Cyber Incident Hub landing page is live!
Get an overview of what we have to offer. We look forward to hearing from you.
Damit wir Ihnen bestmögliche Unterstützung bieten können, werden wir Sie zunächst um folgende Informationen bitten:
– Was und wer ist betroffen?
– Wie und wann wurde der Vorfall bemerkt?
– Wer hat den Vorfall entdeckt und gemeldet?
– Was bereitet Ihnen Sorgen im Zusammenhang mit dem Vorfall?
– Welche Massnahmen wurden bereits eingeleitet?
To be able to provide you with the best possible support, we would first like to ask you for the following information:
– What and who is affected?
– Who discovered and reported the incident
– How and when was the incident detected?
– What did you observe?
– What are you most concerned about?
– Which measures have been initiated so far?
1 PrivacyCyber Incident Hub takes the protection of your privacy very seriously. Please read the following data protection regulations carefully.
2 Scope of applicationCyber Incident Hub collects, processes, stores, and protects the data of persons who access its website (data subjects). These data protection regulations apply to this website and all its applications and functions, such as chat, newsletters, events, etc.
3 Legal groundsThis Data Protection Policy is based on the Swiss Federal Act on Data Protection (FADP) and, to the extent applicable, the European General Data Protection Regulation (GDPR).
4 Name and address of the controller and its representativeThe controller within the meaning of the data protection laws is:
Cyber Incident HubLöwenstrasse 28001 ZurichSwitzerland
Phone: +41 44 266 67 67E-mail: email@example.com
Responsibility for all legal data protection issues at Cyber Incident Hub is held by the controller: Daniel Heller, Partner & Co-Head Startup Desk at Farner Consulting AG.
Our EU data protection representative with respect to processing to which we as controller are subject under the GDPR is:
VSG Datenschutzpartner UGAm Kaiserkai 6920457 HamburgGermany
5 Use of informationIn principle, it is possible to visit the Cyber Incident Hub website without providing any personal data. No conclusions about you are drawn when we evaluate non-personal data such as an IP address, browser used, date, time, etc.
Visitors to our website can also activate the “do not track” option so that only the process of logging in itself will be tracked.
Personal data will be collected and processed strictly in accordance with the applicable laws and regulations and then only with your explicit consent.
6 Disclosure of personal dataWe treat your personal data confidentially and disclose them only if you have expressly consented to it, we are legally obligated or entitled to do so, or if this is necessary for the purpose of enforcing our rights, including the enforcement of claims under the contractual relationship. In addition, we disclose your personal data to third parties if this is necessary or expedient in connection with use of the website or possible provision of services that you requested.
We disclose your personal data to the following categories of recipients:
In doing so, we of course comply with the legal requirements concerning the disclosure of personal data to third parties. If we make use of third parties to provide our services, we take appropriate legal precautions and corresponding technical and organisational measures in order to ensure the protection of our personal data in accordance with the relevant statutory requirements.
If the level of data protection in a country in which the data are processed is not in conformity with the applicable data protection provisions, we ensure by contract that the protection of your personal data corresponds at all times to that in Switzerland or the European Economic Area (EEA).
7 Contact options via the websiteIf you contact Cyber Incident Hub via our website, the personal data you submit will be saved automatically. This data which you submit on a voluntary basis will be used for processing purposes or for contacting you. Such data submitted on a voluntary basis are stored exclusively for the purposes of processing your enquiry or contacting you. Our legitimate interest consists of processing your contact enquiries. No personal data will be transferred to third parties.
The services of Intercom are used for making contact through our live chat. You can find further information at https://www.intercom.com/legal/privacy.
You may object to this data processing at any time. Please send your objection to firstname.lastname@example.org. In such case, your data will be erased, and your enquiry will not be processed further, unless this is prevented by statutory retention obligations.
8 Function for commenting and debatingOur website has interactive forums such as chat, blog, message board and other platforms. You can leave individual comments on contributions from other visitors and debate certain topics. In turn, these comments can themselves be commented on by third parties.
