Privacy
Notice

We at Cyesec Ltd. and our affiliates, (“us“, “we“, or “our“) recognize and respect the importance of maintaining the privacy of visitors to our website (“Site“) and users of our cloud based cyber security optimization platform (“Platform“) This Privacy Notice describes the types of information we collect from you when you visit our Site and use the Platform or services available thereon (“Service“). This Privacy Notice also explains how we process, transfer, store and disclose the information collected, as well as your ability to control certain uses of the collected information. “You” means any adult user of the Site, Platform, and/or Service.

Cyesec Ltd. is the data controller in respect of the processing activities outlined in this Privacy Notice. Our registered office is 10 Abba Eban Blvd., Herzliya, Israel and our company number is 514811587.

Personal Data” means any information that refers, is related to, or is associated with an identified or identifiable individual or as otherwise may be defined by applicable law. This Privacy Notice details which Personal Data is collected by us in connection with provision of the Site, Platform and Service.

Privacy Notice Key Points

The key points listed below are presented in further detail throughout this Privacy Notice. You can click on the headers in this section in order to find out more information about any topic. These key points do not substitute the full Privacy Notice.

  1. Personal Data We Collect, Uses and Legal Basis
  2. Additional Uses
  3. Sharing the Personal Data We Collect
  4. International Transfer
  5. Security
  6. Your Rights – How to Access and Limit Our Use of Certain Personal Data
  7. Data Retention
  8. Cookies and Similar Technologies
  9. Third-Party Applications and Services
  10. Children
  11. Changes to the Privacy Notice
  12. Comments and Questions

 

  1. Personal Data We Collect, Uses and Legal Basis. Depending on your usage, we collect different types of data and we and any of our third-party sub-contractors and service providers use the data we collect for different purposes, as specified below. It is your voluntary decision whether to provide us with certain Personal Data, but if you refuse to provide such Personal Data we may not be able to provide you with the Service or part thereof.
     
    1.1. Registration Information: When you register on our Platform, we will collect any data you will be requested to provide, including but not limited to your full name, email address, position in your company and phone number. You can also register to the platform through third-party login service (such as Microsoft).
    How we use this data: We use your registration information to allow you to access to our Platform, save your preferences, protect the security of our Platform, prevent fraud, and address any issues that arise. We use your contact details to communicate with you about our Platform.
    Legal Basis: When we process your registration data to allow you to access our Platform, we do so to perform a contract with you, in this case our Terms of Service. When we process your registration data to maintain our Platform, including to prevent fraud, protect the security of and/or address issues with our Platform, we do so on the basis of our legitimate interest to maintain our assets.
     
    1.2. Contact Information: When you request information from us, or contact us for any other reason, we will collect any data you provide, such as your email address and the content of your inquiry. When you sign up for newsletters or email lists we collect your name and email address.
    How we use this data: To respond to your request or inquiry, to provide you with newsletters and for retargeting purposes.
    Legal Basis: We process this Personal Data based on performance of a contract when we respond to your inquiry and provide you with newsletters. Processing your Personal Data for retargeting purposes is based on our legitimate interests to promote our products and services
     
    1.3. Content: When engaging on the Platform, you upload and provide some Content (as defined in the terms of use) for the purpose of the Service. Such Content may include text and images. Such Content may include both Personal and non-Personal Data and we will use reasonable efforts to de-identify and anonymize it.
    How we use this data: To provide you with the Platform and Service.
    Legal Basis: We process this Personal Data based on performance of a contract, specifically the Terms of Service.
     
    1.4. Images and Screenshots: As part of the services, you may provide, and we may collect, images and screenshots obtained from your computer and accounts. Such images and screenshots may include both Personal and non-Personal Data and we will use reasonable efforts to de-identify and anonymize these.
    How we use this data: To provide you with the Platform and Service.
    Legal Basis: We process this Personal Data based on performance of a contract, specifically the Terms of Service.
     
    1.5. Email correspondence: As part of the services, we may collect, copies of emails sent by or received from your accounts. Such emails may include both Personal and non-Personal Data and we will use reasonable efforts to de-identify and anonymize these.How we use this data: To provide you with the Service. Such emails may include both personal and non-Personal Data and we will use reasonable effort to de-identify and anonymize these.
    Legal Basis: We process this Personal Data based on performance of a contract when we provide you the Services, specifically the Terms of Service.
     
