Your privacy is among our highest priorities. Cyber Forum GmbH believes in respecting your privacy. We do not collect any personally identifiable data from visitors to this website other than when you contact us or subscribe to any of our services. The basis on which we collect such data and other relevant information are set out in our Data Protection Notice below.
We explain below how we analyze data from this website. Any links to external sites are out of our control and we encourage you to always read the privacy statements on the other websites you visit.
Visiting Our Website
We use a third-party service, SiteGround, (the commercial brand of SG Hosting Inc.) to host our website. The security of the website is protected by industry-standard encryption processes (SSL encryption).
We have no legal means of finding out the identities of persons visiting our website and do not make any attempt to do so.
Cookie Use and Policy
We use only necessary cookies to ensure you get the best experience on our website. We do not use any other cookies for website analytics, tracking, targeting and marketing purposes.
We use Google Analytics to collect standard internet log information, details of visitor behaviour patterns and the number of visitors to the various parts of the site. This information is processed in such a way that we cannot identify a specific individual, i.e. there are no unique identifier cookies.
DATA PROTECTION NOTICE
The collecting and processing of your personal data shall always be in line with the General Data Protection Regulation (GDPR) of the European Union and Swiss Data Protection Act.
The GDPR gives individuals in the European Union enhanced rights over the use of their personal data. Under the GDPR and Swiss DPA, we are required to give you certain information, including your rights when you provide us with your personal data.
If you become a member of our Swiss Cyber Forum and/or subscribe to attend one of our events, workshops, training sessions, webinars, conferences or other events, we will ask you for a minimal amount of personal data to enable us to process your booking, to keep you informed of any developments concerning your attendance at the events and for administration purposes. Our legal basis for processing your personal data for these purposes is contractual (Article 6(1)(b) GDPR).
We retain third-party research services (Linkedin etc.) to identify appropriate persons at companies and other organizations whom we feel, given their position and role, may be interested in, or benefit from, becoming our member or receiving details of our future events and conference or other services. These researchers obtain the details of such persons from publicly-available information on the internet. The legal basis on which we process personal data and communicate with data subjects in these circumstances is our legitimate interests under Article 6(1)(f) of GDPR. In conducting our legitimate interests’ assessment, consideration was given to the following:
· The amount of personal data processed is minimal;
· The data is publicly available and is not sensitive in any way;
· The relationship is business to business and relevant to the job title;
· There is minimal privacy risk;
· There are no viable alternative means of communication;
· The processing is vital to our business operations;
· The data subjects are senior business people who would mostly be interested in the services we offer;
· There is a simple opt-out facility.
On balance, we concluded that the processing is justified as it is vital to our business interests while having a minimal impact on the rights and freedoms of data subjects.
The personal data you provide us with when subscribing to our services will be used only for the purposes of providing you with and improving those services. Some data elements, e.g. job titles and company names, may be aggregated on an anonymized basis for analytical and statistical purposes to enable us to improve our services.
Protection of your personal information
We take all reasonable care and apply the necessary technical and organizational measures to protect your personal data. Where we employ data processors to process your data on our behalf, we ensure that the necessary contractual protections are in place.
We will not sell your personal data under any circumstances. We will not transfer your personal data to any third parties unless you have specifically consented to this under our marketing terms, other than to our data processors who will be contractually bound to process your data only in accordance with our instructions and to keep your data secure.
We do not ourselves transfer your personal data outside of the EU/EEA. However, certain of our data processors may do so and where this occurs, such transfer will only be to the USA and will fall under the Privacy Shield.
In accordance with the principle of minimizing data retention, we will retain your personal data only for so long as is necessary for the purposes for which it was acquired, subject to legal and other relevant requirements, in accordance with our data retention policy, as follows:
· Data acquired for contractual purposes – 7 years
· Data acquired through marketing activities – 3 years
At the expiry of the relevant data protection period, personal data will be securely deleted or anonymized.
Your rights include the following:
· The right at any time to withdraw your consent to the processing of your personal data for marketing purposes.
· The right to be informed of what personal data we hold, how we obtained it, whom we may have shared it with and why and how long we intend to keep it.
· The right to have your personal data rectified in the event that it is inaccurate or incomplete.
· The right to request the erasure of your personal data (also called the right to be forgotten), subject to our retention policy.
· The right to restrict the processing of your personal data.
· The right to data portability (i.e. transfer of your personal data at your request to another organization).
· The right to be informed of any automated profiling (We currently do not process your personal data in this manner).
Your rights above can be exercised free of charge by contacting us as described below.
In all cases, we will need to satisfy ourselves of your identity before we can action a subject access request under the applicable law.
We will usually require proof of identity such as an ID card or driver’s license.
If you feel that any of your rights have been infringed, you have the right to lodge a complaint with the Data Protection Authority in your respected country.
HOW TO CONTACT US
If you have any queries about our website or about how we process data, you can contact us as follows:
Cyber Forum GmbH
Domicile Address: Höhestrasse 20, 8702 Zollikon, Switzerland
Email address: email@example.com
02 January 2020