Privacy Policy
on processing of personal data by the Controller of this internet website.
CONTROLLER
Company name: Cyber Security Innovation ApS
Registered seat: Kirke Værløsevej 16, 3500 Værløse, Denmark
Company registration nr.: 40803688
Taxation ID:
Represented by: Jakob Seierø & Rasmus Severin
E-mail: [email protected]
1. Legal regulation regarding the processing of personal data
- REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation; hereinafter referred to as: “Regulation” or “GDPR”), and
- Act CXII. of 2011 on the Freedom of Information (hereinafter referred to as: “Infotv”).
2. The purpose of this Privacy Policy
2.1. This Privacy Policy refers to the processing of personal data provided by or collected from the natural persons (hereinafter referred to as: “users”) when using this website despiritu.com (hereinafter referred to as: “website”); please read through thoroughly.
2.2. This Privacy Policy aims to fulfil the respective privacy-related legal regulation and to keep the users of the website as fully informed as possible. It also aims to demonstrate the controller’s firm commitment to protecting the privacy of all the users of this website.
2.3. “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
2.4. “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
3. Acknowledgement of this Privacy Policy
3.1. By using the website — either with or without registration — the users acknowledge and grant their consent to the content of this Privacy Policy.
3.2. Users are entitled to withdraw their consent anytime. Withdrawal of consent shall not affect the legality of the consent-based data processing prior to the withdrawal. Users may withdraw their consent either by sending a relative statement to the abovementioned e-mail address of the controller or by deleting their registration. Data regarding and proving the withdrawal of consent shall be recorded and stored in order to fulfil the lawful interests and legal obligations of the controller for the necessary term.
3.3. In case the personal data is obtained upon the consent of the data subject then, unless regulated otherwise by the competent law, the controller is entitled to process this data in order to fulfil the legal obligations of the controller even without further consent of the data subject or after such consent is withdrawn.
3.4. If the user is accessing this website from outside the European Union, the user consent to the transfer of his or her information to Denmark (a member state of the European Union), and the processing, use and sharing of the user’s information in accordance with this Privacy Policy. Regardless of where the user’s information is collected or transferred, the information will be treated in accordance with this Privacy Policy.
3.5. By using this website and thus agreeing to this Privacy Policy, the user consent to the Controller’s use of cookies in accordance with the terms of this Privacy Policy.
4. Granting consent by the user
4.1. We hereby draw the attention of the users that the following acts / activities shall qualify as granting their consent to the data processing by the user with regard to the data processing according to article 6 of this Privacy Policy:
- a) if the user uses the website without registration: the use of the website
- b) if the user uses the website with registration: registration to the website
- c) if the user subscribes to the newsletter: ticking the respective checkbox at the website
- d) in all other cases: giving explicit consent — in writing, by ticking a checkbox or by other method which is verifiable afterwards.
4.2. We hereby draw the attention of the users that processing the personal data of minor users under 16 years is only legal if the consent to the data processing is granted or confirmed by the legal representative of the minor. The conforming statement of the legal representative of minors must be sent to the abovementioned e-mail address of the controller.
5. Legal basis for the data processing
5.1. The processing of the personal data is legal only if at least one of the following conditions apply:
- a) Regulation Article 6. a): the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- b) Regulation Article 6. b): processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- c) Regulation Article 6. c): processing is necessary for compliance with a legal obligation to which the controller is subject;
- d) Regulation Article 6. d): processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- e) Regulation Article 6. e): processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- f) Regulation Article 6. f): processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
6. User activities giving reason for processing personal data
(A) Using the website (with or without registration)