DATA CONTROLLER INFORMATION
KASPERSKY LAB SWITZERLAND GmbH a company incorporated and registered in Switzerland with company number VAT CHE-114.644.463 whose registered office is at Bahnhofstrasse 69, 8001 Zürich, Switzerland (“Kaspersky” or “we”). If you have any questions regarding the processing of your personal information, please contact our Kaspersky EU representative via e-mail or phone: Kaspersky Labs GmbH, Ingolstadt, Germany, email@example.com, +49 (0) 841 98 18 90
If you have any additional questions about Kaspersky’s privacy practices or if you would like us to update information or preferences you provided to us, please contact our Data Protection Officer – click here.
YOUR PERSONAL DATA – WHAT IS IT?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data within the EU is governed by the General Data Protection Regulation 2016/679 (the “GDPR”)
WHAT IS OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Our lawful basis for processing your general personal data:
WHY WE PROCESS YOUR PERSONAL DATA
We process the following categories of your personal data for the following purposes:
|Categories of personal data||Purpose of processing and legitimate interests, where applicable||Legal basis||Storage period|
|First and second name
Personal Mobile Phone number
Servicing our contractual obligations to you
|Contract||3 years after user’s access to the training expires|
|First and second name
|Providing marketing information||Consent, Art. 6 (1) (a) GDPR||Until the withdrawal or expiry of consent, maximum 2 years after last distribution of marketing information|
|Unique User ID at the learning management system||Servicing our contractual obligations to you||Contract||3 years after user’s access to the training expires|
|User’s performance tracking in the Learning Management System||Servicing our contractual obligations to you||Contract||3 years after user’s access to the training expires|
We have obtained your personal data from you directly.
SHARING YOUR PERSONAL DATA
We may disclose your personal data as follows, provided the legal requirements are met:
Your personal data will be treated as strictly confidential and will only be shared with employees of Service Providers that provide us with IT and system administration services.
In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose.
TRANSFER OF DATA ABROAD
The personal data provided by users to Kaspersky is processed in the servers located in the EU.
Kaspersky Lab has taken appropriate security measures to protect your personal data in accordance with security and privacy best practices (more information https://www.kaspersky.com/global-privacy-policy), including, utilizing the European Commission’s Standard Contractual Clauses for transfers of personal information between group companies (You can find these standard contract clauses under the following link), which requires all group companies to protect personal information being processed from the EEA to an equivalent standard to that required under EU data protection law. Where we share your personal data with a third party service provider outside of the European Economic Area and Switzerland (as detailed in the section entitled “Sharing your information”), we contractually oblige the third party service provider to implement adequate safeguards to protect your information.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We retain your personal data only as long as necessary to fulfill the stated purposes, see column “storage period” in the chapter “WHY WE PROCESS YOUR PERSONAL DATA” above.
AUTOMATED DECISION MAKING
We do not use automated decision making at “Hunt APTs with Yara like a GReAT Ninja”
Cookie files are files or fragments of information that may be saved on your computer or other Internet-compatible devices (for example, smartphones and tablets) when you visit our websites. This information frequently consists of alphanumeric strings that uniquely identify your computer, but they may also contain other information.
We use different types of “cookies” (small text files that are placed on your device):
Some of our web pages use electronic markers (web beacons) that we use to obtain comprehensive statistics regarding the effectiveness of our advertising campaigns and other operations. We also include web beacons in our emails to you in order to determine the effectiveness, performance, and optimization of email mailings and the user experience. We use various analytical services for these purposes. You can review a list of them here.
You can configure your browser settings in a way that cookies are blocked or your system informs you whenever a website wants to set a cookie. However, please be aware that the blocking of cookies may have the effect that you will not be able to use all our website functions any more.
YOUR RIGHTS AND YOUR PERSONAL DATA
We inform you that you have certain rights regarding the personal data we maintain about you:
HOW TO EXERCISE YOUR RIGHTS
If you wish to exercise these rights towards us, you may at any time contact us directly or our representative in EU: Kaspersky Labs GmbH, Ingolstadt, Germany, firstname.lastname@example.org, +49 (0) 841 98 18 90.
Principally, you will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, except in relation to consent withdrawal, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you would like to make a complaint regarding this Privacy Statement or our practices in relation to your personal data, please contact us at click here.
If you consider that the processing of personal data relating to you infringes applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority at any time. Which supervisory authority has competence for your complaint can depend on the country where you reside.