Syberviz · AI-First Digital Engineering
Privacy Policy
1.Introduction
Syberviz ("we," "our," or "the Company") is a global AI-first digital engineering and technology services company with delivery capabilities spanning the United States, United Kingdom, European Union, and the Gulf Cooperation Council (GCC) region. We are committed to protecting the privacy, security, and integrity of personal data entrusted to us by our website visitors, clients, partners, and prospective clients.
This Privacy Policy explains:
- —What personal data we collect and why
- —How we use, store, and protect that data
- —Your rights under applicable privacy laws
- —How to contact us regarding your data
This Policy applies to all personal data processed through www.syberviz.com and in connection with our professional services engagements. It does not apply to third-party websites linked from our site.
Syberviz is registered in India | GSTIN: 36ABKCS7234A1ZF | Registered Address: F-303, Sattva One, Miyapur, Hyderabad – 500049, India
2.Who We Are (Data Controller)
For applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA):
| Data Controller | Syberviz |
| Website | www.syberviz.com |
| Contact Email | info@syberviz.com |
| Phone | +91 8555044023 |
| Registered Address | F-303, Sattva One, Miyapur, Hyderabad – 500049, India |
| Company Registration | 36ABKCS7234A1ZF |
For GDPR enquiries, our designated point of contact is:
| Data Protection Contact | Syberviz — info@syberviz.com |
3.Data We Collect
We collect personal data through the following means:
3.1 Data You Provide Directly
When you interact with our website or services, you may provide:
| Data Category | Examples | Collection Point |
|---|---|---|
| Identity Data | Full name, job title, company name | Contact form, meetings |
| Contact Data | Email address, phone number | Contact form, email correspondence |
| Business Data | Project requirements, company information, industry | Discovery calls, proposals |
| Communication Data | Messages, meeting notes, feedback | Email, calls, forms |
| Financial Data | Billing details, payment information | Invoicing, contracts |
3.2 Data Collected Automatically
When you visit www.syberviz.com, we may automatically collect:
- —Technical Data: IP address, browser type, operating system, device identifiers
- —Usage Data: Pages visited, time spent, referring URLs, click behaviour
- —Cookie Data: Session and preference data via cookies (see Section 9)
3.3 Data from Third Parties
We may receive data about you from:
- —LinkedIn and other professional networks (if you engage with our content)
- —Business intelligence tools used for outreach
- —Referral partners and introducers
We do not purchase personal data lists or engage in unsolicited mass marketing.
4.How We Use Your Data
We use personal data only for specified, legitimate purposes. The table below maps each use to its legal basis:
| Purpose | Legal Basis | Applicable Law |
|---|---|---|
| Responding to enquiries and providing information about our services | Legitimate interest / Consent | GDPR Art. 6(1)(f) / 6(1)(a) |
| Managing and delivering client engagements | Contract performance | GDPR Art. 6(1)(b) |
| Sending relevant service updates and thought leadership content | Legitimate interest (opt-out available) | GDPR Art. 6(1)(f) |
| Invoicing, payment processing, and financial record-keeping | Legal obligation / Contract | GDPR Art. 6(1)(b)(c) |
| Compliance with legal and regulatory requirements | Legal obligation | GDPR Art. 6(1)(c) |
| Improving our website and service quality | Legitimate interest | GDPR Art. 6(1)(f) |
| Analytics and business development | Legitimate interest | GDPR Art. 6(1)(f) |
| Security, fraud prevention, and audit | Legitimate interest / Legal obligation | GDPR Art. 6(1)(c)(f) |
We do not sell, rent, or trade your personal data to third parties for marketing purposes — ever.
5.Data Sharing and Disclosure
5.1 Within Our Organisation
Access to personal data is restricted to authorised team members with a business need to process it. All Syberviz personnel handling personal data are bound by confidentiality obligations that survive the termination of their engagement.
5.2 Service Providers and Sub-Processors
We may share data with trusted third-party service providers who process data strictly on our behalf, including:
- —Cloud infrastructure providers (AWS, Microsoft Azure, Google Cloud Platform)
- —CRM and project management tools
- —Communication platforms (email providers, video conferencing)
- —Accounting and invoicing software
All sub-processors are bound by data processing agreements that require them to maintain at least the same level of protection as this Policy.
5.3 Legal Disclosure
We may disclose personal data where required to:
- —Comply with a legal obligation, court order, or regulatory requirement
- —Protect the rights, property, or safety of Syberviz, our clients, or the public
- —Enforce our contractual agreements
5.4 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred as part of that transaction. We will notify affected individuals and ensure continuity of privacy protections.
6.International Data Transfers
Syberviz operates globally across the US, UK, EU, and GCC. Personal data may be transferred to and processed in countries outside your country of residence. Where such transfers occur:
- —EU/UK to Third Countries: Transfers are made under appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission, or equivalent transfer mechanisms
- —GCC Region: We comply with applicable local data protection requirements including the PDPL (Personal Data Protection Law, Saudi Arabia)
- —US (CCPA): We implement appropriate safeguards as required under California privacy law
All international transfers are documented and subject to transfer impact assessments where required by law.
