Privacy Policy
How Cyninges collects, uses, shares and protects personal data — and the rights you have over it.
LAST UPDATED: 16 JUNE 2026 · VERSION 1.0
Contents
1. Who we are
Cyninges ("Cyninges", "we", "us") is a value-added technology distributor and advisory operating from Dubai, U.A.E and Sheridan, Wyoming, U.S.A. For the purposes of the EU/UK General Data Protection Regulation (GDPR), the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021, "PDPL") and the California Consumer Privacy Act (CCPA), Cyninges is the data controller for personal data processed through this website.
- Dubai HQ: Meydan Grandstand, 6th floor, Meydan Road, Nad Al Sheba, Dubai, U.A.E
- USA HQ: 30 N Gould St, Ste N, Sheridan, Wyoming 82801, United States
- Data protection contact: dpo@cyninges.com
2. What data we collect
We collect only what we need to respond to you and operate the site:
| Category | Examples | Source |
|---|---|---|
| Contact data | Name, work email, organization, message | You — contact & partner forms |
| Partnership data | Company, website, tier interest, coverage, capabilities | You — partner application |
| Consent records | Cookie and privacy choices, timestamps | Stored on your device |
| Technical data | IP address, browser type, pages visited, security logs | Automatically, server-side |
| Scanner data | File hash (SHA-256); file content only if you use the live scanner | You — file scanner |
We do not sell personal data, and we do not knowingly collect data from anyone under 16.
3. Why we use it & legal bases
- To respond to enquiries and partnership requests — legal basis: your consent and our legitimate interest / steps prior to a contract.
- To operate, secure and improve the site — legitimate interest in a safe, performant service; security logging is also a legal obligation in some jurisdictions.
- To honour your privacy choices — legal obligation and consent.
- To provide the file scanner — your explicit consent, requested before any file leaves your browser.
4. Cookies & translation
We use strictly-necessary storage only (your language, consent and privacy choices, kept on your device) to run the site. We do not use advertising or cross-site tracking cookies.
The optional language switcher is powered by Google Translate. When you choose a non-English language, Google Translate is loaded and sets its own third-party cookies, and the page text is sent to Google for translation. This happens only after you accept via the cookie banner; you can decline or change your choice at any time using "Cookie Settings" in the footer. Embedded Google Maps on the Contact page may also set cookies when displayed.
5. Who we share it with
We share personal data only with service providers acting on our instructions, and only as needed:
- Google — translation (Google Translate) and maps, where you enable them.
- Hosting & email providers — to serve the site and deliver your messages to us.
- Threat-intelligence provider — only if you use the live file scanner, to analyze the file you submit.
- Microsoft Azure Marketplace — if you transact our solutions there, governed by Microsoft's terms and privacy statement.
- Authorities — where required by law or to protect rights, safety and security.
6. International transfers
We operate across the U.A.E, the United States and the META region, and some providers process data outside your country. Where personal data is transferred internationally, we rely on appropriate safeguards — such as the EU Standard Contractual Clauses and equivalent mechanisms recognised under the UAE PDPL — to protect it.
7. How long we keep it
| Data | Retention |
|---|---|
| Contact & enquiry data | Up to 24 months after last contact |
| Partnership records | Contract term + 7 years (legal/tax) |
| Security logs | Up to 12 months |
| Consent records | While your choice is active |
| Scanner files | Deleted immediately after the scan completes |
8. Your rights
Subject to applicable law, you may have the right to access, correct, delete, restrict or object to our processing, to data portability, and to withdraw consent at any time. California residents may exercise CCPA rights, including the right to know and delete, without discrimination. You can exercise these via our Privacy Dashboard or by emailing dpo@cyninges.com. We respond within the timeframes required by GDPR (one month), the PDPL and the CCPA.
9. How we protect it
We apply encryption in transit (TLS 1.3) and at rest (AES-256), least-privilege access with multi-factor authentication, continuous monitoring, and regular third-party testing. Our security practices and certifications are described in our Trust Center. No method of transmission is perfectly secure, but we work to protect your data and to notify you and regulators of any breach as required by law.
10. The file scanner
The public file scanner is currently provided as a demonstration preview: files you select are processed in your browser to compute a SHA-256 fingerprint and are not transmitted in this preview. When the live multi-engine service is connected, files will be sent to a third-party threat-intelligence provider only after your explicit consent, analyzed, and then deleted. Do not submit confidential, personal or regulated data to the public scanner — request a private, contractual assessment instead.
11. Contact & complaints
Questions or requests: dpo@cyninges.com or our contact page. If you believe we have not handled your data properly, you may lodge a complaint with your local supervisory authority — for example a relevant EU/EEA data protection authority, the UK ICO, or the UAE Data Office — in addition to contacting us.
We may update this policy from time to time; the "last updated" date above reflects the current version, and material changes will be highlighted on this page.