Privacy Policy

This Privacy Policy (“Privacy Policy”) explains how information is collected and used by Cybowall Ltd. (“Cybowall”, “CyFox” or “we”, “us”, “our”).

This Privacy Policy applies to the following:

The data practices on our website, which is available at cybowall.com (“Website”).
The data practices on the cybersecurity service we offer to our customers (“Businesses”), which monitors and helps to protect from cybersecurity threats against organizational networks (our “Service”).
Our relationship with representatives of existing and prospective Businesses that use our Service or are considering using our Service.

We respect your privacy and are committed to protecting it. Please read this Privacy Policy carefully.

PERSONAL DATA PROCESSED

We collect and process your information when you request a demo or when you submit an inquiry through our Website
When you submit an inquiry through our Website or request to get access to a demo of the Service, we will collect your full name, company name and corporate email address.

We refer to this type of data as “Contact Information”.

We collect and process registration information from a Business’s representatives signing up as users of the Service
When a representative of an existing or prospective Business signs up as a user of the Service (a “User”), we collect that representative’s contact details such as name, email, phone number, position, and company.

We refer to this data as “Sign-Up Information”.

You do not have a legal obligation to provide us with your Contact Information or Registration Information. However, if you choose to not share this information with us, we may not be able to respond to your inquiry or provide you with a demo.

The provision of our Service involves processing of information of the Business’s organizational users. We do this as a data processor (or service provider) on behalf of the Business
When we provide the Service to a Business, we will process the activity and usage data of the Business’s organizational network users (e.g., the Business’s employees. We do this as a data processor (also known as a service provider) on behalf of the Business.

This data will only include information about the user’s general activities, such as time of access to a certain folder on the network.

We refer to this type of data as “Usage Information”.

We will not have access to, and will not process, the content of documents in the Business’s organizational network, or the emails and messages in Business’s organizational network.

If you are an end user of a Business and would like to obtain more information on the collection and processing of this Usage Information, please contact the Business which is the data controller of your personal data.

We also collect analytics information and logs about your use of the Website or the Service
When you visit the Website or use the Service as a User, we record and collect certain information about your interaction with the Website or the Service, including the IP address from which you access the Website or Service, time and date of access, type of browser used, language used, links clicked, and actions taken while using the Website or the Service.

We refer to this data as “Analytics“.

DATA CONTROLLER

Cybowall is the data controller of the Contact Information, Sign-Up Information, and the Analytics
Cybowall is the data controller of the Contact Information, Sign-Up Information and the Analytics. We determine the purposes and means of processing this data to operate the Website and the Service.

The Business is the data controller of the Usage Information
Each Business is the data controller of its own Usage Information. That Business determines the purposes and means of processing that data, and Cybowall processes that data as a processor (or service provider) on behalf of the Business.

HOW WE PROCESS PERSONAL DATA

To operate, provide and maintain the Website and Service
We process Analytics to provide, maintain and improve your user experience accessing our Website or using our Service, and to troubleshoot problems. We also will use the Analytics for quality assurance and for development and enhancement of the Website and Service.

To respond to your inquiries and handle your request for demo
We process your Contact Information to respond to your inquiries and to handle your demo requests submitted through the Website.

To operate the Service
We process Sign-Up Information to operate and administer your access to and use of the Service as a User.

To enforce the terms and comply with applicable law and judicial orders
We will process your information to prevent fraud, handle and resolve disputes, assist with any investigations, and enforce this Privacy Policy and our Terms and Conditions for the Service.

WHO PROCESSES YOUR DATA

We will not share your information with third parties, except in the events listed below or when you provide us your explicit and informed consent.

We will process information with our service providers helping us to operate our Service.
We will process personal information with the help of our service providers who assist us with the internal operations of the Website and our Service. These companies are authorized to use your personal information in this context only as necessary to provide these services to us and not for their own promotional purposes.

We will share information with competent authorities, if you abuse your right to use the Website or the Service or violate any applicable law.
If you abused your rights to use the Website or the Service, or violated any applicable law, we will share information with competent authorities and with third parties (such as legal counsels and advisors), for the purpose of handling of the violation or breach.

We will share your information if we are legally required.
We will share information if we are required to do so by a judicial, governmental, or regulatory authority.

We will share your Information with third parties in any event of change in our structure.
If the operation of our company is organized within a different framework, or through another legal structure or entity (such as due to a merger or acquisition), we will share information only as required to enable the structural change in the operation of our company.