7.Data Retention
We retain personal data only as long as necessary for the purposes set out in this Policy or as required by applicable law:
| Data Type | Retention Period | Basis |
|---|---|---|
| Client project data | Duration of engagement + 7 years | Legal/contractual obligation |
| Contractual documents (MSA, SOW, NDA) | 7 years post-contract | Legal requirement |
| Enquiry / prospect data | 2 years from last contact | Legitimate interest |
| Invoice and financial records | 7 years | Tax and accounting laws |
| Website analytics data | 13 months (rolling) | Industry standard |
| Employee / contractor data | Duration + 6 years | Employment law |
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in accordance with our data destruction procedures. Clients may request a certificate of destruction for project-related data upon engagement closure.
8.Security Measures
Syberviz applies enterprise-grade security controls to protect all personal data:
- —Encryption in transit: TLS 1.2 or higher for all data in transit
- —Encryption at rest: AES-256 encryption for stored personal data
- —Access controls: Role-based access, principle of least privilege, multi-factor authentication
- —Network security: Firewalls, intrusion detection, VPN-secured access for project environments
- —Vulnerability management: Regular OWASP Top 10 assessments, SAST/DAST scanning, penetration testing
- —Audit logging: Access and activity logs maintained for security review
- —Incident response: Documented breach response procedure with regulatory notification timelines
In the event of a personal data breach that poses a risk to individuals, we will notify the relevant supervisory authority within 72 hours of becoming aware, in line with GDPR Article 33, and will notify affected data subjects without undue delay where required.
9.Cookies
Our website uses cookies and similar tracking technologies. A full Cookie Policy is available at:
www.syberviz.com/cookie-policy
Summary of Cookie Categories:
| Category | Purpose | Can be Declined? |
|---|---|---|
| Strictly Necessary | Website functionality, security | No |
| Analytics | Understanding site usage (anonymised) | Yes |
| Preference | Remembering your settings | Yes |
You may manage your cookie preferences at any time via the cookie settings banner on our website.
10.Your Rights
Depending on your location, you have the following rights regarding your personal data:
10.1 Rights Under GDPR (EU Residents)
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Rectification | Request correction of inaccurate or incomplete data |
| Erasure | Request deletion of your data where there is no legitimate reason to retain it |
| Restriction | Request that we restrict processing of your data |
| Portability | Receive your data in a structured, machine-readable format |
| Object | Object to processing based on legitimate interests |
| Withdraw Consent | Withdraw previously given consent at any time |
| Automated Decision-Making | Request human review of automated decisions that affect you |
10.2 Rights Under CCPA (California Residents)
California residents have the right to:
- —Know what personal data is collected, used, shared, or sold
- —Request deletion of personal data
- —Opt-out of the sale of personal data (Note: Syberviz does not sell personal data)
- —Non-discrimination for exercising privacy rights
10.3 Rights Under PDPL (Saudi Arabia Residents)
Individuals in Saudi Arabia have the right to:
- —Access their personal data held by Syberviz
- —Request correction of inaccurate personal data
- —Request deletion of personal data where no legitimate basis exists for retention
- —Withdraw consent where processing is consent-based
10.4 How to Exercise Your Rights
Submit a request by:
- —Email: info@syberviz.com (Subject: Data Privacy Request)
- —Privacy Requests: Syberviz — info@syberviz.com (Subject: Data Privacy Request)
We will respond within 30 days (GDPR/PDPL) or 45 days (CCPA) of a verified request. We may need to verify your identity before processing the request.
11.Children's Privacy
Our website and services are directed at business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has submitted personal data, please contact us immediately at info@syberviz.com and we will take steps to delete it.
12.Third-Party Links
Our website may contain links to third-party websites, tools, or platforms. This Privacy Policy applies only to Syberviz's own website and services. We are not responsible for the privacy practices of third-party sites and recommend reviewing their privacy policies separately.
13.Changes to This Policy
We review this Privacy Policy at least annually and whenever there is a material change to our data processing activities or applicable law. When we make significant changes, we will:
- —Update the "Last Updated" date at the top of this document
- —Post a notice on our website
- —Where required, seek renewed consent from affected individuals
Continued use of our website after changes are posted constitutes acceptance of the updated Policy.
14.Supervisory Authority
If you believe we have not handled your personal data lawfully, you have the right to lodge a complaint with the relevant supervisory authority:
- —EU: Your local Data Protection Authority (list at edpb.europa.eu)
- —US (California): California Attorney General — oag.ca.gov
- —Saudi Arabia (PDPL): National Data Management Office (NDMO) — ndmo.gov.sa
We would, however, appreciate the opportunity to address your concerns directly before you escalate to a supervisory authority. Please contact us first at info@syberviz.com or hello@syberviz.com.
15.Contact Us
For any questions, concerns, or requests relating to this Privacy Policy:
| info@syberviz.com | |
| Website | www.syberviz.com |
| Address | F-303, Sattva One, Miyapur, Hyderabad – 500049, India |
| Data Protection Contact | Syberviz — info@syberviz.com |
This Privacy Policy was prepared in accordance with GDPR (EU) 2016/679, the California Consumer Privacy Act (CCPA) 2018, and the PDPL (Personal Data Protection Law, Saudi Arabia). It reflects Syberviz's commitment to responsible, transparent, and lawful data governance.
Document version: 1.0 | April 2026