Privacy
Notice

We at Cyesec Ltd. (“us“, “we“, or “our“) recognize and respect the importance of maintaining the privacy of visitors to our website (“Site”). This Privacy Notice describes the types of information we collect from you when you visit our Site and use the services available thereon (“Services“). This Privacy Notice also explains how we process, transfer, store and disclose the information collected, as well as your ability to control certain uses of the collected information. “You” means any adult user of the Site and/or Services.

If you are an individual located in the European Union (“EU Individual“), some additional terms and rights may apply to you, as detailed herein. Cyesec Ltd. is the data controller in respect of the processing activities outlined in this Privacy Notice. Our registered office is 10 Abba Eban Blvd., Herzliya, Israel and our company number is 514811587.

“Personal Data” means any information that refers, is related to, or is associated with an identified or identifiable individual or as otherwise may be defined by applicable law. This Privacy Notice details which Personal Data is collected by us in connection with provision of the Site and Services.

Privacy Notice Key Points

The key points listed below are presented in further detail throughout this Privacy Notice. You can click on the headers in this section in order to find out more information about any topic. These key points do not substitute the full Privacy Notice.

1. Personal Data We Collect, Uses and Legal Basis. We collect certain Personal Data that you provide to us, such as your contact information, and we collect certain Personal Data automatically when you use the Site and/or Services. We use your Personal Data for various reasons, including to provide you with the Site and Services, to improve our Services, and to contact you with marketing offers. These processing activities are based on different legal bases including performance of a contract and our legitimate interests.
2. Additional Uses. We may compile statistical information based on anonymous and aggregated data we collect in order to help us understand user needs. In addition, we use certain Personal Data for direct marketing purposes.
3. Sharing the Personal Data We Collect. We share the Personal Data we collect with our service providers and subcontractors who assist us in the operation of the Site and process the information on our behalf and under our instructions.
4. International Transfer. Some of our service providers, subcontractors, or affiliates who have access to your Personal Data are located in countries other than your own. We will ensure that we have agreements in place with such parties that ensure a similar level of privacy and data protection as set forth in this Privacy Notice.
5. Security. We implement measures aimed at protecting your Personal Data, but they do not provide absolute information security. Such measures include physical, electronic, and procedural safeguards (such as secure servers, firewalls, antivirus and SSL encryption), access control, and other internal security policies.
6. Your Rights – How to Access and Limit Our Use of Certain Personal Data. Subject to applicable law and in addition to other rights as set forth below, you may have a right to access, update, delete, and/or obtain a copy of the Personal Data we have collected about you. You also have the right to object at any time to processing your Personal Data for certain purposes, including marketing purposes.
7. Data Retention. We retain Personal Data for as long as necessary for the purposes set forth in this Privacy Notice. We consider a number of different factors when determining the appropriate retention periods.
8. Cookies and Similar Technologies. We use cookies and similar technologies to help personalize your experience by helping save your settings and customizations across visits and providing you with targeted content and advertisements. You can adjust your settings to determine which cookies are allowed, though this may affect the Services.
9. Third-Party Applications and Services. All use of third-party applications or services is at your own risk and subject to such third party’s privacy policies.
10. Communications. We may send you e-mail or other messages about us or our Services. You will have the opportunity to opt-out of receiving messages.
11. Children. We do not knowingly collect Personal Data from children under the age of sixteen (16).
12. Changes to the Privacy Notice. We may change this Privacy Notice from time to time and shall notify you of any material changes by indicating on the Site that the Privacy Notice has been amended and by publishing an updated Privacy Notice on the Site.
13. Comments and Questions. If you have any comments or questions about this Privacy Notice, or if you wish to exercise your legal rights with respect to your Personal Data, please contact us at contact@cyesec.com.

***

1. Personal Data We Collect, Uses and Legal Basis.

Depending on your usage, we collect different types of data and we and any of our third-party sub-contractors and service providers use the data we collect for different purposes, as specified below. It is your voluntary decision whether to provide us with certain Personal Data, but if you refuse to provide such Personal Data we may not be able to provide you with the Services or part thereof.

