Users can control the use of cookies. Browsers give the option to restrict cookies or disable them altogether. Please note that disabling cookies does not affect the functionality and user-friendliness of the Cyber Risk GmbH websites.

What should you consider when sending data over the Internet?

The Internet is generally not regarded as a secure environment, and information sent via the Internet (such as to or from the Cyber Risk GmbH websites or via electronic messages) may be accessed by unauthorized third parties, potentially leading to disclosures, changes in content or technical failures.

Even if both sender and receiver are located in the same country, information sent via the Internet may be transmitted across international borders and be forwarded to a country with a lower data protection level than exists in your country of residence.

Ordinary e-mail messages sent over the Internet are neither confidential nor secure. They may be accessible by third parties and may entail a considerable amount of danger and risk including:
(a) lack of confidentiality (e-mails and their attachments can be read and/or monitored without detection);
(b) manipulation or falsification of the sender's address or of the e-mail's (or attachment's) content (e.g. changing the sender's address(es) or details);
(c) system outages and other transmission errors, which can cause e-mails and. their attachments to be delayed, mutilated, misrouted and deleted;
(d) viruses, worms, Trojan horses etc. may be spread undetected by third parties and may cause considerable damage; and
(e) interception by third parties.

Cyber Risk GmbH shall not be liable to you or anybody else for any damages incurred in connection with any messages sent to Cyber Risk GmbH using ordinary E-mail or any other electronic messaging system. If you want more secure communication, please let us know.

How do we deal with information from individuals under the age of 18?

The Cyber Risk GmbH websites do not collect personal data from individuals under the age of 18. Individuals under the age of 18 should receive permission from their parent or legal guardian before providing any personal data to Cyber Risk GmbH on the Cyber Risk GmbH websites.

How can you access or review your personal data?

You may, where permitted by applicable law or regulation:
- check whether we hold your personal data,
- ask us to provide you with a copy of your personal data, or
- require us to correct any of your personal data that is inaccurate.

Should you have a request regarding the processing of your personal data, please send us an email, or a letter to the following address:

Cyber Risk GmbH
Dammstrasse 16,
8810 Horgen
Switzerland
Phone: +41 79 505 89 60
Email: george.lekatis@cyber-risk-gmbh.com
Web: www.cyber-risk-gmbh.com

Information requests.

If, under Article 8 of the Federal Act on Data Protection ("FADP"), you wish to request information as to whether Cyber Risk GmbH processes your personal data, please send a written request to the following address:
Cyber Risk GmbH
Dammstrasse 16,
8810 Horgen
Switzerland
Phone: +41 79 505 89 60
Email: george.lekatis@cyber-risk-gmbh.com
Web: www.cyber-risk-gmbh.com

Statement.

By accessing the Cyber Risk GmbH websites, you accept this Statement ("Statement"). If you do not agree to this Statement, please do not visit the Cyber Risk GmbH websites. The terms of this Statement are subject to any additional terms of disclaimers or other contractual terms you have entered into with Cyber Risk GmbH such as client privacy statements or notices, non-disclosure or confidentiality agreements, and any applicable mandatory laws and regulations.

All information and materials published, distributed or otherwise made available on the Cyber Risk GmbH websites are provided for informational purposes, for your non-commercial, personal use only. No information or materials published on the Cyber Risk GmbH websites constitutes an investment, legal or tax advice.

Cyber Risk GmbH does not represent that any product or service is suitable for any specific visitor, firm or organization. No decisions should be made solely based on the contents or information found on the Cyber Risk GmbH websites.

When making a decision for a specific person, firm or organization, you should seek the advice of professional and legal advisors and qualified experts.

Cyber Risk GmbH accepts no responsibility for the correctness, accuracy, timeliness, reliability or completeness of the information provided in the Cyber Risk GmbH websites.

Liability claims against Cyber Risk GmbH relating to material or non-material damage caused by the use or non-use of the information provided or by the use of incorrect or incomplete information have no legal basis as a result of this Statement. If you do not accept this statement, please do not visit the Cyber Risk GmbH websites.