    1.6. Automatically Collected Data: When you visit the Site, we automatically collect information about your computer or mobile device, including non-Personal Data such as your operating system, browser type, internet service provider, and Personal Data such as IP address, device ID, as well as your browsing history and any information regarding your viewing history and activities on our Site. For more information about the cookies and similar technologies we use and how to adjust your preferences, please see the section Cookies and Similar Technologies below.
    How we use this data: (1) to review usage and operations, including in an aggregated non-specific analytical manner, develop new products or services and improve current content, products, and services; (2) to prevent fraud, protect the security of our Site, Platform, and Service, and address any problems with the Site, Platform, and/or Service; (3) to provide you with customized content, targeted offers, and advertising related to our products and Service, based on your usage history on the Site, on other third-party you may visit and/or use.
    Legal Basis: We process this Personal Data for our legitimate interests to develop and improve our products and services, review usage, perform analytics, prevent fraud, for our recordkeeping and protection of our legal rights and to market our products and services. Additional information regarding direct marketing is provided below.
  2.  

  3. Additional Uses.
    2.1. Direct Marketing. As described above, we may use Personal Data to let you know about our products and services that we believe will be of interest to you. We may contact you by email or through other communication channels. In all cases, we will respect your preferences for how you would like us to manage marketing activity with respect to you. To protect privacy rights and to ensure you have control over how we manage marketing with you:
     
    2.1.1. We will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you.
     
    2.1.2. You can ask us to stop sending email marketing by following the “unsubscribe” link you will find on all the email marketing messages we send you. Alternatively, you can contact us at contact@cyesec.com.
     
    2.1.3. You can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained below.
  4.  

  5. Sharing the Personal Data We Collect. We share your information, including Personal Data, as follows:
     
    3.1. Affiliates. We share information, including your Personal Data, with our subsidiary, CYE USA Inc., where this is necessary to provide you with our Service, and for the purpose of management of our business.
     
    3.2. Service Providers, and Subcontractors. We disclose information, including Personal Data we collect from and/or about you, to our trusted service providers and subcontractors, who have agreed to confidentiality restriction and who use such information solely on our behalf in order to: (1) help us provide you with the Site, Platform, and/or Service; (2) aid in their understanding of how users are using our Site, Platform, and/or Service; (3) for the purpose of direct marketing (see above for more details).Such service providers and subcontractors provide us with IT and system administration services, data backup, security, and storage services, data analysis, and help us serve advertisements and provide other marketing services.
     
    3.3. Business Transfers. Your Personal Data may be disclosed as part of, or during negotiations of, any merger, sale of company assets or acquisition (including in cases of liquidation). In such case, your Personal Data shall continue being subject to the provisions of this Privacy Notice.
     
    3.4. Law Enforcement Related Disclosure. We may share your Personal Data with third parties: (i) if we believe in good faith that disclosure is appropriate to protect our or a third party’s rights, property or safety (including the enforcement this Privacy Notice); (ii) when required by law, regulation subpoena, court order or other law enforcement related issues, agencies and/or authorities; or (iii) as is necessary to comply with any legal and/or regulatory obligation.
     
    3.5. Legal Uses. We may use your Personal Data as required or permitted by any applicable law, for example, to comply with audit and other legal requirements.
  6.  

  7. International Transfer.
     
    4.1. Some of our service providers and affiliates are in countries other than your own. When we transfer your Personal Data internationally, we will do so safely and securely and in accordance with applicable law.
     
    4.2. If you are located in the EU, when we share your Personal Data with third parties based outside of the European Economic Area (“EEA”), we will ensure that they sign on agreements that require them to comply with applicable law, keep your data secure at similar levels to the level described in this Privacy Notice, and make sure that your data protection rights are protected. We will also implement the following safeguards:
     
    4.2.1. When we transfer your Personal Data to Israel or the UK or US companies that are certified with the EU-U.S. Data Privacy Framework, we rely on the decision by the European Commission that says that those countries are considered to provide an adequate level of data protection.
     