If a data subject leaves a comment on an article or comment published on this website, the details about the time the comment was made and the name of the data subject (“real name obligation” under German law) will be saved and published in addition to this comment. The IP address assigned by the data subject’s internet service provider will also be logged. This IP address is saved for security reasons and in case a submitted comment infringes the rights of a third party or illegal content is posted. These personal data are therefore stored in our own interest so that we can provide proof if necessary in the event of a legal violation. None of this collected personal data is passed on to third parties unless the law requires it to be or if it is used to defend the rights of the controllers.
If you would like to object to the processing of your personal data transmitted through the commenting and debating function, please send your objection to email@example.com.
9 Routine erasure and blocking of personal dataUnless expressly indicated as part of this Data Protection Policy, Cyber Incident Hub processes and stores the personal data of data subjects only for the period of time necessary for achieving the storage purpose or where this was provided for by statutory requirements to which Cyber Incident Hub is subject.
If the storage purpose is not applicable, or if any storage period provided by law expires, the personal data is routinely blocked or erased in accordance with legal requirements.
10 Legal grounds for processingNo data will be processed unless there are legal grounds for doing so. The following are such grounds:
11 Rights of the data subjecta) Right of access to information
Every data subject has the right to obtain confirmation as to whether or not personal data concerning him or her are being processed and to free access to these data and further information and a copy of the data in accordance with statutory requirements.
b) Right to rectificationEvery data subject has the right to obtain without undue delay the rectification of inaccurate personal data concerning him or her and to have incomplete personal data completed.
c) Right to erasure (right to be forgotten)Pursuant to statutory requirements, every data subject has the right to obtain the erasure of personal data concerning him or her without undue delay.
d) Right to restriction of processingPursuant to statutory requirements, every data subject has the right to obtain restriction of processing.
e) Right to data portabilityPursuant to statutory requirements, every data subject has the right to receive the personal data concerning him or her, which he or she has provided to Cyber Incident Hub, in a structured, commonly used and machine-readable format and to demand their transmission to another controller.
f) Right to objectEach person whose data is processed has the right to object at any time to the processing of personal data concerning him or her. This also applies to profiling based on these provisions.
Cyber Incident Hub can no longer process the personal data in the event of the objection, unless compelling legitimate grounds for the processing can be demonstrated which override the interests, rights and freedoms of the data subject, or the processing serves the establishment, exercise or defence of legal claims.
g) Automated individual decision-making, including profilingPursuant to statutory requirements, every data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
h) Right to withdraw data protection consentEvery data subject has the right to withdraw his or her consent to the processing of personal data at any time with prospective effect. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
i) Right to lodge a complaint with a supervisory authorityDepending on the applicable data protection legislation, the data subject may have the right to lodge a complaint with a competent data protection authority.
Please be aware that there are exceptions to these rights. In particular, Cyber Incident Hub must in some cases process and store personal data of data subjects in order to perform a contract with you, safeguard its own vital interests, such as the assertion, exercise or defence of legal claims, or comply with statutory obligations. To the extent legally permissible, Cyber Incident Hub may therefore also refuse your demands relating to data protection or meet them to only a limited extent.
In the event of questions in connection with the data protection practised by Cyber Incident Hub and for information with respect to the rights of data subjects and for asserting them, the data subject can get in touch with Cyber Incident Hub at any time using the contact details listed at the start of this Data Protection Policy. If necessary, Cyber Incident Hub reserves the ability to request the identification of data subjects for the processing of enquiries in a suitable manner.
12 Links to other websitesThe Cyber Incident Hub website links to other websites that are not operated by Cyber Incident Hub and are not covered by this Data Protection Policy. After clicking on the link, Cyber Incident Hub no longer has any influence over the processing of any data transferred to third parties (such as the IP address), since the conduct of third parties is naturally outside of our control. Therefore, Cyber Incident Hub also cannot assume any liability for this outside content. The respective provider or operator of the sites is always responsible for the content of the linked sites.
The linked sites were examined at the time the links were created for possible legal violations and discernible infringements of the law. No unlawful content was discernible at the time the links were created. However, absent specific indications of a legal violation, permanent control and review of content cannot be reasonably expected. If we become aware of legal violations, such links will be promptly removed.
