Effective date: April 03, 2024 of SyberNow – a Cyber Safety Organization

Welcome to the Cyber Safety website or mobile application of SyberNow (respectively, “SyberNow”, “SyberNow Solutions Private Limited”, “us”, “we”, or “our”: https://sybernow.com/ (the “Website” or Mobile Application). We provide cyber safety awareness trainings to organizations. This privacy policy (“Privacy Policy”) informs you (“User”, “you”) of our policies regarding the collection, use and disclosure of Personal Data in our usual course of business, including when you use our Services (as defined below).

Please read this Privacy Policy carefully so you can fully understand our Personal Data practices. Please note that by using the Services, you agree with the practices set forth in this Privacy Policy. If you do not agree with such practices, you should not use the Services provided by us.

For the avoidance of doubt, if you are or the organization on whose behalf you use the Services is already our customer and have executed a Data Protection Agreement with SyberNow, the terms of such agreement will supersede any contradiction in this Privacy Policy, unless otherwise specifically stated therein.

Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy shall have the same meanings as in our Terms and Conditions, accessible from https://sybernow.com/

• Definitions.

• “Account Admin”: means the person(s) which licenses and/or delivers the Services to the End Users.

• “End User”: means any individual who has access to and/or uses the SyberNow’s Cyber Safety Platform either as: (i) a member of an organization which is a customer of SyberNow, or (ii) a direct customer.

• “Personal Data”: Any information that can be used, alone or together with other data, to uniquely identify any living human being.

• “Platform”: SyberNow’s platforms, products and/or services.

• “Services”: The Website or mobile application and the Platform.

• Personal Data We Collect and Its Sources.

• Personal Data That You or Your Organization Provide to Us:
A. When you browse or visit the SyberNow Cyber Safety Website or mobile application:

• Cookies.

• Analytics tools.

• Log files.

• IP address.

B. When you make use of the Website or mobile application, including but not limited to when you: (i) request/schedule a demo, (ii) ask us to contact you, (iii) subscribe to email updates, and (iv) Register or attend community events, live streams, podcasts or games and challenges available to visitors of the Website or mobile application:

• Full name.

• Email address.

• Company name.

• Phone number.

• Position.

• Country.

• Industry of operation.

• Messages content.

• Cookies.

• IP address.

• Any other information that you decide to provide/supply us.

• When you use the Cyber Safety Platform, including but not limited to, when you: (i) become our customer, (ii) sign up for an account, log in, access to our Platform, (iii) create an Account Admin for your use of the Platform, or (iv) your Account Admin creates a user for your use of the Platform:

• Full name.

• Business email address.

• Company name.

• Phone number.

• Position.

• Country.

• Industry of operation.

• Password.

• Usage Data.

• Cookies.

• IP address.

• Contact information.

• Any other information that the user may keep as part of the login process, to the extent that it includes Personal Data.

• When you interact with us on our social media profiles:

• Full name.

• Email address.

• Company name.

• Social media profile.

• Any other information that the user may keep as part of the login process, to the extent that it includes Personal Data.

• Personal Data about you Collected indirectly:

• We may obtain Personal Data about you from the following sources (unless otherwise specified herein, the type of Personal Data we obtain from such sources is similar to that specified in Sections ‎2):

• Personal Data from Third-Party Services:

• We may receive information about you from other sources, including through third-party services through which you may connect to SyberNow Cyber Safety Platform (such as API integrations) and organizations that supplement information directly provided by you. Information collected through integrations and other connected third-party services may include your name, email address, logging information, etc. This information allows us to provide you with the Services and to enhance our ability to furnish information about our business and products.

• Personal Data from our Partners.

• Personal Data from third parties that have indicated that they have your consent or are otherwise legally permitted or required to disclose your Personal Data to SyberNow.

• Personal Data from other individuals at your organization, or individuals who may refer SyberNow to you, for the purpose of learning more about our Services.

• Personal Data from publicly available sources such as data in the public domain.

• Information Collected Automatically:

• We automatically receive technical information that may contain Personal Data when you use our Services. We use cookies or similar technologies to analyze trends, administer the Website or mobile application, and track users’ activity related to the Services. This technical information may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data (collectively “Usage Data”).

• The technology used by our Cyber Safety Platform to automatically collect such information from you may include cookies, log files, web beacons, tags, and embedded scripts. We use this information to analyze how people use the Service, to improve how our Services functionality, save your log-in information for future sessions, and to provide you with advertisements that may interest you. In addition, we and our marketing partners, affiliates, analytics, and service providers may use a variety of other technologies (such as tags) that collect similar information for security and fraud detection purposes, and we may use third parties to perform these Services on our behalf.

• Please note that Certain web browsers may transmit “Do Not Track” signals to websites with which the browser communicates. However, due to differences in how web browsers interpret this feature and send those signals, and lack of standardization, we do not change our practices in response to such “Do Not Track” signals.

• Account Admin(s).

