GDPR Compliant Privacy Notice for Ebryx Website
This privacy notice explains how Ebryx processes the personal data you provide when using our website or that are provided by third parties. Ebryx is a leading cybersecurity and engineering solutions company with vast experience in Security Product Engineering, Malware Research and Managed Services for customers around the world. With presence in North America, South East Asia, and the Gulf, Ebryx has a track record of success worldwide in enabling entities to achieve their technology objectives competitively. and, as site owner, acts as data controller to which your personal data may be transmitted to manage the relationship with you and to accommodate your requests. Please read this privacy notice carefully before using our website because it will help you understand what data we collect, how we use and share the data, and what your choices are in that respect.
1. Personal data processed
Through your use of our website, we may collect personal data that you provide, including but not limited to: 1.1 Contact information, such as your first and last name, email address, username, phone number, and home address. 1.2 Your company, job title, and employment status. 1.3 Publicly available information about you collected from third parties. 1.4 Analytical information, such as pages and products viewed, ads clicked on, emails from us that you opened, browser, operating system (“OS”), Internet Protocol (“IP”) address and device information (please refer to our cookie policy for further details). The terms of this privacy notice apply also to personal data received from third parties, unless we inform you otherwise. Ebryx is not responsible for the dissemination of your personal data by third parties.
2. Purposes of the processing
Your personal data may be processed for the following purposes: 2.1 Compliance: to fulfill legal and regulatory requirements. 2.2 Customer services: to provide you with a response to queries (e.g., about services, products and/or warranties) and to provide you information about contests, surveys; to schedule a meeting with an Ebryx representative; to provide you with white-papers, reports, e-books, and other documents about our services, products and business; and to enable you to attend events and webinars. 2.3 Marketing: to send marketing communications (e.g., newsletters on latest trends and technologies, and news regarding our business, events, new products and services, and updates/news on existing products and services) and to conduct market research.
3. The legal bases for processing personal data are the following:
3.1 For purpose (2.1): to fulfill legal obligations. 3.2 For purpose (2.2) to enter into a contract with you to provide customer services as a user or, at your request, to take pre-contractual measures. 3.3 for purpose (2.3) your consent. Providing your personal data is required for the purposes under points (2.1), (2.2) and (2.3); consequently, refusal to provide the requested data or its inaccuracy may prevent Ebryx from providing you with customer services.
4. Methods, place of processing and place of storage of personal data
We will process personal data in accordance with the principles of correctness, lawfulness, and transparency. We maintain appropriate technical, and organizational measures that ensure a level of security appropriate to the risk of unauthorized access to, and accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, personal data transmitted, stored, or otherwise processed. We ensure that our affiliates third-party service providers who access or handle personal data on our behalf maintain the same safeguards. We will process your personal data manually or electronically using automated tools which ensure the security and confidentiality of the data. Your processed data are stored at our registered office or at the office of any external service providers we entrust to store personal data. please contact us If you want to know the list of our external service providers. We will process only personal data necessary for the above purposes. Our employees who are authorized to process personal data will immediately delete or make anonymous personal data unnecessary for the above purposes. If we have provided you, or you have chosen, a password to access certain areas of our website, it is your responsibility for keeping the passwords secure and confidential: Please do not share your password with anyone.
5. Data retention period
Your personal data will be kept by us: 5.1 For advertising material, sending newsletters and other communications on new services/products and news/updates on existing services/products, and for carrying out surveys, answering your queries: for 36 months from their collection, unless it is necessary under, and/or permitted by applicable laws to keep them longer. The data will be deleted or rendered anonymous at the end of the above-listed periods.
6. Data dissemination, sharing and communication
We will disseminate your personal data only to the extent necessary for Ebryx to fulfill the legal and regulatory obligations. Your data may be processed by our employees who are authorized to process personal data for the purposes set out above. Ebryx may also appoint external data processors to manage customer relationship databases; to send newsletters, and/or to carry out surveys. We may share your data with professionals, law firms, and auditors for auditing and due diligence activities. The above entities/individuals will act as autonomous data controllers or data processors. The list of such entities/individuals is kept up-to-date, and you can access it at our office on request. If you are an EU-based individual, please consider that your personal data may be transferred to other related companies of Ebryx or third parties located outside the European Economic Area (EEA). In such cases, Ebryx will take appropriate measures to make sure that appropriate safeguards are in place by verifying that (i) third parties are certified under the Privacy Shield or (ii) Binding Corporate Rules approved by the supervisory authority are in place or (iii) Standard Contractual Clauses approved by the European Commission are entered with the third party. A copy of the appropriate safeguards is available at Ebryx headquarters and on request at dpo@ebryx.com You have the right to obtain confirmation of the existence or non-existence of personal data relating to you.
7. You have the right to be informed of the following:
7.1 The origin of the personal data 7.2 The purpose and methods of data processing 7.3 The logic applied to the data processed electronically 7.4 The identity of the data controller and the data processors 7.5 The identity of the individuals or categories of individuals to whom your personal data may be sent. You have the right to: (a) have your data corrected, updated and supplemented. (b) have the processing of your personal data restricted, any unlawfully processed data erased, made anonymous, or blocked. (c) obtain the personal data you provided, in a structured, common and machine-readable format and to have the data transmitted, directly or through Ebryx, to another data controller (known as data portability).
8. You have the right to object, in whole or in part:
If you believe that we or a person/company to whom we have communicated your data has violated your rights, you may file a complaint with the Data Protection Authority in your country and other competent supervisory authorities.
9. Contact details of the Data Controller and Data Protection Officer
If you need more information on how to exercise your data protection rights, please contact Mr. Syed Talal Hassan, Data Protection Officer, at dpo@ebryx.com Ebryx, whose headquarter is located at Office #1, 4th Floor, Arfa Software Technology Park, 346-B Ferozepur Road, Lahore – Pakistan, acts as the Data Controller of your personal data.