As the controller of personal data collected from this website, Cybsafe.com, located at 5 New St Square, London EC4A 3TW (“Cybsafe”, “we”, “our” or “us”) has a designated Data Protection Officer who may be contacted directly at dpo@cybsafe.com regarding any data protection and privacy matters.
You have the option to consent to various cookies:
- a customer interaction tracker called Intercom. We rely on personal data captured and jointly processed by Intercom to manage our website visitor relationships and as a message tool with our customers in our legitimate interests. Intercom capture and track browser Information, intercom-assigned cookie identifiers, date/time, page views and IP address, so if you wish to exercise your data protection rights, please contact Intercom directly – click here for more data protection and privacy information on Intercom. You may also remove Intercom at any time in your browser settings.
- site-analytics trackers called HubSpot & LinkedIn. We rely on aggregated personal data captured and jointly processed by HubSpot and LinkedIn to generate and view reports that assist us in better understanding how visitors use our website in our legitimate interests. We cannot access or view the identifiers that HubSpot or LinkedIn tracks, so if you wish to exercise your data protection rights, or have a better understanding on how they treat your privacy, please contact HubSpot directly – click here and LinkedIn click here. You may also remove HubSpot & LinkedIn at any time in your browser settings.
- Google cookies (DoubleClick, GA Audiences, Google Analytics, and Google Tag Manager), which make up a web analytics service that tracks and reports website traffic, currently as a platform inside the Google Marketing Platform brand. We rely on personal data captured and jointly processed by Google in our legitimate interests, in their words, to “understand your site and app users to better check the performance of your marketing, content, products, and more” and “access Google’s unique insights and machine learning capabilities to make the most of your data”. Google processes various personal data (ad views, analytics, browser information, cookie data, date/time, demographic data, hardware/software type, internet service provider, interaction data, page views, serving domains, IP address, search history, location based data, device ID, name, address, phone number, email address, login), so if you wish to exercise your data protection rights, please contact Google directly – click here for more data protection and privacy information on Google. You may also remove Google Analytics at any time in your browser settings.
On the Contact Us, Partner, Demo, Sign Up, Pricing and Blog pages you may also choose to provide personal data that will allow us to manage our response to your request for further details of our products and services in our legitimate interests – we will retain these marketing details for up to three years. Similarly, if you contact our Data Protection Officer, you may choose to provide personal data that will allow us to manage our response to your enquiry relating to data protection and privacy matters – we will retain a log of your enquiry for up to six years in case of future related enquiries.
You have the right to request access to and rectify or erase your personal data or restrict or object to processing of your personal data at any time.
Please contact our Data Protection Officer regarding any data protection and privacy matters via DPO@Cybsafe.com (for info, our EU representative is info@priviness.eu). You also have the right to lodge a complaint with a supervisory authority – a full list of EU regulators is available here, and the contact details of the UK regulator, the ICO, is here.
To view your privacy notice regarding our processing of personal data concerning you, please choose from below the category which most closely describes your relationship with CybSafe Ltd:
Please select the data subject category that fits you:
- User
- Partner
- Supplier
- Recruitment Candidates
- Email Contacts and Prospective Customers
- Webinar and Conference Attendees & Registrations
For the purpose of applicable data protection legislation, the controller of your personal data is:
CybSafe Ltd, 5 New St Square, London EC4A 3TW
For queries to this notice please contact DPO@cybsafe.com
As a user of the CybSafe platform we hold the following information about you:
- Name
- Email address of user
- Name and email address of family or friend member to which user sends awareness module links
- Password
- Employer
- Tenure of employment
- Employee role type
- Location (country and time zone)
- SSO Profile Picture
- Language
- Phone number
- Responses to sentiment and culture surveys
- Goals and recorded progress against goals
- Responses to phishing exercises and learning module tests
- Risk score derived from interactions with platform
- IP Address
- MAC Address
- Employee number (SCIM only)
- Employee type (SCIM only)
- IMEI number
- Any personal data accessed by the Services by means of third party data source integrations activated by CybSafe’s customer.
- UserAgent
- Slack user id
- Slack team name
- Teams user id
This data may come directly from you or from your employer. We hold and process this data for the legitimate interest of fulfilling a business-to-business contract with your employer.
We will retain this data only for the duration of our contract with your employer and in any event we will delete this information within 90 days of the termination of that contract.
In order to facilitate our contractual obligations with your employer we use third party applications such as Administration & Support Service providers, Amazon Web Services, and analytics platforms such as Google.
Where a controller or processor is outside of the UK, we ensure that the appropriate lawful transfer mechanisms are in place when transferring your personal data.
At the conclusion of the contract all personal data held electronically will be automatically deleted or anonymised.