1.1. Contact Information: When you request information from us, or contact us for any other reason, we will collect any data you provide, such as your email address and the content of your inquiry. When you sign up for newsletters or email lists we collect your name and email address.

How we use this data: To respond to your request or inquiry, to provide you with newsletters and for retargeting purposes.

Legal Basis: We process this Personal Data based on performance of a contract when we respond to your inquiry and provide you with newsletters. Processing your Personal Data for retargeting purposes is based on our legitimate interests.

1.2. Automatically Collected Data: When you visit the Site, we automatically collect information about your computer or mobile device, including non-Personal Data such as your operating system, browser type, internet service provider, and Personal Data such as IP address, device ID, as well as your browsing history and any information regarding your viewing history and activities on our Site. For more information about the cookies and similar technologies we use and how to adjust your preferences, please see the section Cookies and Similar Technologies below.

How we use this data: (1) to review usage and operations, including in an aggregated non-specific analytical manner, develop new products or services and improve current content, products, and Services; (2) to prevent fraud, protect the security of our Site and Services, and address any problems with the Site and/or Services; (3) to provide you with customized content, targeted offers, and advertising related to our products and Services, based on your usage history on the Site, on other third-party you may visit and/or use.

Legal Basis: We process this Personal Data for our legitimate interests to develop and improve our products and Services, review usage, perform analytics, prevent fraud, for our recordkeeping and protection of our legal rights and to market our products and services. Additional information regarding direct marketing is provided below.

2. Additional Uses.

2.1. Statistical Information and Analytics. We and/or our service providers use analytics tools, including “Google Analytics” to collect and analyze information about the use of the Site and/or Services, such as how often users visit the Site, what pages they visit when they do so, and what other sites and mobile applications they used prior to visiting the Site. By analyzing the information that we receive, we may compile statistical information across a variety of platforms and users, which helps us improve our Site and Services, understand trends and customer needs and consider new products and services, and tailor existing products and services to customer desires. You can find more information about how Google collects information and how you can control such use at https://policies.google.com /technologies/partner-sites.

2.2. Direct Marketing. As described above, we may use Personal Data to let you know about our products and Services that we believe will be of interest to you. We may contact you by email or through other communication channels. In all cases, we will respect your preferences for how you would like us to manage marketing activity with respect to you. To protect privacy rights and to ensure you have control over how we manage marketing with you:

2.2.1. We will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you.
2.2.2. You can ask us to stop sending email marketing by following the “unsubscribe” link you will find on all the email marketing messages we send you. Alternatively, you can contact us at contact@cyesec.com.
2.2.3. You can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained below.

3. Sharing the Personal Data We Collect.

We share your information, including Personal Data, as follows:

3.1. Affiliates. We share information, including your Personal Data, with our subsidiary, CYE USA Inc., where this is necessary to provide you with our Services, and for the purpose of management of our business.

3.2. Service Providers, and Subcontractors. We disclose information, including Personal Data we collect from and/or about you, to our trusted service providers and subcontractors, who have agreed to confidentiality restriction and who use such information solely on our behalf in order to: (1) help us provide you with the Site and/or Services; (2) aid in their understanding of how users are using our Site and/or Services; (3) for the purpose of direct marketing (see above for more details).

Such service providers and subcontractors provide us with IT and system administration services, data backup, security, and storage services, data analysis, and help us serve advertisements and provide other marketing services.

3.3. Business Transfers. Your Personal Data may be disclosed as part of, or during negotiations of, any merger, sale of company assets or acquisition (including in cases of liquidation). In such case, your Personal Data shall continue being subject to the provisions of this Privacy Notice.

3.4. Law Enforcement Related Disclosure. We may share your Personal Data with third parties: (i) if we believe in good faith that disclosure is appropriate to protect our or a third party’s rights, property or safety (including the enforcement this Privacy Notice); (ii) when required by law, regulation subpoena, court order or other law enforcement related issues, agencies and/or authorities; or (iii) as is necessary to comply with any legal and/or regulatory obligation.

3.5. Legal Uses. We may use your Personal Data as required or permitted by any applicable law, for example, to comply with audit and other legal requirements.

