CYSR Contacts

Privacy Policy

The company, Muscope Cybersecurity S.r.l., wishes to inform stakeholders that it holds personal data for the management of ongoing contractual relationships, pursuant to EU Regulation No. 2016/679, better known as GDPR. Below is provided all the information regarding the processing of the concerned personal data.

Data Controller and Data Protection Officer (DPO)

The Data Controller is Muscope Cybersecurity S.r.l., located at Via Ezio Andolfato 10 - 20126 Milan, legally represented by its current legal representative. We have appointed a Data Protection Officer, who can be contacted at the email address: [email protected].

Legal Basis and Purposes of Processing

The processing of personal data is based on the execution of the contract in which the data subject is a party and the need to comply with legal obligations to which the Data Controller is subject, as established by Art. 6, par. 1, letters b) and c) of the GDPR. Any refusal to provide such data may result in Muscope Cybersecurity S.r.l.'s inability to properly fulfill its contractual and legal obligations.

We also rely on legitimate interest as a legal basis, particularly regarding compliance with standards and protocols voluntarily adopted by Muscope Cybersecurity S.r.l.

We wish to clarify that the data will be processed by Muscope Cybersecurity S.r.l. and any affiliated entities.

Purposes and Categories of Processed Data

Purpose Processed Personal Data Categories of Recipients
Preliminary to contract stipulationIdentification data, company role, contactsMuscope Cybersecurity S.r.l. staff, affiliates, external suppliers
Contractual complianceIdentification data, company role, contactsMuscope Cybersecurity S.r.l. staff, affiliates, consultants, external suppliers
Regulatory complianceIdentification data, company role, contactsPublic authorities, regulatory bodies, legal representatives
Operational and managerial needsIdentification data, company role, contactsMuscope Cybersecurity S.r.l. staff, affiliates, consultants, external suppliers
Service quality improvementIdentification data, company role, contactsMuscope Cybersecurity S.r.l. staff, affiliates, survey companies

Transfer of Personal Data

The data will be mainly processed in Italy. Under exceptional circumstances, data may be transferred to one of the European Union countries, but only after ensuring adequate protection of the data subject's rights.

Security Measures

In accordance with the GDPR, Muscope Cybersecurity S.r.l. ensures that data is processed with the highest security measures. In the event of potential breach risks, the data subject will be promptly informed.

Rights of the Data Subject

The data subject has specific rights concerning their data, including access, rectification, erasure, restriction, portability, and objection. For further details or to exercise such rights, please contact us at [email protected].

Furthermore, if a right is exercised, Muscope Cybersecurity S.r.l. will notify the relevant recipients pursuant to Art. 19 of the GDPR.

Data Retention

Personal data will be stored for the time necessary for the purposes for which they were collected, and in any case not beyond the term provided by applicable legal and fiscal regulations.

For service improvement purposes, data will be retained for a period not exceeding 3 years.


In case of issues or concerns, please contact us as soon as possible. If you are not satisfied, you have the right to file a complaint with the data protection authority or a judicial authority.

Changes to this notice

We reserve the right to modify this notice at any time. Please check this page regularly to stay informed about any changes.

Last update date: December 27, 2021