We, at Cygon Ltd. (the “Company”, “we”, “us”, or “our”) are committed to protecting your personal information and your right to privacy. Through our advanced technology solutions, we enable venues to analyze visitor behavior in a secure manner, using privacy-by-design principles to prevent unlawful behaviors.
This privacy policy (the “Privacy Policy”) only describes how we collect or process information from and about our website visitors, how we use it, and what rights you have in relation to it.
Please be noted that this Privacy Policy does not cover the data we process as part of the Services we provide to our customers. Such processing activities are covered by our separate Customers Privacy Policy.
By browsing our website, you agree to this Privacy Policy in addition to any other agreements we might have with you. In the event that such agreements contain terms that conflict with this Privacy Policy, the terms of those agreements will prevail. This Privacy Policy does not govern the practices of entities that our Company does not own or control, including the venues where our Services are deployed, or entities that do not own or control our company or people that our Company does not employ or manage.
This Privacy Policy applies to all information collected through our websites and/or any related services, sales, or marketing activities and any other platform by which we may choose to provide our services (we refer to them collectively in this Privacy Policy as the “Services”).
Please read this Privacy Policy carefully as it will help you make informed decisions about sharing your personal information with us.
PRIVACY BY DESIGN
We have implemented 'privacy by design' principles as a fundamental approach to protecting personal information through our Services. This means privacy safeguards are proactively built into our technology architecture and business practices from the ground up. Our commitment to privacy by design is demonstrated through the following measures:
Default Privacy Protection: We adhere to strict data minimization principles, collecting and processing only the personal data that is essential to provide our services. Our systems are configured with privacy-protective default settings that minimize data collection to only what is necessary for our Services to function.
Proactive Data Minimization: We collect and retain personal information only where there is a lawful basis and purpose and we regularly review and delete unnecessary data.
End-to-End Security: We employ industry-standard encryption and security protocols throughout the data lifecycle - from collection through processing, storage and eventual deletion.
Transparency: We maintain clear documentation of our data practices.
Regular Assessments: We conduct periodic privacy impact assessments to identify and address potential privacy risks in our systems and processes.
These privacy-protective measures are continuously reviewed and enhanced to ensure we maintain the highest standards of data protection across our Services.
WHAT INFORMATION DO WE COLLECT?
Personal information website visitors, customers and/or prospects disclose to us
We collect personal information that our customers or prospects voluntarily provide to us when registering to the Services, when contacting us through the Services, expressing an interest in obtaining information about us or our products and services, when we correspond with you as a customer or prospective customer or otherwise contacting us.
Our website includes contact forms through which users may request information, schedule a meeting, or ask to be contacted by a company representative. By submitting these forms, users consent to be contacted via communication methods they provide, including email, phone call, or other available channels. The information provided will be used solely for the purpose of addressing the inquiry and providing relevant company updates if requested.
The personal information we collect from customers and prospects can include the following:
Your full name, phone number, email address and physical address.
All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.
Information automatically collected from website visitors
We automatically collect certain information when you visit, use or navigate the Services. For our marketing website (www.cygon.io), we use cookies and similar tracking technologies to analyze traffic patterns and usage. For registered customers accessing our Services, we use cookies for authentication and permissions management purposes. This information does not reveal your specific identity (like your name or contact information) but may include your timezone, country, and location data. This information is primarily needed to maintain the security and operation of our Services, authenticate users, and for our internal analytics and reporting purposes.
HOW DO WE USE YOUR INFORMATION?
We process personal information directly collected via our Services for the lawful bases and business purposes specifically described below. These lawful bases are, depending on the specific case, as listed below: our legitimate interests (the “Legitimate Interests”), in order to enter into or perform a contract with you (“Contractual”), with your consent (“Consent”), and/or for compliance with our legal obligations (“Legal Reasons”). We indicate the specific processing grounds we rely on next to each purpose listed below.
We process the data we collect or receive from our website visitors:
To facilitate account creation and login process with your Consent.
To send you marketing and promotional communications for Legitimate Interests and/or with your Consent. We and/or our third party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our marketing emails at any time (see the "Your Privacy Rights" below).
To send administrative information to you for Legitimate Interests, Legal Reasons and/or possibly Contractual reasons. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
To protect our Services for Legitimate Interests and/or Legal Reasons. We may use your information as part of our efforts to keep our Services safe and secure (for example, for data breach monitoring and prevention).
To enforce our terms, conditions and policies for Legitimate Interests, Legal Reasons and/or Contractual reasons.
To respond to legal requests and prevent harm for Legal Reasons. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
WILL YOUR INFORMATION BE SHARED WITH ANYONE?
We only share and disclose your information in the following situations:
Compliance with Laws. We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
Vital Interests and Legal Rights. We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, our customers' policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work, only where such data transfer is legally allowed. Examples may include: data analysis, email delivery, database management services, customer service and marketing efforts. We may allow selected third parties to use certain technologies on the Services, which will enable them to collect data about how our customers or website visitors use the Services over time. This information may be used to, among other things, analyze and track data, determine the use of certain content and better understand online activity. We may integrate with third-party platforms to manage CRM activities, customer communication, and support services. These integrations may involve processing personal information such as contact details or support requests, strictly for business communication purposes and under agreements that ensure appropriate privacy and data protection practices. Unless described in this Privacy Policy, we do not share, sell, transfer, rent or trade any of your information with third parties for their promotional purposes.
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries or other companies that we control or that are under common control with us.
DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
We may use "cookies" for our regular and proper operation, including in order to collect statistical data about the use of our website, to verify user details, to adapt the Services to your personal preferences and for information security purposes.
