Introduction

Cyware Labs, Inc. (“Cyware”) and its affiliates (“we,” “us,” or “our“) operate our website at https://cyware.com/ (the “Site) and are committed to protecting the privacy of your information. The following privacy policy (the “Policy”) explains what data we collect when you use the Site or any Services. By using the Site or any Services, you agree to the following practices regarding your information.

Scope

This scope of the Policy applies to the use of the following (collectively, our “Data Sources”):

  • our products, services, applications or software, and Events (as defined below) offered through the Site (our “Services”) (unless a separate privacy policy is expressed or agreed to apply in respect of such Service)
  • our Site and its subdomains regardless of the medium you (or any other user of the Site and such) may access it (e.g., via a web or mobile browser) (collectively the “Websites”); and
  • any online or in-person events hosted by us, whether such events are open to the public or are by invitation (collectively the “Events”).

Types of Personal Data We Process

We process the Personal Data we collect about you when you use our Data Sources. In this Policy, “Personal Data” means any information that may be used alone or in combination with other information to identify a natural person (you) in connection with your use of the Data Sources. 

As set out in the section below, we may process the following categories of Personal Data:

  1. Contact information, including your first and last name, mailing address, email address, telephone number, mailing preference, and other contact information you may provide when communicating with us through our Data Sources.  This information is stored. 
  2. Communication Information, which means the contents of the communications and correspondence between us, whether by email or otherwise through one of our Services, through your submission of an online form, or when you otherwise contact us.  This information is stored.
  3. Cyware Employees Only.  Recruitment Information, which means your resume, employment history, qualifications, contact information, reference information, and other information you may submit when applying for a job with us.  This information is stored. 
  4. Account Information, which means the contact information you provide to us when creating a Cyware account, including your username and user identification (“ID”) number.  This information is anonymized upon receipt and stored.
  5. Application Security Information, which means your passwords, two-factor authentication software or key pairs, security questions (including the answers to the said questions) and security device identification number.  This information is not stored.
  6. Financial Transaction Information, which means payment information, such as your credit or debit card number and other card information; other account and authentication information; and billing or contact details.  This information is not stored.

We collect Personal Data through:

  1. Your use of or participation in our Data Sources;
  2. A third party’s use of our Data Sources relating to you; and
  3. Direct or unsolicited interactions, such as when you voluntarily provide your information to us by contacting us, submitting requests and comments, subscribing to our newsletters, submitting job applications, or otherwise engaging with us through our Data Sources.

How We Use Your Personal Data

Depending on the type of information collected, we may use your Personal Data for any of, but not limited to, the following reasons:

  1. Grant you access to our Data Sources
  2. Maintain our security protocols for our network and security measures 
  3. Interact with you directly in case there is any suspicious activity detected
  4. For internal business / technical operations (i.e. troubleshooting, data analysis, statistical findings, customer satisfaction surveys, etc.)
  5. To understand exactly how our Site, Services, software/products, or any other offering to you are being used
  6. Improve usability for users like you in our products and our Site (focusing on functionality, ease of use, improved product features, more targeted product features used to meet your needs, and more)
  7. To assist in developing new products, services, and software; or simply expand our offerings to meet more of your needs
  8. Comply with applicable privacy laws relating to Personal Data
  9. Contact you with promotional items, discounts, endorsements, newsletter, or other information related to the Site, products/software, the Services offered, future industry events, or business dealings, with your consent
  10. Obligations required under a contract with you

How We Share Your Personal Data

We may share your Personal Data with the following categories of third parties:

  1. Third-party service providers who need access to Personal Data to assist us in delivering Services.
    1. For example, such third parties include payment processors; information technology service providers; providers of identity verification services; website hosting providers; marketing, accounting, shipping, and delivery vendors; other business process outsourcing providers; and partners who assist us with enhancements to Services we offer to you. 
  2. Third-party service providers who need access to Personal Data to provide services.
    1. For example, we use HubSpot for the collection and management of your Personal Data that enables us to deliver marketing communications about our Services to you.
  3. Relevant third parties in which we may have: merged, sold, or transferred our business or assets (or parts of it), for instances such as a re-structure, dissolution, or liquidation.
  4. Our corporate affiliates, when necessary, to complete the processing activities described above.
  5. Public and governmental authorities that regulate or have jurisdiction over us, such as regulatory authorities, law enforcement, public bodies, and judicial bodies.
  6. The data subject, claimant, law enforcement agency, court, governmental, supervisory or regulatory bodies, to the extent necessary for the:
    1. establishment, exercise, or defense of legal rights in accordance with applicable laws protect the legitimate rights;
    2. protection of our privacy, our property, our safety, our customers, our business partners, our personnel, and/or the general public;
    3. pursuit of available remedies or limit damages; and
    4. enforcement of our Terms of Use.

Third-Party Applications & websites

Our Data Sources may contain links to third-party applications and websites not affiliated with us. Your use of an external application or website or any informational content found on external applications or websites is subject to and governed by the privacy policies, terms, and conditions of that application or website. We are not responsible for the security or privacy practices of any external applications or websites.

Advertising and Analytics Services Provided by Third Parties

We may allow others to serve advertisements on our behalf across the Internet and to provide analytics services. These entities may use cookies, web beacons, and other technologies to collect information about your use of our Data Sources and other websites – including your IP address, web browser, pages viewed, time spent on pages, links you clicked, and conversion information. Cyware is not responsible for the capturing or use of this data and does not store this data in any capacity.  However, this information may be used by us and others to analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on the Websites, and better understand your online preferences, etc., with your consent. For more information about interest-based ads, please visit the Digital Advertising Alliance at: www.aboutads.info/choices.