• As an Account Admin, your Personal Data will be used to communicate with you for support purposes for cyber safety or to follow up on requests made by you or another End User in your organization. By uploading information as an Account Admin into our Services (such as phone number or email address), you hereby represent that it has been done at the discretion of the organization that you represent.

• The Account Admin’s organization is the ‘controller’ of the Personal Data, and SyberNow acts as a ‘processor’ of the Personal Data. SyberNow is legally bound by the applicable terms of the Services purchased, such as the SyberNow Terms and Conditions, and/or other applicable agreements for services between SyberNow and your organization, to only process data as authorized by the agreement(s) and/or upon the instruction of your organization.

• Information We Process on Behalf of Our Customers.

• Our Cyber Safety Services are primarily intended for business customers. Therefore, for much of the Personal Data we process through the Services, we act as a processor or service provider on behalf of our business customers. If you are an End User using our Services as a member of an organization, your organization has control (in accordance with the terms of its engagement with SyberNow) regarding what Personal Data we collect through the Services and how we use it. If you are such an End User and have privacy related questions or concerns about the privacy choices that your organization has made relating to the processing of your information via the Services, you should contact your organization directly. Alternatively, if you wish to make your request directly via SyberNow, please provide the name of the organization on whose behalf SyberNow processes your Personal Data. We will refer your request to the organization and support them to the extent required by applicable law in responding to your request.

• For the avoidance of doubt, we are not responsible for our business customers’ privacy or data security practices, which may differ from this Privacy Policy.

• Our Use of Data and the Legal Basis for Processing Personal Data.

Purpose of the Use of the Personal Data

Legal basis* (GDPR and Digital Personal & Data Protection Act only)

1. Enable your use and access of the Cyber Safety Services.

• Performance of a contract with you or with your organization.

• Legitimate interest (e.g. to provide you with SyberNow Services).

2. Manage payments to complete a transaction with you.

• Performance of a contract with you or with your organization.

3. Marketing purposes, such as news, special offers and general information about other SyberNow cyber safety goods, services, products and events.

• Consent.

• Legitimate interest.

4. Marketing, analytics, market research, to improve our Services.

• Consent.

• Legitimate interest.

5. Follow-up on an inquiry for our products and services (where you have requested)

• Consent.

6. Contact and communicate with you, whether through email, phone, and/or messages within the Services.

• Performance of a contract with you or with your organization.

• Consent.

7.

To provide customer support.

• Performance of a contract with you or with your organization.

8.

Maintain and improve your experience on the Cyber Safety Website or mobile application, (including trough cookies).

• Consent.

• Legitimate interest.

9.

Improve and optimize our Services (including trough cookies).

• Consent.

• Legitimate interest.

10.

Debugging to identify and repair errors with our Services.

• Performance of a contract with you or with your organization.

• Legitimate interest.

11.

Security purposes such as investigations of suspicious activity (such as investigating fraud or misuse of our Website or mobile application) or for compliance purposes.

• Consent.

• Legitimate interest.

12.

Monitor the usage of our Services, including to prevent abuse or improper use of our Services.

• Consent.

• Legitimate interest.

13.

Comply with legal obligations (for example in connection with anti-money laundering and counter terrorism legislation).

• to comply with a legal obligation to which we are subject.

* The legal basis applies to you, only if you are from the European Economic Area (EEA) or the UK.

• Retention of Data.

• Unless you request that we delete certain information (see Section ‎‎10 below), we will retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected. This includes satisfying any legal, regulatory, accounting, or reporting requirements, as well as ongoing fraud prevention, backup, and business continuity purposes. We have an internal data retention policy to ensure that we do not retain your Personal Data perpetually.

• We take reasonable steps to ensure that your Personal Data is accurate, complete, current, and otherwise reliable for its intended use. We will not process Personal Data in a way that is incompatible with the purposes for which it was collected. If we become aware that you provide Personal Data in violation of applicable privacy laws, we reserve the right to delete it.

• Transfer of Data.

• Your Personal Data will be collected, transferred to, stored, and processed by us in the India or any other country where we or our service providers maintain facilities. Therefore, we may transfer Personal Data from the European Economic Area (EEA), UK and Switzerland (collectively, “Europe”) to other countries that may not have the same level of data protection as applies in your jurisdiction. In these cases, we will take all the reasonably necessary steps to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy. No transfer of your Personal Data will take place unless adequate data protection measures are in place. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to such transfer of data.

• Security of Data.

• We have implemented appropriate technical, organizational, and security measures designed to protect your Personal Data. However, please note that we cannot guarantee that the information will not be compromised due to unauthorized penetration into our servers. The security of information depends in part on the security of the computer, device, or network you use to communicate with us, and the security measures you use to protect your user IDs and passwords, therefore, please ensure you take appropriate measures to protect this information.

• Disclosure of Data.

• SyberNow, a cyber safety company is not in the business of selling your Personal Data for monetary consideration. We view your information as a vital part of our relationship with you and only share it when reasonably necessary to provide our Services to you or enhance our relationship. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you. These circumstances include:

• Third Party Service Providers. We may engage third-party companies and individuals (“Service Providers”) to facilitate part or all of our Services, perform services in connection with the Services, or assist us in analyzing how our Services are used. We may use third-party service providers (such as Google Analytics) to monitor and analyze your use of our Service. We use the analytical information produced to improve and optimize the use of our Service.

