the limited purpose of reporting on use of our website, or to comply with applicable law. We do not rent, sell or share any non-personally identifiable data collected on this website with third parties for marketing purposes.

Cookies​

Cookies are used on this website to:

  • Understand and improve your experience using our site
  • Allow us to track online patterns and preferences, as well as to identify return visitors.
  • Allow you to share our content on social networking sites if you want to
  • Facilitate behavioral advertising after you leave our site

Your Access to and Control Over Information

If you no longer wish to receive our informational and promotional communications from GLS, you can do the following at any time by contacting us via the email address or phone number provided below or on our website:

  • See what information we have about you, if any.
  • Change/correct/delete any information we have about you.
  • Express any concern you have about our use of your data.

You may opt-out of receiving promotional communications by following the instructions included in each communication or contact us via our website.

Security

GLS takes precautions to protect your information both online and off-line. All such user information is restricted, where only employees who require the information to perform a specific job function are granted access to personally identifiable information. Additionally, our employees are kept up-to-date on our security and privacy practices. The servers that we store user information on are also housed in a secure environment.

 

The security of your personal information is important to GLS and we follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. 

For EU Individuals – Your Legal Rights Under GDPR

GLS is committed to ensuring the rights of individuals as required by the General Data Protection Regulation (GDPR). Specifically, these rights include:

  • The right of access – individuals have the right to know exactly what information is held about them and how it is processed.
  • The right of rectification – individuals are entitled to have personal data rectified if it is inaccurate or incomplete.
  • The right to erasure – also known as ‘the right to be forgotten’, this refers to an individual’s right to having their personal data deleted or removed without the need for a specific reason as to why they wish to discontinue.
  • The right to restrict processing – an individual’s right to block or suppress processing of their personal data.
  • The right to data portability – this allows individuals to retain and reuse their personal data for their own purpose.
  • The right to object – in certain circumstances, individuals are entitled to object to their personal data being used. 
  • Rights of automated decision making and profiling – individuals can choose not to be the subject of a decision where the consequence has a legal bearing on them or is based on automated processing.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here:  http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.  If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law.



Privacy Shield Frameworks for Data Transferred to the United States from the EU/United Kingdom/Switzerland

GLS complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework (Privacy Shield) as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from European Union member countries (and Iceland, Liechtenstein, and Norway), the United Kingdom, and Switzerland to the United States in reliance on Privacy Shield.  GLS has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/    

 

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, GLS is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

 

Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States.  Upon request, we will provide you with access to the personal information that we hold about you.  You may also may correct, amend, or delete the personal information we hold about you.  An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to erica.smith@globallearningsystems.com.  If requested to remove data, we will respond within a reasonable timeframe.

 

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.  To request to limit the use and disclosure of your personal information, please submit a written request to erica.smith@globallearningsystems.com

 

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

 

GLS’ accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, GLS remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless GLS proves that it is not responsible for the event giving rise to the damage.

 

In compliance with the Privacy Shield Principles, GLS commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact GLS’ Data Protection Officer, Erica Smith of GLS at erica.smith@globallearningsystems.com.

 

GLS has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.

 

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.  See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Changes to This Privacy Statement

We reserve the right to modify this privacy statement at any time, as determined by GLS. Updates and changes to our privacy policy will be reflected in this privacy statement located on our website so you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If GLS makes any material changes in our privacy practices, we will post a notice on our web site notifying users of the change. In certain cases when we post the notice, we will also e-mail users who have opted to receive communications from us to notify them of the changes in our privacy practices.

Contacting Us

If you have any questions or suggestions regarding our privacy policy, please contact us at any time

at 866-245-5224 or email us at info@globallearningsystems.com .

GLS Logo
Front-End Exercises
React Angular Vue.js
Cross Site Request Forgery Cross Site Request Forgery Untrusted HTML Rendering XSS
Direct Dom Manipulation XSS Direct Dom Manipulation XSS Direct Dom Manipulation XSS
Components with Known Vulnerabilities Template Concatenation Cross Site Request Forgery
Untrusted HTML Rendering XSS Sanitization Misuse XSS Untrusted Template Usage XSS
GLS Logo
OWASP Top 10 – API – 2019
ID Topic Covered in SecureDev Modules Programming Languages Available
API1:2019 Broken Object Level Authorization Broken Object Level Authorization JAVA, C#, Python (Django), Python (Flask), Node.js, GO, PHP, Ruby on Rails, Scala, Kotlin
API2:2019 Broken User Authentication Broken User Authentication
API3:2019 Excessive Data Exposure Excessive Data Exposure
API4:2019 Lack of Resources & Rate Limiting Lack of Resources & Rate Limiting
API5:2019 Broken Function Level Authorization Broken Function Level Authorization
API6:2019 Mass Assignment Mass Assignment
API7:2019 Security Misconfiguration Security Misconfiguration
API8:2019 Injection Injection
API9:2019 Improper Assets Management Improper Assets Management
API10:2019 Insufficient Logging & Monitoring Insufficient Logging & Monitoring
GLS Logo
OWASP Top 10 – 2021
ID Topic Covered in SecureDev Modules Programming Languages Available
A01:2021 Broken Access Control Vertical Privilege Escalation Horizontal Privilege Escalation JAVA, C#, Python (Django), Python (Flask), Node.js, GO, PHP, Ruby on Rails, Scala, Kotlin
A02:2021 Cryptographic Failures Weak Randomness
A03:2021 Injection SQL Injection Command Injection Header Injection XML Injection
A04:2021 Insecure Design User Enumeration
A05:2021 Security Misconfiguration Leftover Debug Code
A06:2021 Broken Access Control Vertical Privilege Escalation Horizontal Privilege Escalation
A07:2021 Vulnerable and Outdated Components Session Fixation Forced Browsing
A08:2021 Software and Data Integrity Failures Reflected XSS
Forced Browsing
Stored Cross-Site Scripting
Insecure URL Redirect
Clickjacking
Directory Traversal
DOM XSS
Cross-site Request Forgery
A09:2021 Security Logging and Monitoring Failures PII Data in URL
Token Exposure in URL
A10:2021 Server-Side Request Forgery (SSRF) Server-Side Request Forgery
GLS Logo

Your download is complete!

Need more training?