Image

Data Privacy

cyberTell exists primarily because of privacy violations related to (third-party) online service providers. User data is stolen, lost, sold, redistributed and misused by criminals - to the detriment of users and beyond their control. cyberTell was set up as a service to give us an overview of how our personal data is distributed. While we may not be able to control it once it has been breached, we can at least understand what has been leaked, where it has been leaked from, and what precautions we can now take as a result.
This page explains how privacy is managed within cyberTell and what information is collected when you use the service.

Data leaks stored and indexed on cyberTell

When a data breach is uploaded to cyberTell, the hash of the phone numbers is stored in the online system (this does not apply to registered users, where all displayed data is stored for usability). No other data of any kind (names, etc.) is stored. cyberTell also stores a list of the classes of data that were affected by each breach. For example, it states that email addresses and passwords appeared in a data leak, but it does not store information about which email addresses had corresponding passwords or what those passwords are (this does not apply to registered users where more information is displayed for usability).

cyberTell is committed to the security of your data. We will never misuse data found in connection with a data breach. We have carefully studied important regulatory measures around the world that cover privacy frameworks such as the General Data Protection Regulation (GDPR) & The California Consumer Privacy Act (CCPA).
cyberTell collects two types of personal data: (i) data that individuals have provided directly to cyberTell - this includes portal accounts, email addresses, and website analytics data generated from the use of our websites - and (ii) data about breached assets that we discover on the dark and clear web that is publicly and persistently available and accessible.

cyberTell’s use of this data is consistent with the legal bases set forth in the GDPR, such as: (i) your consent; (ii) necessity for the performance of a contract; (iii) our legitimate interests and also your legitimate interests and the legitimate interests of third parties using our services; and (iv) this processing is in the public interest to promote security and for law enforcement obligations.

As explained in the CCPA, we use this data for a variety of reasons, such as: (i) compliance with our legal obligations, (ii) use of this data to improve security for individuals by serving as a potential deterrent to fraudulent activity, and (iii) your legitimate interests and the legitimate interests of third parties who use our Services; and (iv) necessary for the completion of a transaction within the meaning of the CCPA.

Under both the GDPR and the CCPA, individuals are granted privacy-related rights. The following rights are afforded to all individuals, regardless of whether they live in a jurisdiction to which the GDPR and/or CCPA applies.

Right of Access - See the sources from which we collected your personal information, what personal information we have or disclosed about you, if any, for a minimum period of 12 months, and the business or commercial purpose for collecting that personal information.

Right to rectify - Amend/correct any information we have about you.

Right to Erasure - Request that we erase any personal information we have about you.

Right to object - Express your concerns about our use of your personal information.

Right to data portability - Arrange for us to share your personal information directly with another organization under directly to another organization in certain circumstances.

Right to complain - File a complaint with a competent data protection authority.

Right to opt out of future contacts - The ability to opt out of communications.

cyberTell hosts all production data within secure industry leading hosting services providers cyon GmbH in Switzerland and DigitalOcean in Germany. These providers are compliant with multiple frameworks and standards.

When searching for a phone number

When searching for a phone number, data is only ever retrieved from memory and then returned in the response; the data being searched for is never explicitly stored anywhere. See the Logging section below for situations where it may be stored implicitly.
Data violations flagged as sensitive are not returned in public searches.

How the opt-out feature works

cyberTell provides an opt-out feature that removes the email address from public visibility. This is done by marking the record as unsubscribed and not permanently deleting it to ensure that the email address does not become publicly discoverable again if it appears in subsequent data breaches.

Opt-out requests can be easily requested via web form with subject "Opt-Out" and are usually reflected in the system within 72 hours. The form to be used can be found here: Contact (cybertell.tech)

Logging

Only the absolute minimum logs necessary to keep the service operational and to combat malicious activity are stored. These include transient web server logs, Google Analytics for evaluating usage patterns, and Application Insights for performance metrics. These logs may include information entered by the user into a form, browser headers such as the user agent string, and in some cases the user's IP address.
Image
ADDRESS
Pfingstweidstrasse 94
CH-8005 Zurich
Switzerland
Phone Number

+41-43-456-24-16

Email
info@cybertell.tech