13 Collection, processing and use of personal data13.1 Personal dataPersonal data is information about the factual or personal circumstances of an identified or identifiable natural person. This includes, for example, your name and your email address.
13.2 Use of your data for marketing purposesBesides using your data for sending out newsletters, we may also use your information to display personalised advertising to you.
You can object at any time to the use of your personal data for marketing purposes. Please send your objection to firstname.lastname@example.org.
13.2.1 NewsletterIf you subscribe to our newsletter, the personal data you transmit will be stored for the purpose of sending you the newsletter. The newsletter provides you with information about us and our offers.
If you would like to subscribe to our newsletter, the (self-declared) details marked with a * are required.
We use the double opt-in procedure for sending the newsletter. This means that we will first send you a newsletter by email after you have expressly confirmed that you consent to the sending of the newsletter. We will then send you a notification email and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in this email. If at a later stage you decide you do not want to receive any newsletters from us, you can unsubscribe at any time. An unsubscribe link can be found in each newsletter sent out. Alternatively, you can send your withdrawal to the following email address: email@example.com.
13.2.2 Service recommendations by emailAs a customer of Cyber Incident Hub, you will receive product or service recommendations from us by email from time to time. You will receive these recommendations from us regardless of whether or not you have subscribed to a newsletter. This is because we want to provide you with information about products from our range that you might be interested in based on the last services you have used. In doing so we act strictly in accordance with legal requirements. If you no longer wish to receive product recommendations or any marketing messages from us, you can object at any time, without incurring a fee except the dispatch costs as set out in the basic tariffs. In that case please send an email to firstname.lastname@example.org. You can also of course find an unsubscribe link in every email.
13.2.3 Personalised advertising for youThe information we receive from you helps us to continually improve your service experience and structure it in a customer-friendly manner that is personalised for you. The information you have submitted and automatically generated will be used to personalise advertising for you and your interests. For this purpose we use existing information, such as delivery and read receipts of emails, information on a computer and connection to the internet, operating system and platform, your service history, the date and time of a visit to the homepage, articles, topics and content you have viewed.
We use this information exclusively in pseudonymised form. By analysing and evaluating this information, we are able to improve our web pages and our internet offering, and send you personalised advertising. This is advertising that recommends services that you might actually be interested in. Our goal is to make our advertising more useful and interesting for you. Therefore, the evaluation and analysis of the pseudonymised data collected from you helps us to avoid sending you random advertising but rather advertising, such as newsletters and service recommendations, that actually meet your areas of interest. For example, we will determine which of our promotional emails you open to avoid sending unnecessary emails to you.
If you do not wish to receive any personalised advertising, you can object at any time. Please send your objection to email@example.com.
13.2.4 Competitions, market and opinion researchIn the case of contests, we use your personal data that are necessary for holding the contest for the purpose of notifying winners and promoting our offers. In some cases, we may forward your personal data to our contest partners, e.g., in order to send you the prize. Participation in the contest and the associated data collection is of course voluntary. Detailed information can be found, where applicable, in our terms and conditions of participation for each contest.
In addition, we use your personal data for market and opinion research. We of course use them exclusively in anonymised form for statistical purposes and only for Cyber Incident Hub. You can find detailed information, where applicable, as part of the respective survey or at the location where you provide your data. Your responses to surveys will not be forwarded to third parties or published. Cyber Incident Hub uses and processes your personal data for market and opinion research solely for its own purposes.
You can object at any time to the use of data for contests and market and opinion research. Please send your objection to firstname.lastname@example.org.
You can disable cookies completely or partially at any time in your browser settings. If you disable cookies, you will not be able to access all the functions of this website.
14.1 What are cookies?Cookies are small files that are stored on your data carrier which hold certain settings and data for exchange with our system via your browser.
There are basically two different types of cookie: session cookies, which are deleted as soon as you close your browser, and temporary/permanent cookies, which are stored on your data carrier for a longer period or without limit. This type of storage helps us to design our web pages and our offers with you in mind and makes it easier for you to use these pages. For example, certain input from you can be stored so that you are not required to enter this repeatedly.
