Privacy Policy

CYBEREYE is operated by Jonathan & Cyber Ltd. (“CYBEREYE”, “we”, “us”), an Israeli company headquartered in Tel Aviv. Our Data Protection Officer can be reached at dpo@cybereye.co.il.

We collect three categories of data:

• Account data — name, work email, organisation, role, and authentication tokens for the platforms you connect.
• Connected platform data — read-only metadata from the security tools you connect (e.g. asset inventories, finding records, IAM metadata). We never ingest customer business data (e.g. emails, documents) unless explicitly required for a feature you have enabled.
• Usage data — queries submitted, features used, error logs, and basic device/browser fingerprints. Retained 90 days for security and product analytics.

We use your data only to:

• Provide and improve the CYBEREYE service.
• Answer your queries by cross-referencing your connected platforms.
• Detect abuse, fraud, and security incidents against the platform.
• Communicate with you about your account, billing, and product updates.

We do not sell your data. We do not use your data to train machine-learning models. LLM inference runs under a zero-retention contract with Anthropic.

We share data only with our listed sub-processors (see Security) under strict contractual obligations. We may disclose data when required by law, with prior notice unless legally prohibited.

You choose your data residency at signup: Israel (il-central-1) or EU (eu-central-1, Frankfurt). Transfers outside the chosen region only occur for LLM inference under Standard Contractual Clauses (EU) and equivalent Israeli safeguards.

Under GDPR and Israeli Privacy Protection Law, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request erasure (subject to legal retention obligations).
• Object to processing or request portability.
• Withdraw consent at any time.

To exercise these rights, email dpo@cybereye.co.il. We respond within 30 days.

We use strictly-necessary cookies for authentication and a single first-party analytics cookie. No third-party advertising cookies. No cross-site tracking.

Account data is retained for the life of your contract plus 30 days for recovery. Connected platform data is retained according to your tier configuration (default: 12 months). Usage logs are retained 90 days.

Questions, complaints, or rights requests: dpo@cybereye.co.il.

You also have the right to lodge a complaint with your local supervisory authority (e.g. the Israeli Privacy Protection Authority or the EDPB member authority in your country).