Privacy Policy

Last Updated: 17 April 2026


1. Introduction

CyberSiARA (“we”, “us”, “our”) is committed to protecting your privacy and ensuring transparency in how we process data.

This Privacy Policy explains how we collect, use, and protect information when you:

  • Visit our website
  • Use services protected by CyberSiARA, including SiaraShield
  • Interact with our platform or APIs

CyberSiARA provides AI-powered bot detection and fraud prevention, designed to distinguish between legitimate human users and automated or malicious activity.

2. Scope of This Policy

This Privacy Policy applies to:

  1. The CyberSiARA website www.cybersiara.com, and
  2. CyberSiARA services, including SiaraShield

These operate differently:

  • The CyberSiARA website may use cookies or similar technologies for essential functionality and analytics.
  • SiaraShield, our core security product, operates using a cookie-free approach and does not rely on client-side storage for bot detection or fraud prevention.

3. Who We Are

CyberSiARA is a trading name of MRB Corporation Limited.

Depending on the context:

  • We act as a Data Controller for our website
  • We act as a Data Processor when providing services such as SiaraShield on behalf of our clients, who act as Data Controllers

4. What Data We Collect

4.1 Information You Provide

  • Name
  • Email Address
  • Contact details
  • Any information submitted via forms or communications

4.2 Technical and Device Information (Security Processing)

When protecting websites and applications using SiaraShield, we may process:

  • Browser type and version
  • Operating system
  • Device characteristics
  • IP address (processed for security purposes and protected using appropriate safeguards)
  • Interaction patterns (e.g. typing behaviour, mouse movement, session activity)

This processing applies specifically to systems protected by SiaraShield, not general browsing of our website.

4.3 Behavioural Signals

We analyse interaction patterns to detect:

  • Automated behaviour
  • Suspicious activity
  • Fraud or abuse attempts

This processing is strictly limited to security and fraud prevention purposes.

5. How We Use Your Data

We use data for:

  • Protecting digital services from bots, fraud, and abuse
  • Preventing account takeover and malicious activity
  • Monitoring and improving system security
  • Providing our services to clients
  • Responding to enquiries and support requests

6. Legal Basis for Processing

We rely on the following legal bases:

Legitimate Interest (Primary)

Processing is strictly necessary to:

  • Protect systems and users
  • Prevent fraud and automated abuse
  • Maintain cybersecurity integrity

This processing:

  • Cannot be effectively achieved through less intrusive means
  • Is limited to what is necessary
  • Is proportionate and balanced against user rights

It is not used for advertising, marketing, or commercial profiling.

Contractual Necessity

Where processing is required to deliver services to our clients.

Consent (where applicable)

For optional activities such as marketing communications.

7. Device Intelligence & Security Processing

CyberSiARA uses privacy-first device and behavioural analysis to distinguish between human users and automated systems.

This includes analysing technical and behavioural signals from devices interacting with protected services.

Important:

  • This processing is not intended to directly identify individuals and is designed solely to distinguish between human users and automated systems
  • It is strictly limited to security and fraud prevention purposes
  • It is not used for advertising, marketing, or cross-site tracking
  • CyberSiARA does not use collected data for marketing profiling or targeted advertising
  • CyberSiARA does not track users across different websites or services for profiling purposes

8. Automated Decision-Making

Our system may automatically classify interactions as:

  • Human
  • Suspicious
  • Automated (bot)

These classifications are used solely for security purposes and do not produce legal or similarly significant effects on individuals.

Safeguards include:

  • Continuous monitoring and improvement
  • Measures to reduce false positives
  • Human oversight where appropriate

9. Data Retention

CyberSiARA retains data only for as long as necessary to fulfil the purposes for which it was collected.

For customers using our services:

  • Security and analytical data is retained for the duration of the customer relationship to support ongoing protection and service delivery
  • Following termination of a customer account, limited data may be retained for a period of up to 12 months for:
    • fraud prevention and security analysis
    • system integrity and audit purposes
    • improving detection models

Where possible:

  • Data is minimised, aggregated, or anonymised
  • Identifiability is reduced

After this period, data is securely deleted or anonymised.

9. Data Retention

10. Data Minimisation

CyberSiARA applies strict data minimisation principles and only processes data necessary for:

  • security
  • fraud prevention
  • system protection

We do not collect unnecessary or excessive data.

11. Data Sharing

We do not sell or monetise personal data.

We may share data with:

  • Our clients (as part of service delivery)
  • Trusted service providers (e.g. AWS cloud infrastructure)
  • Authorities where required by law

We may also disclose data where necessary to:

  • comply with legal obligations
  • protect our rights, users, or systems

12. International Data Transfers

Where data is transferred outside the UK/EU:

  • We implement appropriate safeguards (e.g. Standard Contractual Clauses)
  • We ensure equivalent data protection standards

12. International Data Transfers

13. Data Security

We implement strong security measures, including:

  • Encryption
  • Access controls
  • Secure AWS cloud infrastructure
  • Continuous monitoring and protection

14. Your Rights

Under GDPR, you have the right to:

  • Access your data
  • Rectify inaccurate data
  • Request deletion
  • Restrict processing
  • Object to processing
  • Data portability

You also have the right to lodge a complaint with a supervisory authority, such as the UK Information Commissioner’s Office (ICO).

To exercise your rights, contact:

privacy@cybersiara.com

15. Cookies

The CyberSiARA website may use cookies or similar technologies for essential functionality and analytics.

However:

SiaraShield does not rely on cookies or client-side storage for bot detection or fraud prevention.

16. Children’s Data

Our services are not directed at children, and we do not knowingly collect personal data from individuals under 18.

17. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy practices.

18. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be published with a revised date.

19. Contact Us

CyberSiARA

MRB Corporation Limited

51 Brompton Road

Hamilton, Leicester

England, LE5 1PP

privacy@cybersiara.com