Home Books Training Newsletter Resources
Sign up Log in

Privacy Policy

Feisty Duck Limited ("we", "us", "our") are committed to protecting and respecting your privacy. This privacy policy ("Privacy Policy") together with Terms of Use and Terms and Conditions and any other documents referred to herein, set out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.feistyduck.com ("Site"), you are accepting and consenting to the practices described in this Privacy Policy.

For the purpose of the Data Protection Act 1998 or any subsequent amendment or replacement or supplementary legislation (the "Act"), the data controller is Feisty Duck Limited of 86-90, Paul Street, London, United Kingdom, EC2A 4NE.

Information we may collect from you

We may collect and process the following data about you:

Information you give us. You may give us information about you by filling in forms on our Site or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our Site, apps, subscribe to our service or newsletter and when you report a problem with our Site. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph, domain names, and network address information.

Information we collect about you. With regard to each of your visits to our Site we may automatically collect the following information:

  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
  • Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

Special Category Data. We do not collect, store or use special category data about you - meaning details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data.

Legal Basis for Processing Personal Information

Our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. We will normally collect personal information from you only:

  1. Where we need the personal information to perform a contract with you
  2. Where the processing is in our legitimate interests and not overridden by your rights, or
  3. Where we have your consent to do so

We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our platform, or for the purposes of detecting or preventing illegal activities.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Cookies

We use cookies on our Site to distinguish you from other users of our Site. This helps us to provide you with a good experience when you browse our Site and also allows us to improve the Site. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the Site.

We use persistent cookies and session cookies on our Site. We use persistent cookies to save your login information for future logins to the Site. We use session cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by users and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site and then close your browser.

The table below explains the cookies we use and why we use each of them.

Cookie Purpose
Seamless sign-in cookie
FEISTY_COOKIE_AUTH
This optional persistent cookie is used to remember you after you sign in and to automatically sign you in on your subsequent visits.
Registration cookie
__HOST-SESSIONID
When you sign in, we use a session cookie that let us know whether you are signed in or not. Our servers use this cookie to work out which account you are signed in with.

You can set up your browser options to stop your computer accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use the whole of the Site or all functionality of the services.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

Uses made of the information

We use information held about you in the following ways.

Information you give to us. We will use this information:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
  • to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
  • to notify you about changes to our service;
  • to ensure that content from our Site is presented in the most effective manner for you and for your computer.

Information we collect about you. We will use this information:

  • to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our Site to ensure that content is presented in the most effective manner for you and your computer;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep our Site safe and secure;
  • to make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.

Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

We will not sell or rent your personal data to anyone. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

Disclosure of your information

Information we share with third parties. We may share your information with selected third parties including:

  • Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
  • Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
  • Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
  • Professional advisors acting as service providers to us in relation to the Site or Services - including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services.
  • Tax authorities, regulators and other authorities who require reporting of processing activities in certain circumstances.

Information we disclose to third parties. We may disclose your personal data to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If Feisty Duck Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use or Terms and Conditions and/or any other agreements; or to protect our rights, property, safety, our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where we store your personal data

The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or partners. Such staff or subcontractors maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing outside of the EEA.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. In particular, this means that your personal data will only be transferred to a country that provides an adequate level of protection (for example, where the European Commission has determined that a country provides an adequate level of protection) or where the recipient is bound by standard contractual clause according to conditions provided by the European Commission ("EU Model Clauses").

Third-Party Services

We rely on a number of third-parties in order to provide our services to you.

