Itatem and its affiliated entities are the operators of this Identity Bank which is provided to all operators of National Cyber Warfare Foundation cyber ranges. As the name suggects, the Identity Bank is a secured repository of all the identifying data used to provide Cyber Range services. Additionally, clients of Itatem are making use of our Identity Banks to remove their need for storing personal information. Clients of Itatem are not permitted to store a copy of your personal information. All interactions with you must use our systems.
Itatem Identity Banks are a non-human managed system. Itatem systems are fully automated. This ensures that you remain in control what data the system has about you. If you call for technical support, the technician involved may see your information on their screen.
Contacting Us
Our mailing address is: 2487 S. Gilbert Rd, Ste. 106-141, Gilbert, AZ 85295
You may reach us by phone at +1-480-525-9801 or via email at [email protected]
Who are we?
Itatem is a corporation registered in the United States of America. It is now the entity that owns and operates all NCWF/CWWR Identity Banks operating worldwide. You can learn more about Itatem via oue website: www.itatem.com
Previous/Other connected entities
The National Cyber Warfare Foundation (NCWF) is a United States of America based 501c3 non-profiy/public benefit corporation. We are the foundation behind the original Arizona Cyber Warefare Range, CWR Academy, and several other entities. Our foudation is registered with the government of the United States of America. Our 501c3 is registered as the Mosiac Arts Center. It was registered in 2012. Public filings can be found at the United States Internal Revenue Service. Our Electronic Identification Number (EIN) is 45-3161142. You can read more about our foundation via GuideStar at Read More
The Cyber Warfare Range LLC (CWR) is a registered Limited Liability Company (LLC) with the State of Arizona. You can read more about The Cyber Warfare Range LLC at the Arizona Secretary of State’s office. All of our other affiliations are also registered with the State of Arizona. It also uses the registered dba The Arizona Cyber Warfare Range.
CWR Academy is a registered c-corporation in South Dakota, USA. It is the organization that holds and license all of our educational content.
What personal data we collect and why we collect it
The Identity Bank collects the following information pertaining to your identity:
- Mobile Phone Number – Your mobile number is the most import piece of information as this allows us to authenticate your requests for access to our cyber ranges, recover your password and provision Range Tarets.
- Name – Your name allows our support team to personalize their responses to your questions, support tickets, and support calls.
- Email Address – Your email address is used during account recover, user support and email notification. You may revoke your authorization for NCWF to notify you via email by deleting your email account in the Identity Bank portal.
- User Names – You may have one or more usernames which are used to authenticate into the Identity Bank. This aids in your privacy and allows you further anonymity.
- IP Addresses – The Identity Bank records all source IP addresses of your devices as you login to the Identity Bank portal or other NCWF or Cyber Warfare Range web applications. We use this data to determine the regions of the world using our services.
- Postal addresses – You may choose to enter postal addresses for yourself.
- Security Heuristics – we track metrics and related meta data for the purposes of conducting a secondary/correlating indentification of you. This data allows us to detect accounts that may have been compromised.
Where is your data stored?
Itatem is a global identity Bank operator. We store your data in data centers throughout the world. Your personal data is kept within the country, or cuntries, it is required to be kept by law. If your personal information changes, requiring the movement of where your data is stored, our systems will automatically move your data to the most appropriate storage location as required by law.
How do you verify my information?
- Email addresses – we will send you a verification link to the email address you specified. Until your click on the link to verify your email address, your email address is marked as unverified and will not be able to be used by you util you verify it.
- Mobile phone numbers – we will send you a text/sms message. The message includes a link. The link will verify your mobile phone number. Until a mobile phone number has been verified, it is not able to be used by you in our systems.
- Postal addresses – we will send you a postcard with a validation code and a web page to enter it into. Until you postal address is verified by this method, you will be unable to utilize your postal address.
Itatem will also utilize third party data systems to validate your personal information. It will also periodically audit the personal information you have stored in our Identity Banks.
Who we share your data with
Only entities within the Itatem eco-system will have the ability to utilize some/all of information you provide in your profile. Itatem DOES NOT share any of your information with any entity outside our direct affiliations and control unless required by law. If our Identity Bank is being used by a third party, the only data available to that third party is what you explicitly share with them. The only possible exceptions are the username you authenticate with, potentially your email address, and a unique ten(10) digit ID our systems assigend to you as an alias. Our eco-system members are not permitted to store your personal data unless you explicitly share it with them or as may be required by law.
How long we retain your data
Our Identity Bank only stores data about you until you request us to remove it or after 2 years of no activity. Once you data is to be removed it is deleted. Backups of our data are retained for an additional two (2) years after your data has been removed.
What rights you have over your data
Full access and management of your personal data collected by Itatem may be found on our Identity Bank Portal. This web portal will allow you to add, edit or delete all of your personal information, including:
- Email address
- Phone Number
- Usernames
- IP Addresses from where you connected to our service
- Delete your full account with all above information
Where do we send your data
We may enrich the data we know about you via third party data sevrices. We do not send data you have provided us to third parties. An example would be your IP addresses. We will ask a third party what ISP you are using, the physical address associated with with the IP address, and whether or not your IP address is associated with malicious activity. IP addresses are identified as personal private information, but our service does not connect your other personal data with our requests to third parties. If we are obligated to release any of your data to a verified legal entity requiring it, we will do so only to the minimum standard we are required to comply with.
How we protect your data
We take protecting our users very seriously. Your data is stored on systems which are managed and controlled by Itatem. Passwords in our database are stored in encrypted hash format and all non-essential ports and services are disabled on our servers. The web portal interface for the Identity Bank is completely decoupled from the server logic and database layers to mitigate malicous attempts to access the data. For more information, please reach out to Itatem: [email protected].
What breach procedures are in place
If we are notified or detect a breach of our systems, we will notify you promptly via your email addresses on file. Our security team will conduct an immediate and thorough investigation. If needed, we will also work with law enforcement to identify the attacker(s) and prosecute them.
Cookies
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies and to persist your login with a single user session. This cookie contains no personal data and is discarded either automatically or when you ask your web browser to do so.