4. International Transfer.

4.1. We use subcontractors and service providers and have affiliates who are located in countries other than your own, such as the USA, and send them information we receive (including Personal Data). We conduct such international transfers for the purposes described above. We will ensure that these third parties will be subject to written agreements ensuring the same level of privacy and data protection as set forth in this Privacy Notice, including appropriate remedies in the event of the violation of your data protection rights in such third country.

4.2. Whenever we transfer your Personal Data to third parties based outside of the European Economic Area (“EEA“) and when required under applicable law, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

4.2.1. We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission.

4.2.2. Where we use certain service providers not located in countries with an adequate level of protection as determined by the European Commission, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in the EEA.

4.3. Please contact us at contact@cyesec.com if you would like further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.

5. Security.

We have implemented and maintain appropriate technical and organization security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to Personal Data appropriate to the nature of such data. The measures we take include:

5.1. Safeguards – The physical, electronic, and procedural safeguards we employ to protect your Personal Data include secure servers, firewalls, antivirus, and SSL encryption of data.

5.2. Access Control – We dedicate efforts for a proper management of system entries and limit access only to authorized personnel on a need to know basis of least privilege rules.

5.3. Internal Policies – We maintain and regularly review and update our privacy related and information security policies.

5.4. Encryption – We encrypt the data in transit using secure SSL protocols.

5.5. Database Backup – Our databases are backed up on a periodic basis for certain data and are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity, are tested regularly to ensure availability, and are accessible only by authorized personnel.

5.6. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

5.7. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect user IDs and passwords, please take appropriate measures to protect this information.

6. Your Rights – How to Access and Limit Our Use of Certain Personal Data.

Subject to applicable law and certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to the Personal Data that we hold about you, as detailed below. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honor your wish to exercise your rights as quickly as possible and, in any event, within the timescales provided by applicable data protection laws. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information and/or comply with any of your requests, as detailed below:

6.1. Right of Access. You have a right to know what Personal Data we collect about you and, in some cases, to have such Personal Data communicated to you. Subject to applicable law, we may charge you with a fee. Please note that we may not be able to provide you with all the information you request, and, in such case, we will endeavor to explain to you why.

6.2. Right to Data Portability. If the processing is based on your consent or performance of a contract with you and processing is being carried out by automated means, you may be entitled to (request that we) provide you or another party with a copy of the Personal Data you provided to us in a structured, commonly-used, and machine-readable format.

6.3. Right to Correct Personal Data. Subject to the limitations in applicable law, you may request that we update, complete, correct or delete inaccurate, incomplete, or outdated Personal Data.

6.4. Deletion of Personal Data (“Right to Be Forgotten”). If you are an EU Individual, you have a right to request that we delete your Personal Data if either: (i) it is no longer needed for the purpose for which it was collected, (ii) our processing was based on your consent and you have withdrawn your consent, (iii) you have successfully exercised your Right to Object (see below), (iv) processing was unlawful, or (iv) we are required to erase it for compliance with a legal obligation. We cannot restore information once it has been deleted. Please note that to ensure that we do not collect any further Personal Data, you should clear our cookies from any device where you have used visited our Site. We may retain certain Personal Data (including following your request to delete) for audit and record-keeping purposes, or as otherwise permitted and/or required under applicable law.

6.5. Right to Restrict Processing. If you are an EU Individual, you can ask us to limit the processing of your Personal Data if either: (i) you have contested its accuracy and wish us to limit processing until this is verified; (ii) the processing is unlawful, but you do not wish us to erase the Personal Data; (iii) it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise, or defend of a legal claim; (iv) you have exercised your Right to Object (below) and we are in the process of verifying our legitimate grounds for processing. We may continue to use your Personal Data after a restriction request under certain circumstances.

6.6. Direct Marketing Opt Out. You can change your mind at any time about your election to receive marketing communications from us and/or having your Personal Data processed for direct marketing purposes. If you do, please notify us by contacting us at contact@cyesec.com. We will process your request as soon as reasonably possible, however it may take a few days for us to update our records before any opt out is effective.

