In today’s rapidly evolving digital world, businesses and their enterprise web applications face constant attacks around the clock—24/7, 365 days a year. Cybercriminals are using increasingly sophisticated methods, making it critical for organizations to stay one step ahead. At CyberFlare, we are committed to providing cutting-edge cybersecurity solutions that help our clients stay ahead of these threats. Our proactive and vigilant approach ensures that your security programs are integrated seamlessly throughout the development and release process, safeguarding both your organization and your customers. Trust is at the core of what we do, and we are dedicated to fortifying your security, allowing you to maintain and build trust with your customers in an ever-changing digital landscape.
A thorough examination of your source code to identify vulnerabilities before they become threats. By addressing these weaknesses early, you can significantly strengthen your organization’s security posture. Regular and comprehensive secure code reviews, combined with industry-leading SAST tools integrated into your Software Development Life Cycle (SDLC), provide proactive protection against emerging risks.
CyberFlare's expert ethical hackers conduct simulated cyberattacks on your application to identify exploitable vulnerabilities and evaluate your defenses. Our testing assesses not only system weaknesses but also your organization's compliance with security policies, employee awareness, and response capabilities. Following the industry-standard PTES framework, we ensure a structured, thorough assessment in phased stages to bolster your overall security.
Agile development requires constant integration of security practices. CyberFlare’s Secure SCRUM framework embeds security at every stage of the development lifecycle, ensuring that your applications are secure by design. This approach fosters enhanced security awareness, reduces risks, and eliminates last-minute surprises—enabling your team to release more secure software with confidence.
Blockchain systems are exposed to risks from web interfaces, servers, mobile devices, and human interactions. These touchpoints can pose threats to your cryptocurrency, smart contracts, and Initial Coin Offerings (ICOs). At CyberFlare, we conduct specialized blockchain security audits to uncover potential vulnerabilities. Additionally, we offer continuous monitoring and phishing assessments to safeguard your blockchain environment and assets.
While most employees are familiar with cybersecurity, many lack the urgency or awareness needed to respond effectively to threats. The safe handling of sensitive data is a responsibility shared by everyone in the organization. CyberFlare offers tailored workshops designed to address the specific threats and technologies most relevant to your business, empowering your workforce with the knowledge and skills to protect your valuable assets.
Automated security testing efficiently identifies known vulnerabilities without relying on manual processes, saving valuable time and resources. Our team integrates automated testing into your Continuous Integration (CI) and Continuous Delivery (CD) pipelines using industry-leading open-source tools, ensuring that security checks are seamlessly embedded into every stage of your development process.
We would like to hear from you
1. Preamble
This Privacy Policy (“Policy”) is issued by CyberFlare (“we,” “us,” “our”), a provider of cyber security solutions, to ensure compliance with applicable data protection laws and regulations, including but not limited to the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the California Consumer Privacy Act (CCPA), ISO/IEC 27001:2013 for Information Security Management, ISO/IEC 27701:2019 for Privacy Information Management, the Dutch Data Protection Act (Wet bescherming persoonsgegevens, Wbp), the Personal Data Protection Act 2012 (PDPA) of Singapore, and the Privacy Act 1988 of Australia. By using CyberFlare’s services, entering into contracts, or engaging with us via any communication channel, you ("Data Subject") expressly consent to the practices described herein.
This Policy governs the collection, use, processing, storage, and transfer of personal data and defines the legal rights of individuals whose personal data is collected. The following provisions ensure that CyberFlare processes personal data only within the confines of the law, while effectively limiting liability for any data processing activities outside of the described scope. CyberFlare disclaims all liability for claims, damages, or losses arising from data processing outside the scope of this Policy.
2. Definitions
3. Scope of Application
This Policy applies globally to all personal data collected, processed, or stored by CyberFlare and any associated entities. The Policy covers the following environments and interactions:
CyberFlare expressly disclaims responsibility for any personal data collected outside the specific use cases outlined in this Policy, including but not limited to data inadvertently provided or collected through third-party platforms or external websites not under CyberFlare’s direct control. By engaging with our services, you acknowledge that CyberFlare is not liable for any unauthorized or unintended data processing beyond its direct control.
4. Types of Data Collected and Processed
CyberFlare collects and processes personal data in strict accordance with the principles of data minimization and purpose limitation under Art. 5 GDPR. We collect only the following categories of data necessary for the purposes of providing services, entering into contracts, and managing business transactions:
CyberFlare does not collect or process personal data through cookies, web tracking, or access logs unless explicitly required for technical support or contractual obligations. We disclaim liability for any inadvertent or extraneous data processing beyond this limited scope.
5. Lawful Basis for Processing
CyberFlare processes personal data based solely on the lawful grounds outlined in Art. 6(1) GDPR, as well as applicable national and international laws:
CyberFlare does not process personal data for marketing or profiling purposes unless explicit consent has been provided by the Data Subject in compliance with Art. 7 GDPR. CyberFlare disclaims any liability for claims arising from alleged processing outside these lawful bases.
6. Purpose Limitation and Use of Data
The personal data collected by CyberFlare is processed strictly for the following purposes:
CyberFlare expressly disclaims liability for any use of data outside these specific purposes, whether resulting from unauthorized access, third-party misuse, or user negligence in handling their personal data.
7. Data Retention Policy
Personal data is retained only for as long as necessary to fulfill the purposes outlined in this Policy or as required by law, in compliance with Art. 5(1)(e) GDPR. Specifically:
Upon expiration of the applicable retention period, personal data will be securely destroyed in accordance with ISO/IEC 27001 data deletion protocols. CyberFlare shall not be held liable for any claims arising from data retention practices, provided such retention complies with applicable legal standards.
