Privacy Policy

Table of Contents

  1. Privacy Notice

  2. Scope & Applicability

  3. What Personal Data We Collect & Process

  4. Where We Obtain Your Personal Data From

  5. How We Use Your Personal Data

  6. Lawful Bases for Processing Your Personal Data

  7. Consent Withdrawal

  8. When We Share Your Personal Data with Third Parties

  9. Cross-border Data Transfers

  10. Cookies & Tracking Technologies

  11. How We Secure Your Personal Data

  12. How Long We Keep Your Personal Data (Retention)

  13. Your Privacy Rights

  14. Children’s Privacy

  15. Notification of Security Incidents / Data Breaches

  16. Changes to this Privacy Policy

  17. Contact Us

 

1. Privacy Notice

Effective Date: [10 August 2025] 

Cybryne (“we”, “us”, “our” or the “Company”) operates the website [cybryne.com]. This Privacy Policy describes how we collect, use, disclose, transfer, retain and protect Personal Data about individuals who interact with us or our website, including clients, prospective clients, vendors, job applicants, visitors to our premises and other business contacts.

This Privacy Policy is intended to satisfy our obligations under applicable data protection laws, including (where applicable) the Digital Personal Data Protection Act (India), the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act/Privacy Rights (CCPA/CPRA), and other relevant laws and regulations in the jurisdictions where we operate.

 

2. Scope & Applicability

This Policy applies whenever we act as a Data Controller of your Personal Data, including when you:

  • Visit or use our website;

  • Submit an inquiry or form on our website;

  • Are a prospective or existing client;

  • Apply for employment with us;

  • Are a vendor, contractor or other business contact;

  • Visit our offices or events organized by us.

Where we act as a Data Processor on behalf of a client (processing Personal Data under that client’s instructions), the controller’s privacy notice may apply and govern that processing.

 

3. What Personal Data We Collect & Process

We collect only the Personal Data necessary for the purposes set out in this Policy. Typical categories include:

3.1 Personal / Identity Data

  • Name, title, company name, job title, postal address.

3.2 Contact Data

  • Business email address, phone number.

3.3 Transactional & Business Data

  • Service requirements, proposals, correspondence, contract and billing details.

3.4 Recruitment Data

  • CVs, employment history, qualifications, references (for job applicants).

3.5 Technical & Usage Data

  • IP address, browser type and version, device identifiers, pages visited, referral URLs, date/time stamps, cookies and similar tracking data.

3.6 Sensitive Data

  • We do not typically request special categories of sensitive personal data (e.g., health data, race/ethnicity) except where necessary and only with explicit legal basis and appropriate safeguards. If you provide any sensitive data, we will process it only where permitted by law and with explicit consent where required.

3.7 Other Data You Provide

  • Any other information you submit through forms, emails, or other communications.

 

4. Where We Obtain Your Personal Data From

We collect Personal Data:

  • Directly from you when you complete forms, communicate with us, apply for jobs, or interact with our services;

  • Automatically via cookies and technical logs when you visit our website;

  • From publicly available sources (e.g., company websites, professional networks) and from trusted third-party data providers where permitted;

  • From partners, vendors or recruitment agencies when applicable.

 

5. How We Use Your Personal Data

We use Personal Data for the following purposes:

  • To respond to enquiries and provide requested services;

  • To perform and manage contracts with clients, vendors and partners;

  • For recruitment, onboarding and HR administration;

  • To send service updates, communications, proposals and (with consent where required) marketing communications;

  • To operate, maintain and improve our website and services;

  • For billing, invoicing and financial record keeping;

  • To comply with legal, regulatory, audit and tax obligations;

  • To detect, prevent and investigate fraud, security incidents or misuse;

  • For legitimate business interests such as analytics, product development and improving client experience, subject always to safeguards for individual rights.

We will not use your Personal Data for purposes materially different from those described above without giving you notice and, where required, obtaining your consent.

 

6. Lawful Bases for Processing Your Personal Data

Where applicable (e.g., for EEA data subjects), we rely upon one or more lawful bases to process your Personal Data, including:

  • Consent — where you have given clear consent for us to process your Personal Data for a specific purpose (e.g., subscribing to marketing).

  • Performance of contract — where processing is necessary to perform a contract or take steps prior to entering into a contract with you.

  • Legal obligation — where processing is required to comply with the law.

  • Legitimate interests — where processing is necessary for our legitimate business interests (for example, to provide and improve services, conduct analytics, or prevent fraud), provided such interests are not overridden by your rights and freedoms.

If you have questions about the lawful basis we rely on for a specific processing activity, please contact us (see Contact Us).

