Privacy Policy of CyberSec Services

This Website collects some Personal Data from its Users.

This document contains a section dedicated to Users in the United States and their privacy rights.

This document can be printed using the print command in the settings of any browser.

Data Controller

CyberSec Services S.r.l.

Via Malchi, 7
22063 Cantù (CO)
VAT Number: 16816481002

Controller’s email address: info@cybersecservices.it

Types of Data Collected

Among the types of Personal Data collected by this Website, either independently or through third parties, there are: Tracking Tools; Usage Data; first name; last name; phone number; company name; email; various types of Data; city.

Full details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanatory texts displayed prior to the collection of the Data.
Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically when using this Website.
Unless otherwise specified, all Data requested by this Website is mandatory. If the User refuses to provide it, it may be impossible for this Website to provide the Service. In cases where this Website specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences on the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Controller.

The possible use of Cookies – or other tracking tools – by this Website or by the owners of third-party services used by this Website is intended to provide the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy.

The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Website.

Methods and Place of Processing the Collected Data

Methods of Processing

The Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Controller, in some cases, the Data may be accessible to other persons involved in the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Controller. The updated list of these parties may be requested from the Controller at any time.

Place

The Data is processed at the Controller’s operating offices and in any other places where the parties involved in the processing are located. For further information, please contact the Controller.
Personal Data of the User may be transferred to a country other than the one in which the User is located. For more information about the place of processing, Users can refer to the section containing details about the processing of Personal Data.

Retention Time

Unless otherwise stated in this document, Personal Data is processed and stored for the time required by the purpose for which it was collected and may be stored for a longer period due to legal obligations or based on the User’s consent.

Purposes of Processing the Collected Data

User Data is collected to allow the Controller to provide its Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of Users or third parties), detect malicious or fraudulent activity, as well as for the following purposes: Analytics, Tag Management, Displaying content from external platforms and Contacting the User.

For specific information about the Personal Data used for each purpose, the User may refer to the section “Detailed information on the processing of Personal Data.”

Detailed Information on the Processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

  • Contacting the User

    Contact form (this Website)

    By filling in the contact form with their Data, the User authorizes this Website to use these details to reply to requests for information, quotes, or any other kind of request as indicated by the form’s header.

    Personal Data processed: city; last name; email; first name; phone number; company name; various types of Data.

    Category of Personal Information collected under the CCPA: identifiers; commercial information.

    This type of processing constitutes:

    • a Sale in California

    Phone contact (this Website)

    Users that provided their phone number might be contacted for commercial or promotional purposes related to this Website, as well as for fulfilling support requests.

    Personal Data processed: phone number.

    Category of Personal Information collected under the CCPA: identifiers.

  • Tag Management

    This type of service helps the Owner to manage the tags or scripts needed on this Website in a centralized fashion.
    This results in the Users’ Data flowing through these services, potentially resulting in the retention of this Data.

     

    Google Tag Manager (Google Ireland Limited)

    Google Tag Manager is a tag management service provided by Google Ireland Limited.

     

    To find out more about how Google uses Data, please refer to their partner policy and their Business Data page.

    Personal Data processed: Usage Data.

    Place of processing: Ireland – Privacy Policy.

    Category of Personal Information collected under the CCPA: information related to internet or other network activity.

  • Statistics

    The services contained in this section allow the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

    Google Analytics (Universal Analytics) with anonymized IP (Google Ireland Limited)

    Google Analytics (Universal Analytics) is a web analysis service provided by Google Ireland Limited (“Google”). Google uses the collected Personal Data to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network. This integration of Google Analytics anonymizes your IP address. Anonymization works by shortening Users’ IP addresses within member states of the European Union or in other countries that are part of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server and shortened within the United States.

    For a better understanding of Google’s use of Data, please consult their Google Partner Policy.

    Personal Data processed: Usage Data; Tracking Tools.

    Place of processing: Ireland – Privacy PolicyOpt Out.

    Category of Personal Information collected under the CCPA: information related to internet or other network activity.

    This type of processing constitutes:

    • a Sale in California

  • Displaying content from external platforms

    This type of service allows you to view content hosted on external platforms directly from the pages of this Website and interact with them. These services are often referred to as widgets — small elements embedded into a website or application. They provide specific information or perform a particular function and often allow interaction with the user. This type of service might still collect web traffic data for the pages where it is installed, even when users do not actively use it.

    Google Fonts (Google Ireland Limited)

    Google Fonts is a typeface visualization service provided by Google Ireland Limited that allows this Website to incorporate such content within its pages.

    Personal Data processed: Usage Data; Tracking Tools.

    Place of processing: Ireland – Privacy Policy.

    Category of Personal Information collected under the CCPA: information related to internet or other network activity.