• Partners. We may share your Personal Data with our business partners (including Channel Partners, such as referral partners, resellers, and managed service providers), for the purpose of assisting with sales, marketing and supporting their activities.

• Business Transaction. We may share all categories of your information in connection with, or during negotiations of, any proposed or actual merger, purchase, sale or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business.

• Disclosure for Law Enforcement. Under certain circumstances, SyberNow, Inc may be required by law to disclose your Personal Data in response to valid requests by public authorities (e.g. a court or a government agency), or in the good faith belief that such actions are necessary to: (a) comply with a legal obligation, (b) protect and defend the rights or property of SyberNow, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) protect the personal safety of users of the Services or the public, and/or (e) protect against legal liability.

• Consent. Instances in which you have consented to us sharing Personal Data.

• Your Data Protection Choices and Rights.

• Under the applicable data protection laws, you may have certain rights associated with your Personal Data. You or your organization (as applicable) may request SyberNow to honor these rights by contacting us as outlined in the “Contact Us” section below.

• Please note that we may ask you to verify your identity before responding to such requests. Verifying your request will require you to provide sufficient information for us to reasonably verify that you are the person about whom we collected Personal Data. We will only use the Personal Data that you have provided in a verifiable request to verify your request. We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority. Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, or manifestly unfounded.

• For Individuals Located in the European Economic Area (EEA), United Kingdom (UK) or Switzerland:

• If you are a resident of the European Economic Area (EEA), UK or Switzerland you may have certain rights under applicable data protection laws in relation to your Personal Data. Under certain circumstances, you may have the following rights:

• The right to access the Personal Data held about you.

• The right to request that we rectify any Personal Data we hold that is inaccurate or misleading.

• The right to request the erasure/deletion of your Personal Data from our records. Please note that there may be circumstances in which we are required to retain your Personal Data, for example for the establishment, exercise, or defense of legal claims.

• The right to object to or to request restriction of the processing of your Personal Data.

• The right to data portability. This means that you may have the right to receive your Personal Data in a structured, commonly used, and machine-readable format.

• The right to not being subject to a decision based solely on automated processing, including profiling, which produces adverse legal effects.

• The right to withdraw your consent at any time. Please note that there may be circumstances in which we are entitled to continue processing your data, in particular if the processing is required to meet our legal and regulatory obligations. Also, please note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

• The right to request certain details of the basis on which your Personal Data is transferred outside the European Economic Area, but data transfer agreements and/or other details may need to be partially redacted for reasons of commercial confidentiality.

• The right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution.

• For California Residence Individuals:

• If you are a resident of the State of California, you may have certain rights under applicable data protection laws in relation to your Personal Data:

• “Shine the Light” and “Eraser” Laws. You may request a list of all third parties to which we have disclosed certain information during the preceding year for those third parties’ direct marketing purposes. If you are a minor permitted to register as a user of our Services, you may request to remove or obtain the removal of content or information that you posted on our Services.

• The Right to Know. You may have the right to request that we disclose the following information to you about our collection and use of your Personal Data over the past twelve (12) months. Upon verification of your identity, we may disclose to you:

• The categories of Personal Data we have collected about you.

• The categories of sources for the Personal Data we have collected about you.

• The specific pieces of Personal Data we have collected about you.

• Our business or commercial purpose for collecting or “selling” your Personal Data as defined by the CCPA.

• The categories of third parties to whom we have sold or shared your Personal Data, if any, and the categories of Personal Data that we have shared with each third-party recipient.

• Links to Other Sites.

• Our Cyber Safety Services may contain links to other websites that are not owned and/or operated by us (“Third Party Websites”). We are not responsible for the privacy practices or content of such Third-Party Websites. Please be aware that Third Party Websites can collect Personal Data from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third-Party Service.

• Children’s Privacy.

• Our Services are not intended for persons under the age of 18. Thus, we do not intentionally gather Personal Data from visitors who are under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us at support@sybernow.com. If we become aware that we have collected Personal Data from persons under the age of 18, we may take steps to delete it.

• Changes to This Privacy Policy of Cyber Safety Organization.

• We may update our Privacy Policy from time to time. We will notify you of any changes by posting the updated Privacy Policy on this page. We will let you know via email or a prominent notice on our Cyber Safety Website or Platform, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when posted on this page. Your continued use of the Services after we amend the Privacy Policy is deemed acceptance of those changes.

• Contact Us.

• Please direct any inquiries, requests, or complaints regarding our compliance with this Privacy Policy and/or data protection laws, or if you wish to exercise your rights to support@sybernow.com If you are an End User using our Services via your organization’s account, we recommend you reach out to your Account Admin to exercise your rights. You may also email support@sybernow.com and we will (if applicable) reach out to the relevant officer in your organization.

Read more information about cyber safety here.