    4.2.2. Where we transfer your Personal Data to other countries, we (i) take additional security measures to protect the data and (ii) use specific contracts approved by the European Commission, known as the Standard Contractual Clauses, to give your Personal Data the same protection it has in the EEA.
     
    4.3. Please contact us at contact@cyesec.com if you would like further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.
  8.  

  9. Security. We have implemented and maintain appropriate technical and organization security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to Personal Data appropriate to the nature of such data. The measures we take include:
     
    5.1. Safeguards – The physical, electronic, and procedural safeguards we employ to protect your Personal Data include secure servers, firewalls, antivirus, and SSL encryption of data.
     
    5.2. Access Control – We dedicate efforts for a proper management of system entries and limit access only to authorized personnel on a need-to-know basis of least privilege rules.
     
    5.3. Internal Policies – We maintain and regularly review and update our privacy related and information security policies.
     
    5.4. Encryption – We encrypt the data in transit using secure SSL protocols.
     
    5.5. Database Backup – Our databases are backed up on a periodic basis for certain data and are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity, are tested regularly to ensure availability, and are accessible only by authorized personnel.
     
    5.6. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
     
    5.7. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect user IDs and passwords, please take appropriate measures to protect this information.
  10.  

  11. Your Rights – How to Access and Limit Our Use of Certain Personal Data. Depending on which laws apply, you have certain legal rights over your data. Below is some general information about rights that may apply to you, but we recommend checking the law or consulting with a lawyer to understand what applies in your specific case. To exercise your rights, please contact us at contact@cyesec.com. We may ask for reasonable evidence to verify your identity before we can comply with any request.
     
    6.1. Right of Access. You may have a right to know what Personal Data we collect about you. We may charge you with a fee to provide you with this information, if permitted by law. If we are unable to provide you with all the information you request, we will do our best to explain why. See Article 15 of the GDPR for more details, if your Personal Data is subject to GDPR.
     
    6.2. Right to Correct Personal Data. You may request that we update, complete, correct or delete inaccurate, incomplete, or outdated Personal Data. See Article 16 of the GDPR for more details, if your Personal Data is subject to GDPR.
     
    6.3. Deletion of Personal Data (“Right to Be Forgotten”). If you are located in the EU, you may have the right to request that we delete your Personal Data. Note that we cannot restore information once it has been deleted. Even after you ask us to delete your Personal Data, we may be allowed to keep certain data for specific purposes under applicable law. See Article 17 of the GDPR for more details, if your Personal Data is subject to GDPR.
     
    6.4. Right to Restrict Processing. If you are located in the EU, you may have the right to ask us to stop processing your Personal Data. See Article 18 of the GDPR for more details, if your Personal Data is subject to GDPR.
     
    6.5. Right to Data Portability. If you are located in the EU, you may have the right to request that we provide you with a copy of the Personal Data you provided to us in a structured, commonly-used, and machine-readable format. See Article 20 of the GDPR for more details, if your Personal Data is subject to GDPR.
     
    6.6. Right to Object. If you are located in the EU, you may have the right object to certain processing activities. See Article 21 of the GDPR for more details, if your Personal Data is subject to GDPR.
     
    6.7. Withdrawal of Consent. If we are processing your data based on your consent, you are always free to withdraw your consent, however, this won’t affect processing we have done from before you withdrew your consent.
     
    6.8. Right to Lodge a Complaint with Your Local Data Protection Authority. If you are located in the EU, you have the right to submit a complaint to the relevant data protection authority if you have any concerns about how we are processing your Personal Data, though we ask that as a courtesy you please attempt to resolve any issues with us first.
  12.  

  13. Data Retention.
     
    7.1. Subject to applicable law, we retain Personal Data as necessary for the purposes set forth above. We may delete information from our systems without notice to you once we deem it is no longer necessary for these purposes. Retention by any of our processors may vary in accordance with the processor’s retention policy.
     
    7.2. In some circumstances, we may store your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, audit, accounting requirements and so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, and whether those purposes can be achieved through other means, as well as applicable legal requirements.
     
    7.3. Please contact us at contact@cyesec.com if you would like details regarding the retention periods for different types of your Personal Data.
  14.  

