Skip to main content

Cyber Guardian Privacy Policy

CYBER GUARDIAN PRIVACY POLICY

Pursuant to this Privacy Policy, the user is informed about the way in which Cyber Guardian carries out the collection, processing and protection of personal data.

1. WHO WILL PROCESS YOUR PERSONAL DATA

  • Responsible for the processing: Santander Services Solutions, S.L., (hereinafter, “Cyber Guardian”).
  • Registered office: Avda. De Cantabria s/n, 28660 - Boadilla del Monte ( M a d r i d ) .
  • NIF B-88372024
  • Public Registry: Madrid Commercial Registry Volume 0, Folio 0, Registration 9 with sheet M-798541
  • E-mail: privacy@cyberguardiansol.com

2. FOR WHAT PURPOSE AND ON WHAT BASIS WILL CYBER GUARDIAN PROCESS THE USER’S PERSONAL DATA?

The personal data collected will be processed by Cyber Guardian in accordance with the purposes and on the legal basis indicated below:

  • Send commercial communications about Cyber Guardian services, offers and promotions, as well as the quotes requested through relevant channels, and to enable users to contract the offered digitization and cybersecurity solution.

Data processing will only be carried out in those cases in which Cyber Guardian have the consent of the user. This consent may be withdrawn at any time, either by requesting the withdrawal through the channels indicated below or by replying to the relevant communication. However, the revocation will not affect the lawfulness of the processing carried out previously.

Likewise, where quotes or offers contain personal information provided for this purpose, in addition to the contact details required for sending them, the legal basis for this data processing is the performance of pre-contractual measures at the request of the data subject.

  • Management and billing of the contracted services and communication with the Client in relation to them.

Processing carried out for the correct performance of the existing contractual relationship between Cyber Guardian and the Client.

  • Response to requests, doubts, proposals and claims that Clients or potential Clients send through the enabled contact channels.

The basis that legitimizes the data processing is the attention of the requests of the users, by virtue of the correct performance of the existing legal relationship.

  • Sending commercial communications about Cyber Guardian products and services, similar to those initially contracted and provided that no opposition has been expressed to them.

Processing carried out by virtue of the legitimate interest of Cyber Guardian in keeping Customers informed of products and services that may be of its interest.

However, Cyber Guardian will offer the recipient the possibility to object to the processing of their data for promotional purposes, both at the time of data collection and in each of the commercial communications addressed to them.

  • To carry out statistical studies based on the information obtained from the provision of the Services and the characteristics of the Customer, in order to assess the performance of our services.

The processing of personal data for the fulfillment of the stated purpose, including by aggregating or processing the information to bypass any identifying component, will be carried out by virtue of the legitimate interest of Cyber Guardian in improving the quality of its services, reducing costs and adapting better to market needs.

Compliance with established legal obligations.

Processing that will be carried out pursuant to the legal obligations that are required to Cyber Guardian.

3. ORIGIN OF THE DATA

Cyber Guardian will process the data requested in the contact forms enabled for the contracting of the digitization solutions and the provision of the contracted services, as well as those others that are provided, in relation to the above purposes, through any of the channels enabled for it.

Also, when a Customer interacts with Cyber Guardian through a third party acting as a referrer, the latter may transfer to Cyber Guardian the contact details provided through the forms enabled by it, to be able to inform potential Clients who have expressed their interest in the Service.

4. NEED TO PROVIDE DATA

The forms provided will clearly indicate which fields are mandatory. If the user does not provide the required information, Cyber Guardian will not be able to process your request.

In case you use third-party forms to contract our services, the data that is necessary for the attention of your specific request will be required.

5. DATA RETENTION

Cyber Guardian will retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, and to comply with applicable legal obligations. Subsequently, if necessary, Cyber Guardian will retain the data in a restricted manner for the period during legal liabilities may arise from the processing of users personal data, after which the data will be securely deleted.

