Request demo →
Privacy

How we handle information, and what you can do about it.

Effective date: 20 April 2026

1. Who we are

cinten is operated by Be-Strategic Solutions Ltd., a company registered in Israel and headquartered in Tel Aviv. We provide a platform for digital tabletop exercises used by enterprise teams, government agencies, and regulated organizations.

This policy explains how we handle information collected through this website and through our platform. Questions about anything here can be sent to info@cinten.com.

2. Scope

This policy covers two separate contexts.

The website. When you visit cinten.com, request information, or communicate with us, this policy applies.

The platform. When your organization uses cinten to run exercises, the data produced (participant actions, decisions, telemetry, recordings) is processed under the terms of the Data Processing Agreement signed between cinten and your organization. Your organization is the controller of that data. cinten is the processor. If you are a participant in an exercise and have questions about how your exercise data is handled, contact your organization's administrator.

3. Information we collect

Information you provide directly. When you submit the contact form, request a demo, or email us, we receive your name, organization, email address, phone number (if provided), and the content of your message.

Information collected automatically on the website. When you visit cinten.com, our servers log IP address, browser type, operating system, referring URL, pages viewed, and timestamps. This is standard server logging.

Cookies. We use cookies to remember preferences and to measure how the website is used. See section 10 below.

Platform user data. To create and manage a user account on the platform, we collect a minimum set of personal data:

  • first name
  • last name
  • email address (used as a unique identifier and for system notifications)

Depending on the deployment, exercise configuration, or customer requirements, the platform may also process user role or organizational affiliation, exercise-related inputs (decisions, messages, responses) generated during simulations, and system usage metadata (timestamps, session identifiers).

What we do not collect. The platform does not require or collect sensitive personal data such as national ID numbers, financial data, health data, or biometric data.

4. How we use information

We use information we collect to:

  • respond to inquiries and fulfill requests for demos or information
  • provide and maintain the platform for customers
  • communicate with existing customers about service, support, and material changes
  • improve how the website and platform work
  • meet legal and contractual obligations
  • protect the security of our systems and users

We do not sell personal information. We do not share it with advertisers.

5. Legal bases for processing

If you are in the European Union or United Kingdom, we rely on the following legal bases under the GDPR:

  • Performance of a contract. For customers, we process information as needed to deliver the service.
  • Legitimate interest. For prospects and website visitors, we rely on legitimate interest to respond to inquiries, understand site usage, and secure our systems.
  • Consent. For non-essential cookies and marketing communications, we rely on your consent, which you can withdraw at any time.
  • Legal obligation. Where required by applicable law.

6. Who we share information with

We share information only with:

  • Service providers who help us operate the business (hosting, email infrastructure, analytics, CRM) under contracts that limit their use of data to our instructions.
  • Legal authorities when required by law, court order, or to protect our rights or the safety of users.
  • Acquirers or successors in the event of a merger, acquisition, or sale of assets, with continuity of the protections described in this policy.

We do not sell information to third parties.

7. Infrastructure and international transfers

Platform data is stored in secure cloud-based databases hosted on Microsoft Azure, which complies with international security standards. Production data is logically segregated per customer environment where applicable. Region-specific deployment is supported where contractually required.

cinten is based in Israel. Israel has been recognized by the European Commission as providing an adequate level of data protection, which allows personal data to be transferred from the EU and UK to Israel without additional safeguards.

Where we use service providers located outside Israel or the European Economic Area, we rely on Standard Contractual Clauses or other appropriate safeguards as required by applicable law.

8. How long we keep data

Personal data is retained only as long as required to provide the service or to comply with contractual and legal obligations.

  • Inquiry and demo requests. Up to 24 months after the last interaction.
  • Customer records. For the duration of the contract and for the period required by law after termination.
  • Platform exercise data. According to the terms of the customer's Data Processing Agreement. Upon contract termination, data deletion or anonymization is performed according to agreed retention policies.
  • Server logs. Typically 90 days.
  • Backups. Performed regularly and stored in encrypted form. Purged on a rolling schedule.

9. Your rights

Depending on where you are located, you may have the following rights regarding your personal information:

  • Access. Request a copy of the personal information we hold about you.
  • Correction. Ask us to correct inaccurate information.
  • Deletion. Ask us to delete your information, subject to legal retention requirements.
  • Restriction. Ask us to stop processing your information in certain circumstances.
  • Portability. Receive your information in a structured, commonly used format.
  • Objection. Object to processing based on legitimate interest.
  • Withdrawal of consent. Where we rely on consent, withdraw it at any time.

To exercise any of these rights, email info@cinten.com. We respond within the timeframe required by applicable law.

If you are in the EU or UK and believe your rights have been violated, you may lodge a complaint with your local data protection authority. If you are in Israel, you may contact the Privacy Protection Authority at the Ministry of Justice.

10. Cookies

This website uses cookies for the following purposes:

  • Essential. Required for the site to function, including remembering your cookie preferences. These cannot be disabled.
  • Analytics. Help us understand how the site is used so we can improve it.
  • Functional. Remember preferences you have set.

On your first visit we ask for your consent before setting non-essential cookies. You can change your preferences at any time: .

We do not use advertising cookies or third-party trackers for marketing purposes.

11. Security

We apply industry-standard technical and organizational controls designed to ensure confidentiality, integrity, and availability. The platform operates under the principles of data minimization, purpose limitation, least-privilege access, and logical separation between customers.

Access security.

  • Secure authentication with strong password policies
  • Two-factor authentication (2FA)
  • Role-based access control (RBAC) to limit user actions based on assigned roles
  • Session management and timeout controls

Data security.

  • Encryption in transit using HTTPS and TLS
  • Encryption at rest for stored data and backups
  • Secure key and credential management
  • Logical segregation between customer environments

Infrastructure and operational security.

  • Cloud infrastructure protected by network segmentation, firewalls, and monitoring
  • Continuous logging and monitoring for abnormal activity
  • Regular updates and patching of system components
  • Periodic penetration testing

Organizational controls.

  • Access to production systems restricted to authorized personnel
  • Separation between development, testing, and production environments
  • Security awareness and operational best practices followed by the technical team

No system is perfectly secure and we cannot guarantee absolute security. If we become aware of a security breach affecting your information, we will notify you and the relevant authorities as required by law.

A detailed Data Protection, Privacy, and IT Security Overview is available to prospective customers on request. Data Processing Agreements and additional security documentation can be provided as part of contractual engagements. Contact info@cinten.com.

12. Children

The cinten platform is not intended for children under 16. We do not knowingly collect information from anyone under 16. If you believe we have, contact us and we will delete it.

13. Changes to this policy

We may update this policy from time to time. When we do, we revise the effective date at the top. For material changes, we notify customers and prominent website visitors. The latest version is always available at cinten.com/privacy.

14. Contact

Questions about this policy or about how we handle your information:

Be-Strategic Solutions Ltd.
Tel Aviv, Israel
info@cinten.com