Privacy Policy

This privacy policy (this “Privacy Policy”), discloses CyberTell’s (“CyberTell”, “Vantra & GTCM Start-Up Accelerator / CHE-465.101.111”) privacy practices. This Privacy Policy applies to information collected by CyberTell’s web sites, products, and offerings that reference this Privacy Policy. CyberTell is the controller and is responsible for your personal information (“CyberTell”, “we”, “us” or “our”).

The term “personal information” as used in this Privacy Policy shall mean any information that enables us to reasonably identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to you. De-identified and or aggregated data which cannot reasonably identify, relate to, describe, or be capable of being associated with, or be linked, directly or indirectly, to an individual, household or device is not considered personal information.

This Privacy Policy will notify you of the following:

What personal information is collected from you, the sources from which such personal information is collected, how it is used and with whom it may be shared.

What choices are available to you regarding the use and retention of, and access to, your personal information.

The security procedures in place to protect the misuse of your personal information.

What personal information do we collect?

We use different methods to collect personal information from and about you including:

Personal information you give us. You may give us your personal information including name and contact details, by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal information you provide when you ask us about, or apply for, our products or services; subscribe to our services or publications; request marketing to be sent to you, or give us feedback. In order to use this web site, a user must first sign up. During registration, a user is required to give certain information (such as name, domain, and email addresses). This information is used to display products/services on our web site.

Personal information we collect. We may use cookies, log files, web beacons, device identifiers, advertising identifiers and similar tracking technologies, including those from third-party service providers like Google Analytics, Google Tag Manager, HubSpot, and other cloud-based tools, to automatically collect your preferences, performance data, and information about your web usage when you visit the Services. For example, we may collect your IP address, device and Internet service provider information, Web browser details and the address of any referring website. This may include collecting geolocation signals from your IP address or device settings to determine your location so that we may operate and personalize the Services for you. We may also collect information about your online activity, such as pages viewed and interactions with other users. The Services are not designed to recognize or respond to “do not track” signals received from browsers. You can control the information collected by such tracking technologies or be alerted when cookies are sent by adjusting the settings on your Internet browser or devices, but such adjustments may affect or disable certain functionality of the Services. You can learn more about Google Analytics and your options for opting out of interest-based Google ads at You can learn more about targeted ads and your ability to opt out of receiving interest-based ads at and

We will not sell or rent your personal information to anyone.

Children’s Privacy


The Sites are intended for business use. We do not knowingly collect or solicit Personal Information from anyone under the age of 16. If you are under 16, please do not attempt to register for the Sites or send any Personal Information about yourself to us.


As of the effective date of this policy, we do not have actual knowledge that we sell CCPA PI of consumers under 16 years of age. If we learn that we have collected CCPA PI from a child under age 16, we will delete that information as quickly as possible and will not sell it. Please refer to the section on CHILDREN for more information.

How do we process personal information?

We will use your personal information for the following purposes:

To respond to you, regarding the reason you contacted us

To monitor and protect the security of our information, systems and network

For internal business intelligence purposes, to conduct research, product development and enhancement

To inform you of changes made to our web site and other services

To conduct marketing and commercial activities and to market relevant offers and promotions to you

To ensure that content from our web site is presented most effectively for you and your computer

To display content based on your interests

To enable you to search information on our web site

To assess your needs and interests in order to better tailor offers and/or advertising

To improve our web site, goods and services

Sharing your personal information

We may share your personal information with the parties set out below for the purposes set out in this policy:

A member of our group;

Our professional advisors such as auditors, accountants and lawyers, etc.;

Companies that provide services to help us with our business activities, such as data storage, maintenance services, database management, web analytics, and payment processing.

We will only transfer your personal information to trusted third parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.

We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

We may also disclose your personal information to third parties:

in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;

if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, any request from law enforcement or governmental organizations, to defend a legal claim, or in order to enforce or apply our terms of service and other agreements; or to protect the rights, property, or safety of CyberTell, our customers, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.

We are headquartered in Switzerland. Your personal information will be accessed by us or transferred to us in Switzerland and will be accessed by our Switzerland-based employees. If you are visiting our web site from outside Switzerland, be aware that your personal information will be transferred to, stored, and processed in Switzerland where our main servers are located, and our central database is operated as well as third countries. By using our web site, you consent to this transfer and storage of your personal information.


Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this Privacy Policy. We will generally ask for your consent to receive marketing communications in line with the applicable law when you first provide your personal information.

How long do we keep your personal information?

We will store your personal information, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the personal information is processed. We use your personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically and reasonably feasible to remove it. Otherwise, we will seek to delete your personal information within a reasonable timeframe upon request. You can request the deletion of your personal information by contacting us using the contact information set forth in the “Contact Us” section.

Your rights

You may opt out of any future contacts from us at any time. In certain circumstances, you can do the following at any time by contacting us using the Contact Us page on our web site:

Right of Access – See the sources from which we have collected your personal information, what personal information we have or have disclosed about you, if any, covering a minimum period of 12 months, and the business or commercial purpose of the collection of such personal information.

Right to Rectification – Change/correct any information we have about you.

Right to Erasure – Have us delete any personal information we have about you.

Right to Object – Express any concern you have about our use of your personal information.

Right to Data Portability – Have us transmit any personal information directly to another organization, in certain circumstances.

