Privacy Policy

Last updated: 15th January 2026

Data Controller Information

CipherAdvisor SARL
Rue Chimay 68
4002 Differdange
Luxembourg
Email: privacy@cipheradvisor.pro
Phone: +352 28345585
Registration Number: RCSB852369
VAT Number: LU85214763

Introduction

CipherAdvisor is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains what data we collect from users of our cybersecurity services, how we use your information, and your rights regarding the processing of your personal data under the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Data Collection

We collect various types of personal data when you interact with our cybersecurity consultancy services. The data we collect includes information you provide directly to us and information we collect automatically when you use our website or services.

Information You Provide

  • Contact information (name, email address, phone number, company details)
  • Professional information related to your cybersecurity requirements
  • Communication preferences and correspondence with our team
  • Information provided during consultations and risk assessments
  • Technical information about your organisation's security infrastructure

Information We Collect Automatically

  • Website usage data, including pages visited and time spent on our site
  • Device information such as IP address, browser type, and operating system
  • Cookie data and similar tracking technologies for website functionality
  • Analytics data to help us improve our cybersecurity services

How We Use Your Information

We use the personal data we collect for specific purposes related to our cybersecurity consultancy services. The use of your data is always based on a lawful basis under GDPR, including legitimate interests, contract performance, or your explicit consent.

Primary Uses

  • Providing cybersecurity risk assessment and consultancy services
  • Responding to your inquiries and maintaining client relationships
  • Delivering security training and compliance guidance
  • Improving our cybersecurity framework offerings and service quality
  • Ensuring compliance with legal and regulatory requirements
  • Protecting our business and clients from security threats

Marketing and Communications

We may use your contact information to send you updates about our cybersecurity services, industry insights, and relevant security alerts. You can opt out of marketing communications at any time by contacting us at privacy@cipheradvisor.pro or using the unsubscribe links in our emails.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Third Parties

CipherAdvisor does not sell your personal data to third parties. We may share your information in limited circumstances necessary for our cybersecurity services or as required by law.

Service Providers

  • Cloud hosting providers for secure data storage
  • Email service providers for client communications
  • Analytics providers to understand website usage
  • Professional service providers (legal, accounting) as needed
  • Cybersecurity tools and platforms for service delivery

Legal Requirements

We may disclose your personal data if required by law, court order, or to protect the rights, property, or safety of CipherAdvisor, our clients, or others. This includes cooperating with law enforcement agencies and regulatory authorities when legally obligated to do so.

Data Security

As a cybersecurity consultancy, we implement robust security measures to protect your personal data from unauthorised access, alteration, disclosure, or destruction. Our security practices include encryption, access controls, regular security assessments, and employee training on data protection principles.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. The retention period varies depending on the type of data and the nature of our relationship with you. Client data related to cybersecurity assessments may be retained for longer periods to maintain security records and comply with regulatory requirements.

Your Rights

Under GDPR and other applicable privacy laws, you have specific rights regarding your personal data. These rights include the ability to access, correct, delete, or restrict the processing of your information.

  • Right of Access: Request information about the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another organisation
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for processing where applicable

International Data Transfers

As a Luxembourg-based company, CipherAdvisor primarily processes data within the European Economic Area (EEA). When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other legally recognised transfer mechanisms.

Children's Privacy

Our cybersecurity services are intended for businesses and professional users. We do not knowingly collect personal data from individuals under the age of 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

CipherAdvisor may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. For significant changes that affect your rights, we may provide additional notice through email or other appropriate channels.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please get in touch with us using the following contact information:

Privacy Contact:
Email: privacy@cipheradvisor.pro
Phone: +352 28345585
Address: CipherAdvisor SARL, Rue Chimay 68, 4002 Differdange, Luxembourg

You also have the right to lodge a complaint with the Luxembourg National Commission for Data Protection (CNPD) if you believe your personal data has been processed in violation of applicable data protection laws.

Governing Law

This Privacy Policy is governed by the laws of Luxembourg and the European Union, including the General Data Protection Regulation (GDPR). Any disputes arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Luxembourg.