These temporary and permanent cookies (lifespan of 1 month to 10 years) will be stored on your hard drive and delete themselves after a specified period of time. These cookies are mainly used to make our range more user-friendly, effective and secure. Thanks to these files, it is possible, for example, to show you content on the page that is specially tailored to your interests.
The sole purpose of these cookies is to adapt our range to your wishes in the best possible way and to make it as easy and convenient as possible for you to surf on our site.
We use the following cookies:
14.3 What data is stored in the cookies?Only pseudonymous data is stored in the cookies used by Cyber Incident Hub. The cookie is allocated an identification number when it is activated. Your personal data is not allocated to this identification number. Your name, your IP address and other such data that might allow the cookie to be traced to you directly are not placed in the cookie. We receive only pseudonymised information on the basis of the cookie technology, relating, for example, to which of our pages have been visited, what services, articles or cases have been viewed, etc.
14.4 What is onsite targeting?The Cyber Incident Hub website uses cookie technology to collect data to optimise our advertising and entire online offering. This data is not used to identify you personally, but only to conduct a pseudonymous evaluation of how the homepage is used. Your data will at no time be combined with the personal data stored with us.
With this technology we can provide you with advertising and/or special offers and services whose content is based on the connection with the information obtained in the clickstream analysis (for example, advertising based exclusively on the content viewed in the past few days on topics such as digital marketing or media relations).
Our objective here is to make our online range as attractive for you as possible and show you advertising which corresponds to your areas of interest.
14.5 Are third party cookies also used?Cyber Incident Hub uses some advertising partners that help make the internet offering and our website more interesting for you. Therefore, when visiting the website, cookies of partner companies are stored on your hard drive. These are temporary/permanent cookies that are automatically deleted after a specified period of time. These temporary and permanent cookies (lifespan of 14 days to 10 years) will be stored on your hard drive and delete themselves after a specified period of time.
The cookies of our partner companies only contain pseudonyms, mostly anonymous data. This is, for example, data about what products you have viewed, if something was purchased, what products you looked for, etc. Some of our advertising partners record information via the web pages about which pages you have visited before or which products you are interested in for example in order to show you advertising best suited to your interests.
This pseudonymous data is not combined with your personal data at any time. It is only used to allow our advertising partners to show you advertising you might actually be interested in.
14.6 Re-targetingOur web pages use re-targeting technology. We use these technologies to make our internet offering more interesting for you. This technology makes it possible to target internet users who have already shown they are interested in our website and in our offers shown there with advertising on the websites of our partners.
We believe that personalised, interest-based advertising is generally more interesting to internet users than advertising with no such personal reference. Such advertising is displayed on the pages of our partners based on cookie technology and an analysis of previous usage behaviour. This form of advertising is completely pseudonymous. No usage profiles are combined with your personal data.
14.7 How can you prevent cookies from being stored?In your browser, you can specify that cookies can only be stored with your consent. If you only want to accept Cyber Incident Hub cookies and not the cookies from our service providers and partners, you can change the settings in your browser to block third-party cookies.
The help function in the menu bar of your web browser will usually show you how you can reject new cookies and deactivate those already received. Alternatively, you can visit https://www.aboutcookies.org. There you will find step-by-step instructions about how you can monitor and delete cookies in most browsers.
If using a shared computer set up to accept cookies and flash cookies, we recommend that you always log off completely when ending your session.
15 Log filesEach time you access Cyber Incident Hub’s web pages, usage data is transmitted by the respective internet browser and stored in server log files. The stored data records contain the following data: the date and time of access, the name of the page accessed, IP address, referrer URL (original URL from which you arrived at the web pages), the amount of data transferred, and the product and version information of the browser used.
The IP addresses of users are deleted or anonymised when you end your session on the website. When anonymising, IP addresses are modified so that the individual details about persons or factual circumstances can no longer be attributed to an identified or identifiable natural person or only if a significantly large amount of time, cost and labour is expended.
We evaluate these log file data records in an anonymous form in order to further improve our offering and make it more user-friendly, to find and correct errors more quickly and to manage server capacity. For example, we can determine what times the Cyber Incident Hub website is especially popular and make the relevant data volume available to ensure you can make a purchase as quickly as possible. We can also identify and correct any errors on the Cyber Incident Hub website more quickly by analysing the log files. These purposes also constitute our legitimate interest in data processing.