Right to Lodge a Complaint – Lodge a complaint with a competent data protection authority.


We take precautions to protect your information. When you submit sensitive information via the web site, your information is protected both online and offline.

Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the address of the web page.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to such personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment.

California Consumer Privacy Act (CCPA):

If you are a California resident, the CCPA grants you with rights regarding your personal information. CyberTell affords everyone the same rights, regardless of location. As a result of our alignment with the General Data Protection Regulation(GDPR), most of the obligations of CCPA have been covered in previous sections: “What personal information do we collect?”, “How do we process personal information?”, “Sharing your personal information”, and “Your rights”.

If you would like to exercise any of your other rights, please visit “Your rights” for more information. If a representative and/or agent you designate is requesting rights on your behalf, we will require proof of authorization. This may include needing you to verify your identity directly with CyberTell. CyberTell has disclosed the following categories of information under the CCPA in the past 12 months:

Identifier Information, such as email addresses, internet protocol addresses, and name

Geolocation data


This web site contains links to other sites maintained by third parties. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our web site and to read the privacy statements of any other site that collects personal information.

Applicable unless otherwise stated above:

cyberTell exists primarily because of privacy violations related to (third-party) online service providers. User data is stolen, lost, sold, redistributed and misused by criminals - to the detriment of users and beyond their control. cyberTell was set up as a service to give us an overview of how our personal data is distributed. While we may not be able to control it once it has been breached, we can at least understand what has been leaked, where it has been leaked from, and what precautions we can now take as a result.

This page explains how privacy is managed within cyberTell and what information is collected when you use the service.

Data leaks stored and indexed on cyberTell

When a data breach is uploaded to cyberTell, the hash of the phone numbers is stored in the online system (this does not apply to registered users, where all displayed data is stored for usability). No other data of any kind (names, etc.) is stored. cyberTell also stores a list of the classes of data that were affected by each breach. For example, it states that email addresses and passwords appeared in a data leak, but it does not store information about which email addresses had corresponding passwords or what those passwords are (this does not apply to registered users where more information is displayed for usability).

cyberTell is committed to the security of your data. We will never misuse data found in connection with a data breach. We have carefully studied important regulatory measures around the world that cover privacy frameworks such as the General Data Protection Regulation (GDPR) & The California Consumer Privacy Act (CCPA).

cyberTell collects two types of personal data: (i) data that individuals have provided directly to cyberTell - this includes portal accounts, email addresses, and website analytics data generated from the use of our websites - and (ii) data about breached assets that we discover on the dark and clear web that is publicly and persistently available and accessible.

cyberTell’s use of this data is consistent with the legal bases set forth in the GDPR, such as: (i) your consent; (ii) necessity for the performance of a contract; (iii) our legitimate interests and also your legitimate interests and the legitimate interests of third parties using our services; and (iv) this processing is in the public interest to promote security and for law enforcement obligations.

As explained in the CCPA, we use this data for a variety of reasons, such as: (i) compliance with our legal obligations, (ii) use of this data to improve security for individuals by serving as a potential deterrent to fraudulent activity, and (iii) your legitimate interests and the legitimate interests of third parties who use our Services; and (iv) necessary for the completion of a transaction within the meaning of the CCPA.

Under both the GDPR and the CCPA, individuals are granted privacy-related rights. The following rights are afforded to all individuals, regardless of whether they live in a jurisdiction to which the GDPR and/or CCPA applies.

Right of Access - See the sources from which we collected your personal information, what personal information we have or disclosed about you, if any, for a minimum period of 12 months, and the business or commercial purpose for collecting that personal information.

Right to rectify - Amend/correct any information we have about you.

Right to Erasure - Request that we erase any personal information we have about you.

Right to object - Express your concerns about our use of your personal information.

Right to data portability - Arrange for us to share your personal information directly with another organization under directly to another organization in certain circumstances.

Right to complain - File a complaint with a competent data protection authority.

Right to opt out of future contacts - The ability to opt out of communications.

cyberTell hosts all production data within secure industry leading hosting services providers cyon GmbH in Switzerland and DigitalOcean in Germany. These providers are compliant with multiple frameworks and standards.

When searching for a phone number

When searching for a phone number, data is only ever retrieved from memory and then returned in the response; the data being searched for is never explicitly stored anywhere. See the Logging section below for situations where it may be stored implicitly.

Data violations flagged as sensitive are not returned in public searches.

How the opt-out feature works

cyberTell provides an opt-out feature that removes the email address from public visibility. This is done by marking the record as unsubscribed and not permanently deleting it to ensure that the email address does not become publicly discoverable again if it appears in subsequent data breaches.

Opt-out requests can be easily requested via web form with subject "Opt-Out" and are usually reflected in the system within 72 hours. The form to be used can be found here: Contact (


Only the absolute minimum logs necessary to keep the service operational and to combat malicious activity are stored. These include transient web server logs, Google Analytics for evaluating usage patterns, and Application Insights for performance metrics. These logs may include information entered by the user into a form, browser headers such as the user agent string, and in some cases the user's IP address.


Our Privacy Policy may change from time to time and all updates will be posted on this page.

Contact us

If you have any questions or concerns regarding this Privacy Policy, please contact us using the Contact Us page on our website.


Hinterbergstrasse 24
CH-6312 Steinhausen

Phone Number


We use cookies

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.