 

7. Consent Withdrawal

Where processing is based on your consent, you may withdraw consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before withdrawal. To withdraw consent, contact us at [enquire@cybryne.com] or use the unsubscribe/opt-out mechanisms included in our communications. If withdrawal prevents us from providing a service you requested, we will explain the consequences.

 

8. When We Share Your Personal Data with Third Parties

We do not sell personal data. We may share Personal Data with:

8.1 Service Providers & Processors — third parties who provide services on our behalf (e.g., hosting providers, CRM/email providers, analytics, payment processors). These providers are contractually restricted from using Personal Data for other purposes.

8.2 Professional Advisors — auditors, legal advisors, accountants when required.

8.3 Business Partners — where necessary to provide requested services or co-deliver a solution.

8.4 Legal & Regulatory Authorities — where required by law, regulation, court order, or to protect the rights, property or safety of the Company, employees or others.

Before sharing Personal Data with any third party, we take reasonable steps to ensure appropriate contractual, technical and organisational safeguards are in place.

 

9. Cross-border Data Transfers

Because we operate globally, Personal Data may be transferred to, stored in, and processed in countries outside your country of residence. Where such international transfers occur, we ensure an adequate level of protection through appropriate safeguards such as:

  • Transfers to countries with an adequacy decision;

  • Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms;

  • Implementing technical and organisational measures to protect data.

By using our services or submitting Personal Data, you consent to such transfers subject to the safeguards above.

 

10. Cookies & Tracking Technologies

We use cookies, web beacons and similar technologies to operate and improve our website, analyze usage and tailor content. Types of cookies we use include: essential (strictly necessary), performance/analytics, functionality and targeting/advertising cookies.

You can control cookies via your browser settings and cookie-preference tools. Disabling cookies may affect some website functionality. Please see our Cookie Policy (link) for more details.

 

11. How We Secure Your Personal Data

We apply reasonable technical, administrative and physical safeguards to protect Personal Data from unauthorized access, disclosure, alteration or destruction. Such measures may include: encryption in transit (HTTPS) and at rest, access controls, network security, intrusion detection, secure backups and regular security assessments.

While we implement industry-standard security measures, no method of transmission or storage is completely secure. If you suspect a security incident affecting your Personal Data, contact us immediately (see Contact Us).

 

12. How Long We Keep Your Personal Data (Retention)

We retain Personal Data only for as long as reasonably necessary to fulfill the purposes for which it was collected (including to meet legal, tax, accounting or reporting requirements). Retention periods vary by data type and processing purpose; when retention is no longer required, we will securely delete or anonymize the data.

If you want details about specific retention periods that apply to your Personal Data, contact us.

 

13. Your Privacy Rights

Depending on the jurisdiction in which you reside, you may have the following rights regarding your Personal Data:

  • Right to access: Request a copy of Personal Data we hold about you.

  • Right to rectification: Request correction of inaccurate or incomplete data.

  • Right to erasure: Request deletion of your Personal Data (subject to legal exceptions).

  • Right to restriction: Request limitation of processing in certain circumstances.

  • Right to portability: Request a copy of your Personal Data in a commonly used, machine-readable format.

  • Right to object: Object to processing based on legitimate interests or direct marketing.

  • Right to withdraw consent: Where processing is based on consent.

  • Right to lodge a complaint: With your local supervisory authority (e.g., ICO in the UK, Data Protection Authority in your EU member state, California Attorney General).

To exercise any rights, please contact us at [enquire@cybryne.com]. We may request information to verify your identity before fulfilling a request. We will respond in accordance with applicable law.

 

14. Children’s Privacy

Our services are not directed to individuals under the age of 16 (or the applicable age of consent in your jurisdiction). We do not knowingly collect Personal Data from children. If you believe we have collected Personal Data of a child, please contact us and we will take steps to delete it.

 

15. Notification of Security Incidents / Data Breaches

In the event of a confirmed data breach affecting Personal Data, we will follow applicable legal requirements for notification. Where required by law, we will notify affected individuals and relevant supervisory authorities without undue delay and provide information on remedial actions and mitigation measures.

 

16. Changes to this Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements or service offerings. The “Effective Date” at the top will indicate when the Policy was last revised. We encourage you to review this page regularly.

 

17. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact our Data Protection Officer (DPO) or privacy team:

Cybryne IT Services & Consulting Pvt. Ltd.
Email: enquire@cybryne.com
Address: GF-1, A Square, DLF RD, Sholinganallur, Chennai – 600119, India

If you are an EU resident, you may also lodge a complaint with your local data protection authority.