Cyber Risk GmbH reserves the right to change, to supplement, and to delete temporarily or permanently any parts of the pages of the Cyber Risk GmbH websites or any offers without separate announcement.

Direct or indirect references to third-party websites and hyperlinks to third-party websites are outside of our area of responsibility. Cyber Risk GmbH is in no way responsible for any content on or interaction with third-party websites. The access and use of such websites is at the user's own risk.

To the fullest extent permitted by law, in no event shall Cyber Risk GmbH or our affiliates, or any of our directors, employees, contractors, service providers or agents have any liability whatsoever to any person for any direct or indirect loss, liability, cost, claim, expense or damage of any kind, whether in contract or in tort, including negligence, or otherwise, arising out of or related to the use of all or part of the Cyber Risk GmbH websites, or any links to third party websites.

You are solely responsible for acquiring and maintaining such electronic devices and equipment that can handle and will allow you to access and use the Cyber Risk GmbH websites and for taking adequate and appropriate data security measures in accordance with good industry practice to protect yourself against fraud or cyber-attacks on a continuous basis (e.g. by using the most recent browser versions, and installing recommended security patches and up-to-date anti-virus programs and firewalls).

Cyber Risk GmbH specifically disclaims all liability for any tampering with any user's computer system by unauthorized parties, or for losses or liabilities suffered by any user arising from viruses or attacks by hackers.

In no event will Cyber Risk GmbH or our affiliates, or any of our officers, directors, employees, contractors, service providers or agents be liable for any incidental, special, punitive or consequential damages howsoever caused arising out of the use of the Cyber Risk GmbH websites, its content, or the inability to use the Cyber Risk GmbH websites.

This statement applies to any and all damages or injury, including those caused by any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communication line failure, theft, destruction, or unauthorized access, whether for breach of contract, tortious behavior, negligence or under any other cause of action.

Copyright.

The copyright and any other rights relating to texts, illustrations, photos or any other files on the site are the exclusive property of Cyber Risk GmbH or the mentioned owners. For the reproduction of any elements, written consent of the copyright holder must be obtained in advance. If Cyber Risk GmbH unwittingly affects the rights of others, the relevant content shall be amended immediately after it becomes known.

Photo credit.

Own pictures, and pictures purchased from Dreamstime @dreamstime.com

Note.

If sections or individual terms of the GTC are decided by the courts or authorities as not legal or correct, the content or validity of the other parts remain uninfluenced by this fact.

Part 3. General Terms and Conditions for In-House Instructor-Led Training programs provided by Cyber Risk GmbH.

Cost, Terms and Conditions, Cancellation Policy.

Unless otherwise agreed, the training services shall be provided at a fixed price, plus VAT and reasonable expenses that will be pre-approved by the Client.

The Client will be provided with timesheets and breakdowns of time spent and expenses.

Payments shall only be made against an invoice.

The copyright and all intellectual property rights relating to the training material are solely owned by and hereby reserved to Cyber Risk GmbH. Under no circumstances may the whole or any part of the training material be produced or copied in any form or by any means or translated into another language without the prior written permission of Cyber Risk GmbH.

Placing the material (including any and all derivative works) on a marketplace and sharing the material (including any and all derivative works) with any third party outside the Client company or organisation is strictly forbidden.

Cyber Risk GmbH expressly disclaims all warranties, either expressed or implied, including any implied warranty of fitness for a particular purpose, and neither assumes nor authorizes any other person to assume for it any liability in connection with the information or training programs provided.

Cyber Risk GmbH, its directors, managers, employees, or contractors shall not be held liable for any direct or indirect damages resulting from the use of any training material. By agreeing to this license agreement, the client agrees to indemnify, defend, and hold harmless Cyber Risk GmbH from and against all claims.

The training program is not legal advice for a specific legal entity. Although it is tailored to each client, it is still of a general nature only and is not intended to address the specific circumstances of any particular individual or entity. It should not be relied on in the particular context of enforcement or similar regulatory action. It does not prejudge the position that the relevant authorities might decide to take on the same matters if developments, including Court rulings, were to lead it to revise some of the views expressed in the program.

