Skip to main content

Privacy Notice

Last updated: 27 April 2026.

1. Who we are

SIA CyAdviso, registered in Latvia (reg. no. 40203253216, EU VAT LV40203253216), Riga, Latvia, EU (the “Controller”).

Contact: info@cyadviso.com · +371 2716 6168.

2. What data we process and why

2.1. DORA self-assessment lead form

On the homepage we offer a free 3-minute DORA readiness self-assessment. The score itself runs entirely in your browser — no data leaves your device. If you choose to receive the detailed gap report by email, we collect your work email address and the score / answers you submitted.

  • Purpose: sending you the gap report you requested and a short follow-up about engagement options.
  • Legal basis: Art. 6(1)(f) GDPR — our legitimate interest in responding to a request for information you initiated. You can object at any time by replying “unsubscribe” to any email.
  • Retention: we keep the email and submission for up to 24 months, after which the record is deleted unless we’ve started a commercial engagement with you.
  • Sharing: the form data is processed by us only. We do not sell, rent, or share it with third-party marketing platforms.

2.2. Direct contact (email, phone, Calendly / Cal.com)

If you email us, call us, or book a discovery call, we process the data you provide for the purpose of replying. Cal.com, our booking provider, processes the booking on our behalf as a sub-processor; see their privacy notice for details.

2.3. Self-hosted analytics

We use a self-hosted analytics endpoint at /api/track to count page views and CTA clicks. We do not use Google Analytics, Meta Pixel, or any third-party analytics or advertising script.

  • No cookies are set for analytics. No cross-site tracking.
  • IP addresses are truncated to /24 (IPv4) before storage, so individuals cannot be re-identified.
  • We honour browser-level Do Not Track (DNT) and Global Privacy Control (GPC) signals — when either is set, no analytics events are recorded for your visit.
  • Legal basis: Art. 6(1)(f) GDPR — legitimate interest in measuring how the site performs without identifying visitors.

2.4. Cookies

We do not set tracking cookies. The site may use strictly-necessary functional cookies (e.g. for the booking modal). No consent banner is shown because we don’t use cookies that require consent under the ePrivacy Directive.

3. Your rights under the GDPR

You have the right to:

  • access the personal data we hold about you;
  • have it corrected or deleted;
  • restrict or object to processing;
  • have your data transferred to another controller;
  • lodge a complaint with the Latvian Data State Inspectorate (www.dvi.gov.lv) or the supervisory authority in your EU Member State.

To exercise any of these rights, email info@cyadviso.com. We respond within 30 days.

4. International transfers

Personal data is processed within the European Economic Area. If a sub-processor (such as Cal.com) processes data outside the EEA, transfers are covered by the EU Standard Contractual Clauses or an equivalent transfer mechanism.

5. Changes to this notice

We may update this notice when we change how we handle data. The “Last updated” date at the top tracks the most recent material revision.

6. Related

See also our terms of use and imprint.