16 Web analysisThis website uses various services for the purpose of website analysis and tracking, which we explain to you in more detail in the following. In addition, we show you how you can prevent these services from analysing your usage behaviour on our website. If we ask you for your consent to the use of third-party services, the legal basis for this form of data processing is your consent. If we do not obtain your consent, your personal data are processed on the basis of our legitimate interests (i.e., for optimisation and marketing purposes and the appropriate design of our website).
16.1 Google RemarketingWe use the Google Remarketing function to show you ads on Google Ads, Google Display Network and YouTube that are tailored to your interests based on your activities on our website via re-targeting. This is done by means of cookies stored in your browser, which are used by Google to record and evaluate your usage behaviour when visiting various websites. In this way, Google can determine your previous visit to our website. According to its own statements, Google does not combine the data collected in the course of remarketing with your personal data, which may be stored by Google. In particular, according to Google, pseudonymisation is used in remarketing.
Further information on Google Remarketing data protection can be found at https://policies.google.com/privacy?hl=de and https://services.google.com/sitestats/de.html.
In addition, GMP can use cookie IDs to record so-called conversions, i.e. whether a user sees a GMP ad and later visits the advertiser’s website and makes a purchase there. According to Google, GMP cookies do not contain any personal information.
Your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this service. According to Google, the integration of GMP provides Google with the information that you have accessed the relevant part of our website or clicked on one of our advertisements. If you are registered with a Google service, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, it is possible for the provider to obtain and store your IP address. The use of GMP may also result in the transmission of personal data to Google servers in the USA.
Further information on the data protection of Google Marketing Platform can be found at https://marketingplatform.google.com/.
16.3 LinkedIn PixelWe use the LinkedIn Pixel of the LinkedIn Corporation 1000 W. Maude Avenue Sunnyvale, CA 94085, USA, or if you are a resident of the European Economic Area (EEA) or Switzerland, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”).
In particular, the LinkedIn pixel allows us to track users’ actions after they have seen or clicked on a LinkedIn advertisement. This allows us to evaluate the effectiveness of LinkedIn ads for statistical and market research purposes and to optimise future advertising measures. The data collected in this way is anonymous for us, so it does not allow us to draw any conclusions about your identity. However, the data is stored and processed by LinkedIn, so that a connection to the respective user profile is possible and LinkedIn can use the data for its own advertising purposes, in accordance with the LinkedIn data protection policy: https://www.linkedin.com/legal/privacy-policy. This allows LinkedIn to enable the placement of advertisements on LinkedIn pages as well as outside of LinkedIn. We cannot influence this use of data.
LinkedIn members can control the use of their personal data for advertising purposes in their account settings at the following link https://www.linkedin.com/psettings/advertising/actions-that-showed-interest. To do this, you must be logged in to LinkedIn. To do this, you must be logged in to LinkedIn.
Further information on data protection at LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy.
16.4 Twitter PixelWe use the Twitter Pixel of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, or if you have your habitual residence in the European Economic Area (EEA) or Switzerland, Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland (“Twit-ter”).
In particular, the Twitter pixel allows us to track users’ actions after they have seen or clicked on a Twitter ad. This allows us to evaluate the effectiveness of the Twitter ads for statistical and market research purposes and to optimise future advertising measures. The data collected in this way is anonymous for us, so it does not allow us to draw any conclusions about your identity. However, the data is stored and processed by Twitter so that a connection to the respective user profile is possible and Twitter can use the data for its own advertising purposes in accordance with the Twitter data protection policy: https://twitter.com/privacy. This enables Twitter to display advertisements on Twitter pages and outside of Facebook. We cannot influence this use of the data.
If you wish to object to the collection by the Twitter pixel, you can do so by making the appropriate settings at https://twitter.com/settings/account/personalization. You can change your data protection settings and consent for Twitter in the account settings at https://twitter.com/account/settings.
You can also deactivate (all) cookies that are used for range measurement and advertising purposes via the following link: https://www.aboutads.info/choices.
Please note that this setting will be deleted when you delete your cookies.
Further information on Twitter’s data protection can be found at: https://twitter.com/de/privacy.