50% of the cost of each training program (including 50% of the total estimated expenses) is billable in advance and is payable at least 45 days prior to the course delivery date. The remaining 50% of the cost (including the remaining expenses) is due up to 30 days after the last day of the training.

Cancellation from the client less than 45 days before the scheduled start date will be subject to a cancellation fee of 50% of the cost of the training program.

Cancellation from the client 46 days or more before the scheduled start date will be subject to a cancellation fee of 20% of the cost of the training program.

Force Majeure: Neither the client nor Cyber Risk GmbH shall be liable to any penalty should courses be delayed or cancelled due to war, fire, strike lock-out, industrial action, accident / illness of the instructor, civil disturbance, or any other cause whatsoever beyond their control.

In the unlikely event of a cancellation by Cyber Risk GmbH, any payment made for the cancelled class will be fully refunded. The client understands and agrees that Cyber Risk GmbH shall not, in any way, be held responsible for any costs, including loss of airfare or other transportation costs, hotel expenses or other damages, which the client may suffer if Cyber Risk GmbH cancels a class.

Cyber Risk GmbH processes and stores data in compliance with both, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The service provider is Hostpoint (the servers are in the interxion data center in Zurich, the data is saved exclusively in Switzerland, and support, development and administration activities are also based entirely in Switzerland).

Cyber Risk GmbH is willing to sign a confidentiality or nondisclosure agreement, shall maintain confidential information in trust and confidence, and shall not disclose or use confidential information for any unauthorized purpose. Cyber Risk GmbH may use confidential information of the client only to the extent required to accomplish the purposes of the training program.

Cyber Risk GmbH will neither take any photos of the audience, nor publish any names, photos, or details of the training agreement on social media, web sites or catalogs, for marketing or for any other purpose.

Any controversy in relation to the terms of this agreement shall be governed and interpreted in accordance with the law of the Canton of Zürich, Switzerland.

Part 4. General Terms and Conditions for Online Live Training programs provided by Cyber Risk GmbH.

Cost, Terms and Conditions, Cancellation Policy.

Unless otherwise agreed, the training services shall be provided at a fixed price, plus VAT and reasonable expenses that will be pre-approved by the Client.

Payments shall only be made against an invoice.

The copyright and all intellectual property rights relating to the training material are solely owned by and hereby reserved to Cyber Risk GmbH. Under no circumstances may the whole or any part of the training material be produced or copied in any form or by any means or translated into another language without the prior written permission of Cyber Risk GmbH.

Placing the material (including any and all derivative works) on a marketplace and sharing the material (including any and all derivative works) with any third party outside the client company or organisation is strictly forbidden.

Cyber Risk GmbH expressly disclaims all warranties, either expressed or implied, including any implied warranty of fitness for a particular purpose, and neither assumes nor authorizes any other person to assume for it any liability in connection with the information or training programs provided.

Cyber Risk GmbH, its directors, managers, employees, or contractors shall not be held liable for any direct or indirect damages resulting from the use of any training material. By agreeing to this license agreement, the client agrees to indemnify, defend, and hold harmless Cyber Risk GmbH from and against all claims.

The training program is not legal advice for a specific legal entity. Although it is tailored to each client, it is still of a general nature only and is not intended to address the specific circumstances of any particular individual or entity. It should not be relied on in the particular context of enforcement or similar regulatory action. It does not prejudge the position that the relevant authorities might decide to take on the same matters if developments, including Court rulings, were to lead it to revise some of the views expressed in the program.

50% of the cost of each training program (including 50% of the total estimated expenses) is billable in advance and is payable at least 45 days prior to the course delivery date. The remaining 50% of the cost (including the remaining expenses) is due up to 30 days after the last day of the training.

Cancellation from the client less than 45 days before the scheduled start date will be subject to a cancellation fee of 50% of the cost of the training program.

Cancellation from the client 46 days or more before the scheduled start date will be subject to a cancellation fee of 20% of the cost of the training program.