Company Country Purpose Privacy Policy
AWS US We use AWS as part of our core infrastructure. Privacy Notice
Digital Ocean US We use Digital Ocean for virtual servers for our training. Privacy Policy
Google Workspace US We use Google Workspace for our email, calendaring, document storage, and collaboration. Privacy Policy
Gumroad US We use Gumroad as our online bookstore. Privacy Policy
MaxMind US We use MaxMind for fraud detection. Privacy Policy
PayPal US We use PayPal to process payments. Privacy Statement
Plausible Analytics EU Site analytics that works without retaining any personal data. Privacy Policy
Rackspace US We use Rackspace as part of our core infrastructure. Privacy Notice
Sendgrid US We use Sendgrid by Twilio to send our transactional email, for example for account activation, forgotten password options, and various email notifications you request. Privacy Notice
Stripe US We use Stripe to process payments. Privacy Policy
Ticket Tailor UK We use Ticket Tailor as platform for selling tickets for our public trainings. Privacy Policy
Xero US We use Xero for accounting purposes. Privacy Notice
Zoom US We use Zoom to deliver remote training. Privacy Statement

Protection of information

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted.

We have put in place procedures to deal with any personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Site, you are responsible for keeping this password confidential. We ask you not to share any password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will endeavour to protect your personal data, we cannot guarantee the security of your data transmitted to our Site. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Links to other websites

Our Site may, from time to time, contain links to and from other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Your rights

You have the right under the Act, free of charge, to request:

  • Access to your personal data.
  • Rectification or deletion of your personal data.
  • A restriction on the processing of your personal data.
  • Object to the processing of your personal data.
  • A transfer of your personal data (data portability).
  • Withdraw your consent to us processing your personal data, at any time.

You can make a request in relation to any of the above rights by writing to us at the contact address given at the end of this Privacy Policy. We will respond to such queries within 30 days and deal with requests we receive from you, in accordance with the provisions of the Act.

Consent

You have the right to withdraw your consent to us processing your personal data, at any time, by writing to us at the contact address given at the end of this Privacy Policy.

Where we process your personal data for marketing purposes, we will inform you and obtain your opt in consent (before collecting your personal data) if we intend to use your personal data for such purposes or if we intend to disclose your information to any third party for such purposes. If you change your mind about being contacted in the future, please click on the opt out options and we will remove you from our mailing lists.

Data retention

We retain personal data for as long as necessary for the relevant activity for which it was provided or collected. This will be for as long as we provide access to the Site to you, your account with us remains open or and period set out in any relevant contract you have with us. However, we may keep some data after your account is closed or you cease using the Site for the purposes set out below.

After you have closed your account, we usually delete personal data, however we may retain personal data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Terms of Use or Terms and Conditions, or fulfil your request to "unsubscribe" from further messages from us.

European Representative under Article 27 of GDPR

We have appointed EU Rep as our Representative under Article 27 of the EU General Data Protection Regulation (“GDPR”). All GDPR queries from EU Data Subjects or Data Protection authorities should be submitted to eurep.ie via their dedicated form. BizLegal Ltd trading as EU Rep have their registered office at 27 Cork Road, Midleton Co. Cork, Ireland. Company number 635921.

Complaints

Our intention is to meet the highest standards when collecting and using personal data. For this reason, we take complaints we receive very seriously. If you have any complaints about our use of your personal data please contact our data protection supervisory authority:

  • In the UK: The Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England ("ICO").
  • Our EU Representative is BizLegal Limited trading as EU Rep, 27 Cork Road, Midleton, Co. Cork, Ireland.

Age of users

This Site is not intended for and shall not be used by anyone under the age of 16.

Changes to our privacy policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy. This Privacy Policy was last updated on 19 May 2025 and replaces any other Privacy Policy previously applicable from this date.

Contact

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to:

Feisty Duck Limited
86-90 Paul Street
London
EC2A 4NE
United Kingdom

@feistyduck

Books

  • Bulletproof TLS and PKI
  • ModSecurity Handbook
  • OpenSSL Cookbook

Training

  • Practical TLS and PKI

Resources

  • Newsletter
  • SSL/TLS and PKI History
  • Archived Books
  • Bulletproof TLS Guide

Company

  • Support
  • Website Terms of Use
  • Terms and Conditions
  • Privacy Policy
  • About Us