Effective Date: 1 February 2026
PhishNext is a powerful web-based phishing simulation service designed to enhance organizational cybersecurity by simulating phishing attacks to test employee awareness and readiness. As a subsidiary of Craw Security, we are committed to protecting your privacy and personal data.
This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our services.
By using PhishNext, you agree to the terms outlined in this Privacy Policy. If you do not agree with these terms, please do not use our services.
We collect the following types of information when you use PhishNext:
When you sign up for PhishNext or interact with our platform, we may collect personal information, including but not limited to:
We may collect non-personal information related to your usage of PhishNext, including:
For users on a pay-per-person subscription model, we may collect payment details to process transactions. Payment details are processed by third-party payment processors and are not stored by PhishNext.
We use the information we collect for the following purposes:
PhishNext uses industry-standard security measures to protect your data. We employ encryption techniques, secure data storage, and restricted access controls to safeguard the personal and organizational information collected through our platform.
However, no security measure can guarantee 100% security, and we cannot ensure the absolute security of your information.
We retain personal and organizational data for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. If you wish to delete your account or any associated data, please contact us, and we will comply with your request in accordance with applicable law.
We do not sell or rent your personal data to third parties. However, we may share your information in the following circumstances:
As a user of PhishNext, you have the following rights regarding your personal data:
To exercise these rights, please contact us at [email protected].
PhishNext may use cookies and similar tracking technologies to enhance your experience on our platform. These technologies help us analyze usage patterns, remember your preferences, and improve the functionality of our services. You can manage your cookie preferences through your browser settings.
For more information, please contact us at [email protected].
PhishNext is not intended for use by individuals under the age of 18. We do not knowingly collect or solicit personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete such information as soon as possible.
PhishNext reserves the right to update this Privacy Policy at any time. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
If you have any questions or concerns about this Privacy Policy, please contact us at:
By using PhishNext, you consent to the collection, use, and sharing of your information as described in this Privacy Policy.