PRIVACY POLICY

PRIVACY POLICY

CyberBlazer™ by EM3 | LABS is a diversified Cyber Education and Risk Advisory Service. Our websites are at https://cyberblazer.com and https://cyberblazer.eu.  We are committed to maintaining your privacy however our websites may collect personal data.  Please find the outline of our data collection processes and reasoning.

1. Contact Form

When visitors send us messages via our contact form or email  we collect the data shown in the website form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may also be collected upon submission via our contact form.

2. Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

3. Cookies

To improve your experience on our site, we may use ‘cookies’.  Cookies are an industry standard and most major web sites use them.  A cookie is a small text file that our site may place on your computer as a tool to remember your preferences.  You may refuse the use of cookies by selecting the appropriate settings on your browser.  However please note that if you do this, you may not be able to use the full functionality of this website. We use cookies to support our usage of Google Analytics and Cloudflare, our CDN provider.

4. Embedded Content from Other Websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

5. Analytics

Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States and elsewhere.  Google Analytics does not identify individual users or associate your IP address with any other data held by Google.  We use reports provided by Google Analytics to help us understand website traffic and web page usage. You may review Google’s GDPR policy here

How Long we Retain your Data? 

If you send us a message using the contact form, the message and its metadata may be retained indefinitely. This is so we can recognize and approve any follow-up messages automatically instead of holding them in a moderation queue.

For users that register for our services (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time. 

What rights you have over your data?

If you have an account with us, or have sent messages via our contact form, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Where we send your data Visitor messages may be checked through an automated spam detection service.

GDPR Ombudsman

If you have any questions or concerns regarding our Data Protection Policy please contact us through our contact form.

How we protect your data: 

We provide the option to send us messages with PGP encryption.  You may use the following PGP Key:

4E42 6A8F 2F13 F5BF E24A 05E6 96B3 553F F800 7D45

What data breach procedures we have in place? 

On receipt of the communication of a breach, the Privacy Officer will take a preliminary view as to whether the breach (or suspected breach) may constitute a notifiable data breach. Accordingly, the Privacy Officer will issue pre-emptive instructions as to whether the data breach should be managed at the local level or escalated to the Data Breach Response Team (Third Party Response Team). This will depend on the nature and severity of the breach.

Last Revised:  September 2019