COOKIES

What are cookies?
Cookies are text files, comprised of small amount of data, that are saved on your computer or other device (e.g., smartphone, tablet, etc.) when you use the internet and visit various websites.

The information that cookies maintain is read by the website you visit, during the session of your visit to the website (these are called ‘session’ cookies), and when you return to visit it again (these are called ‘persistent’ cookies).

We use cookies necessary to operate the Website and for the Website’s performance.
We use cookies for a number of purposes, as briefly explained below:

Necessary. Cookies that are strictly necessary for the functioning of the Website or the Service. The Website cannot operate properly without these cookies. You can set your browser to block or alert you about these cookies, but some parts of the Website may not function properly.

Functional. These cookies that are used to enhance the functionality of the Website or Service by remembering your preferences on the Website. They are not essential for the Website’s operation, but some functions may become unavailable if you set your browser to block them.

Performance. Cookies that are used to collect Analytics information about your use of the Website, which then help us to understand how the Website and the Service are used, and consider ways to improve the Website and the Service.

You can always delete or disable cookies.
You can always delete the cookies saved on your device through the settings of your computer browser or device. You can also disable cookies for future use through the settings of your computer browser or device.

SECURITY AND DATA RETENTION

We retain your Contact Information, Sign-Up Information and Analytics for as long as we need it for business purposes, and thereafter as needed for record-keeping matters.
We will retain Contact Information, Sign-Up Information and Analytics for the duration needed to support our ordinary business activities in operating the Website and the Service. Thereafter, we will still retain it as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims and enforce our agreements.

We will retain the Usage Information in accordance with the Business’s instructions and only while the Business uses the Service.
We will retain Usage Information pursuant to the Business’s instructions, and only for the duration needed to provide the Service to the Business.

We implement measures to secure your Information
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. These include encryption for data in transit and at rest. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure personal information, it is not guaranteed, and you cannot expect that the Website or Service will be immune from information security risks.

INTERNATIONAL DATA TRANSFERS

We will internationally transfer information in accordance with applicable data protection laws.
If we transfer your personal data for processing at locations outside your jurisdiction, we will abide by data transfer rules applicable to these situations.

ADDITIONAL INFORMATION FOR INDIVIDUALS IN THE EU OR UK

Cybowall as the data controller
The following is the contact information of Cybowall, the data controller of the Contact Information, Sign-Up Information, and the Analytics:

Cybowall Ltd.

94 Yigal Alon,

Tel Aviv 6789139, Israel

Email: [email protected]

Legal basis under for processing your personal data.
The legal basis for processing Analytics is our legitimate interest in maintaining, developing, and enhancing the Website and the Service.

The legal basis for processing your Contact Information for the purpose of responding to and handling your inquiries and demo requests is our legitimate interests in responding to your inquiry or demo request.

The legal basis for processing your Sign-Up Information is our legitimate interests administering your access to and use of the Service.

The legal basis for processing your information for the purpose of handling instances of abusive use of the Website or the Service is our legitimate interests in defending and enforcing against violations and breaches that are harmful to our business.

The legal basis for processing your information where we are legally required to share it, is our legitimate interests in complying with mandatory legal requirements imposed on us.

The legal basis for processing your information in the event of a change in our corporate structure is our legitimate interests in our business continuity.

You have certain rights to access, update or delete information, obtain a copy of your information, and object or restrict certain data processing activities.
If you are in the EU or UK, you have the following rights under the GDPR regarding the information we process as a controller:

Right to Access your personal data and receive a copy of it.

Right to Rectify inaccurate personal data about you and to have incomplete personal data completed.

Right to Data Portability, that is, to receive the personal data that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another service provider. Where technically feasible, you have the right that your personal data be transmitted directly from us to the service provider you designate.

Right to Object, based on your particular situation, to use your personal data on the basis of our legitimate interest, including processing your information for marketing purposes. However, in cases other than processing your information for marketing purposes, we may override the objection if we demonstrate compelling legitimate grounds, or for the establishment, exercise of defense of legal claims. You may also object at any time to the use of your personal data for direct marketing purposes.

Right to Restrict the processing of your personal data (except for storing it) if: (i) you contest the accuracy of your personal data, for a period enabling us to verify its accuracy; (ii) you believe that the processing is unlawful and you oppose the erasure of the personal data and request instead to restrict its use; or (iii) we no longer need the personal data for the purposes outlined in this Privacy Policy, but you require them to establish, exercise or defense relating to legal claims, or if you object to processing, pending the verification whether our legitimate grounds for processing override yours.