    This type of processing constitutes:

    • a Sale in California

    YouTube Video Widget (Google Ireland Limited)

    YouTube is a video content visualization service provided by Google Ireland Limited that allows this Website to incorporate video content into its pages.

    Personal Data processed: Usage Data; Tracking Tools.

    Place of processing: Ireland – Privacy Policy.

    Category of Personal Information collected under the CCPA: information related to internet or other network activity.

This Website uses Tracking Tools. To learn more, Users can consult the Cookie Policy.

Legal basis of processing

The Data Controller processes Personal Data relating to the User if one of the following conditions applies:

  • the User has given consent for one or more specific purposes;
  • processing is necessary for the performance of a contract with the User and/or for pre-contractual measures;
  • processing is necessary to comply with a legal obligation to which the Data Controller is subject;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
  • processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by third parties.

In any case, Users can always request the Data Controller to clarify the specific legal basis for each processing operation, and in particular to specify whether the processing is based on law, provided by a contract, or necessary to enter into a contract.

Further information on retention period

Unless otherwise indicated in this document, Personal Data is processed and retained for the duration required by the purpose for which it was collected, and may be retained for longer periods due to possible legal obligations or based on Users’ consent.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the full execution of that contract.
  • Personal Data collected for purposes related to the legitimate interests of the Data Controller will be retained until such interests have been satisfied. Users may obtain further information regarding the legitimate interests pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

When processing is based on the User’s consent, the Data Controller may retain Personal Data for longer periods until such consent is withdrawn. Furthermore, the Data Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or an order issued by an authority.

Upon expiration of the retention period, Personal Data will be deleted. Therefore, at the expiration of this period, the rights of access, deletion, rectification, and the right to data portability can no longer be exercised.

User Rights under the General Data Protection Regulation (GDPR)

Users may exercise certain rights regarding the Data processed by the Data Controller.

In particular, within the limits established by law, Users have the right to:

  • withdraw consent at any time. Users can withdraw their previously given consent to the processing of their Personal Data.
  • object to the processing of their Data. Users can object to the processing of their Data if the processing occurs on a legal basis other than consent.
  • access their Data. Users have the right to obtain information about the Data processed by the Data Controller, certain aspects of the processing, and to receive a copy of the Data processed.
  • verify and seek rectification. Users can verify the accuracy of their Data and request its update or correction.
  • restrict the processing of their Data. Users can request the restriction of processing their Data. In this case, the Data Controller will not process the Data for any other purpose than storage.
  • have their Personal Data deleted or otherwise removed. Users can request the deletion of their Data by the Data Controller.
  • receive their Data or have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without hindrance.
  • lodge a complaint. Users can lodge a complaint with the competent data protection supervisory authority or take legal action.

Users have the right to receive information regarding the legal basis for Data transfers abroad, including transfers to international organizations governed by international law or established by two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to safeguard their Data.

Details about the right to object

When Personal Data is processed in the public interest, in the exercise of official authority vested in the Data Controller, or for the purposes of legitimate interests pursued by the Data Controller, Users have the right to object to such processing on grounds relating to their particular situation.

Users are reminded that if their Data is processed for direct marketing purposes, they may object to such processing at any time, free of charge, and without providing any justification. If Users object to processing for direct marketing purposes, their Personal Data will no longer be processed for such purposes. To find out whether the Data Controller processes Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to exercise these rights

To exercise their rights, Users can submit a request to the contact details of the Data Controller indicated in this document. Requests are free of charge, and the Data Controller will respond as soon as possible, in any case within one month, providing Users with all the information required by law. Any rectifications, erasures, or restrictions of processing will be communicated by the Data Controller to each recipient, if any, to whom the Personal Data have been disclosed, unless this proves impossible or involves disproportionate effort. Upon request, the Data Controller will inform Users of these recipients.

Further information for Users in the United States

This part of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the business running this Website and, if the case may be, its parent, subsidiaries and affiliates (for the purposes of this section referred to collectively as “we”, “us”, “our”).

The information contained in this section applies to all Users (Users are referred to below, simply as “you”, “your”, “yours”), who are residents in the following states: California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon and Montana.

For such Users, this information supersedes any other possibly divergent or conflicting provisions contained in the privacy policy.

This part of the document uses the term Personal Information.

Notice at collection

The following Notice at collection provides you with timely notice about the categories of Personal Information collected or disclosed in the past 12 months so that you can exercise meaningful control over our use of that Information.

While such categorization of Personal Information is mainly based on California privacy laws, it can also be helpful for anyone who is not a California resident to get a general idea of what types of Personal Information are collected.

