Privacy Policy

Effective Date: May 27, 2026

Last Updated: May 27, 2026

Overview

This Privacy Policy explains how CBTN WEB (“we,” “us,” or “our”) collects, uses, discloses, stores, and protects information in connection with CBT-Nweb / CBTNightmares (the “Service”).

The Service is a provider-focused, web-based learning and training platform that may include account registration, course delivery, progress tracking, communications, support features, and payment-related functionality.

By accessing or using the Service, you acknowledge this Privacy Policy and our Terms of Use.

1. Scope of This Privacy Policy

This Privacy Policy applies to personal information and related data that we collect in connection with the Service, including when you visit our website, create an account, register for offerings, make a purchase, contact us, or otherwise interact with the Service.

This Privacy Policy does not govern third-party websites, platforms, payment processors, analytics tools, or services that may be linked from or integrated with the Service, except to the extent expressly stated by us.

2. Information We Collect

We may collect the following categories of information:

  • Account and profile information, such as your name, email address, username, password or login credentials, organization, professional role, and other profile details you choose to provide.
  • Course and usage information, such as enrollment records, course progress, completion status, quiz or training interactions, certificates, and other activity within the Service.
  • Billing and transaction information, such as billing name, billing address, purchase history, order references, payment status, transaction identifiers, and related records.
  • Technical and device information, such as IP address, browser type, device identifiers, operating system, referral URLs, approximate geolocation derived from IP, and system logs.
  • Security and fraud-prevention information, including login history, abuse-prevention signals, CAPTCHA responses, suspicious activity indicators, and related metadata.
  • Communications and support information, such as messages you send to us, support requests, email correspondence, and survey or feedback submissions.
  • Cookie, session, and analytics information, including information collected through cookies, local storage, pixels, tags, server logs, and similar technologies.

3. Sources of Information

We may collect information from the following sources:

  • Directly from you when you register, log in, purchase access, submit forms, contact us, or otherwise use the Service.
  • Automatically from your browser, device, and interactions with the Service.
  • From service providers that support payment processing, security, analytics, communications, hosting, or similar operational functions.
  • From institutions, sponsors, or administrative partners where participation, registration, CE tracking, or related functionality requires coordinated processing and where permitted by law.

4. How We Use Information

We may use information for the following purposes:

  • Provide, operate, maintain, and improve the Service.
  • Create and manage user accounts and authenticate users.
  • Deliver course content, track participation, measure completion, and support learning-related features.
  • Process transactions, confirm purchases, provide paid access, and maintain transaction records.
  • Send administrative messages, service notices, account alerts, support responses, and updates.
  • Protect the Service, detect fraud, investigate misuse, prevent abuse, and enforce our policies and agreements.
  • Monitor performance, troubleshoot technical issues, conduct analytics, and improve reliability and user experience.
  • Comply with legal, regulatory, tax, accounting, accreditation, reporting, or security obligations.
  • Establish, exercise, or defend legal claims and protect our rights, users, personnel, and operations.

5. Payment Data Handling

Payment transactions may be processed by third-party payment service providers. Payment card data may be collected directly by the payment processor or exchanged for tokens or similar references before a charge request is sent through our systems.

We do not intend to store full payment card numbers or card security codes on our servers unless expressly stated otherwise and lawfully permitted. We may retain limited billing details, transaction identifiers, payment status, receipts, order history, and related support records as reasonably necessary for service delivery, accounting, fraud prevention, and legal compliance.

6. Cookies, Logs, and Similar Technologies

We may use cookies, local storage, session identifiers, server logs, analytics tools, and similar technologies to keep the Service functioning, remember preferences, authenticate users, measure traffic, improve performance, understand usage patterns, and protect against abuse.

Some browsers allow you to block or delete cookies. If you disable certain cookies or related technologies, some parts of the Service may not function properly.

7. How We Share Information

We may disclose information in the following circumstances:

  • Service providers and vendors that help us operate the Service, such as hosting providers, payment processors, infrastructure providers, analytics vendors, email or communication vendors, customer support tools, CAPTCHA providers, and security vendors.
  • Institutional, accreditation, or administrative partners where reasonably necessary to administer a course, completion records, continuing education workflows, or related program operations, and where such sharing is permitted by law and consistent with the applicable offering.
  • Professional advisors, such as legal counsel, auditors, insurers, accountants, and compliance advisors.
  • Legal and safety disclosures, including when required by law, subpoena, court order, governmental request, accreditation requirement, or where reasonably necessary to investigate fraud, enforce agreements, respond to security incidents, or protect rights, safety, and property.
  • Business transfers, such as in connection with a merger, acquisition, financing, reorganization, bankruptcy, asset sale, or similar transaction, subject to applicable law.

We do not sell personal information for money. If our practices change, we will update this Privacy Policy as appropriate.

8. Data Retention

We retain information for as long as reasonably necessary to provide the Service, maintain user accounts, preserve course and transaction records, support continuing education administration where applicable, resolve disputes, enforce agreements, comply with law, and protect the integrity and security of our operations.

Retention periods may vary depending on the type of information, the sensitivity of the data, the context in which it was collected, operational needs, and applicable legal or regulatory requirements.

9. Security

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, alteration, and disclosure.

However, no method of transmitting data over the internet or storing data electronically is completely secure. Accordingly, we cannot guarantee absolute security.

10. Your Choices and Privacy Requests

Subject to applicable law, you may request access to, correction of, deletion of, or information about certain personal information we maintain about you. You may also request that we review certain processing activities or update account information that is inaccurate or incomplete.

We may need to verify your identity before acting on a request, and we may deny or limit requests where permitted or required by law, including where we need to retain information for legal, security, accounting, accreditation, transaction, or legitimate operational purposes.

To submit a privacy-related request, contact us at: admin@cbtnightmares.org.

11. Communications Preferences

We may send service-related emails or messages necessary to operate your account, deliver purchased services, provide support, communicate important updates, or comply with legal obligations.

If we send optional promotional or informational communications, you may be able to opt out using the unsubscribe link in the message or by contacting us, subject to any communications that are necessary for your account or the Service.

12. Children’s Privacy

The Service is intended for adults and is not directed to children. We do not knowingly collect personal information from children in a manner prohibited by applicable law.

If you believe a child may have provided personal information to us improperly, please contact us so that we may investigate and take appropriate action.

13. Third-Party Links and Services

The Service may contain links to or integrations with third-party websites, tools, or services. We are not responsible for the independent privacy, security, or data handling practices of those third parties.

We encourage you to review the privacy policies and terms of any third-party services you use.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the Service, our practices, legal requirements, or operational needs. Updated versions will be posted on this page with a revised “Last Updated” date.

If required by law or if we determine it appropriate, we may also provide notice through the Service, by email, or through other reasonable means.

Continued use of the Service after an updated Privacy Policy becomes effective constitutes acknowledgment of the revised policy, except where additional consent is required by law.

15. Contact Information

If you have questions about this Privacy Policy or our data practices, contact:

CBTN WEB
Website: https://www.cbtnightmares.org/
Email: admin@cbtnightmares.org
Contact Page: Submit a Request