CyberPWN Privacy Notice

1. Scope

This Privacy Notice applies to:

• Website visitors
• Clients, partners, vendors, and users of CyberPWN services
• Individuals interacting with our support or applying for roles at CyberPWN

It does not apply to third-party websites linked through our services.

2. Global Privacy Compliance

CyberPWN complies with applicable global data protection regulations, including:

• EU General Data Protection Regulation (GDPR)
• UK GDPR
• California Consumer Privacy Act (CCPA) and CPRA
• India's Digital Personal Data Protection Act (DPDP)
• Singapore's PDPA, Canada's PIPEDA, and others as applicable

Our internal data protection policies align with the requirements of these frameworks and undergo regular audits to ensure compliance.

3. Personal Information We Collect

We collect information:

You Provide

• Full name, job title, company
• Email, phone number, billing details
• Support queries, survey responses
• Employment application data

Automatically

• IP address, browser type, device ID, geolocation
• System logs and usage analytics
• Cookies and trackers (see Section 5)

From Third Parties

• Event organizers, referral partners
• Public sources and professional networks (e.g., LinkedIn)

4. How We Use Your Information

We use your data to:

• Deliver and operate services securely
• Respond to queries and technical support
• Analyze and improve platform usage
• Manage customer relationships and billing
• Send marketing communications (with your consent or legitimate interest)
• Meet legal, regulatory, and contractual obligations

We may also aggregate or anonymize your data for analytics and performance metrics.

5. Cookies and Tracking Technologies

CyberPWN uses cookies, web beacons, and similar tools to:

• Maintain site performance and security
• Collect usage statistics
• Enable personalization and marketing features

You can adjust your cookie preferences at any time through our cookie banner or browser settings.

6. Sharing and Disclosure

We may share your personal data with:

• Cloud hosting, analytics, and customer service providers (under strict data protection contracts)
• Affiliates or authorized resellers
• Legal and regulatory authorities, where required
• Third parties in business transactions, such as mergers or acquisitions

We do not sell your personal data.

7. International Data Transfers

Data may be stored or processed outside your country, including in jurisdictions that may not offer the same level of protection. We rely on:

• Standard Contractual Clauses (SCCs)
• Data Protection Agreements
• Recognized lawful transfer mechanisms

to ensure cross-border compliance.

8. Legal Bases for Processing

Where applicable (e.g., under GDPR/UK GDPR), we process your personal data based on:

• Your consent
• Fulfillment of a contract
• Compliance with a legal obligation
• Our legitimate interests in operating and securing our services

9. Your Rights

Depending on where you are, you may have the right to:

• Access, correct, or delete your data
• Restrict or object to how it's processed
• Request a copy in portable format
• Withdraw consent at any time
• File a complaint with your data protection authority

Contact us to exercise these rights.

10. Security Measures & Certifications

We are committed to maintaining a high standard of data security. CyberPWN is:

• ISO/IEC 27001 certified for information security management
• SOC 2 Type II certified, verifying our controls for security, availability, and confidentiality

We implement:

• End-to-end encryption
• Secure access and authentication
• Real-time monitoring and threat detection
• Regular penetration tests and audits
• Role-based access and least privilege principles

These certifications validate our adherence to globally accepted security and privacy best practices.

11. Data Retention

We retain personal data as long as necessary to:

• Provide services and fulfill contracts
• Meet regulatory and compliance obligations
• Maintain internal logs and audit trails

Once data is no longer required, it is securely deleted or anonymized.

12. Children's Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal data from minors. If we learn that a child has submitted personal data, we will promptly delete it.

13. Updates to This Privacy Notice

We may periodically revise this Notice. Updates will be posted on our website with the "Last Updated" date. For significant changes, we'll notify you via email or in-product alerts.