You have the qualified right to request: Access to and porting of your data; Rectification or erasure of the data; Restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office or https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
For the purpose of applicable data protection legislation, the controller of your personal data is:
CybSafe Ltd, 5 New St Square, London EC4A 3TW
For queries to this notice please contact DPO@cybsafe.com
As Partner/Reseller of CybSafe we hold the following information about you:
- Name
- Contact details
- Job title
We hold and process this data for the legitimate interest of fulfilling a business-to-business contract with your organisation.
We will retain this data for up to 7 years from termination of the contract in case there are any queries, unless you request that we delete the data beforehand.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
You have the qualified right to request: Access to and porting of your data; Rectification or erasure of the data; Restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office or https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
For the purpose of applicable data protection legislation, the controller of your personal data is:
CybSafe Ltd, 5 New St Square, London EC4A 3TW
For queries to this notice please contact DPO@cybsafe.com
As a supplier to CybSafe we hold the following information about you:
- Name
- Contact details
- Bank Details
We hold and process this data for the legitimate interest of fulfilling a business-to-business contract with your organisation or to satisfy and manage a contract with yourself.
If we are unable to process this data, we would not be able to continue with our contract with you.
We will retain this data for up to 7 years from termination of the contract in case there are any queries, unless you request that we delete the data beforehand. Any data relating financial transactions will be kept for 7 years to conform to our legal obligations.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
You have the qualified right to request: Access to and porting of your data; Rectification or erasure of the data; Restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office or https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
For the purpose of applicable data protection legislation, the controller of your personal data is:
CybSafe Ltd, 5 New St Square, London EC4A 3TW
For queries to this notice please contact DPO@cybsafe.com
As potential employee of CybSafe we hold the following information about you:
- Contact details
- Name
- CV
- Date of Birth
- Qualifications
- References
- Social Media Profile
- Gender Identity
- Salary Expectations
- Any free text personal data that you may provide in your application.
This data may come directly from you or from a recruitment agency. We hold and process this data for the negotiation of a potential contract of employment with you.
In order to facilitate our recruitment process we may share, store and process your personal data with third party software platforms, such as BambooHR, who act as joint controllers with Cybsafe. Please click on the link to the BambooHR privacy notice.
If we are unable to process this data, we would not be able to process your application.
Should you be unsuccessful we will retain this data for up to 2 years so that we may contact you regarding any future opportunities, unless you request that we delete the data beforehand.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
You have the qualified right to request: access to and porting of your data; rectification or erasure of the data; restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office or https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
For the purpose of applicable data protection legislation, the controller of your personal data is:
CybSafe Ltd, 5 New St Square, London EC4A 3TW
For queries to this notice please contact DPO@cybsafe.com
As an email contact or prospective customer to CybSafe we hold the following information about you:
- Name
- Contact details
- Job Title
- Location
This data may come directly from yourself or from Data as a Service providers. We hold and process this data for the legitimate interest of communicating with you, either for standard business communications or for marketing.
We will retain this data for up to 3 years from our last contact with you, unless you request that we delete the data beforehand.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
In order to facilitate our communications with you we may use third party applications such as Administration & Support Service providers, Amazon Web Services, and analytics platforms such as Google.
Where a controller or processor is outside of the UK, we ensure that the appropriate lawful transfer mechanisms are in place when transferring your personal data.
You have the qualified right to request: Access to and porting of your data; Rectification or erasure of the data; Restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office or https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
For the purpose of applicable data protection legislation, the controller of your personal data is:
CybSafe Ltd, 5 New St Square, London EC4A 3TW
For queries to this notice please contact DPO@cybsafe.com
As an attendee, participant or guest speaker at one of our business conferences or Webinars we process the following personal information about you:
- Name
- Contact details
- Job Title or job description
- Qualifications
We hold and process this data for the legitimate interest of fulfilling a business-to-business contract with your organisation, or the processing is necessary for the performance of a contract or the process of negotiating a contract.
In order to facilitate our communications with you we may use third party applications such as, HubSpot, Intercom, administration & support service providers, Amazon Web Services, online conference facilitators, such as Zoom, Airmeet, and analytics platforms such as Google.
When we host a conference or webinar jointly with other companies (joint controllers) we may share the registrations and attendees with those companies in our legitimate interest, or for the purposes of negotiating a contract with your business. These joint controllers are responsible for the lawful processing of your personal data. Their privacy notices may be accessed by clicking on the company logo or request the relevant information notices directly from them.
Where a controller or processor is outside of the UK, we ensure that the appropriate lawful transfer mechanisms are in place when transferring your personal data.
We will retain your personal information only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.
Normally, this means we will retain your personal information for three years, unless you request that we delete it beforehand.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
You have the qualified right to request: access to and porting of your data; rectification or erasure of the data; restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office or https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080