READ

Privacy Policies

READ

Privacy Policies

READ

Privacy Policies

Privacy Policies

Updated Date: Sep 18, 2025, 12:00 AM

  1. Introduction.


    The privacy policy of Ciberalia adheres to international and European data protection legislation (GDPR). Furthermore, Ciberalia aims to inform the user through this document about their rights and obligations regarding the privacy of their data, and to explain the reasons behind the storage and usage of the data.

  2. Data Collected by Ciberalia.


    Ciberalia collects all information entered into the application by the user and stores it on its own servers or on the servers of Ciberalia's storage provider. Since it is a Cloud service, storage on servers is a necessity for the application to function, hence the user acknowledges this fact. Ciberalia categorizes data into two groups: user data and account data. User data includes the user’s name and personal information, as well as photographs or other documentation that the user chooses to upload to the application within the account information and contact information sections. Account data pertains to the business account created by the user in any of its forms: Sole Trader, Personal Civil Partnership, or Limited Liability Company, which includes billing information, expenses, contacts, employees, and products. Finally, Ciberalia collects connection device data through cookies. The user can disable cookies in their browser to prevent Ciberalia from collecting such information should they choose. This information is used to conduct studies on navigation and access to the application, as well as the use thereof. Navigation information includes device type and characteristics, location, and connection times.


  3. Who is Responsible for Processing Your Data?


    Identity: CYDOO CYBERSECURITY SERVICES S.L Address: Calle Gran Vía Carlos II núm. 98 10th floor 08028 Barcelona, Spain. Email: info@cydoo.com


  4. What is the Purpose of Processing Your Personal Data?


    At Ciberalia, we process the information provided by individuals to offer and/or market the products and/or services offered by our firm. Particularly, based on legitimate interest as regulated in the GDPR, Ciberalia may send commercial promotions, newsletters, and other information of interest to all individuals who have registered for webinars or other events promoted by Ciberalia.


  5. How Long Do We Retain Your Data?


    The personal data provided will be retained for a necessary period for the service or product requested and during the legally established deadlines.


  6. What is the Legal Basis for Processing Your Data?


    The legal basis for processing your data is the consent of the affected party, the execution of a service contract, and responding to your inquiries received through the contact form or email (in accordance with the terms and conditions in our privacy policy).


  7. To Whom Will Your Data Be Disclosed?


    The data will not be disclosed to third parties except due to a legal obligation.


  8. What Are Your Rights When You Provide Us with Your Data?


    Anyone has the right to know whether Ciberalia is processing personal data concerning them. Interested individuals have the right to access their personal data, as well as to request the correction of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. In certain circumstances, individuals may request the restriction of the processing of their data, in which case we will only retain them for the exercise or defense of claims. You can materially exercise your rights by sending an email to info@cydoo.io, properly identifying yourself, and clearly indicating the specific right you wish to exercise. If you have given consent for a specific purpose, you have the right to withdraw consent at any time, without affecting the legality of the processing based on the consent prior to its withdrawal. If you feel your rights regarding the protection of your personal data have been violated, especially if you have not obtained satisfaction in the exercise of your rights, you may submit a claim before the competent Data Protection Control Authority through its website: www.agpd.es


  9. How Did We Obtain Your Data?


    All personal data obtained by Ciberalia have been directly supplied by the user. We do not process special categories of personal data in accordance with Article 9 of the EU General Data Protection Regulation (personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership).


  10. Access and Modification of User Data


    The user may modify their user data or the accounts they own at any time. Ciberalia does not store modified information, so once the user modifies or deletes the information, it will be permanently lost within the application.


  11. The Data We Share


    We do not share personal information with companies, organizations, or individuals unrelated to Ciberalia unless one of the following circumstances applies: Consent: We will share your personal data with companies, organizations, or individuals outside Ciberalia when you have given us your consent to do so. Your consent will be necessary to share specially protected personal data. External Processing: We provide personal information to our affiliates or other trusted persons or companies to process it on behalf of Ciberalia, following our instructions and in accordance with our Privacy Policy, and adopting other appropriate security and confidentiality measures. Legal Reasons: We will share your personal data with companies, organizations, or individuals outside Ciberalia if we believe in good faith that there is a reasonable need to access, use, maintain, or disclose that data to: comply with applicable legislation or regulations or respond to any request from an administrative or judicial body, enforce the current Terms of Service, including the investigation of possible violations, detect or prevent any fraud or technical or security incident, or to support this in any other way, protect the rights, property, or safety of Ciberalia, our users, or the public as required or permitted by applicable law. Ciberalia expressly informs the PARTNER that it reserves the right to use client data in the development, preparation, testing, and, in general, non-productive environments of Ciberalia, primarily to enhance the platform and for the development and customer success teams to identify errors and anomalies. The PARTNER declares to be aware of this practice and, when necessary, declares its acceptance.


  12. Data Security


    Security is paramount for Ciberalia. Currently, data storage services are handled by specialized providers with security certifications and anti-hacking systems. Ciberalia has chosen to outsource storage to ensure that the provider meets the highest security standards, at levels that Ciberalia could not achieve with its own storage servers.


    We strive to protect Ciberalia and our users against any unauthorized alteration, disclosure, or destruction of the data we hold against unauthorized access. Specifically: We encrypt many of our services using SSL protocol. We review our data collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems. We limit contractor, agent, and employee access to personal information needed to process for Ciberalia and ensure that they are bound by strict contractual confidentiality obligations and are subject to relevant disciplinary actions or dismissal if they fail to meet these obligations. Our Privacy Policy applies to all services offered by Ciberalia and its affiliates, including Ciberalia, but excludes those services subject to independent privacy policies that do not incorporate this Privacy Policy.


  13. When Does This Privacy Policy Apply?


    Our Privacy Policy applies to all services offered by Ciberalia and its affiliates, including Ciberalia, but excludes those services that are subject to independent privacy policies that do not incorporate this Privacy Policy.


  14. Law Compliance


    At Ciberalia, we regularly verify our Privacy Policy compliance. Additionally, we adhere to different codes of self-regulation. In the case of receiving a formal written complaint, we will contact the person who made the complaint to follow up on it. We will work with competent regulatory authorities, including local data protection authorities, to resolve any claims related to the transfer of personal data that we have not been able to resolve directly with the user.


  15. Modifications


    Our Privacy Policy may be modified at any time. We will not limit the rights you have under this Privacy Policy without your express consent. We will post all modifications to this Privacy Policy on this page, and if significant, we will make a more prominent notification (e.g., we will send you an email notification if the modification affects certain services). Additionally, we will archive previous versions of this Privacy Policy so you can review them.


    When we need to obtain information from you, we will always ask you to voluntarily provide it by giving your express consent through the means enabled for that purpose. The processing of data collected through the website's data collection forms or other means will be incorporated into the Record of Processing Activities for which Ciberalia is responsible. Ciberalia treats the data confidentially and adopts appropriate technical and organizational measures to ensure a security level appropriate to the processing, in compliance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, and other applicable data protection regulations. However, Ciberalia cannot guarantee the absolute invulnerability of systems and therefore does not assume any responsibility for damages arising from alterations that third parties may cause in users' computer systems, electronic documents, or files. If you choose to leave our website through links to websites not belonging to our entity, Ciberalia is not responsible for the privacy policies of those websites or the cookies they may store on the user's computer. Our policy regarding the sending of our emails focuses on delivering only those communications that you have opted to receive. If you prefer not to receive these emails, we will offer you the opportunity to exercise your right to cancel and opt-out of receiving these messages, in accordance with Title III, Article 22 of Law 34/2002 on Services for the Information Society and Electronic Commerce.