We may use third-party analytics tools (such as cookies) to better understand how visitors interact with our website and marketing campaigns. These tools may help us measure traffic, improve website performance, evaluate feature interest, and optimize marketing efforts. They may include technologies that collect information about pages visited, user flows, engagement metrics, or how users reached the site. The data collected is used solely to enhance our services, content relevance, and user experience.
Modern browsers include an option to avoid receiving cookies. If you don't know how to do this, check the help file of the browser you are using.
We may allow other parties to manage our marketing activities. Ads you may see when visiting the Services may come from the computers of those parties. To manage their advertisements, these parties place cookies on your computer. The cookies allow these parties to collect information about viewing the advertisements they have placed and which advertisements you have viewed. The use of cookies by these parties is subject to their privacy policy and not to this Privacy Policy. See for example Google's privacy policy on the subject.
IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
Our servers may be located in remote cloud environments located outside of your territory of residence. In addition, please be aware that your information may be transferred to, stored, and processed by us in any other country in which our Company or agents or contractors maintain facilities, and by using our Services, you consent to any such transfer of information outside of your country.
The Company is committed to subjecting all personal information received from European Union (EU) member countries, in reliance on the Standard Contractual Clauses Framework’s applicable Principles.
HOW LONG DO WE KEEP YOUR INFORMATION?
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
HOW DO WE KEEP YOUR INFORMATION SAFE?
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the services within a secure environment.
DO WE COLLECT INFORMATION FROM MINORS?
We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Service. If we learn that personal information from users less than 18 years of age has been collected, we may deactivate the account and take reasonable measures to promptly delete such data from our records.
It shall be clarified that the Company explicitly prohibits any submission of minors related content and/or personal data and such shall only be provided to the Company and/or sent to it only after obtaining the express and informed consent of the minors' parents or legal guardians. By providing us any personal data relating to minors, you hereby represent that you are such minors' parent or legal guardian and explicitly consent to the processing of such personal data.
WHAT ARE YOUR PRIVACY RIGHTS?
In some regions (like the European Economic Area), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please contact us cto@cygon.io. We will consider and act upon any request in accordance with applicable data protection laws.
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our terms of use and/or comply with legal requirements.
Opting out of email marketing: You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send or by contacting us using the details provided below. You will then be removed from the marketing email list – however, we will still need to send you service-related emails that are necessary for the administration and use of your account. You can also opt-out by:
Noting your preferences at the time you register your account with the Services.
Logging into your account settings and updating your preferences.
Contacting us using the contact information provided below
CALIFORNIA RESIDENTS SPECIFIC PRIVACY RIGHTS
The Company may also be subject to the CCPA/CPRA, the California consumer privacy law, which extends to individual Californian consumers various rights that align to a significant degree with the rights granted to most European residents under the GDPR with respect to their personal data/information. If you are a consumer based in California, the rights you have include:
(i) Right to Disclosure: right to request The Company to disclose to you: (a) the categories of personal information collected by us; (b) the categories of sources from which the personal information is collected; (c) the business or commercial purpose for collecting or selling personal information (please be noted that we don’t sell your personal information); (d) the categories of third parties with whom we share personal information; (e) the specific pieces of personal information we have collected about you, the consumer — in all cases upon a verifiable consumer request (“VCR”).
If we receive a verifiable consumer request (VCR) to access personal information, we will promptly take steps to disclose and deliver, free of charge, the personal information required by law, which may be delivered by mail or electronically. If delivered electronically. We are not required to respond to your VCRs more than twice in a 12-month period. You can make a VCR either by completing our contact form on our Services, or sending such a request to The Company’s mailing address set forth at the end of this Privacy Policy.
(ii) Right to Deletion: We are required to disclose to you that you have the right to request that your personal information will be deleted. If a deletion VCR is received by us, we will delete your personal information from our records and direct any of our service providers to which we have provided such information to delete your personal information from their records. Notwithstanding the above, we are not required to comply with your VCR to delete personal information if we need to retain the personal information for the following purposes: (a) to complete the transaction for which personal information was collected, such as providing a product or Service requested you, or which is reasonably anticipated within the scope of our business relationship with you, or to perform a contract with you; (b) to detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for activity; (c) to debug to identify and repair errors that impair intended functionality; (d) to exercise our right to free speech or ensure the right of another consumer to exercise free speech or another right provided by law; (e) to comply with the California Electronic Communications Privacy Act; (f) to enable solely internal uses reasonably aligned with consumer expectations based on our business relationship with you; (g) to comply with a legal obligation; or (h) otherwise to use personal information internally in a lawful manner compatible with the context in which you provided the information.
(iii) Non-Discrimination: The CCPA/CPRA require that no subject business shall discriminate against you if you exercise your rights under this law, including by: (a) denying goods or services to you/the consumer; (b) charging different prices or rates for goods or services, whether through discounts, other benefits or imposing penalties; (c) providing a different level of goods or services, or suggesting that you will receive a different price, rate, level or quality of goods or services.
Our obligations to you under the CCPA/CPRA will not prevent our ability to: (i) comply with federal, state or local laws; (ii) comply with civil, criminal or regulatory inquiry, investigation, subpoena or summons; (iii) cooperate with law enforcement agencies; (iv) exercise or defend legal claims; (v) use personal information that is deidentified or in the aggregate; (vi) collect personal information to extent every aspect takes place outside of California; (vii) avoid violation of an evidentiary privilege under California law, or provide personal information to a person covered by such a privilege.
DO WE MAKE UPDATES TO THIS POLICY?
We may update this Privacy Policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.
HOW CAN YOU CONTACT US ABOUT THIS POLICY?
If you have questions or comments about this policy, email us at cto@cygon.io.