Cybersecurity and Applied AI career insights
© 2023-2026 Bespoke Intermedia LLC
Founded by Julian Calvo, Ed.D., M.S.
Legal
Last updated: April 7, 2026
Exercise your rights
Whatever jurisdiction applies to you (GDPR, CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, UK GDPR, Canada PIPEDA, Australia Privacy Act, Mexico LFPDPPP, Colombia Ley 1581, Argentina Ley 25.326, Chile Ley 19.628, Peru Ley 29733, Spain LOPDGDD, or Brazil LGPD), file a data access, deletion, correction, portability, or opt-out request at /data-request. We respond within the deadline that jurisdiction's law requires.
DecipherU is a product of Bespoke Intermedia LLC, a Florida limited liability company. Bespoke Intermedia LLC is the data controller for all personal information collected through this platform.
When you create an account, we collect your email address, name, and authentication credentials through our identity provider (Clerk). If you complete the onboarding process, we collect additional career context including your current role, target role, experience level, location, and study preferences.
When you complete the RIASEC career personality assessment, we store your responses and computed scores. If you complete scenario exercises, we store your written responses, evaluation results, and behavioral dimension scores. This behavioral data is the core of your DecipherU profile.
We automatically collect basic usage data including pages visited, features used, and session duration to improve the platform experience.
Your career context and behavioral data are used to personalize cybersecurity career recommendations, match you with relevant certification paths, and generate scenario exercises calibrated to your skill level.
We use aggregated, de-identified data to improve our assessment algorithms, generate community insights displayed on career and certification guides, and conduct research on cybersecurity career development patterns.
Your data is stored in a PostgreSQL database hosted by Supabase in the United States (West US, Oregon region). All data is encrypted in transit using TLS and at rest using AES-256. Authentication is managed by Clerk, which maintains its own security certifications.
You can access, update, or delete your personal data at any time from your account dashboard. If you delete your account, all associated personal data, behavioral scores, and scenario responses are permanently removed from our systems within 30 days.
Right to deletion: You can delete your account and all associated data at any time. To do so, go to Settings > Delete Account in your dashboard, or email privacy@decipheru.com with your deletion request. All personal data, assessment responses, behavioral scores, and scenario responses will be permanently deleted within 30 days of your request.
If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability, the right to restrict processing, and the right to object to processing. If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what data we collect and the right to request deletion.
We use the following third-party services that may process your data: Clerk (authentication), Supabase (database), Vercel (hosting), Anthropic (AI-powered content synthesis and scenario evaluation), Stripe (payment processing, when applicable), and Resend (email delivery). Each of these providers maintains their own privacy policies and security practices.
DecipherU uses artificial intelligence (specifically Anthropic Claude) as a core tool in delivering cybersecurity career insights. We believe in full transparency about how AI is used in our platform.
Content generation: Career guides, salary analyses, certification comparisons, and industry briefings are generated using large language models, then structured and validated against our proprietary editorial framework. All AI-generated content is grounded in verifiable data from the U.S. Bureau of Labor Statistics, O*NET OnLine, and industry compensation databases.
Assessment scoring: Open-ended assessment responses are evaluated using AI-augmented scoring. All scoring rubrics and dimensional frameworks are designed by Julian Calvo, Ed.D., M.S., using psychometric principles from his doctoral research. AI assists with scoring execution, not rubric design.
Data handling: When AI processes your assessment responses, the data is sent to Anthropic's API for evaluation. Your responses are not used to train Anthropic's models. We retain AI-generated scores and feedback as part of your user profile.
What AI does not do: AI does not design our methodology, scoring rubrics, dimensional frameworks, or career pathway models. These originate from over a decade of doctoral and graduate research across three universities (University of Miami, Barry University, Northeastern University).
When you complete assessments on DecipherU: including the RIASEC Career Personality Assessment, Career DNA, Cyber Aptitude, Incident Response Readiness, Threat Modeling Proficiency, Leadership Readiness, Organizational Security Culture, and Cybersecurity Sales Aptitude , your individual responses and computed scores are stored as part of your user profile.