  15. Cookies and Similar Technologies. We use cookies and similar technologies for a number of reasons, including to help personalize your experience and to personalize the ads we serve you. Third parties through which we provide the Service and/or our business partners may be placing and reading cookies on your browser or using web beacons to collect information in the course of advertising being served on different websites. When visiting this Site, you shall be notified of the use of and placement of cookies and other similar technologies on your device as specified herein.
     
    8.1. What are Cookies? A cookie is a small piece of text that is sent to a user’s browser or device. The browser provides this piece of text to the device of the originating user when this user returns.
     
    8.1.1. A “session cookie” is temporary and will remain on your device until you leave the Site.
     
    8.1.2. A “persistent” cookie may be used to help save your settings and customizations across visits. It will remain on your device until you delete it.
     
    8.1.3. First-party cookies are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.
     
    8.1.4. We may use the terms “cookies” to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above, such as web beacons or “pixel tags”.
     
    8.2. How We Use Cookies. We use cookies and similar technologies for a number of reasons, as specified below.The specific names and types of the cookies, web beacons, and other similar technologies we use may change from time to time. However, the cookies we use generally fall into one of the following categories:

    Type of Cookie  Why We Use These Cookies 
    Necessary  These cookies are necessary in order to allow the Site to work correctly. They enable you to access the Site, move around, and access different services, features, and tools. Examples include remembering previous actions (e.g. entered text) when navigating back to a page in the same session. These cookies cannot be disabled. 
    Functionality  These cookies remember your settings and preferences and the choices you make (such as language or regional preferences) in order to help us personalize your experience and offer you enhanced functionality and content. 
    Security  These cookies can help us identify and prevent security risks. 
    Performance  These cookies can help us collect information to help us understand how you use our Site, for example whether you have viewed messages or specific pages and how long you spent on each page. This helps us improve the performance of our Site. 
    Analytics  These cookies collect information regarding your activity on our Site to help us learn more about which features are popular with our users and how our Site can be improved.  
    Advertising  These cookies are placed in order to deliver content, including ads relevant and meaningful to you and your interests. They may also be used to deliver targeted advertising or to limit the number of times you see an advertisement. This can help us track how efficient advertising campaigns are. Such cookies may track your browsing habits and activity when visiting our Site and those of third-parties. 

     
     
    8.3. How to Adjust Your Preferences. Most Web browsers are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Service may not function properly when cookies are disabled or removed.
     
    8.4. By changing your device settings, you can prevent your device’s ad identifier being used for interest-based advertising, or you can reset your device’s ad identifier. Typically, you can find the ad identifier settings under “privacy” or “ads” in your device’s settings, although settings may vary from device to device. Adjusting your preferences as described in this section herein does not mean you will no longer receive advertisements, it only means the advertisements that you do see will be less relevant to your interests.
     
    8.5. You may also opt-out of the automated collection of information by third-party ad networks for the purpose of delivering advertisements tailored to your interests, by visiting the consumer opt-out page for the Self-Regulatory Principles for Online Behavioral Advertising at http://www.aboutads.info/choices/ and edit or opt-out your Google Display Network ads’ preferences at http://www.google.com/ads/preferences. Additionally, you find out more about our use of Hotjar by visiting Hotjar’s privacy policy or can opt-out of Hotjar’s use of tracking cookies and collection of Personal Data about you here.

  16.  

  17. Third-Party Applications and Services. You may have access to third-party services through our Service. Please note that all use of third-party services is at your own risk and subject to such third party’s terms and privacy policies. We do not take any responsibility for the performance of other services.
  18.  

  19. Children. We do not knowingly collect Personal Data from children under the age of sixteen (16). In the event that you become aware that an individual under the age of sixteen (16) has registered without parental permission, please advise us immediately.
  20.  

  21. Changes to the Privacy Notice. We may update this Privacy Notice from time to time to keep it up to date with legal requirements and the way we operate our business. We will place any updates on this webpage. Please come back to this page every now and then to make sure you are familiar with the latest version. If we make material changes to this Privacy Notice, we will seek to inform you by notice on our Site or via email.
  22.  

  23. Comments and Questions. If you have any comments or questions about this Privacy Notice or if you wish to exercise any of your legal rights as set out herein, please contact us at contact@cyesec.com.

 

Last updated: November 2023