Force Majeure: Neither the client nor Cyber Risk GmbH shall be liable to any penalty should courses be delayed or cancelled due to war, fire, strike lock-out, industrial action, accident / illness of the instructor, civil disturbance, or any other cause whatsoever beyond their control.

In the unlikely event of a cancellation by Cyber Risk GmbH, any payment made for the cancelled class will be fully refunded. The client understands and agrees that Cyber Risk GmbH shall not, in any way, be held responsible for any costs, including loss of airfare or other transportation costs, hotel expenses or other damages, which the client may suffer if Cyber Risk GmbH cancels a class.

Cyber Risk GmbH processes and stores data in compliance with both, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The service provider is Hostpoint (the servers are in the interxion data center in Zurich, the data is saved exclusively in Switzerland, and support, development and administration activities are also based entirely in Switzerland).

Cyber Risk GmbH is willing to sign a confidentiality or nondisclosure agreement, shall maintain confidential information in trust and confidence, and shall not disclose or use confidential information for any unauthorized purpose. Cyber Risk GmbH may use confidential information of the client only to the extent required to accomplish the purposes of the training program.

Cyber Risk GmbH will neither take any photos of the audience, nor publish any names, photos, or details of the training agreement on social media, web sites or catalogs, for marketing or for any other purpose.

Any controversy in relation to the terms of this agreement shall be governed and interpreted in accordance with the law of the Canton of Zürich, Switzerland.

Part 5. General Terms and Conditions for Video-Recorded Training programs provided by Cyber Risk GmbH.

Cost, Terms and Conditions, Cancellation Policy.

Unless otherwise agreed, the training services shall be provided at a fixed price, plus VAT. It will be pre-approved by the Client.

Payments shall only be made against an invoice.

The copyright and all intellectual property rights relating to the training material are solely owned by and hereby reserved to Cyber Risk GmbH. Under no circumstances may the whole or any part of the training material be produced or copied in any form or by any means or translated into another language without the prior written permission of Cyber Risk GmbH.

The training material, including any subsequent updates, is licensed by Cyber Risk GmbH to the purchasers ("clients") for training purposes only. The clients are provided with non-exclusive rights to use the training material to educate their company's or their organisation's employees.

Placing the material (including any and all derivative works) on a marketplace and sharing the material (including any and all derivative works) with any third party outside the client company or organisation is strictly forbidden. The owner of the training material remains Cyber Risk GmbH.

The clients have the right to translate and/or overwrite the subtitles of the video-recorded training in the language(s) they deem necessary. Cyber Risk is not responsible legally, or otherwise, for any modifications made on the video recordings after their delivery to the client.

Cyber Risk GmbH expressly disclaims all warranties, either expressed or implied, including any implied warranty of fitness for a particular purpose, and neither assumes nor authorizes any other person to assume for it any liability in connection with the information or training programs provided.

Cyber Risk GmbH, its directors, managers, employees, or contractors shall not be held liable for any direct or indirect damages resulting from the use of any training material. By agreeing to this license agreement, the client agrees to indemnify, defend, and hold harmless Cyber Risk GmbH from and against all claims.

The training program is not legal advice for a specific legal entity. Although it is tailored to each client, it is still of a general nature only and is not intended to address the specific circumstances of any particular individual or entity. It should not be relied on in the particular context of enforcement or similar regulatory action. It does not prejudge the position that the relevant authorities might decide to take on the same matters if developments, including Court rulings, were to lead it to revise some of the views expressed in the program.

The client is responsible for the storage and distribution of the video-recorded training files.

A down payment of 50% of the total payment is due at least 45 days before the date that the training material must be delivered to the client. The remaining 50% of the total payment will be paid within 30 days after the delivery of the training material to the client.

Cancellation from the client less than 45 days before the scheduled start date will be subject to a cancellation fee of 50% of the cost of the training program.

Cancellation from the client 46 days or more before the scheduled start date will be subject to a cancellation fee of 20% of the cost of the training program.

