CYVRA 247 Inc. (“CYVRA,” “we,” “us,” or “our”), a Delaware corporation with its principal office in Utah, is committed to safeguarding personal information entrusted to us by our Customers, their employees, and visitors to our Website. CYVRA recognizes the global nature of data protection and has designed its practices to align with applicable privacy and data protection frameworks worldwide.
This Global Privacy Compliance statement is intended for informational purposes and does not amend or replace any executed contractual agreements between CYVRA and its Customers.
1. Guiding Principles
CYVRA’s handling of personal information is guided by the following universal principles, drawn from leading global privacy frameworks:
2. Regional Privacy Frameworks
European Union (GDPR)
CYVRA’s practices are designed to align with the principles and obligations of the General Data Protection Regulation (GDPR). Where cross-border transfers occur, CYVRA relies on recognized safeguards such as the Standard Contractual Clauses (SCCs).
United Kingdom (UK GDPR)
CYVRA extends GDPR-aligned practices to data originating in the United Kingdom and utilizes the UK International Data Transfer Addendum where appropriate.
United States (California: CCPA/CPRA)
CYVRA acts as a Service Provider under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CPRA). CYVRA does not sell or share personal information for cross-context behavioral advertising.
Canada (PIPEDA)
CYVRA’s practices are consistent with the principles of the Personal Information Protection and Electronic Documents Act (PIPEDA), including consent, access, correction, and accountability.
Brazil (LGPD)
CYVRA’s framework is designed to align with the Lei Geral de Proteção de Dados (LGPD), ensuring lawful bases for processing, respect for data subject rights, and safeguards for international transfers.
Japan (APPI)
CYVRA recognizes the obligations of Japan’s Act on the Protection of Personal Information (APPI) and applies GDPR-aligned safeguards to data originating from Japan.
Singapore (PDPA)
CYVRA’s processing aligns with the Personal Data Protection Act (PDPA), including obligations relating to consent, access, and breach notification.
Australia (Privacy Act 1988)
CYVRA acknowledges the Australian Privacy Principles (APPs) and applies comparable safeguards relating to collection, disclosure, and security of personal information.
Saudi Arabia (PDPL)
CYVRA has reviewed the requirements of the Personal Data Protection Law (PDPL) and applies GDPR-aligned practices to PHI and PII originating from Saudi Arabia.
3. Future Frameworks and Evolving Laws
CYVRA continuously monitors developments in global privacy regulation, including emerging U.S. state privacy laws (Colorado, Virginia, Connecticut, Utah), and intends to extend GDPR- and CPRA-aligned practices to these jurisdictions as they take effect.
4. Subprocessors and Data Transfers
CYVRA may engage trusted third-party subprocessors to support delivery of the Services, including cloud hosting, email delivery, and video hosting. These subprocessors are contractually bound to maintain confidentiality and security standards consistent with applicable laws. A current list of subprocessor categories may be provided upon request.
5. Enforcement and Accountability
CYVRA has implemented internal policies, training, and controls to ensure ongoing compliance with global data protection requirements. Audits and third-party assessments will form part of CYVRA’s compliance roadmap, including:
6. Contact Information
For privacy inquiries, requests to exercise rights, or compliance questions, please contact:
CYVRA Inc.
Principal Office: [Insert Utah Address]
Email: privacy@cyvra.com
Legal Notices: legal@cyvra.com
