hello@cybergenlearning.com +94777073855
☝️ Chat on WhatsApp

Privacy Policy

CYBERGEN (PVT) LTD – Privacy Policy

Effective date: 9th December 2025

CYBERGEN (PVT) LTD ("Cybergen", "we", "us" or "our") is a company registered in Sri Lanka and located at:

CYBERGEN (PVT) LTD
1/1/A1 Pahala Imbulgoda
Imbulgoda
Sri Lanka

We provide online and in-person training and related services to learners and organisations around the world, including in the United Kingdom, the European Economic Area (EEA) and other regions.

We are committed to protecting your privacy and handling your personal data in a fair, transparent and secure way.

This Privacy Policy explains how we collect, use, store and share information when you use our websites and services, including cybergenlearning.com, cybergen.lk and any related subdomains or online platforms that link to this Privacy Policy (together, the "Services").

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, you should not use our Services.

For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (EU GDPR) and the UK General Data Protection Regulation (UK GDPR), CYBERGEN (PVT) LTD is the data controller for the personal data described in this Privacy Policy, where we decide how and why your personal data is processed.

1. Information we collect

We may collect information about you in the following ways.

1.1 Information you provide to us

You may give us information about you when you:

  • Contact us using forms on our website
  • Register interest in a course or service
  • Create an account on any learning platform we operate
  • Subscribe to newsletters or marketing communications
  • Communicate with us by email, phone, messaging apps or social media
  • Take part in surveys, competitions or events
  • Attend our classes, workshops, training sessions or events

This information may include:

  • Name
  • Email address
  • Telephone number
  • Postal address
  • Country of residence
  • Organisation, school or employer details
  • Course preferences and learning history
  • Payment related information (processed via secure third party providers)
  • Any photographs, videos or testimonials you provide or that are captured with your knowledge during our events
  • Any other information you choose to provide in free text fields
1.2 Information we collect automatically

When you use our Services, we may automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages you visit and the time and date of your visits
  • Referring website or source
  • General location based on IP address (for example country or city level)

This information is used in an aggregated way to help us understand how our Services are used and to improve performance and security.

1.3 Cookies and similar technologies

We may use cookies and similar technologies to:

  • Keep you logged in
  • Remember your preferences
  • Understand how visitors use our website
  • Improve and personalise your experience

You can manage cookies through your browser settings. Please note that if you disable certain cookies, some parts of our Services may not function correctly.

If we use third party analytics or advertising tools, those providers may also set cookies in line with their own privacy policies.

1.4 Information about children and young learners

Some of our courses and content may be designed for learners under the age of 18. Where we collect personal data for a child or young learner, we expect that:

  • A parent, guardian or authorised school representative has provided the information, or
  • Appropriate consent has been obtained in line with applicable laws in the relevant country.

We do not knowingly collect more information from children than is reasonably necessary to provide the relevant educational services.

2. How we use your information

We use the information we collect for the following purposes:

  • To provide and manage our Services, including course delivery and learner support
  • To process registrations, bookings, enrolments and payments
  • To create and manage user accounts and learning profiles
  • To respond to your enquiries, support requests and feedback
  • To personalise your learning experience and recommend suitable courses or programmes
  • To send you administrative information, such as updates to our terms, schedules or policies
  • To capture and use photographs, video recordings and testimonials taken during our classes, workshops, training sessions and events for our marketing and promotional materials. This may include use on our websites, social media channels, printed materials, online advertisements and presentations. Where required by law, we will obtain your consent, or the consent of a parent or legal guardian in the case of learners under 18, before using identifiable images or recordings. You can tell us at any time, in advance or at the time of the class or event, if you do not want you or your child to appear in such materials and we will respect your preference as far as reasonably practicable.
  • To send you marketing communications about our courses, services and events where permitted and where you have not opted out
  • To maintain the security and integrity of our systems and prevent fraud, abuse or misuse
  • To analyse and improve our website, content and services
  • To comply with legal obligations and respond to lawful requests from authorities

We will not use your personal data in ways that are incompatible with the purposes described above.

3. Legal bases for processing

Where data protection laws such as the EU GDPR and UK GDPR apply, we rely on one or more of the following legal bases to process your personal data:

  • Consent. For example, where you agree to receive marketing communications from us or where consent is required for the use of identifiable photographs or video recordings.
  • Performance of a contract. For example, where processing is necessary to provide a course, programme or service you have requested, or to take steps at your request before entering into a contract.
  • Legitimate interests. For example, to operate, secure and improve our Services, to respond to your enquiries, to promote and develop our educational programmes, and to manage our business, provided that your rights and interests do not override these interests.
  • Compliance with a legal obligation. For example, where we are required to retain certain information for tax, accounting or regulatory purposes, or to respond to lawful requests.

Where we rely on consent, you can withdraw your consent at any time using the contact details in section 12 or by using the unsubscribe options provided in our communications. This will not affect the lawfulness of processing before consent was withdrawn.

4. Sharing and disclosure of your information

We do not sell or rent your personal data.

We may share your information with:

  • Service providers and partners who help us operate our Services, such as:
    • Payment processors and financial service providers
    • Hosting providers and IT support
    • Email and communication platforms
    • Learning management systems and e-learning platforms
    • Analytics and security service providers
    • Marketing and design agencies that support our promotional activities
  • Professional advisers, such as lawyers, accountants and auditors
  • Government authorities, regulators or law enforcement, where required by law or where we reasonably believe disclosure is necessary to protect our rights, safety or the rights and safety of others
  • Business transferees in connection with any merger, sale of assets, restructuring, acquisition or similar event. In such cases, personal data may be transferred as part of the business assets, subject to appropriate protections.