Assessment data is used for: generating personalized cybersecurity career recommendations, matching you with relevant career paths and certifications, and building normative scoring comparisons that help you understand how your results compare to peer groups.
Assessment results may be used in anonymized, aggregated form for research and platform improvement. No individual can be identified from aggregated assessment data.
When an employer uses DecipherU for Teams to assess candidates, we collect and process candidate data on behalf of that employer.
What we collect: When a candidate completes an employer-initiated assessment, we collect their name, email address, assessment responses, and computed scores. This data is stored separately from any personal DecipherU account the candidate may hold.
Sharing with employers: The employer that invited the candidate receives access to the candidate's assessment results, including role match scores, RIASEC profile, and skills breakdown. We do not share candidate data with any employer other than the one that initiated the assessment.
Anonymized normative data: Candidate assessment responses may be included in anonymized, aggregated normative scoring baselines. No employer or candidate can be identified from this aggregated data.
Retention: Employer-initiated candidate data is retained for the duration of the employer's active subscription plus 30 days after cancellation. After that period, candidate data is permanently deleted.
Candidate rights: Candidates assessed through DecipherU for Teams have the same rights as individual users. They can request access to their assessment data, request deletion, or request data portability by contacting privacy@decipheru.com. Deletion requests are processed within 30 days.
We aggregate de-identified assessment data to build normative scoring baselines for each assessment on the platform. These baselines allow us to show you how your results compare to other cybersecurity professionals who have completed the same assessment.
No individual can be identified from aggregated normative data. All identifying information is removed before data is included in normative calculations. Normative data helps you contextualize your results relative to peer groups segmented by experience level, role type, and other non-identifying characteristics.
To prevent abuse of our free tier (such as creating multiple accounts to circumvent usage limits), we may collect device and browser characteristics including screen resolution, timezone, installed fonts, and browser configuration. This data is hashed into a device identifier used solely for anti-abuse enforcement. We do not use device fingerprinting for advertising, cross-site tracking, or any purpose other than protecting the integrity of the platform. You may contact privacy@decipheru.com to request removal of your device identifier.
We use the following categories of cookies on DecipherU:
We do not use advertising cookies. We do not use third-party tracking cookies. We do not sell your data to third parties.
We do not sell, rent, or trade your personal information or behavioral data to any third party under any circumstances. Your data is used exclusively to provide and improve the DecipherU service.
Account data; including your name, email address, and profile information, is retained for as long as your account remains active on DecipherU.
Assessment responses and computed scores are retained for the duration of your active account. This data powers your personalized recommendations and allows you to track your career development over time.
After account deletion: all personal data, assessment responses, and individual scores are permanently deleted within 30 days of your deletion request. Anonymized aggregate data that has already been incorporated into normative scoring baselines may be retained indefinitely, as no individual can be identified from this data.
Email subscription data is retained until you unsubscribe. You can unsubscribe at any time using the link in any email or by contacting privacy@decipheru.com.
From time to time, DecipherU invites users to participate in customer development interviews to inform product, pricing, and content decisions. Participation is voluntary. We obtain explicit, written consent before any recording begins, and you can withdraw consent at any point during the conversation.
What we record: audio (and optionally video) of the interview, the chat transcript, and any artifacts you choose to share with us during the call (for example, a sample resume or a screen share of how you use the platform).
How we use recordings: recordings are reviewed internally to inform product roadmap, pricing decisions, and content priorities. Quotes are anonymized before being shared in internal documents or external materials.
Sharing: recordings are not sold, traded, or shared with third parties for any purpose. Recordings are stored in access-controlled cloud storage accessible only to the DecipherU team and trusted contractors under signed NDA.
Retention: customer development recordings are kept for a maximum of 12 months, then permanently deleted. You can request earlier deletion of your recording at any time by emailing privacy@decipheru.com. Deletion requests are processed within 30 days.
DecipherU is designed for professionals and career-oriented individuals. Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@decipheru.com. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly.
We may update this privacy policy from time to time. If we make material changes, we will notify you by email or through a prominent notice on the platform before the changes take effect.
For privacy-related questions or requests, contact us at privacy@decipheru.com.