Privacy Policy

Last Updated: October 28, 2025

Our Commitment to Your Privacy

At CyberShield, protecting your privacy and personal data is fundamental to everything we do. As a cybersecurity services provider, we understand the importance of data protection and handle all personal information with the highest level of care and security. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or engage with our services.

We are committed to complying with the General Data Protection Regulation (GDPR) and all applicable Cyprus and European Union data protection laws. This policy is designed to help you understand your privacy rights and how we fulfill our obligations as a data controller.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you have any questions or concerns about how we handle your personal data, we encourage you to contact us using the information provided above.

Information We Collect

Information You Provide Directly

When you interact with our website or request our services, you may voluntarily provide us with personal information, including:

• Contact Information: Your name, email address, phone number, and company details when you submit contact forms or inquiry requests
• Communication Content: Messages, questions, or feedback you send to us through our contact forms or email
• Service-Related Information: Details about your organization, security requirements, and project specifications when requesting our cybersecurity services
• Account Information: If you create an account for our client portal, we collect username, password, and associated profile information

Information Collected Automatically

When you visit our website, certain information is automatically collected through cookies and similar technologies:

• Technical Information: IP address, browser type and version, operating system, device type, and screen resolution
• Usage Data: Pages visited, time spent on pages, links clicked, referring website addresses, and navigation patterns
• Analytics Information: Website performance metrics, user interaction data, and conversion tracking information
• Cookie Data: Information stored in cookies as described in our Cookie Policy, including preferences and consent choices

Legal Basis for Data Processing

We process your personal data based on the following legal grounds under GDPR:

• Consent: When you provide explicit consent for specific data processing activities, such as marketing communications or optional cookies
• Contractual Necessity: When processing is necessary to fulfill our contractual obligations or take steps at your request before entering into a contract
• Legitimate Interests: When we have legitimate business interests that do not override your fundamental rights and freedoms, such as improving our services or preventing fraud
• Legal Obligations: When we must process your data to comply with legal or regulatory requirements

How We Use Your Information

We use the personal information we collect for specific, legitimate purposes that align with providing and improving our cybersecurity services:

Service Delivery and Communication

• Responding to your inquiries and providing information about our cybersecurity services
• Processing service requests and managing client relationships
• Delivering contracted security assessments, training, or consulting services
• Providing customer support and addressing technical issues
• Sending service-related notifications and updates about your projects

Website Improvement and Analytics

• Analyzing website usage patterns to improve user experience and functionality
• Conducting research to develop better security education content and resources
• Testing new features and optimizing website performance
• Understanding how visitors find and navigate our website

Marketing Communications (With Consent)

• Sending newsletters, security alerts, and educational content you've subscribed to
• Informing you about new services, events, or updates that may interest you
• Conducting surveys to gather feedback about our services
• You can opt out of marketing communications at any time

Legal Compliance and Security

• Complying with legal obligations, court orders, and regulatory requirements
• Protecting our legitimate business interests and legal rights
• Preventing fraud, unauthorized access, and security incidents
• Maintaining records for accountability and audit purposes

How We Protect Your Data

As a cybersecurity services provider, we take data protection seriously and implement comprehensive security measures to safeguard your personal information:

Technical Security Measures

✓ Industry-standard encryption for data transmission and storage
✓ Secure server infrastructure with regular security updates
✓ Firewalls and intrusion detection systems
✓ Regular security audits and vulnerability assessments
✓ Secure backup procedures and disaster recovery plans

Organizational Security Measures

✓ Strict access controls limiting data access to authorized personnel
✓ Employee training on data protection and privacy requirements
✓ Confidentiality agreements with all staff and contractors
✓ Regular review and update of security policies
✓ Incident response procedures for data breaches

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations:

• Contact form submissions and inquiries are retained for 2 years unless a service relationship develops
• Client service records are maintained for the duration of the relationship plus 7 years for legal compliance
• Website analytics data is typically retained for 26 months
• Marketing consent records are kept until you withdraw consent or 3 years of inactivity

Data Breach Notification

In the unlikely event of a data breach that may affect your personal information, we will notify you and relevant authorities within 72 hours as required by GDPR. We maintain detailed incident response procedures to minimize any potential impact and take immediate corrective action.

Sharing Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your data only in the following limited circumstances:

Service Providers and Processors

We engage trusted third-party service providers who assist us in operating our website and delivering services. These providers have access to personal data only as necessary to perform their functions and are contractually obligated to maintain confidentiality and security. Examples include hosting providers, email services, and analytics platforms.

Legal Requirements

We may disclose your information when required by law, legal process, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to legal proceedings.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change and provide options regarding your data.

With Your Consent

We may share your information with third parties when you have given us explicit consent to do so for specific purposes.

Your Privacy Rights

Under GDPR and Cyprus data protection law, you have several important rights regarding your personal data:

Right to Access

You can request a copy of the personal data we hold about you

Right to Rectification

You can ask us to correct inaccurate or incomplete data

Right to Erasure

You can request deletion of your personal data in certain circumstances

Right to Restrict Processing

You can request that we limit how we use your data

Right to Data Portability

You can request your data in a structured, machine-readable format

Right to Object

You can object to processing based on legitimate interests or for marketing

Right to Withdraw Consent

You can withdraw consent for data processing at any time

Right to Lodge a Complaint

You can file a complaint with the Cyprus Data Protection Commissioner

How to Exercise Your Rights

To exercise any of these rights, please contact us at info@domain.com or +357 22 893 527. We will respond to your request within one month. In some cases, we may need to verify your identity before processing your request. There is no fee for most requests, but we may charge a reasonable fee for manifestly unfounded or excessive requests.

If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection in Cyprus at dataprotection.gov.cy

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

Avoid filling out contact forms, account registrations, or any data-submitting features
Disable cookies through your browser settings (see our Cookie Policy for more details)
Contact us directly to request the deletion of any previously shared personal data

We respect your privacy choices. If you would like us to delete your data, please reach out to us at the contact details provided above. We will process your request promptly in accordance with applicable data protection laws.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will notify you by:

• Updating the "Last Updated" date at the top of this policy
• Displaying a prominent notice on our website
• Sending an email notification to registered users or clients

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your personal information. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.