  • Internet or other electronic network activity information

    Personal Information collected or disclosed: Strumenti di tracciamento, Dati di utilizzo

    Purposes:

    • Statistica
    • Gestione dei tag
    • Visualizzazione di contenuti da piattaforme esterne

    Retention period: for the time necessary to fulfill the purpose

    Sold or Shared : Yes

    Targeted Advertising : No

    Third-parties: Google Ireland Limited

    Service providers or contractors: Google Ireland Limited

  • Identifiers

    Personal Information collected or disclosed: Nome, Cognome, Numero di telefono, Ragione sociale, Email, Varie tipologie di dati, Città

    Purposes:

    • Contattare l’Utente

    Retention period: for the time necessary to fulfill the purpose

    Sold or Shared : Yes

    Targeted Advertising: : No

    Service providers or contractors: this Website

  • Commercial information

    Personal Information collected or disclosed: Nome, Cognome, Numero di telefono, Ragione sociale, Email, Varie tipologie di dati, Città

    Purposes:

    • Contattare l’Utente

    Retention period: for the time necessary to fulfill the purpose

    Sold or Shared : Yes

    Targeted Advertising: No

    Service providers or contractors: this Website

You can read the definitions of these concepts inside the “Definitions and legal references section” of the privacy policy.

To know more about your rights in particular to opt out of certain processing activities you can refer to the “Your privacy rights under US state laws” section of our privacy policy.

For more details on the collection of Personal Information, please read the section “Detailed information on the processing of Personal Data” of our privacy policy.

We won’t process your Information for unexpected purposes, or for purposes that are not reasonably necessary to and compatible with the purposes originally disclosed, without your consent.

What are the sources of the Personal Information we collect?

We collect the above-mentioned categories of Personal Information, either directly or indirectly, from you when you use this Website.

For example, you directly provide your Personal Information when you submit requests via any forms on this Website. You also provide Personal Information indirectly when you navigate this Website, as Personal Information about you is automatically observed and collected.

Finally, we may collect your Personal Information from third parties that work with us in connection with the Service or with the functioning of this Website and features thereof.

Your privacy rights under US state laws

You may exercise certain rights regarding your Personal Information. In particular, to the extent permitted by applicable law, you have:

  • the right to access Personal Information: the right to know. You have the right to request that we confirm whether or not we are processing your Personal Information. You also have the right to access such Personal Information;
  • the right to correct inaccurate Personal Information. You have the right to request that we correct any inaccurate Personal Information we maintain about you;
  • the right to request the deletion of your Personal Information. You have the right to request that we delete any of your Personal Information;
  • the right to obtain a copy of your Personal Information. We will provide your Personal Information in a portable and usable format that allows you to transfer data easily to another entity – provided that this is technically feasible;
  • the right to opt out from the Sale of your Personal Information; We will not discriminate against you for exercising your privacy rights.
  • the right to non-discrimination.

Additional rights for Users residing in California

In addition to the rights listed above common to all Users in the United States, as a User residing in California, you have

  • The right to opt out of the Sharing of your Personal Information for cross-context behavioral advertising;
  • The right to request to limit our use or disclosure of your Sensitive Personal Information to only that which is necessary to perform the services or provide the goods, as is reasonably expected by an average consumer. Please note that certain exceptions outlined in the law may apply, such as, when the collection and processing of Sensitive Personal Information is necessary to verify or maintain the quality or safety of our service.

Additional rights for Users residing in Virginia, Colorado, Connecticut, Texas, Oregon and Montana

In addition to the rights listed above common to all Users in the United States, as a User residing in Virginia, Colorado, Connecticut, Texas and Oregon, you have

  • The right to opt out of the processing of your personal information for Targeted Advertising or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you;
  • The right to freely give, deny or withdraw your consent for the processing of your Sensitive Personal Information. Please note that certain exceptions outlined in the law may apply, such as, but not limited to, when the collection and processing of Sensitive Personal Information is necessary for the provision of a product or service specifically requested by the consumer.

Additional rights for users residing in Utah

In addition to the rights listed above common to all Users in the United States, as a User residing in Utah, you have

  • The right to opt out of the processing of your Personal Information for Targeted Advertising;
  • The right to opt out of the processing of your Sensitive Personal Information. Please note that certain exceptions outlined in the law may apply, such as, but not limited to, when the collection and processing of Sensitive Personal Information is necessary for the provision of a product or service specifically requested by the consumer.

How to exercise your privacy rights under US state laws

To exercise the rights described above, you need to submit your request to us by contacting us via the contact details provided in this document.

For us to respond to your request, we must know who you are. We will not respond to any request if we are unable to verify your identity and therefore confirm the Personal Information in our possession relates to you. You are not required to create an account with us to submit your request. We will use any Personal Information collected from you in connection with the verification of your request solely for verification and shall not further disclose the Personal Information, retain it longer than necessary for purposes of verification, or use it for unrelated purposes.

If you are an adult, you can make a request on behalf of a child under your parental authority.

How to exercise your rights to opt out

In addition to what is stated above, to exercise your right to opt-out of Sale or Sharing and Targeted Advertising you can also use the privacy choices link provided on this Website.

