Privacy Policy

Welcome to our Privacy Policy

CyberPeace Institute Privacy Policy

The CyberPeace Institute (the “Institute”) is commited to the protection of privacy and the highest principles of responsible, secure information processing. This Privacy Policy (the “Policy”) describes how the Institute processes information, including personal data, collected through the Institute’s websites and through other channels such as email, telephone or through initiatives like Cyber4Healthcare.

1. Links to External Sites

Our website may contain links to external sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites, products or services. We strongly advise you to review the Privacy Policy and terms and conditions of every site you visit.

2. Collection of personal and non-personal data

The Institute collects data from you through our interactions with you and through our initiatives. The data we collect depends on the context of your interactions with the Institute.

For the purposes of this Policy, “personal data” refers to any information that you voluntarily submit to the Institute and which identifies you personally, including different pieces of data that together may lead to your identification. Examples of personal data include your name, e-mail address, postal code, country, payment info, including credit card data We may collect such data when you use our websites or when interacting with us through other products and services such as our newsletter, our donation portal or initiatives like Cyber4Healthcare.

We also collect personal and non-personal data regarding visits to our website. We use web analytics to track visit usage patterns, notably via IP addresses (which include location data), browser, operation system, visiting time (local and server), session, actions per visit, pageviews per visit, returning visitors and referring site information.

In some circumstances, we may request other categories of data, such as details to your computing system, in order to provide products and services. This will always happen after notification and with your informed consent.

3. Processing of personal and non-personal data

In all of its data processing activities, including the processing of personal data, the Institute employs a robust data protection framework consistent with the highest principles of data protection and security.

3.1 Data Processing: Data usage

In accordance with this framework and applicable data protection standards, the Institute processes personal data only as strictly necessary to fulfill our mission through the delivery of the Institute’s products and services, including quality control mechanisms.

If we aim to use your data for other purposes, we will seek your informed consent before doing so.

3.2 Data Processing: Data security

We take reasonable technical, administrative and physical measures measures to protect the security of personal data under our control from unauthorized use, disclosure, alteration and breach. We apply procedural safeguards to all personal data that we process, regardless of the technology used. However, we cannot guarantee that our security measures will be successful.

3.3 Data Processing: Data sharing

Unless explicitly stated otherwise, when you are asked to provide personal and non-personal data to the Institute, you are sharing that data with the Institute alone and, when necessary, with its service providers and contractors working under obligations of confidentiality solely to provide services to our organization.

We will never sell your data to any third party.

We may share anonymized information (non-personal data) about digital trends or modus operandi with trusted partners, or as a part of public reporting, in order to fulfil our mission.

3.4 Data Processing: Compelled disclosure

We process personal data as required or permitted by law. We will not transfer or share your data unless compelled by due legal process (i.e court order, summons, subpoena). Before production of data, we will conduct thorough assessments of the legality of any order to ensure the highest level of data protection and safety of data subject.

3.5 Data Processing: Data retention

Personal and non-personal data collected in accordance with this policy will be kept for the duration of the proper delivery of the CyberPeace Institute’s products and services. To ensure that strong data protection principles are enforced, the CyberPeace Institute will organize regular personal data reviews, to assess the relevance of maintaining data processing. Such reviews should happen no later than 3 years after personal data collection, with the exception of 10 years should the data be publicly available at collection time.

3.6 Processing of personal data: Your rights

In accordance with widely recognized data protection principles, such as – but not limited to – the European General Data Protection Regulation, the Institute provides you with the following rights regarding processing of your personal data:

  • The right to be informed. You have the right to know what personal data we process, why we process it, and to whom we might provide that data.
  • The right of access. You have the right to see the personal data we have about you.
  • The right of rectification. You have the right to correct personal information we have about you.
  • The right to erasure. Under certain circumstances, you may ask us to delete your personal information.
  • The right to restrict processing. Under certain conditions, you may ask us to stop processing your personal data.
  • The right to data portability. You have the right to ask us to provide you with a copy of your personal information in an easy-to-use format.
  • The right to object. You may object to our processing your personal information in a manner that is inconsistent with the reason we collected it in the first place.
  • Rights in relation to automated decision making and profiling. You have the right to have a person involved in decisions about you, instead of having a decision being based solely on automated processing of your personal information.

If you wish to exercise any of these rights, kindly contact us at [email protected] So we can be sure that the request is not coming from somebody pretending to be you, we may ask you to provide us with additional information just to confirm your identity or to provide us other proof of your identity. If you provide any such information to us, then we will only use it to respond to your request.
You may also send us postal mail with your requests to: CyberPeace Institute Chemin des Mines 9 Genève 1202 Switzerland

When was this privacy policy last updated?

This Privacy Policy went into effect on June 3, 2020. We reserve the right to update this Privacy Policy from time to time. If we update this Privacy Policy, we will post a new version on our website. We encourage you to check this page frequently for any changes to our Privacy Policy.