Privacy Policy

Last updated: June 2026

This Privacy Policy explains what personal data is processed in connection with the website cybersec.cy and the security and IT outsourcing services offered through it, how that data is used and protected, and what rights you have as a data subject. Processing is carried out in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, the "GDPR") and the Cyprus Law providing for the Protection of Natural Persons with regard to the Processing of Personal Data (Law 125(I)/2018).

1. Who processes your data

The data controller is an independent provider of information-security and IT services operating the website cybersec.cy under the trading name "CYBERSEC CYPRUS" (Republic of Cyprus). For any question about your personal data, contact manager@cybersec.cy.

2. What data we collect

• Contact data you provide yourself: name, email address, company name and the content of your message — when you email us.
• Technical data collected automatically when you visit the site: IP address, browser and device type, date and time of the visit. This data is processed by our hosting provider (GitHub Pages) and content-delivery network (Cloudflare) for the security and availability of the site.

The site does not use advertising cookies and does not carry out behavioural tracking.

3. Purposes and legal bases

• Responding to your enquiries and providing services — legal basis: your consent and/or pre-contractual / contractual steps (Art. 6(1)(a), 6(1)(b) GDPR).
• Keeping the site secure and operational — legal basis: legitimate interest (Art. 6(1)(f) GDPR).
• Complying with legal obligations (for example accounting and tax) — Art. 6(1)(c) GDPR.

4. Sharing with third parties

We do not sell your data. Data may be processed by our infrastructure providers acting as processors: GitHub, Inc. (site hosting) and Cloudflare, Inc. (CDN and protection), as well as our email provider. Where data is transferred outside the EEA, EU Standard Contractual Clauses apply.

5. Retention

We keep correspondence and related data for as long as necessary to respond and provide services, and thereafter within the periods required by law (generally up to 6 years for documents related to contracts and accounting). Technical logs are kept for a limited time by our infrastructure providers.

6. Your rights

Under the GDPR you have the right to:

• access your personal data and obtain a copy;
• rectify inaccurate data;
• erase data ("right to be forgotten");
• restrict or object to processing;
• data portability;
• withdraw consent at any time;
• lodge a complaint with the supervisory authority — the Commissioner for Personal Data Protection of the Republic of Cyprus (dataprotection.gov.cy).

To exercise your rights, email manager@cybersec.cy.

7. Changes to this policy

We may update this Policy from time to time. The current version is always published on this page with its last-updated date.

© 2026 CYBERSEC CYPRUS · Part of the PALANIT studio