Cyberday Privacy Policy

Last updated 2.6.2020

Scope of this policy

Agendium Ltd (“Agendium”, “we”, “us” or “our”) understands you care how information about you is collected and used. We are committed to protecting the privacy of individuals who interact with us. This Privacy Policy (“Privacy Policy”) describes our privacy practices for our websites, services, and apps that link to this policy. This policy also details our privacy practices related to Cyberday marketing and advertising practices.

Cyberday is an online cyber security management and documentation service provided by Agendium. We provide the Cyberday platform and related support, professional services, and other services to our customers. In this Privacy Policy, we will refer to the Cyberday platform and related applications (including mobile apps) and services, as well as any website where this Privacy Policy is displayed, collectively as our “Services.” We will refer to our emails and other marketing and advertising practices collectively as our “Communications.”

Cyberday services

We provide Services to our customers. As part of the Services, customer data and content may be stored on our computer systems. As our customer, when you use our Services to process data and content you have collected, you control the data and content you collect, what data and content are loaded into and stored by the Services, and how the data and content are used. The collection, use, transfer, and retention of customer data and content in our Services are governed by our Terms of Service, not this Privacy Policy. As a data processor, we will cooperate with you in your efforts to control your data and content.

Data controller

Agendium Ltd
Kalevantie 2, 33100 Tampere, Suomi

Phone: +358 10 231 6010
Email: support [at] agendium.com

Contact person from data controller

Ismo Paananen,
CEO

Kalevantie 2, 33100 Tampere, Finland

Phone: +358 40 728 8299
Email: ismo.paananen [at] agendium.com

Name for the register

CyberDay user register

Purposes and legal bases for processing personal data

FOR ADMINS - who manage cyber content via web client or Teams app

Authentication (performance of a contract) - You will need to provide us some data that helps us authenticate you when your using CyberDay.

Payment processing (performance of a contract) - If you choose to use some of the paid versions of Appcover, we will need payment information to keep things rolling.

Communication
(legitimate interest) - We inform you about the latest development regarding Appcover

Customer support
(legitimate interest) - We will need some data to be able to help you get your support questions solved via chat and email.

FOR EMPLOYEES who are connected via CyberDay Teams app

Authentication (performance of a contract) - We use your Microsoft 365 account to connect you with the correct cyber security content.

Delivering and monitoring cyber training content (performance of a contract) - When admins connect employees to cyber security guidelines, our Teams bot ensures employees know their guidelines. This is done through training via stories and skill tests and getting acceptance for guidelines via Teams chat.

FOR EMPLOYEES who are connected via CyberDay browser extension

Delivering and monitoring cyber training content (performance of a contract) - When admins connect employees to cyber security guidelines, our browser extension ensures employees know their guidelines. This is done through training via stories and skill tests and getting acceptance for guidelines via virtual chat in the browser extension.

Conveying app usage information for company admins (performance of a contract) - When you browse the websites of work apps, and confirm to the browser extension prompt that you're using this app for work, then a personalized daily pulses are sent for admins telling about your usage.

Processed personal data

For admins
Contact information (name, email address, phone)
Payment information (credit card information or billing information)
Usage information (login amounts etc.)
Device and connection Information

For employees
Email address
Cyber security training statistics

When using the browser extension: 
App usage information (used apps, category)
App pulses (daily app uses)
Used browser

Sources for personal data

We get personal data from the following sources:
- information admins provide for us
- information automatically from Microsoft Teams (user identity for authentication)
- information collected automatically while using CyberDay (when using the browser extension)

Disclosure of information

Personal data is not disclosed or sold forward to third parties.

Data processors and transfer of data outside EU and ETA

The following data systems and system providers are utilized:
- Microsoft Corporation, USA (Privacy Shield -certified)
- Webflow, USA (Webflow, Inc., Privacy Shield -certified)
- MailChimp, USA (The Rocket Science Group, Privacy Shield -certified)
- Auth0 Inc., USA (Privacy Shield -certified)
- Intercom, USA (Privacy Shield -certified)
- Visma Solutions, Finland (EU)

Data subject rights

You're entitled to
- get access to your data
- rectify incorrect data
- object processing based on legitimate interest
- file a complaint for data protection authority (link to Finnish data protection authority)

To send us a request, please contact us at team@cyberday.ai.

Data retention and retrieval

Data related to the performance of the service contract will be retained 3 months after the contract has been cancelled or the user has been deleted.

User has a possibility to export their data via the web client. Contact us at team@cyberday.ai for any assistance.

Are you ready to get started?

Start free trial or book a demo.

Tietosuojamalli 2.0 on julkaistu!
Lue lisää blogista >>