General Privacy Information

CyberLift respects your privacy and is committed to protecting your personal data. This privacy policy outlines how we collect, use, and safeguard information in connection with our digital security awareness and cyber hygiene training services.

2026/01/23 CyberLift [email protected]

Definitions

To facilitate understanding, the following definitions apply throughout this privacy policy, referring to data protection and service concepts relevant to CyberLift's offerings.

Personal data means any information relating to an identified or identifiable individual who uses CyberLift's training services.
Processing refers to any operation performed on personal data, including collection, storage, use, or deletion.
User denotes any individual participating in or interacting with CyberLift's digital security training programs.
Service refers to the digital security awareness and cyber hygiene training provided by CyberLift via its platform and related channels.
Cookies are small text files stored on users' devices to help improve user experience and enable certain website functionalities.

Data Collection Practices

CyberLift collects various types of data necessary to deliver and improve its training services while maintaining compliance with applicable privacy standards.

User-Provided Data

Users may provide information directly through forms, registrations, or communications related to the services offered by CyberLift.

  • Full name and contact details including email address
  • Company and job position information for tailored training experiences
  • Feedback, survey responses, and training evaluation inputs
  • Login credentials and account settings
  • Payment information submitted during transaction processes
  • User preferences and communication consents

Automatically Collected Data

CyberLift's platform gathers certain data automatically to optimize service delivery and security management.

  • Device information including browser type and operating system
  • IP addresses used during service access
  • Usage statistics such as pages visited and time spent on platform
  • Log files recording access and error reports
  • Cookies identifying preferences and sessions
  • Geolocation data when explicitly enabled by the user

Third-Party Data Sources

To enhance service offerings, CyberLift may receive personal data from trusted external providers under strict confidentiality and legal compliance.

  • Verification services confirming user identity for account creation
  • Payment processors handling secure transactions
  • Marketing partners facilitating communication preferences

Purposes of Data Processing

The collected data supports multiple objectives aimed at delivering effective training while respecting user privacy.

  • Enabling user registration and account management
  • Delivering personalized digital security awareness content
  • Facilitating secure payment processing
  • Improving service performance and user experience
  • Complying with legal and regulatory obligations
  • Conducting analytics to better understand user engagement
  • Communicating updates, offers, and relevant information
  • Protecting platform integrity and preventing unauthorized access

Legal Basis for Data Processing

CyberLift processes personal data based on applicable Swiss and EU data protection laws using appropriate legal grounds.

  • Consent provided by the user for specific services
  • Performance of a contract to deliver training services
  • Compliance with legal obligations applicable to CyberLift
  • Legitimate interests such as ensuring security and service improvement

Compliance with GDPR and Swiss Data Protection Laws

CyberLift adheres to GDPR provisions where applicable, safeguarding rights and freedoms of data subjects.

  • Right to access personal data collected and processed
  • Right to request rectification or completion of inaccurate data
  • Right to erasure of data under certain conditions
  • Right to restrict or object to data processing
  • Right to data portability when applicable
  • Right to withdraw consent at any time without affecting prior processing

Cookies and Tracking Technologies

CyberLift uses cookies to enhance functionality, analyze usage, and personalize interactions within the training platform.

Cookies include session cookies required for platform operation, persistent cookies for remembering preferences, and third-party cookies for analytics and marketing.

Categories range from strictly necessary cookies essential for service access, to performance, functional, and advertising cookies that improve user experience and provide relevant content.

Users can control cookie settings through their browser preferences or platform options, including opting out of non-essential cookie usage where applicable.

See our full Cookie Policy for detailed information and management instructions.

Data Sharing and Disclosure

Personal data may be shared with trusted third parties strictly for the purpose of supporting CyberLift's services or complying with legal requirements.

  • Service providers assisting with payment processing and technical support
  • Legal authorities when mandated by law or regulation
  • Marketing partners with user consent for communications
  • Subcontractors delivering portions of the training service infrastructure
  • Compliance and audit entities to ensure lawful operation
  • Data is never sold to third parties for advertising or unrelated commercial purposes

International Data Transfers

When personal data is transferred outside Switzerland or the European Economic Area, CyberLift ensures adequate safeguards are in place in accordance with legal standards to protect user data.

Safeguards include standard contractual clauses, adherence to privacy shield frameworks where applicable, and data processing agreements imposing strict confidentiality obligations.

Data Retention Policy

CyberLift retains personal data only as long as necessary for training service delivery and compliance with legal obligations.

Account information is kept for the duration of the user relationship plus a limited period thereafter for administrative purposes.

Communications such as support inquiries are stored in accordance with operational needs and legal timelines.

Access logs and security event records are retained for a predefined period to monitor and ensure platform integrity.

Upon request or when no longer needed, personal data is securely deleted or anonymized following industry best practices.

Data Security

CyberLift implements appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction.

  • Encryption of sensitive data during transmission and storage
  • Regular security audits and vulnerability assessments
  • Access control mechanisms restricting data to authorized personnel only

User Rights

Users are entitled to exercise their data protection rights and may contact CyberLift to make related requests.

  • Access rights to review personal data held by CyberLift
  • Correction rights to update inaccurate or incomplete data
  • Data deletion requests under qualifying circumstances
  • Objection to processing based on legitimate interests
  • Request for data portability to receive data in a commonly used format
  • You have the right to data portability, allowing you to obtain and reuse your personal data across different services.
  • You can object to the processing of your personal data in certain cases, including direct marketing purposes.
  • You have the right to withdraw your consent at any time where processing is based on consent, without affecting the legality of processing before withdrawal.

Submitting a Data Access or Correction Request

To exercise any of your data protection rights, you may submit a request by contacting us via our official communication channels. We require sufficient information to verify your identity and process your request accurately.

[email protected]

We endeavor to respond to your data rights requests within 30 calendar days from receipt, but complex cases might take longer, in which case we will inform you accordingly.

Marketing Communications

CyberLift respects your communication preferences. We only send promotional content with your prior consent and handle your information in compliance with applicable privacy laws in Switzerland.

You may unsubscribe from marketing communications at any time by clicking the ‘unsubscribe’ link available in all promotional emails or contacting our support.

Privacy of Minors

CyberLift does not knowingly collect or process personal data of children under the age of 16. If you believe we have such data, please contact us for prompt deletion.

Links to Third-Party Websites

Our website may include links to external websites. CyberLift is not responsible for the privacy practices or content of those third-party sites and encourages users to review their privacy policies.

Updates to Privacy Policy

CyberLift may update this privacy notice periodically to reflect changes in our practices or legal requirements. We encourage reviewing this document regularly for any updates.