Privacy policy - Processing of personal data

Who is the personal data controller?

The data controller for the processing of personal data described below is Cybercom Group AB, a Swedish company with registration number 556544-6522, or such Cybercom member company, listed under this link, that is a contracting party for the purposes of providing or receiving services or the entity you have contacted ("Cybercom", "we", "us" or "our").” You can find contact details at the bottom of this policy.

The web site

Cybercom cares about the privacy of those who visit the site. We are responsible for ensuring that personal data collected by us on this site is used only for its intended purpose. We protect it from unauthorised access and use.

What personal data do we process?

For us to be able to answer a question or to fulfill a request from you, you sometimes need to provide personal data, such as your name, address, email address and telephone number. This information is used to contact you.

We also collect and process personal data when you voluntarily complete surveys.

Personal data submitted under the tab Events is used to administer the event subscriptions and for sending out invitations to future events. You may provide notice in writing if you no longer wish to receive such invitations.

When you visit this site your IP address is automatically registered and then used to measure traffic patterns and statistics on the site. The IP address is not stored at the individual level.

To which recipients do we transfer personal data?

To achieve the purposes, we may share your personal data with our sub-processors. Such sub-processor provide storage services, advertising services and services for troubleshooting and correction of any defects in our website.

Personal data submitted under the tab Jobs is used for recruitment. Teamtailor AB is a sub-processor to Cybercom for the processing of personal data in the recruitment service and a special privacy notice is found in the service.

Cybercom uses Episerver AB as supplier for the hosting. Episerver AB is a sub-processor to Cybercom for personal data in the hosting service.

Cybercom uses Disqus, Inc to provide an online public comment sharing platform where users may login and create profiles to participate in conversations with peers.

Personal data may also be disclosed to subcontractors that Cybercom engages to perform a service, i.e. the dispatch of invitations.

Personal data may be transferred to companies within the Cybercom Group.

Personal data may be disclosed to the police or other authority provided that Cybercom is required to disclose the information by law or by the ruling of an authority.

Some of the sub-processors may process your personal data outside the European Economic Area (EEA). However, a transfer will only occur, if there is a legal ground for the transfer, e.g. by (i) executing EU standard data protection clauses with the recipient of the personal data, or (ii) ensuring that the country has an adequate level of protection of personal data, as decided by the EU Commission, or (iii) for transfers to and processing in the USA, ensuring that the recipient holds self-certifying registrations under the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks administered by the U.S. Department of Commerce's International Trade Administration

What is the purpose of the processing, the legal ground and the storage period

We will only use your personal data for the purposes, and on the basis of the legal grounds, set out below. We will not use your personal data for any purpose that is incompatible with the below purposes. Further, we will only use your personal data during the period set out in the right column, after such period, your data will be erased.

Purpose of processing

Legal ground for processing

Storage period

When you provide personal data for us to answer a question or fulfill a request, we will process your data to answer or to fulfill your request

When you voluntarily provide information, you consent to our usage of your personal data for the mentioned purposes.

We will erase your data once per year. 
You can always withdraw your consent at any time.

When you complete surveys, we will process your personal data to analyze the responses/results and to improve our services on the basis of such responses/results 

When you voluntarily participate in a survey, you consent to our usage of your personal data for the mentioned purposes.

We will erase your data once per year. 
You can always withdraw your consent at any time. 

When you provide personal data under the tab Events, we will process your personal data to administer the event subscriptions and for sending out invitations to future events 

When you voluntarily provide information, you consent to our usage of your personal data for the mentioned purposes. 

We will erase your data once per year. 
You can always withdraw your consent at any time.

When you visit, we will process your personal data to improve our website. We use third party cockies to improve you experience as a visitor. 

Our legitimate interest to improve our website and services. Please see more under "Cookies." 

Please see more under "Cookies." 

We will process personal data provided to us from our clients and our partners or persons contacting us and our personnel via e-mail in order to provide a service, conduct business communication or when we contact client prospects. 

For the performance of a contract, to comply with legal obligations or on the basis of a legitimate interest consisting in conducting business communication and, if necessary, establishment, pursue or defense of claims. 

We save your information as long as necessary to perform our contractual obligations to you and as long as required by legal requirements or necessary under other legitimate interests. 

To anonymize your personal data, in order to compile anonymous and aggregated tracking data (including to analyze visitors' use of our sites by tracking information such as page views, traffic flows, search terms and click throughs) for the purpose of improving our website

Our legitimate interests to create anonymous user statistics. When your personal data has been anonymized, it will no longer be considered personal data under applicable data protection laws. 



Please note that the above storage periods do not apply to the extent Cybercom is required to retain your personal data (partly or in full) for a certain period under applicable mandatory law.

What rights do I have as an individual?

