Privacy and Legal

Get to know us better
Ask a question

Cyber Risk GmbH appreciates your visit to this web site ("Cyber Risk GmbH Website") and your interest in our services and products. Your privacy is important to us and we want you to feel comfortable visiting our site. We take care to protect your personal information.

We fully comply with the Swiss Federal Act on Data Protection (FADP), the EU General Data Protection Regulation (GDPR) and all other applicable laws and regulations.

In this document:

‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

‘Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

We collect the personal information visitors and clients give us.

Personal data are:

(a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);

(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’);

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

(d) accurate and, where necessary, kept up to date; (‘accuracy’);

Cyber Risk GmbH also outlines reasonable precautions which are taken to keep your data secure.

We do not profile visitor of our web sites. We do not use tracking methods in order to identify visitors. We do not collect personal information of the visitors of the web site in a way that is prohibited by the General Data Protection Regulation (GDPR).

This Statement applies to any information obtained by Cyber Risk GmbH through your use of the Cyber Risk GmbH Website. It is not applicable to any Internet websites controlled by third parties not affiliated with Cyber Risk GmbH that the Cyber Risk GmbH Website may link to ("Third Party Sites"). Please review the privacy statements of Third Party Sites as Cyber Risk GmbH is not responsible for the content or the privacy practices of Third Party Sites.

The terms of this Statement are subject to any additional terms of disclaimers or other contractual terms you have entered into with Cyber Risk GmbH such as client privacy statements or notices, and any applicable mandatory laws and regulations.

When you visit the Cyber Risk GmbH Website, our web hosting company may record details about your visit (for example, your IP address, the web site from which you visit us, the type of browser software used, the Cyber Risk GmbH Website pages that you actually visit including the date and the duration of your visit). We do not use this information to identify or profile persons.

We may disclose your information to governmental agencies or entities, regulatory authorities, or other persons in line with any applicable law, regulations, court order or official request, or under any and for the purposes of any guidelines issued by regulatory or other authorities, or similar processes as either required or permitted by applicable law.

Cyber Risk GmbH has implemented reasonable technical and organisational security measures to protect your personal data against unauthorized access, misuse, loss or destruction.

All electronic messages sent to and from Cyber Risk GmbH are automatically stored. They are protected by reasonable technical and organisational measures and may only be accessed in justified cases in line with applicable laws and regulations (e.g. court order, suspicion of criminal conduct, violation of regulatory obligations, material breach of employment contract) to specific persons in defined functions (e.g. Legal, Compliance, Risk). All emails are disposed of after the applicable retention period has expired.

Swiss and EU citizens have the right to require increased responsibility and accountability for those processing personal data, so they can contact us at the email address: george.lekatis@cyber-risk-gmbh.swiss

If you use this email address, we will process and store data in compliance with both, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The service provider is Hostpoint (the servers are located in the interxion data center in Zurich, the data is saved exclusively in Switzerland, and support, development and administration activities are also based entirely in Switzerland).

Our blog:
https://www.cyber-risk-gmbh.swiss

What should you consider when sending data over the Internet?

The Internet is generally not regarded as a secure environment, and information sent via the Internet (such as to or from the Cyber Risk GmbH Website or via electronic message) may be accessed by unauthorized third parties, potentially leading to disclosures, changes in content or technical failures. Even if both sender and receiver are located in the same country, information sent via the Internet may be transmitted across international borders and be forwarded to a country with a lower data protection level than exists in your country of residence.

Please note that we accept no responsibility or liability for the security of your information whilst in transit over the Internet to Cyber Risk GmbH. In order to protect your privacy we would like to remind you that you may choose another means of communication with Cyber Risk GmbH, where you deem it appropriate.

How do we deal with information from individuals under the age of 18?

The Cyber Risk GmbH Website does not seek to collect personal data from individuals under the age of 18. Individuals under the age of 18 should receive permission from their parent or legal guardian before providing any personal data to Cyber Risk GmbH on the Cyber Risk GmbH Website.

How can you access or review your personal data?

You may, where permitted by applicable law or regulation:

  1. - check whether we hold your personal data,
  2. - ask us to provide you with a copy of your personal data, or
  3. - require us to correct any of your personal data that is inaccurate

Should you have a request regarding the processing of your personal data please send a letter to the following address:
Cyber Risk GmbH
Rebackerstrasse 7
8810 Horgen
Switzerland

Last update: July 15, 2017

Data Protection Note Name and address of the responsible entity

Cyber Risk GmbH
Rebackerstrasse 7
8810 Horgen
Switzerland
Tel: +41 43 810 43 61
Email: george.lekatis@cyber-risk-gmbh.com
Web: www.cyber-risk-gmbh.com

Swiss and EU citizens have the right to require increased responsibility and accountability for those processing personal data, so they can contact us at the email address: george.lekatis@cyber-risk-gmbh.swiss

If you use this email address, we will process and store data in compliance with both, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The service provider is Hostpoint (the servers are located in the interxion data center in Zurich, the data is saved exclusively in Switzerland, and support, development and administration activities are also based entirely in Switzerland).

Information requests

If, under Article 8 of the Federal Act on Data Protection ("FADP"), you wish to request information as to whether Cyber Risk GmbH processes your personal data, please send a written request to the following address:
Cyber Risk GmbH
Rebackerstrasse 7
8810 Horgen
Switzerland
Last update: July 15, 2017