Privacy and Cookies Policy

Information may come:

• directly from you (from correspondence between us or forms that you fill in)
• from cookies stored in your browser

We use third-party data processors who provide certain services to us and we have a contract in place with each one. This means that they cannot do anything with your personal information unless we have instructed them to do so. They will not share your personal information with any other entity. They will store it securely and retain it for the period we specify.

We may share your personal information with any member of our company group (i.e. our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this Policy.

We share cookies with Google Inc (USA) when using Google Analytics to improve our website. Information about Google Inc (USA): Address: Google, Google Data Protection Office, 1600 Amphitheatre Pkwy, Mountain View, California 94043, USA. Google’s Privacy Policy and page about Google Analytics information privacy.

In some circumstances, we may be legally obliged to share your personal data. For example:

• under a court order
• in order to establish, exercise, or defend our legal rights (including providing information to third parties for the purposes of fraud prevention)
• when cooperating with supervisory authorities to handle complaints or investigations

We will share personal data only in cases where both we and the competent authority have a legal basis to share the information.

Without your express consent, we will not share your personal data with a third party for the purpose of their or any other third party’s direct marketing. Group-IB may share anonymized or aggregated data containing your personal data to third parties in order to improve our services and internal practices. However, in any case involving a third party, that third party will only have access to anonymized data and will not be able to identify you as an individual.

We take all reasonable technical and organizational precautions to prevent your personal data from being leaked, lost, misused, or altered. We have implemented the following measures:

• Access control mechanisms at each layer of the stack, dividing our infrastructure into zones, environments, and services;
• Proactive intelligence-based security controls that help prevent most threats to the Company’s infrastructure;
• Risk and information security management for all assets and business processes;
• Network security controls: network segmentation, encrypted protocols, firewalls, etc.;
• 24/7 security incident management with holistic threat hunting capabilities;
• Vulnerability/patch management across all systems.

Personal information submitted to us through our website will be used for the purposes specified in this Policy.

Our website uses cookies. A cookie is a small piece of data that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login details, language, font size and other display preferences) over a period of time so that you do not need to keep re-entering them whenever you return to the site or browse different pages.

Cookies fall under two types: persistent cookies and session cookies. Persistent cookies are stored by a web browser and remain valid until the expiry date set, unless the user deletes them before the expiry date. Session cookies, on the other hand, expire at the end of the session, when the user closes the web browser.

Cookies also vary depending on the website’s domain: first-party cookies, which are set by the web server of the visited page and share the same domain, and third-party cookies, which are stored by a domain different to the visited page’s domain. This happens when the webpage references a file (e.g. JavaScript) located outside its domain.

Cookies do not usually contain any information that identifies a user personally, but the personal data that we store may be linked to the information stored in and obtained from cookies. Cookies can be used by web servers to identify and track users as they browse different pages on a website and identify users returning to a website.

Before you continue to use our Website, you can accept or reject cookies placed on your computer by us and by our third-party service providers. You may withdraw your consent at any time.

Most browsers allow you to refuse all cookies. Find out how to manage cookies on popular browsers:

• Google Chrome
• Microsoft Edge
• Mozilla Firefox
• Microsoft Internet Explorer
• Opera
• Apple Safari

Blocking all cookies will have a negative impact on the usability of many websites. If you block cookies, you will not be able to use all the features on our website.

To find out more about cookies, including how to check what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.

We may also use web beacons or other technologies to tailor sites more effectively and provide better customer service. These technologies may be used on a number of pages across our website. When a visitor accesses any of these pages, a non-identifiable notice of that visit is generated and may be processed by us or our suppliers. These web beacons usually work in conjunction with cookies. If you do not want your cookie information to be associated with your visits to these pages or use of these products, you can turn off cookies in your browser settings or turn off cookies in the product itself, respectively. If you turn off cookies, web beacon and other technologies will still detect visits to these pages, but they will not be associated with information otherwise stored in cookies. Some of our business partners set web beacons and cookies on our site. In addition, third-party social media buttons may log certain information such as your IP address, browser type and language, access time, and referring website addresses, and if you are logged in to those social media sites they may also link such collected information with your profile information on that site.

Under data protection law, you have the following rights:

• Right of access. You have the right to ask us for copies of your personal data.
• Right to rectification. You have the right to ask us to rectify information that you think is inaccurate. You also have the right to ask us to complete information that you think is incomplete.
• Right to erasure. You have the right to ask us to erase your personal data.
• Right to restriction of processing. You have the right to ask us to restrict the processing of your personal data.
• Right to object to processing. You have the right to object to processing if we are able to process your information because the process forms part of our legitimate interests.
• Right to data portability. This only applies to information you have given us. You have the right to ask that we transfer any such information to another organization or give it to you. This right only applies if we are processing information obtained with your consent, as part of discussions about entering into a contract, and if the processing is automated.
• Right to withdraw consent. If we process your data based on your consent, you have the right to withdraw your consent at any time. If you would like to exercise your right to withdraw your consent, please contact us.
• Right to be informed. You have the right to obtain information about the processing of your personal data processing and any third parties involved.
• Right to lodge a complaint with a supervisory authority or lodge a complaint with us. If you have any questions about your rights or the Policy or would like to exercise any of your rights, including the right to withdraw consent, please contact us by sending an email to law@group-ib.com.

You can exercise any of the rights mentioned above or ask questions about your rights or the Policy by sending an email to law@group-ib.com or through our website contact form.

Our products and services are not intended for children. We do not wish to receive or unknowingly collect personal data relating to children.

Our website includes hyperlinks to third-party websites and details about them.

We have no control over the privacy policies and practices of third parties and cannot be held responsible for them.

Please let us know if the personal data that we hold about you needs to be corrected or updated.

This website is owned and operated by GROUP-IB GLOBAL PRIVATE LIMITED. Our business address is: 456 Alexandra Road #17-03 Fragrance Empire Building, Singapore, 119962.

If you would like to contact us regarding our privacy practices, please use our website contact form or send an email to law@group ib.com.