Rights of Individuals in Certain Jurisdictions

In certain jurisdictions you are located, the applicable laws in that jurisdiction may afford you some, or all of, the following rights with respect to your Personal Data, such as:

  1. Accessing the Personal Data we maintain about you: We will provide you free of charge a copy of your Personal Data, but we may charge you a fee to cover our administrative costs if you request further copies of the same information.
  2. Providing you with information about how we process your Personal Data: This will include information on the categories of data, the sources from which it originated, the purpose and legal basis for the processing, the expected retention period, and the safeguards regarding data transfers to other jurisdictions, subject to the limitations set out in applicable laws and regulations.
  3. Correcting any errors regarding your Personal Data: You have the right to ask us to rectify Personal Data that you think is inaccurate or incomplete. In some cases, you will need to make certain of these changes yourself by using the tools we provide in the Data Sources.
  4. Requesting to have your Personal Data erased: You have the right to ask us to delete your Personal Data. In some cases, you will need to do the deletion yourself using the tools we provide in the Data Sources. We will decline your request for deletion if processing your Personal Data is necessary: (i) for the continued performance of a contract; (ii) to comply with our legal obligation; (iii) in pursuit of a legal action; (iv) to detect and monitor fraud; or (v) for the performance of a task in the public interest.
  5. Objecting to how we process your Personal Data: Where we process your Personal Data based on our legitimate interest (or that of a third party), you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms. We will decline your request where we have a compelling legitimate ground for the processing which overrides your rights and freedoms – such as our adherence to applicable laws, or where the processing is in connection with the establishment, exercise, or defense of legal claims.
  6. Receiving notices that are related to direct marketing: You have the right to request that we tell you how your Personal Data has been shared, if at all, with third parties for the third parties’ direct marketing purposes.
  7. Stopping your Personal Data from being used for direct marketing purposes: At your request, we will stop using your Personal Data for the purpose of direct marketing. If you want us to stop contacting you in connection with marketing communications, please email us at the email address specified below.
  8. Restricting how we process your Personal Data: At your request, we will limit the processing of your Personal Data if:
    1. you dispute the accuracy of your Personal Data;
    2. your Personal Data was processed unlawfully and you request a limitation on processing, rather than the deletion of your Personal Data;
    3. we no longer need to process your Personal Data, but you require your Personal Data in connection with a legal claim, or
    4. you object to the processing pending verification as to whether an overriding legitimate ground for such processing exists.

We may continue to store your Personal Data to the extent required to ensure that your request to limit the processing is respected in the future.

9. Collecting your data portability. You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format, if:

  • the processing of your Personal Data is based on your consent or required for the performance of a contract; or
  • the processing is carried out by automated means.

Please note information might already be available to you via the Data Sources.

10. Withdrawing any consent that you gave us to process your Personal Data: You have the right to withdraw any consent you may have previously given us, at any time.

11. Providing a complaint to a supervisory authority: If you are not satisfied with our response, you have the right to complain to or seek advice from a supervisory authority and/or bring a claim against us in any court of competent jurisdiction.

To exercise any of the above rights, please contact us at the email address specified below. We will consider and process your request within a reasonable period of time. Please be aware that under certain circumstances, or in relation to certain types of data, including pseudonymous data, the applicable legislation may limit your exercise of these rights.

International Data Transfers: We may transfer your Personal Data to countries outside of your jurisdiction for processing in accordance with this Policy and as permitted by applicable law. Where this is the case, we will ensure that any data processors receiving your Personal Data are subject to laws ensuring an adequate level of data protection as set out in an applicable decision of the relevant regulatory authority, or we will ensure that an adequate level of data protection will be available on the basis of standard contractual clauses that will allow you to directly enforce your rights as a third-party beneficiary.

Where regulation in a jurisdiction requires us to provide you with a notice, or other explanation of the information about you that we collect and process (or similar), this Policy shall be understood as fulfilling our obligation to provide you with such notice or explanation.

Retention of Personal Data

We retain Personal Data for the period of time necessary to fulfill the purposes outlined in this Policy (and our records retention policies), unless a longer retention period is required by law.

Data Security

The security of your information is important to us. We have implemented reasonable technical, physical, and administrative security measures intended to protect your Personal Data from unauthorized access, disclosure, alteration, or destruction.

Marketing

To opt-out of receiving marketing communications from us, please click the unsubscribe link at the bottom of a marketing email or let us know by reaching us at the email address specified below. Please note that even if we stop all marketing communications, you may still receive administrative, legal, and other important communications from us.

EU-U.S. Data Privacy Framework 

We comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit: https://www.privacyshield.gov/

We commit to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF in the context of the employment relationship.

Children’s Privacy

We do not market to and do not knowingly collect any Personal Data from or about a child under the age of 18 without the consent of the child’s parent or legal guardian. Our Data Sources are not intended for children under the age of 18. Children under the age of 18 must not use our Data Sources for any purpose without first obtaining legally valid parental/guardian consent to this Policy (both for themselves and on your behalf). If you believe we have any Personal Data from any children under the age of 18 without such parental/guardian consent, please contact us at the email address specified below.

Updates to the Privacy Policy

We reserve the right to amend this Policy at any time. You will know if the Policy has changed since the last time you reviewed it by checking the “Date of Last Update” section below. By continuing to use our Site and other Data Sources after changes have been posted, you are confirming that you have read, understood, and agree to the latest version of this Policy.

If you have any questions, comments, or complaints or would like to access or correct your Personal Data and privacy preferences, please contact us by using the following ways:

By email: privacy@cyware.com

By postal mail:

111 Town Square Place, Suite 1203, #4

Jersey City, NJ 07310

United States of America

Date of Last Update: May 16, 2023