Force Majeure: Neither the client nor Cyber Risk GmbH shall be liable to any penalty should courses be delayed or cancelled due to war, fire, strike lock-out, industrial action, accident / illness of the instructor, civil disturbance, or any other cause whatsoever beyond their control.

In the unlikely event of a cancellation by Cyber Risk GmbH, any payment made for the cancelled video-recorded class will be fully refunded.

Cyber Risk GmbH processes and stores data in compliance with both, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The service provider is Hostpoint (the servers are in the interxion data center in Zurich, the data is saved exclusively in Switzerland, and support, development and administration activities are also based entirely in Switzerland).

Cyber Risk GmbH is willing to sign a confidentiality or nondisclosure agreement, shall maintain confidential information in trust and confidence, and shall not disclose or use confidential information for any unauthorized purpose. Cyber Risk GmbH may use confidential information of the client only to the extent required to accomplish the purposes of the training program.

Any controversy in relation to the terms of this agreement shall be governed and interpreted in accordance with the law of the Canton of Zürich, Switzerland.

Part 6. General Terms and Conditions for Distance Learning with Certificate of Completion, provided by Cyber Risk GmbH.

Each Distance Learning with Certificate of Completion program (hereinafter referred to as “distance learning program”) is provided at a fixed price, that includes VAT. There is no additional cost, now or in the future, for each program.

Each distance learning program consists of:

a. The official presentations, sent via email,

b. Up to 3 online exams, important for the measurement of the training effectiveness,

c. The certificate of completion.

Clients must carefully read the “What is included in the program” section at the registration page (the web page where they can make the payment), where they can find all information for each distance learning program.

Clients can purchase each distance learning program with a card, QR payment, or PayPal. Cyber Risk GmbH has no access to the financial information of Clients (card numbers, bank accounts, or other confidential information related to a payment). Only the Payment Service Providers (Banks, Payrexx, PayPal etc.) have access to financial information.

Cyber Risk GmbH will ask all Clients or Recipients of the distance learning programs two questions:

a. Which is your full name, as it will appear on the certificate?

b. Which is your email address?

The answers to these questions, provided directly by Clients or Recipients (collectively “Personal Information”) will be kept by Cyber Risk GmbH in compliance with the Swiss Act on Federal Data Protection (nFADP) and the EU General Data Protection Regulation (GDPR).

After the payment, Clients will receive information from the Payment Service Providers (Payrexx, PayPal etc.). “Payment completed” means that the Payment Service Providers have received all the necessary information to process the transaction. “Payment cleared” means that the Payment Service Providers have received the funds. Cleared funds are money that has been fully transferred from one account to another.

Cyber Risk GmbH will send the training programs via email up to 24 hours after it has been informed by the Payment Service Providers that the transaction is completed. Clients must check the spam folder of their email client too, as emails with attachments are often landed in the spam folder.

Clients have the option to ask for a full refund up to 60 days after the payment. If they do not want one of the distance learning programs for any reason, Clients must only send an email with title “Please refund the payment”, and Cyber Risk GmbH will refund the payment, no questions asked.

Clients must study their program, and when they are ready for the online exam, they must send an email to Cyber Risk GmbH, to receive their credentials. Credentials are the username and the password required for the online exam. Clients are responsible for maintaining the secrecy and security of their Credentials, and they must not disclose them to any third party. If the Credentials are compromised, Clients must notify Cyber Risk GmbH via email as soon as possible.

Only when Clients pass the exam, they will receive the certificate of completion, according to the terms at the registration page of the program.

Clients can take the exam online from their home or office, in all countries. It is an open book exam. Risk and compliance management is something Clients must understand and learn, not memorize. Clients must acquire knowledge and skills, not commit something to memory.

Clients will be given 90 minutes to complete a 35-question exam. They must score 70% or higher. The exam contains only questions that have been clearly answered in the official presentations.

All exam questions are multiple-choice, composed of two parts:

a. A stem (a question asked, or an incomplete statement to be completed).

b. Four possible responses.