6. COMMUNICATION OF DATA

Cyber Guardian will only share information with the referring entity from which the Client has been referenced. The information will be limited to the necessary to manage the commercial relationship between both parties and, in any case, related to the contracting of Cyber Guardian services by the Client.

Likewise, when necessary, Cyber Guardian will communicate Client data to:

  • Competent public authorities, in order to comply with legal obligations.
  • Courts and Tribunals, in response to specific requests made in accordance with applicable regulations, in order to comply with legal obligations.
  • Law enforcement authorities, in response to specific requests made in accordance with applicable regulations, based on compliance with a legal obligation.

Additionally, data may be accessed by Cyber Guardian service providers, which will process on behalf of Cyber Guardian User data, for the purpose of providing services. Cyber Guardian follows strict vendor selection procedures in order to comply with its data protection obligations, including the conclusion of the relevant data processing agreement pursuant to Art. 28 of the GDPR.

7. INTERNATIONAL DATA TRANSFERS

In order to fulfill the above purposes, it is possible that the data of users is processed outside the European Economic Area.

In those cases where data is processed from countries that do not have a level of data protection recognized by the European Commission, equivalent to that existing within the European Union, transfers to these countries will be regulated through one of the mechanisms provided for by the applicable data protection regulations. Such as, for example, through the standard contractual clauses approved by the European Commission in its Implementing Decision (EU) 2021/914 of 4 June 2021 or under the EU-US Data Privacy Framework,declared appropriate by the European Commission in its Implementing Decision (EU) 2023/1795 of 10 July 2023.

These international transfers are necessary for the fulfillment of the above purposes, and therefore you cannot object to them. If you do not want your data to be processed in these countries, please do not give your consent or contract Cyber Guardian services.

8. RESPONSIBILITY OF THE USER

The user:

  • Guarantees that they are over 18 years of age and that the data provided to Cyber Guardian is true, accurate, complete and up to date. For these purposes, the user is responsible for the veracity of all the data communicated and undertakes to keep such information duly updated so that it corresponds to their real situation.
  • Guarantees that, if they provide information third-party data, they have informed those third parties of the aspects set out in this document and that they are authorized to provide their data to Cyber Guardian for the stated purposes.
  • Will be liable for any false or inaccurate information provided through any of theauthorized channels and for any direct or indirect damages, this may cause to Cyber Guardian or third parties.

9. EXERCISE OF RIGHTS

Those interested, can contact Cyber Guardian through privacy@cyberguardiansol.com with the reference “Data Protection”, to:

  • Withdraw the consent previously granted.
  • Access information about the personal data processed by Cyber Guardian and how it is being processed.
  • Rectify inaccurate or incomplete data.
  • Request the deletion of your data when, among other reasons, the data is no longer necessary for the purposes for which they were collected.
  • Obtain from Cyber Guardian the limitation of the processing of data when any of the conditions provided for in the data protection regulations is met.
  • Oppose processing based on legitimate interest (such as, for example, when you wish to cancel the sending of commercial communications related to the products initially contracted).
  • Request the portability of your data when the processing is based on the consent of the user or on a contractual relationship.

In those cases where necessary, Cyber Guardian may request additional information, Including proof of identity, to verify the applicant’s identity.

Likewise, if the user considers that Cyber Guardian has infringed any of the rights conferred under applicable data protection legislation, they may file a claim with the Spanish Data Protection Agency or another competent supervisory authority in the matter.

10. SECURITY MEASURES

Cyber Guardian will process users data at all times in a strictly confidential manner and keeping the secrecy thereof, in accordance with the provisions of the applicable regulations, adopting the necessary technical and organizational measures to ensure the security of personal data and prevent its alteration, loss, processing or unauthorized access, taking into account the state of the technology, the nature of the data stored and the risks to which it is exposed.

Last update: July of 2025

© Santander Services Solutions, S.L. All rights reserved