Privacy Policy

1. Introduction

Cyber-SSI is committed to protecting the privacy of users of its website and services. This privacy policy describes how we collect, use, store and protect your personal data in accordance with the General Data Protection Regulation (GDPR - EU Regulation 2016/679).

2. Data Controller

3. Personal Data Collected

We may collect the following categories of data:

• Identification data: name, surname, email address, phone number
• Professional data: company name, position
• Connection data: IP address, browser type, pages visited, date and time of connection
• Communication data: content of messages sent via our contact form

4. Processing Purposes

Your personal data is processed for the following purposes:

• Respond to your contact and information requests
• Provide our cybersecurity consulting services
• Manage commercial and contractual relationships
• Improve our website and services
• Comply with our legal and regulatory obligations
• Send commercial communications (with your consent)

5. Legal Basis for Processing

The processing of your data is based on the following legal bases:

• Your consent: for sending commercial communications
• Contract execution: for the provision of our services
• Our legitimate interest: to improve our services and ensure the security of our website
• Our legal obligations: to comply with applicable regulations

6. Data Recipients

Your personal data may be transmitted to the following categories of recipients:

• Our authorized personnel within the scope of their duties
• Our technical subcontractors (hosting, maintenance)
• Competent authorities in case of legal obligation

We never sell your personal data to third parties.

7. Transfers Outside the EU

Your data is primarily processed within the European Union. In case of transfer to a third country, we ensure that appropriate safeguards are in place (European Commission standard contractual clauses, adequacy decision, etc.).

8. Retention Period

Your data is retained for the following periods:

• Contact data: 3 years from last contact
• Client data: duration of contractual relationship + 5 years (legal obligations)
• Connection data: 13 months maximum
• Cookies: 13 months maximum

9. Your Rights

In accordance with GDPR, you have the following rights:

10. Right to Complain

If you believe that the processing of your personal data constitutes a violation of GDPR, you have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés):

11. Cookies

Our website uses cookies to improve your browsing experience. Cookies are small text files stored on your device.

Types of cookies used:

• Essential cookies: necessary for the website to function
• Analytics cookies: to understand how the website is used (with your consent)

You can manage your cookie preferences in your browser settings.

12. Data Security

As cybersecurity experts, we implement appropriate technical and organizational measures to protect your personal data against unauthorized access, modification, disclosure or destruction:

• Data encryption in transit (HTTPS/TLS)
• Strict data access control
• Access monitoring and logging
• Regular and secure backups
• Staff training on data protection

13. Policy Modifications

We reserve the right to modify this privacy policy at any time. Any modification will be published on this page with an updated date. We encourage you to regularly check this page.