TIME LIMIT - This exam has a 90-minute time limit. You must complete this exam within this time limit, otherwise the result will be marked as an unsuccessful attempt.

BACK BUTTON - When taking this exam you are NOT permitted to move backwards to review/change prior answers. Your browser back button will refresh the current page instead of moving backward.

RESTART/RESUME – You CANNOT stop and then resume the exam. If you stop taking this exam by closing your browser, your answers will be lost, and the result will be marked as an unsuccessful attempt.

SKIP - You CANNOT skip answering questions while taking this exam. You must answer all the questions in the order the questions are presented.

Additional Terms and Conditions for Distance Learning with Certificate of Completion programs.

The copyright and all intellectual property rights relating to the training material are solely owned by and hereby reserved to Cyber Risk GmbH. Under no circumstances may the whole or any part of the training material be produced or copied in any form or by any means or translated into another language without the prior written permission of Cyber Risk GmbH.

Placing the material (including any and all derivative works) on a marketplace and sharing the material (including any and all derivative works) with any third party outside the client company or organisation is strictly forbidden.

Cyber Risk GmbH expressly disclaims all warranties, either expressed or implied, including any implied warranty of fitness for a particular purpose, and neither assumes nor authorizes any other person to assume for it any liability in connection with the information or training programs provided.

Cyber Risk GmbH, its directors, managers, employees, or contractors shall not be held liable for any direct or indirect damages resulting from the use of any training material. By agreeing to this license agreement, the client agrees to indemnify, defend, and hold harmless Cyber Risk GmbH from and against all claims.

The training program is not legal advice for a specific legal entity. Although it is tailored to each client, it is still of a general nature only and is not intended to address the specific circumstances of any particular individual or entity. It should not be relied on in the particular context of enforcement or similar regulatory action. It does not prejudge the position that the relevant authorities might decide to take on the same matters if developments, including Court rulings, were to lead it to revise some of the views expressed in the program.

Cyber Risk GmbH processes and stores data in compliance with both, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). The service provider is Hostpoint (the servers are in the interxion data center in Zurich, the data is saved exclusively in Switzerland, and support, development and administration activities are also based entirely in Switzerland).

Cyber Risk GmbH is willing to sign a confidentiality or nondisclosure agreement, shall maintain confidential information in trust and confidence, and shall not disclose or use confidential information for any unauthorized purpose. Cyber Risk GmbH may use confidential information of the client only to the extent required to accomplish the purposes of the training program.

Cyber Risk GmbH will not publish any names, photos, or details of the Client on social media, web sites or catalogs, for marketing or for any other purpose. Cyber Risk GmbH will only post information on social media, if it is invited by the Client to do so.

Clients and Recipients may not, and may not attempt to, directly or indirectly: (a) transfer, sublicense, loan, sell, assign, lease, rent, act as a service bureau, distribute or grant rights to the training material to any person or legal entity. (b) remove, obscure, or alter any notice of any Trademark, or other intellectual property or proprietary right appearing on or contained within the training material. (c) modify, alter, tamper with, repair, or otherwise create derivative works of any training material without written permission from Cyber Risk GmbH. All rights granted to Clients are conditional on their continued compliance with this GTC and will immediately and automatically terminate if they do not comply with any term or condition of this GTC.

Precedence.

In the event of any conflicts between the GTC and the Specific Terms for a specific training program at the Cyber Risk GmbH websites, the Specific Terms will prevail.

Amendments.

Cyber Risk GmbH reserves the right to change these GTC at any time. The modifications will become effective upon posting them to the Cyber Risk GmbH websites and will only apply to training programs sold after the modification.

Part 7. Governing Law, Jurisdiction.

Any controversy in relation to the terms of this GTC shall be governed, interpreted and construed in accordance with the laws of Switzerland. The Parties shall endeavor to settle any dispute by amicable arrangement. In the event of continuing disagreement, the Parties shall refer the dispute to the courts of the Canton of Zürich in Switzerland.

If sections or individual terms of the GTC are decided by the courts or authorities as not legal or correct, the content or validity of the other parts remain uninfluenced by this fact.