The Institute collects data from you through our interactions with you and through our initiatives. The data we collect depends on the context of your interactions with the Institute.
For the purposes of this Policy, “personal data” refers to any information that you voluntarily submit to the Institute and which identifies you personally, including different pieces of data that together may lead to your identification. Examples of personal data include your name, e-mail address, postal code, country, payment info, including credit card data We may collect such data when you use our websites or when interacting with us through other products and services such as our newsletter, our donation portal or initiatives like Cyber4Healthcare.
We also collect personal and non-personal data regarding visits to our website. We use web analytics to track visit usage patterns, notably via IP addresses (which include location data), browser, operation system, visiting time (local and server), session, actions per visit, pageviews per visit, returning visitors and referring site information.
In some circumstances, we may request other categories of data, such as details to your computing system, in order to provide products and services. This will always happen after notification and with your informed consent.
In all of its data processing activities, including the processing of personal data, the Institute employs a robust data protection framework consistent with the highest principles of data protection and security.
In accordance with this framework and applicable data protection standards, the Institute processes personal data only as strictly necessary to fulfill our mission through the delivery of the Institute’s products and services, including quality control mechanisms.
If we aim to use your data for other purposes, we will seek your informed consent before doing so.
We take reasonable technical, administrative and physical measures measures to protect the security of personal data under our control from unauthorized use, disclosure, alteration and breach. We apply procedural safeguards to all personal data that we process, regardless of the technology used. However, we cannot guarantee that our security measures will be successful.
Unless explicitly stated otherwise, when you are asked to provide personal and non-personal data to the Institute, you are sharing that data with the Institute alone and, when necessary, with its service providers and contractors working under obligations of confidentiality solely to provide services to our organization.
We will never sell your data to any third party.
We may share anonymized information (non-personal data) about digital trends or modus operandi with trusted partners, or as a part of public reporting, in order to fulfil our mission.
We process personal data as required or permitted by law. We will not transfer or share your data unless compelled by due legal process (i.e court order, summons, subpoena). Before production of data, we will conduct thorough assessments of the legality of any order to ensure the highest level of data protection and safety of data subject.
Personal and non-personal data collected in accordance with this policy will be kept for the duration of the proper delivery of the CyberPeace Institute’s products and services. To ensure that strong data protection principles are enforced, the CyberPeace Institute will organize regular personal data reviews, to assess the relevance of maintaining data processing. Such reviews should happen no later than 3 years after personal data collection, with the exception of 10 years should the data be publicly available at collection time.
In accordance with widely recognized data protection principles, such as – but not limited to – the European General Data Protection Regulation, the Institute provides you with the following rights regarding processing of your personal data:
If you wish to exercise any of these rights, kindly contact us at [email protected] So we can be sure that the request is not coming from somebody pretending to be you, we may ask you to provide us with additional information just to confirm your identity or to provide us other proof of your identity. If you provide any such information to us, then we will only use it to respond to your request.
You may also send us postal mail with your requests to: CyberPeace Institute Chemin des Mines 9 Genève 1202 Switzerland