6.7. Right to Object. If you are an EU Individual, you can object to any processing of your Personal Data which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

6.8. Withdrawal of Consent. You may withdraw your consent in connection with any processing of your Personal Data based on a previously granted consent. This will not affect the lawfulness of any processing prior to such withdrawal.

6.9. Right to Lodge a Complaint with Your Local Supervisory Authority. If you are an EU Individual, you may have the right to submit a complaint to the relevant supervisory data protection authority if you have any concerns about how we are processing your Personal Data, though we ask that as a courtesy you please attempt to resolve any issues with us first.

7. Data Retention.

7.1. Subject to applicable law, we retain Personal Data as necessary for the purposes set forth above. We may delete information from our systems without notice to you once we deem it is no longer necessary for these purposes. Retention by any of our processors may vary in accordance with the processor’s retention policy.

7.2. In some circumstances, we may store your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, audit, accounting requirements and so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, and whether those purposes can be achieved through other means, as well as applicable legal requirements.

7.3. Please contact us at contact@cyesec.com if you would like details regarding the retention periods for different types of your Personal Data.

8. Cookies and Similar Technologies.

We use cookies and similar technologies for a number of reasons, including to help personalize your experience and to personalize the ads we serve you. Third parties through which we provide the Services and/or our business partners may be placing and reading cookies on your browser or using web beacons to collect information in the course of advertising being served on different websites. When visiting this Site, you shall be notified of the use of and placement of cookies and other similar technologies on your device as specified herein.

8.1. What are Cookies? A cookie is a small piece of text that is sent to a user’s browser or device. The browser provides this piece of text to the device of the originating user when this user returns.

8.1.1. A “session cookie” is temporary and will remain on your device until you leave the Site.
8.1.2. A “persistent” cookie may be used to help save your settings and customizations across visits. It will remain on your device until you delete it.
8.1.3. First-party cookies are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.
8.1.4. We may use the terms “cookies” to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above, such as web beacons or “pixel tags”.

8.2. How We Use Cookies. We use cookies and similar technologies for a number of reasons, as specified below.

The specific names and types of the cookies, web beacons, and other similar technologies we use may change from time to time. However, the cookies we use generally fall into one of the following categories:

8.3. How to Adjust Your Preferences. Most Web browsers are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Services may not function properly when cookies are disabled or removed.

8.4. By changing your device settings, you can prevent your device’s ad identifier being used for interest-based advertising, or you can reset your device’s ad identifier. Typically, you can find the ad identifier settings under “privacy” or “ads” in your device’s settings, although settings may vary from device to device. Adjusting your preferences as described in this section herein does not mean you will no longer receive advertisements, it only means the advertisements that you do see will be less relevant to your interests.

8.5. You may also opt-out of the automated collection of information by third-party ad networks for the purpose of delivering advertisements tailored to your interests, by visiting the consumer opt-out page for the Self-Regulatory Principles for Online Behavioral Advertising at http://www.aboutads.info/choices/ and edit or opt-out your Google Display Network ads’ preferences at http://www.google.com/ads/preferences. Additionally, you find out more about our use of Hotjar by visiting Hotjar’s privacy policy or can opt-out of Hotjar’s use of tracking cookies and collection of Personal Data about you here.

9. Third-Party Applications and Services.

All use of third-party applications or services is at your own risk and subject to such third party’s terms and privacy policies.

10. Children.

We do not knowingly collect Personal Data from children under the age of sixteen (16).

11. Changes to the Privacy Notice.

We may update this Privacy Notice from time to time to keep it up to date with legal requirements and the way we operate our business, and we will place any updates on this webpage. Please come back to this page every now and then to make sure you are familiar with the latest version. If we make material changes to this Privacy Notice, we will seek to inform you by notice on our Site or via email.

12. Comments and Questions.

If you have any comments or questions about this Privacy Notice or if you wish to exercise any of your legal rights as set out herein, please contact us at contact@cyesec.com.

Last updated: January 2021

***

CYE Trademark Usage Guidelines

These Guidelines outline the policy of Cyesec Ltd., and its affiliates, (“CYE” or the “Company”) regarding any use of registered and non-registered trademarks (the “Marks”) owned by the Company and as such are valued assets of CYE. CYE’s Marks may include brand names, logos, website content, videos and any other matter protected under trademark and copyright law.