We require our service providers to keep your information confidential and to use it only for the purposes for which we provide it to them and in line with applicable data protection laws.

5. International transfers

As a Sri Lanka based organisation serving learners worldwide, including in the UK and EEA, your personal data may be transferred to and processed in countries other than the one in which you are located.

These countries may have different data protection laws from those in your country. Where personal data is transferred from the UK, EEA or Switzerland to a country that has not been recognised as providing an adequate level of data protection, we will take appropriate steps to protect your personal data, such as:

  • Using standard contractual clauses or equivalent safeguards approved under the EU GDPR and UK GDPR
  • Working with service providers that implement recognised data protection and security standards
  • Applying additional technical and organisational measures where necessary

You can contact us for more information about the safeguards we use for cross-border transfers.

6. Data retention

We keep your personal data only for as long as necessary for the purposes described in this Privacy Policy, including:

  • For as long as you have an active account or ongoing relationship with us
  • For the period required to comply with legal, accounting or reporting obligations
  • For a reasonable period to resolve disputes, handle complaints and enforce our agreements

When personal data is no longer required, we will take reasonable steps to delete, anonymise or securely archive it, in line with applicable legal requirements and our internal policies.

7. Your rights

Your rights in relation to your personal data may differ depending on your location and applicable law. In particular:

7.1 Rights for individuals in the UK, EEA and Switzerland

If you are located in the United Kingdom, in a country within the European Economic Area (EEA), or in Switzerland, you have the following rights under the EU GDPR or UK GDPR, subject to certain conditions:

  • Right of access. To obtain confirmation of whether we process your personal data and to receive a copy of the personal data we hold about you.
  • Right to rectification. To have inaccurate or incomplete personal data corrected.
  • Right to erasure. To request deletion of your personal data in certain circumstances, for example when the data is no longer necessary for the purposes for which it was collected.
  • Right to restriction of processing. To request that we restrict the processing of your personal data in certain circumstances.
  • Right to object. To object to the processing of your personal data where we are relying on legitimate interests, and to object at any time to processing for direct marketing.
  • Right to data portability. To receive your personal data in a structured, commonly used and machine readable format and to have it transmitted to another controller where technically feasible and where the legal basis is consent or contract.

You also have the right to lodge a complaint with a supervisory authority. If you are in the UK, this is the Information Commissioner’s Office (ICO). If you are in the EU or EEA, you can contact the data protection authority in your country of residence.

7.2 Rights in other countries

If you are located outside the UK, EEA or Switzerland, you may have similar or additional rights under local data protection laws. You can contact us using the details in section 12 and we will respond in line with applicable law.

7.3 How to exercise your rights

To exercise any of these rights, please contact us using the details in section 12. We may need to verify your identity before responding to your request.

We aim to respond within a reasonable time and in accordance with applicable law.

8. Marketing communications

If you have chosen to receive marketing communications from us, we may send you:

  • Emails about new courses, certifications, events, promotions and updates
  • Newsletters and educational content related to our services

You can opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in our emails, or
  • Contacting us using the details in section 12.

Please note that you may still receive essential service or transactional communications, for example messages about your account, bookings, certificates or changes to our terms, even if you opt out of marketing.

9. Cookies and tracking technologies

As noted in section 1.3, we may use cookies and similar technologies to support the operation of our Services and to understand how they are used.

You can usually choose to set your browser to remove or reject browser cookies. Your browser’s help feature should tell you how to do this. If you remove or reject cookies, some features of our website may not function properly.

If we use analytics or advertising cookies, further details may be provided in a separate cookie notice or within this Privacy Policy. Where required by law, we will request your consent before placing non essential cookies.

10. Third party websites and services

Our Services may contain links to third party websites, applications or services that are not operated by us.

We are not responsible for the privacy practices of those third parties and we do not control how they collect, use or share your information. We recommend that you review the privacy policies of any third party websites or services you visit.

11. Data security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, alteration or disclosure. These measures may include:

  • Secure hosting environments and restricted physical access
  • Access controls, passwords and authentication measures
  • Encryption of data in transit where appropriate
  • Regular monitoring and review of systems and procedures
  • Staff training and awareness regarding data protection and security

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

If we become aware of a data breach that is likely to result in a high risk to your rights and freedoms, we will take steps to notify you and any relevant authorities where required by law.

12. How to contact us

If you have any questions about this Privacy Policy, our data handling practices, or if you wish to exercise your rights, please contact us at:

CYBERGEN (PVT) LTD
Attn: Privacy Policy
1/1/A1 Pahala Imbulgoda
Imbulgoda
Sri Lanka

Phone: +94 77 707 3855
Email: support@cybergen.lk

We will do our best to respond promptly and to resolve any concerns you may have.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or for other operational reasons.

When we make changes, we will:

  • Post the updated Privacy Policy on this page, and
  • Update the "Effective date" at the top of the Policy.

If changes are significant, we may also notify you by email or through a notice on our website where appropriate.

Your continued use of the Services after the updated Privacy Policy is posted will indicate that you have read and understood the changes.

Logo

At CyberGen Academy, we are dedicated to empowering the next generation of IT professionals through comprehensive and practical training programs.

Services

Pages