8. Data Transfers and Processors
CyberFlare engages third-party data processors only under strict contractual terms that ensure full compliance with Art. 28 GDPR. Data transfers are conducted exclusively under legally sanctioned mechanisms, including:
CyberFlare has entered into binding data processing agreements with all processors, including payment processors, email service providers, and cloud storage providers, to ensure they adhere to the principles set forth under ISO/IEC 27701:2019 and ISO/IEC 27018 for the protection of personally identifiable information in cloud services.
CyberFlare expressly disclaims any liability for data breaches, losses, or unauthorized processing by third-party processors beyond the scope of these agreements.
9. Data Subject Rights
In accordance with Chapter III GDPR, Data Subjects have the following rights, subject to legal and contractual restrictions:
To exercise these rights, you may contact CyberFlare’s Data Protection Officer (DPO) at the contact details provided below. CyberFlare disclaims any liability for the inability to comply with a Data Subject’s request where legal or contractual obligations mandate data retention.
10. Data Breach Notification
In the event of a personal data breach, CyberFlare is committed to complying with its obligations under Art. 33 and 34 GDPR. We will notify the relevant supervisory authority and affected Data Subjects where there is a high risk to their rights and freedoms. CyberFlare disclaims any liability for any unauthorized access or data loss caused by third-party vendors, system failures, or force majeure events.
11. Limitation of Liability
To the maximum extent permitted by law, CyberFlare shall not be held liable for:
By using CyberFlare’s services, you expressly agree to indemnify and hold CyberFlare harmless from any claims, damages, or liabilities arising from your own misuse of data, failure to comply with data protection best practices, or the unlawful transmission of personal data through third-party channels.
12. Governing Law and Jurisdiction
This Policy and any disputes arising out of or in connection with this Policy shall be governed by and construed in accordance with the laws of the Netherlands, without regard to its conflict of law principles. The courts of Amsterdam shall have exclusive jurisdiction over any legal action or proceeding arising out of this Policy. CyberFlare reserves the right to seek injunctive or equitable relief in any jurisdiction in order to protect its rights and interests.
13. Amendments and Modifications
CyberFlare reserves the right to amend this Policy at any time to reflect changes in applicable laws, data protection practices, or service offerings. Any amendments will be communicated through our website and, where applicable, directly to clients and Data Subjects. Continued use of CyberFlare’s services constitutes acceptance of any updated terms.
14. Contact Information
For any inquiries, requests, or complaints regarding this Policy, please contact our Data Protection Officer (DPO):
Harwinder Singh Kaur
Email: harwinder@cyberflare.nl
CyberFlare (“we,” “us,” or “our”) is fully committed to complying with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), and the Dutch Data Protection Act (Wet bescherming persoonsgegevens, Wbp). This statement outlines our approach to data protection, our commitment to safeguarding personal data, and our internal practices to ensure compliance with applicable laws and regulations.
We recognize the GDPR’s role in enhancing the privacy rights of individuals within the European Union (“EU”) and have instituted comprehensive measures to ensure ongoing compliance. CyberFlare has implemented both technical and organizational measures to ensure that the processing of personal data complies with the principles set forth under GDPR, including lawfulness, fairness, transparency, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability.
Data Protection Officer (DPO)
CyberFlare has appointed Harwinder Singh Kaur as the Data Protection Officer (“DPO”), whose responsibilities include overseeing our data protection strategy and implementation to ensure compliance with the GDPR. The DPO also serves as the primary point of contact for all GDPR-related inquiries, complaints, and requests.
Data Processing and Lawful Bases
CyberFlare processes personal data solely on the lawful bases outlined under Article 6 of the GDPR. These bases include:
Security Measures
CyberFlare implements robust security protocols to ensure the confidentiality, integrity, and availability of personal data. These security measures are regularly reviewed and updated to mitigate the risk of data breaches or unauthorized access, and they include but are not limited to:
Data Subject Rights
In compliance with GDPR, CyberFlare respects and upholds the rights of Data Subjects regarding their personal data. These rights include:
Third-Party Data Processing
CyberFlare may engage trusted third-party service providers (“processors”) to process personal data on our behalf. Such processors are carefully vetted to ensure that they implement adequate technical and organizational measures to comply with the GDPR. All processors are bound by data processing agreements in accordance with Article 28 GDPR.
International Data Transfers
Where CyberFlare transfers personal data outside the European Economic Area (EEA), we ensure that such transfers are conducted in compliance with Chapter V GDPR. We will rely on one or more of the following safeguards:
Data Retention
CyberFlare retains personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable law. Once the retention period expires, personal data will be securely deleted or anonymized.
Data Breach Notification
In the event of a data breach, CyberFlare will notify the relevant supervisory authority within 72 hours, provided the breach is likely to result in a risk to the rights and freedoms of individuals. If the breach presents a high risk to individuals, we will also notify the affected Data Subjects without undue delay.
Limitation of Liability
To the fullest extent permissible under applicable law, CyberFlare disclaims any and all liability for direct, indirect, incidental, consequential, or punitive damages arising from the processing of personal data outside the scope of this GDPR Statement. By engaging with CyberFlare, you expressly acknowledge and agree that CyberFlare shall not be liable for any losses or damages resulting from third-party actions, external attacks, or breaches not attributable to our negligence.
Contact Information
For GDPR-related inquiries, or to exercise your rights as a Data Subject, you may contact our Data Protection Officer (DPO):
Harwinder Singh Kaur
Email: harwinder@cyberflare.nl
LinkedIn: https://www.linkedin.com/in/000harwinder000