Right to be Forgotten. Under certain circumstances, such as when you object to us processing your data and we have no compelling legitimate grounds to override your objection, you have the right to ask us to erase your personal data. However, we may still process your personal data if it is necessary to comply with a legal obligation, where we are subject to under laws in EU Member States or the UK, or for the establishment, exercise or defense of legal claims.

If you wish to exercise any of these rights, please contact us at: [email protected]

We reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you the information that you have asked for, we will explain the reason for this.

If you are the data subject of the Usage Information we process on behalf of a Business (i.e., a Business’s end-user), and would like to exercise any of your EU or UK rights, please contact the Business.

You have a right to submit a complaint to the relevant supervisory data protection authority.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint to the supervisory authority, particularly in the Member State of your residence, place of work or place of an alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.

If you are in the UK, you can lodge a complaint to Information Commissioner’s Office (ICO) pursuant to the instructions provided here.

CCPA INFORMATION FOR CONSUMERS RESIDING IN CALIFORNIA

CCPA INFORMATION FOR CONSUMERS RESIDING IN CALIFORNIA

This is the personal information we have collected over the past 12 months when we operate as a “business” under the California Consumer Privacy Act (CCPA):

Categories of Personal Information	Specific Types of Personal Information Collected	Source of Information
Identifiers	Name, work email address	The consumer themselves
Information that identifies, relates to, describes, or is capable of being associated with, a particular individual	Subject of your inquiry	The consumer themselves
Professional or employment-related information	Company name	The consumer themselves or the Business they are associated with
Commercial information, including products or services purchased, obtained, or considered	Subject of your inquiry expressing interest in our Platform Information relating to the engagement between us and the Business which is made with the involvement of the consumer as a representative of the Business	The consumer themselves or the Business they are associated with
Internet or other electronic network activity information	IP address from which you access the Website or Platform, time and date of access, type of browser used, language used, links clicked, and actions taken while using the Website or Service	The consumer’s device

The following are the CCPA business or commercial purposes for which we use each category of personal information. Details about the information we collect for each category are provided in the table above. More details about the business or commercial purposes are provided in the privacy policy’s section titled ‘HOW WE PROCESS PERSONAL DATA’.

Please note that we do not sell your data and we have not done so in the preceding 12 months.

Categories of Personal Information	Business or commercial purposes pursuant to the CCPA
Identifiers	Providing customer service, processing or fulfilling orders and transactions, verifying customer information Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, prosecuting those responsible for that activity Undertaking internal research for technology development and demonstration Undertaking activities to verify or maintain the quality of the Service and to improve, upgrade or enhance the Service Debugging to identify and repair errors
Professional or employment-related information
Commercial information, including products or services purchased, obtained, or considered
Information that identifies, relates to, describes, or is capable of being associated with, a particular individual
Internet or other electronic network activity information

The following rights apply only to a California resident who is not a representative of a Business using our Service, and only in relation to personal information that is not in the context of the Business using our Service:

Disclosure of Personal Information We Collect About You. You have the right to know:

The categories of personal information we have collected about you;
The categories of sources from which the personal information is collected;
Our business or commercial purpose for collecting personal information;
The categories of third parties with whom we share personal information, if any;
The specific pieces of personal information we have collected about you.

Right to Deletion. Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

Delete your personal information from our records; and
Direct any service providers to delete your personal information from their records.

Please note that we may not delete your personal information if it is necessary to:

Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
Debug to identify and repair errors that impair existing intended functionality;
Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
Comply with the California Electronic Communications Privacy Act;
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
Comply with an existing legal obligation; or
Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Protection Against Discrimination. You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:

Deny goods or services to you;
Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
Provide a different level or quality of goods or services to you; or
Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Designate an authorized agent to submit CCPA requests on your behalf. You may designate an authorized agent to make a request under the CCPA on your behalf. To do so, you need to provide the authorized agent written permission to do so and the agent will need to submit to us proof that they have been authorized by you. We will also require that you verify your own identity, as explained below.

If you would like to exercise any of your CCPA rights as described above, you should email us to: [email protected].

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you, by using a two or three points of data verification process, depending on the type of information you require.

CHANGES TO THIS PRIVACY POLICY

If we change this Privacy Policy, we will make efforts to proactively notify you of such changes.
From time to time, we may change this Privacy Policy. If we do so, we will make efforts to proactively notify you of such changes. In any event, the latest version of the Privacy Policy will always be accessible on the Website.

Last Update: March 2022