Cyberday Privacy Policy

Last updated 7.11.2022

Scope of this policy

Agendium Ltd (“Agendium”, “we”, “us” or “our”) understands you care how information about you is collected and used. We are committed to protecting the privacy of individuals who interact with us. This Privacy Policy (“Privacy Policy”) describes our privacy practices for our websites, services, and apps that link to this policy. This policy also details our privacy practices related to Cyberday marketing and advertising practices.

Cyberday is an online cyber security management and documentation service provided by Agendium. We provide the Cyberday platform and related support, professional services, and other services to our customers. In this Privacy Policy, we will refer to the Cyberday platform and related applications (including mobile apps) and services, as well as any website where this Privacy Policy is displayed, collectively as our “Services.” We will refer to our emails and other marketing and advertising practices collectively as our “Communications.”

Cyberday services

We provide Services to our customers. As part of the Services, customer data and content may be stored on our computer systems. As our customer, when you use our Services to process data and content you have collected, you control the data and content you collect, what data and content are loaded into and stored by the Services, and how the data and content are used. The collection, use, transfer, and retention of customer data and content in our Services are governed by our Terms of Service, not this Privacy Policy. As a data processor, we will cooperate with you in your efforts to control your data and content.

Data controller

Agendium Ltd
Kalevantie 2, 33100 Tampere, Suomi

Phone: +358 10 231 6010
Email: support [at] agendium.com

Contact person from data controller

Ismo Paananen,
CEO

Kalevantie 2, 33100 Tampere, Finland

Phone: +358 40 728 8299
Email: ismo.paananen [at] agendium.com

Name for the register

Cyberday user register

Purposes and legal bases for processing personal data

FOR ADMINS - who manage cyber content via web client or Teams app

Authentication (performance of a contract) - You will need to provide us some data that helps us authenticate you when your using Cyberday.

Payment processing (performance of a contract) - If you choose to use some of the paid versions of Appcover, we will need payment information to keep things rolling.

Communication
(legitimate interest) - We inform you about the latest development regarding Appcover

Customer support
(legitimate interest) - We will need some data to be able to help you get your support questions solved via chat and email. We may also ask for your feedback on the performance of the services.

Product reviews (consent) - If you leave a public review on our site, we ask for your consent to publish it. You can withdraw your consent at any time by contacting us via chat or at team@cyberday.ai.

FOR EMPLOYEES who are connected via Cyberday Teams app

Authentication (performance of a contract) - We use your Microsoft 365 account to connect you with the correct cyber security content.

Delivering and monitoring cyber training content (performance of a contract) - When admins connect employees to cyber security guidelines, our Teams bot ensures employees know their guidelines. This is done through training via stories and skill tests and getting acceptance for guidelines via Teams chat.


FOR EMPLOYEES who are connected via Cyberday Teams app

Authentication (performance of a contract) - We use your Microsoft 365 account to connect you with the correct cyber security content.

Delivering and monitoring cyber training content (performance of a contract) - When admins connect employees to cyber security guidelines, our Teams bot ensures employees know their guidelines. This is done through training via stories and skill tests and getting acceptance for guidelines via Teams chat.

Processed personal data

For admins
Contact information (name, email address, phone)
Payment information (credit card information or billing information)
Usage information (login amounts etc.)
Given feedback and customer support discussions
Device and connection Information

For employees
Email address
Cyber security training statistics

When using the browser extension: 
App usage information (used apps, category)
App pulses (daily app uses)
Used browser

Sources for personal data

We get personal data from the following sources:
- information admins provide for us
- information automatically from Microsoft Teams (user identity for authentication)
- information collected automatically while using Cyberday (when using the browser extension)

Disclosure of information

Personal data is not disclosed or sold forward to third parties.

Data processors and transfer of data outside EU and ETA

The following data systems and system providers are utilized:
- Microsoft Corporation, USA
- Webflow, USA (Webflow, Inc.)
- MailChimp, USA (The Rocket Science Group)
- Auth0 Inc., USA
- Intercom, USA
- Visma Solutions, Finland (EU)

Data subject rights

You're entitled to
- get access to your data
- rectify incorrect data
- get your data deleted
- object processing based on legitimate interest
- file a complaint for data protection authority (link to Finnish data protection authority)

To send us a request, please contact us at team@cyberday.ai.

Data retention and retrieval

Data related to the performance of the service contract will be retained 3 months after the contract has been cancelled or the user has been deleted.

User has a possibility to export their data via the web client. Contact us at team@cyberday.ai for any assistance.

Are you ready to get started?

Start free trial or book a demo.