If you want to submit requests to opt out of Sale or Sharing and Targeted Advertising activities via a user-enabled global privacy control, such as for example the Global Privacy Control (“GPC”), you are free to do so and we will abide by such request in a frictionless manner.

How and when we are expected to handle your request

We will respond to your request without undue delay, but in all cases within the timeframe required by applicable law. Should we need more time, we will explain to you the reasons why, and how much more time we need.

Should we deny your request, we will explain to you the reasons behind our denial (where envisaged by applicable law you may then contact the relevant authority to submit a complaint).

We do not charge a fee to process or respond to your request unless such request is manifestly unfounded or excessive and in all other cases where it is permitted by the applicable law. In such cases, we may charge a reasonable fee or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind them.

Ecco la traduzione completa in inglese della parte finale, mantenendo intatta tutta la formattazione HTML originale:

“`html

Further information about processing

Legal action

The User’s Personal Data may be used by the Data Controller for legal purposes in court or in the stages leading to possible legal action arising from improper use of this Website or its related Services by the User.
The User declares to be aware that the Data Controller may be required to disclose the Data upon request of public authorities.

Specific disclosures

At the User’s request, in addition to the information contained in this privacy policy, this Website may provide Users with additional and contextual disclosures concerning specific Services or the collection and processing of Personal Data.

System logs and maintenance

For operation and maintenance purposes, this Website and any third-party services it uses may collect system logs, i.e., files recording interactions, which may also contain Personal Data, such as the User’s IP address.

Information not contained in this policy

Further information regarding the processing of Personal Data may be requested at any time from the Data Controller using the contact details provided.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Website as well as, when technically and legally feasible, sending a notification to Users through any contact details available. It is strongly recommended to check this page regularly, referring to the date of the last modification indicated at the bottom.

If the changes affect processing activities whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.

Personal Data (or Data) / Personal Information (or Information)

Any information that, directly or indirectly, even in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.

Sensitive Personal Information

Sensitive Personal Information means Personal Information that is not publicly available and that reveals information deemed sensitive according to applicable privacy laws.

Usage Data

Information collected automatically through this Website (or third-party services employed in this Website), which can include: IP addresses or domain names of the computers utilized by the Users connecting to this Website, URI addresses (Uniform Resource Identifier), time of request, method utilized to submit the request to the server, size of the file received in response, numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, browser and operating system characteristics utilized by the User, various time details per visit (e.g., time spent on each page within the Website), and details regarding the path followed within the Application, with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

User

The individual using this Website who, unless otherwise specified, coincides with the Data Subject.

Data Subject

The natural person to whom the Personal Data refers.

Data Processor (or Processor)

The natural or legal person, public authority, agency, or other body processing Personal Data on behalf of the Data Controller, as described in this privacy policy.

Data Controller (or Controller)

The natural or legal person, public authority, service, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data and the tools adopted, including security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website.

This Website (or this Application)

The hardware or software tool by which the Personal Data of Users are collected and processed.

Service

The Service provided by this Website as defined in the relative terms (if available) on this website/application.

Sale

Sale means any exchange of Personal Information by the Owner to a third party for monetary or other valuable consideration, as defined by applicable U.S. state privacy laws. Please note that the disclosure of Personal Information to a service provider under a written contract meeting the requirements set forth by applicable law does not constitute a sale of your Personal Information.

Sharing

Sharing means any sharing, rental, release, disclosure, dissemination, making available, transfer, or other communication orally, in writing, or by electronic or other means, of a consumer’s Personal Information by the business to a third party for cross-context behavioral advertising, whether for monetary or other valuable consideration, including transactions between a business and a third party for cross-context behavioral advertising for the benefit of a business in which no money is exchanged, as defined by California privacy laws. Please note that the disclosure of Personal Information to a service provider under a written contract meeting the requirements set forth by California privacy laws does not constitute a sharing of your Personal Information.

Targeted Advertising

Targeted Advertising means displaying advertisements to a consumer in which the advertisement is selected based on Personal Information obtained from that consumer’s activities over time and across non-affiliated websites or online applications to predict such consumer’s preferences or interests, as defined under applicable U.S. state privacy laws.

European Union (or EU)

Unless otherwise specified, any reference to the European Union in this document includes all current member states of the European Union and the European Economic Area.

Cookie

Cookies are Tracking Tools consisting of small sets of data stored in the User’s browser.

Tracking Tool

Tracking Tool means any technology—e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, and fingerprinting—that enables the tracking of Users, for instance by accessing or storing information on the User’s device.

Legal references

This privacy policy is prepared based on provisions of multiple legislative frameworks.

Unless otherwise specified, this privacy policy applies exclusively to this Website.

Latest update: June 10, 2024