PhishFortress
    Features

    Phishing Simulation

    Test employee awareness with realistic phishing campaigns

    Security Training

    Interactive modules to educate your team

    Threat Detection

    AI-powered detection of sophisticated phishing attempts

    Incident Response

    Automated workflows to contain and remediate threats

    Solutions

    Financial Services

    Protect sensitive financial data and customer trust

    Healthcare

    Secure patient data and medical systems

    Government

    Defend critical infrastructure and sensitive data

    Education

    Protect student data and research

    Enterprise

    Comprehensive protection for large organizations

    Pricing
    Resources

    Blog

    Latest insights on phishing and security

    Documentation

    Detailed guides and API references

    Webinars

    Educational sessions with security experts

    Case Studies

    Success stories from our customers

    About
    Sign inSign up free

    Cookie Policy

    Understanding How PhishFortress Uses Cookies

    Last Updated: February 2024

    1. What Are Cookies?

    Cookies are small text files stored on your device that help websites remember information about you and provide personalized experiences. PhishFortress uses cookies to enhance security, improve functionality, and understand how users interact with our platform.

    2. Types of Cookies We Use

    Essential Cookies (Required)

    These cookies are necessary for basic platform functionality:

    • Session Cookie: Maintains your authentication session (sb_session)
    • CSRF Protection: Protects against cross-site request forgery attacks
    • Security Token: Validates API requests and user identity
    • User Preference: Stores theme and interface preferences

    Performance & Analytics Cookies (Optional)

    These help us understand platform usage and improve performance:

    • Analytics Cookie: Tracks anonymous usage patterns and feature adoption
    • Performance Monitoring: Measures load times and API response metrics
    • Error Tracking: Helps identify and fix technical issues

    Campaign & Tracking Cookies (Simulation-Specific)

    Used in phishing simulations to measure engagement:

    • Campaign Tracking ID: Identifies users in phishing simulations
    • Click Tracking: Records when users click simulated phishing links
    • Open Tracking: Detects when simulated emails are opened

    Third-Party Cookies

    Placed by our partners for integrated services:

    • Email Gateway Integration: Allows seamless email system integration
    • SIEM Integration: Enables security event correlation
    • Analytics Platform: Third-party analytics services
    3. Phishing Simulation Tracking

    PhishFortress uses tracking technologies in simulated phishing emails to measure:

    • Email open rates and timing
    • Link click-through rates
    • Credential submission attempts
    • User awareness improvement over time

    Important: These tracking mechanisms are used only within authorized simulations within your organization. They comply with anti-spam regulations (CAN-SPAM, GDPR, etc.).

    4. Cookie Management & Consent

    Browser Settings:

    Most web browsers allow you to control cookies through settings:

    • Chrome: Settings → Privacy and security → Cookies
    • Firefox: Preferences → Privacy & Security → Cookies
    • Safari: Preferences → Privacy → Manage Website Data
    • Edge: Settings → Privacy → Cookies and site permissions

    Impact of Disabling Cookies:

    Disabling essential cookies may prevent you from accessing PhishFortress or using core features. We recommend keeping essential cookies enabled while optionally disabling performance cookies if you prefer.

    5. Cookie Duration

    Session Cookies:

    Deleted when you close your browser (typically 30 minutes of inactivity)

    Persistent Cookies:

    Remain for up to 1 year unless manually deleted

    Campaign Tracking Cookies:

    Remain for the duration of the simulation (typically 30-90 days)

    6. Privacy & Data Protection

    Cookies used by PhishFortress are subject to our Privacy Policy. Personal data collected through cookies is:

    • Encrypted during transmission and storage
    • Protected by SOC 2 Type II security controls
    • Processed in compliance with GDPR, CCPA, and other regulations
    • Never sold to third parties
    • Deletable upon user request
    7. Third-Party Integrations

    When you integrate PhishFortress with third-party security tools (SIEM, MDR, email gateway), those services may set their own cookies. Please review their cookie policies independently:

    • Check each integration's privacy documentation
    • Understand what data is shared between systems
    • Configure API permissions appropriately
    • Monitor cookie usage in integrated tools
    8. Changes to This Cookie Policy

    PhishFortress may update this Cookie Policy as we add new features or enhance security. Changes will be posted on this page with an updated "Last Updated" date. Your continued use of PhishFortress indicates acceptance of any cookie policy updates.

    9. Questions?

    If you have questions about how PhishFortress uses cookies or want to exercise your privacy rights, contact:

    PhishFortress Privacy Team
    Email: privacy@phishfortress.com
    Response time: Within 5 business days

    This Cookie Policy explains how PhishFortress uses tracking technologies. For more information on data handling, please see our Privacy Policy.

    PhishFortress

    Protecting organizations from sophisticated phishing attacks with AI-powered detection, simulation, and response capabilities.

    Product

    • Features
    • Pricing
    • Security
    • Enterprise
    • Customer Stories

    Resources

    • Documentation
    • Guides
    • API Reference
    • Blog
    • Community

    Company

    • About Us
    • Careers
    • Contact
    • Partners

    © 2026 PhishFortress. All rights reserved.

    Privacy PolicyTerms of ServiceCookie PolicyData Processing Agreement