Privacy Policy

Privacy policy

Cyber Security Challenge Privacy Policy

by SECURITYMADEIN.LU — Published on Oct 26, 2018 - v1

Your trust is important to us, and we take privacy and security very, very seriously. If you have any questions or concerns about our privacy policy or our use of data, please get in touch with us

  • via mail: info@cybersecuritychallenge.lu,
  • via telephone: +352 274 00 98 601,
  • or via mailing: Cyber Security Challenge c/o SECURITYMADEIN.LU, 16 Boulevard d'Avranches, L-1160 Luxembourg.
SECURITYMADEIN.LU will act as the data controller of the Cyber Security Challenge website, since we are the ones determining the means and purposes of the prossessing activities.

We will never share your information with parties outside SECURITYMADEIN.LU, unless we have explicitly made you aware that we will before you give it to us.

Privacy Policy?

As stated by Wikipedia, a privacy policy is a statement or a legal document that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client's data. It fulfills a legal requirement to protect a customer or client's privacy. Personal information can be anything that can be used to identify an individual, not limited to the person's name, address, date of birth, marital status, contact information, ID issue, and expiry date, financial records, credit information, medical history, where one travels, and intentions to acquire goods and services. In the case of a business it is often a statement that declares a party's policy on how it collects, stores, and releases personal information it collects. It informs the client what specific information is collected, and whether it is kept confidential, shared with partners, or sold to other firms or enterprises. Privacy policies typically represent a broader, more generalized treatment, as opposed to data use statements, which tend to be more detailed and specific. The exact contents of a certain privacy policy will depend upon the applicable law and may need to address requirements across geographical boundaries and legal jurisdictions. Most countries have their own legislation and guidelines of who is covered, what information can be collected, and what it can be used for. In general, data protection laws in Europe cover the private sector as well as the public sector. Their privacy laws apply not only to government operations but also to private enterprises and commercial transactions.

Children

This challenge is not meant to be played by players who are under the age of 13.

Analytics

Cyber Security Challenge website does NOT use any Web analytics systems.

Security

When you are surfing our website, we might collect and process web server logs, including IP addresses, user-agents, URLs, date and time logs. We collect those logs for our legitimate interest as these logs enable the security of our website.

GDPR?

As stated by wikipedia, the General Data Protection Regulation (EU) 2016/679 ("GDPR") is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements pertaining to the processing of personal data of individuals (formally called data subjects in the GDPR) inside the European Union, and applies to an enterprise established in the EU or—regardless of its location and the data subjects' citizenship—that is processing the personal data of people inside the EU. Controllers of personal data must put in place appropriate technical and organisational measures to implement the data protection principles.

"Data protection by design and by default", means that business processes that handle personal data must be designed and built with consideration of the principles and provide safeguards to protect data (for example, using pseudonymization or full anonymization where appropriate), and use the highest-possible privacy settings by default, so that the data is not available publicly without explicit, informed consent, and cannot be used to identify a subject without additional information stored separately. No personal data may be processed unless it is done under a lawful basis specified by the regulation or unless the data controller or processor has received an unambiguous and individualized affirmation of consent from the data subject. The data subject has the right to revoke this consent at any time.

A processor of personal data must clearly disclose any data collection, declare the lawful basis and purpose for data processing, and state how long data is being retained and if it is being shared with any third parties or outside of the EU. Data subjects have the right to request a portable copy of the data collected by a processor in a common format, and the right to have their data erased under certain circumstances. Public authorities, and businesses whose core activities centre around regular or systematic processing of personal data, are required to employ a data protection officer (DPO), who is responsible for managing compliance with the GDPR. Businesses must report any data breaches within 72 hours if they have an adverse effect on user privacy.

The GDPR was adopted on 14 April 2016, and became enforceable beginning 25 May 2018. As the GDPR is a regulation, not a directive, it does not require national governments to pass any enabling legislation and is directly binding and applicable. In some cases, violators of the GDPR may be fined up to €20 million or up to 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.

Flag for a bonus | If you have been reading this that far, please submit this flag WeToldYouToReadThePrivacyPolicy for a bonus to your account.

External links

We might host some links towards third parties websites. Accessing the resources through those links implies your acceptance of their own privacy policies. At least be aware that we cannot be held responsible for what other people do online on their own websites.