Privacy Policy
1. Data Controller
Cyberian Systems (hereinafter "we", "us", or "the Company") is the data controller responsible for processing your personal data as described in this policy. The Company is registered in Quebec, Canada.
Contact: philippe@cyberiansystems.ai
2. What Data We Collect
When you use our contact form, we collect the following information:
- Full name
- Email address
- Company name (optional)
- Service of interest
- Message content
We do not use cookies for tracking, analytics, or advertising purposes. No third-party analytics tools are installed on this website.
3. Purpose and Legal Basis
We process your personal data for the following purposes:
- Responding to your inquiry — to reply to messages submitted via the contact form.
- Business communication — to follow up on potential projects or partnerships.
Under Quebec's Act respecting the protection of personal information in the private sector (as amended by Law 25), we collect your data with your implicit consent when you voluntarily submit the contact form. For interprovincial and international data transfers, Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) may also apply. For individuals located in the European Economic Area (EEA), the legal basis is legitimate interest (Art. 6(1)(f) GDPR) and, where applicable, pre-contractual measures (Art. 6(1)(b) GDPR).
4. Data Recipients
Your data may be processed by the following third-party services, solely for the purpose of delivering your message to us:
- Cloudflare Workers — server-side form processing (Cloudflare, Inc., USA). Cloudflare is certified under the EU–US Data Privacy Framework.
- Web3Forms — fallback form delivery service, used only if the primary method is unavailable.
We do not sell, rent, or share your personal data with any other third parties.
5. Data Retention
We retain your contact form data only for as long as necessary to respond to your inquiry and for any follow-up correspondence. Data is typically deleted within 12 months after the last interaction, unless a business relationship is established.
6. Your Rights
Under Quebec's privacy legislation (Law 25), Canada's PIPEDA (for interprovincial and international transfers), and, for European residents, the General Data Protection Regulation (GDPR), you have the right to:
- Access — request a copy of the personal data we hold about you.
- Rectification — request correction of inaccurate or incomplete data.
- Erasure — request deletion of your data ("right to be forgotten").
- Restriction — request that we limit how we process your data.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interest.
To exercise any of these rights, contact us at philippe@cyberiansystems.ai. We will respond within 30 days.
7. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or alteration. All form submissions are transmitted over encrypted HTTPS connections.
8. International Transfers
Your data may be processed on servers located outside Canada and outside the European Economic Area (EEA), specifically through Cloudflare's global infrastructure. Cross-border transfers are conducted in compliance with PIPEDA and, where applicable, the GDPR. Cloudflare participates in the EU–US Data Privacy Framework, ensuring an adequate level of data protection.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated "Last updated" date. We encourage you to review this page periodically.
10. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the relevant supervisory authority:
- Quebec, Canada: Commission d'accès à l'information du Québec (CAI) — www.cai.gouv.qc.ca
- Canada (federal): Office of the Privacy Commissioner of Canada (OPC) — www.priv.gc.ca
- European Union: your local data protection authority under the GDPR