17 Google MapsThis website uses the Google Maps service provided by Google LLC (“Google”). This enables us to show you interactive maps directly on the website and allows you to use the map function conveniently. By using Google Maps, information about your use of our website (including your IP address) may be transmitted to a Google server in the USA and stored there. Google may store this data as usage profiles for the purpose of tailoring its services, advertising and market research. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish this, you must log out beforehand. If you do not agree to the processing of your data, you have the option of deactivating the Google Maps service and thus preventing the transfer of data to Google. To do this, you must deactivate the Java Script function in your browser. However, we would like to point out that in this case you will not be able to use Google Maps or only to a limited extent.
You can find further information on the data protection of Google Maps at http://www.google.com/intl/de_de/help/terms_maps.html or at https://policies.google.com/privacy.
18 Social pluginsOur website uses social plugins (“plugins”) from various social networks. With the help of these plugins you can, for example, share content or recommend products. The plugins are activated by default on cyber-incident-hub.ch.
The content of the plugin is transmitted directly to your browser by the social network and integrated into the website by it. By integrating the plugins, the social network receives the information that you have accessed the corresponding page of our website. If you are logged in to the social network, it can assign the visit to your account. If you interact with the plugins, for example by clicking the Facebook “Like” button or posting a comment, the corresponding information is transmitted directly from your browser to the social network and stored there.
Even if you are not logged in to the social networks, data can be sent to the networks by websites with active social plugins. An active plugin sets a cookie with an identifier every time the web page is called up. Since your browser sends this cookie with every connection to a network server without being asked, the network could in principle use it to create a profile of which web pages the user belonging to the identifier has called up. If necessary, it would then be possible to assign this identifier to a person again later – for example, when logging on to the social network later.
If you do not want social networks to collect data about you via active plug-ins, you can select the function “Block third-party cookies” in your browser settings; your browser will then not send any cookies to the respective server of the social network. However, with this setting, in addition to the plugins, other cross-page functions of other providers may also no longer function.
For more information on the purpose and scope of data collection and the further processing and use of your personal data, please refer to the data protection notices of the respective networks. There you will also find further information on your rights in this regard and setting options for protecting your privacy as well as your right to object to the creation of user profiles: We currently use the following plugins of the following social networks on our website:
19 VersionVersion 07.02.2022. Subject to change or adaptation at any time.
© 2021 Cyber Incident Hub
Responsible for this website:
Cyber Incident Hub
Farner Consulting AG
Dr. Daniel Heller
Phone: +41 44 266 67 67
UID number: CHE-105.833.189
Unless indicated otherwise, the copyright for all content on this website is held by Cyber Incident Hub or one of its contracting partners. It is prohibited to use the content (especially images and graphics) without obtaining prior permission from Cyber Incident Hub.
User Rights and Obligations
Users of this website have the option of starting a dialogue with Cyber Incident Hub via the chat function. The corresponding posts/questions are published on the Cyber Incident Hub website together with the comments/answers. You must provide your email address or Twitter username to be able to use the chat function. Cyber Incident Hub reserves the right to delete and/or not respond to indecent or illegal posts/questions.
All texts and links have been checked carefully and are continually updated. We endeavour to provide correct and complete information on this website, but we do not assume responsibility, liability or make any warranty whatsoever that the information supplied through this website is correct, complete, or up to date. All liability is excluded for damages of any nature that are incurred in connection with accessing, using, or retrieving the website or information contained on it. We reserve the right to alter information on this website at any time and without prior notice, and we are under no obligation to update the information contained on it. All links to external providers were checked for accuracy at the time of their inclusion; we are nevertheless not liable for the content and availability of any websites reached via hyperlinks. Such websites are accessed and used at one’s own risk. The provider of the website to which the link was made is solely responsible for illegal, incorrect, or incomplete content, and especially for damages arising from the content of linked pages. This applies irrespective of whether the damage is direct, indirect, or financial in nature, or whether it is some other kind of damage that could occur as a result of data loss, loss of use, or any other reason.
Governing Law, Jurisdiction
Version 07.02.2022. The right to change or adapt the content at any time is expressly reserved.