CYE encourages its partners, customers and consultants (together, “Partners” or “you”) to use the Marks. As a rule, a license is required in order to use CYE Marks. These Guidelines do not count as “permission to use” any Marks. Partners may use the Marks, all subject to (i) the written agreement between CYE and the Partner (ii) these Guidelines, and (iii) any other written guidelines and instructions provided by CYE. If no license was granted in writing to the Partner, and you would like to request permission to use any CYE Marks, please email sales@cyesec.com.  CYE may modify or revoke, at its sole discretion, these Guidelines and any permission to grant you the use of the Marks, unless agreed otherwise in writing.

Publicly distributed materials that reference CYE’s products and services and which use CYE’s Marks, must be true, fair and factual and abide by any applicable law. You agree not to challenge CYE’s ownership of its Marks. By using the Marks, you acknowledge that CYE is the exclusive owner of the Marks, and is the only entity entitled to register or claim an ownership interest in a Mark or a derivative work thereof.

Partners may not use, incorporate, combine, or register in whole or in part any Mark – or any word or design that is confusingly similar to a  Mark – as part of (or with) your own company names, trade names, trademarks, service marks, or logos; your product or service brand names or titles for sales reps or other staff; your internet keywords or metatags; or your trigger words to lead to a website or other Internet destination, product, business, or service.

Partners may not transfer the rights granted with regards to the Marks, whether under these Guidelines or any other written agreement, to any third party. Partners may not use any third-party product names or trademarks, appearing on CYE website, unless such Partner obtained a license from such party. No license or right is granted by CYE, by estoppel or implication, to any third party names, logos and trademarks or to the Company Marks.

CYE Marks:

Specifications for Use

All uses of the Marks must comply with these Guidelines and the following requirements:

• Do NOT amend the Marks. Do not change the spelling and the appearances of the Marks. Do not abbreviate, hyphenate, delete any word, change the spelling, or change the capitalization of the Mark in text format. Do not add or delete any elements, change any color, change the proportion of the logo or any other design included in a Mark.
• Identify the Marks as a trademark. When using the Marks, all Partners are required to specify that such Marks belong to CYE. Marks should include the proper registration notation, ® for registered Marks and ™ for non-registered. For text, only the first time the Mark is in use, a notation is required. For logos, a proper registration notation is required in each instance.
• Include a trademark attribution statement. If a Mark appears on your website, document, or other material, add the following attribution statement that identifies CYE as the trademark owner: “[reference to the applicable Mark] is a registered trademark of CYESEC Ltd. All Rights Reserved.” Such statement must be in a legible font and size at the bottom of your website or the end of your advertisement or publication.
• Use Marks only as adjectives. Trademarks are adjectives, and a Mark should be used only to describe CYE’s products or services.
• Use CYE Marks less prominently than your own company or product name unless you and CYE have a strategic partnership agreement in place.
• Do NOT use or register a domain name with any Marks. Your domain names may not include any Marks or other words that are confusingly similar to a Mark.
• Do NOT use any Marks as your own.
• Do NOT imply any CYE endorsement or sponsorship. Without the express prior written consent of CYE, you may not use any Marks to imply an affiliation with CYE or any approval, sponsorship, or endorsement by CYE of your company, products, services, or website.
• Do NOT use Marks in any way that damages CYE. You may not use Marks in a manner that disparages CYE, its products or services, including use of any Marks in a manner that is offensive, defamatory, illegal, or unethical.

The above specifications are not a comprehensive list of approved or unauthorized uses of the Marks. CYE may determine at any time, in its sole discretion, that the Partner’s use of any Mark violates these Guidelines, or the written agreement between CYE and the Partner, or is otherwise unacceptable or detrimental, CYE may revoke permission, and you must immediately cease all use of the Mark.

These Guidelines are not intended to be a definitive and complete statement of general and proper trademark usage. All usage of any Marks should be in accordance with applicable law. CYE may modify these Guidelines at any time and at its sole discretion.

Last updated: August 2021