Generally, you are entitled to the following basic rights under applicable laws:

  • The right to access: you may at any time request to access your personal data.
  • The right to rectification: you are entitled to obtain rectification of inaccurate personal data and to have incomplete personal data completed.
  • The right to erasure ("right to be forgotten"): under certain circumstances (including processing on the basis of your consent), you may request us to delete your User Data. Please note that this right is not unconditional. Therefore, an attempt to invoke the right might not lead to an action from us.
  • The right to object: to certain processing activities conducted by us in relation to your personal data, such as our processing of your personal data based on our legitimate interest. The right to object also applies to processing of your personal data for direct marketing purposes.
  • The right to restriction of processing: you may under certain circumstances request from us to restrict the processing of your personal data. Please note that this right is not unconditional. Therefore, an attempt to invoke the right might not lead to an action from us.
  • The right to data portability: you are entitled to receive your personal data (or have your personal data directly transmitted to another data controller) in a structured, commonly used and machine-readable format.


We use cookies on our websites. A cookie is a small text file that is placed on your computer, mobile phone, or other devices when you visit a website. The cookie will help the website providers to recognise your device next time you visit their website. Cookies may include personal data.

Most web browsers accept cookies automatically, but you can change the settings for this. If you do not want your personal data to be stored by cookies, you can configure your browser so that it notifies you whenever a cookie is received. This way you can decide each time to accept cookies or not. If you do not consent to the use of cookies, at all you can set your browser so that you automatically deny the storage of cookies. However, please be aware that the use of cookies may be necessary to provide certain features and choosing to reject cookies may reduce the functionality of our website.

Your browser should include precise instructions explaining how to control the acceptance of cookies.

We use two types of cookies. The first saves a file for a long time on the user's computer. It is used, for example, for functions that tell the user what is new since their last visit to the site. The second type of cookie is called a session cookie and is temporarily stored in the user's computer's memory during the time the user is surfing the site. Session cookies are deleted when the browser is closed or shortly thereafter.

Our website also uses cookies that are generated by third-party products and services used on the site, including the following tools and products.

Goolge Analytics:

Cybercom uses Google Analytics as a web statistics tool. This feature stores cookies on your computer. Data collected by Google Analytics is used to better understand our visitors and how they use the site.

Google Analytics cookies, domain:

Use this link for more information about cookies set by Google


The site displays videos from Cybercom's YouTube channel. The videos are displayed using YouTube's movie player, and cookies are used when the videos are played.

YouTube cookies, domain:

Use this link for more information about cookies from YouTube (Google):


AddThis is used to allow visitors to recommend Cybercom on social networks like Facebook and Twitter.

AddThis cookies, domain:

Use this link for more information about cookies from AddThis  


Cybercom uses a social plugin from Facebook on some pages.

If you visit a page with a Facebook plugin, a link is made to the Facebook server and the plug-in sends information to the browser. In this way, information is sent to the Facebook server, such as which of our web pages you have visited. If you are logged into Facebook, Facebook will add this information to your Facebook account.

If as a visitor you have previously received a cookie from Facebook, either because you have an account there, or have visited, information about this cookie is sent to Facebook when you visit a web page with a Facebook plugin.

Use this link for more information about cookies from Facebook:

Data security

In order to keep your personal data secure, we have implemented a number of technical and organizational security measures. For example, we maintain high levels of technical security in all systems (including traceability, disaster recovery, access limitations etc.) and we have adopted policies to ensure that our employees only access personal data on a need-to-know basis.

Personal Data about Children

Our website is not directed towards data subjects under the age of sixteen (16) and we request that such individuals do not provide personally data information through our website. If we detect that personal information has been collected from a data subject under 16 years of age on or through our website Cybercom will take the appropriate steps to cause this information to be deleted.

How to exercise your rights as a data subject

You may wish to exercise your rights as a data subject. These rights are not absolute and therefore a request to exercise certain rights will not always result in the requested action.

A request for records or other request related to personal data being processed by Cybercom, must be made in writing, by using the below form Please make sure to fill in correctly, print and sign it. You may then either scan the form and email it to or post the form to: Cybercom Group AB, Att. Data Protection Manager (DPM), Box 7574, 103 93 Stockholm, Sweden.

Form in English for Sweden: Request form
Form in English for Finland: Request form
Form in Polish for Poland: Formularz żądania
Form in English for Denmark: Request form

If you have questions concerning this privacy policy, please email Cybercom’s Data Protection Manager at

We would appreciate if you informed us if there is anything that you are not satisfied with when it comes to processing of personal data. If you have complaints about our processing of personal data, for example, if you do not think we fulfill your rights as a data subject, you are entitled to contact the supervisory authorities.

You may contact the supervisory authority using the following contact data:

Box 8114, 104 20 Stockholm

Tietosuojavaltuutetun toimisto
PL 800, 00521 Helsinki, Finland

Urząd Ochrony Danych Osobowych
ul. Stawki 2, 00-193 Warszawa

Borgergade 28, 5.
1300 København K

You may also contact the supervisory authority in other EU country where you have your habitual residence or your place of work or at the place of the alleged infringement, on the conditions stipulated by law.