Processing of (personal) data by the entity in charge of the online application process

[Skip to main content](https://cyan.jobs.personio.com/privacy-policy?language=en#main-content)
# Processing of (personal) data by the entity in charge of the online application process
Thank you for your interest in cyan ("we", "us", "Company"). cyan AG and its subsidiaries (collectively referred to...

[Skip to main content](https://cyan.jobs.personio.com/privacy-policy?language=en#main-content)
# Processing of (personal) data by the entity in charge of the online application process
Thank you for your interest in cyan ("we", "us", "Company"). cyan AG and its subsidiaries (collectively referred to as "cyan", and "we") strive to provide the most complete protection possible for each website visitor ("user") in order to make the use of https://www.cyansecurity.com/ and https://ir.cyansecurity.com/ ("Website") and the use of our products a positive experience. Through this Privacy Policy, we would like to inform each User about the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, by means of this data protection declaration, users are informed about the rights to which they are entitled.

1. definitions
We use the following terms, among others, in this data protection declaration and on our website:
a) Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject

Data subject means any identified or identifiable natural person whose personal data are processed by the controller.
c) Processing
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
e) Profiling
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
g) Controller or person responsible for processing.
The controller or data processor is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.
h) Processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
i) Recipient
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
j) Third Party
Third-party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
k) Consent
Consent means any freely given indication of the data subject's wishes for the specific case in an informed and unambiguous manner, in the form of a statement or other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.
2. name and address of the controller.
The cyan Security Group GmbH is considered to be the responsible processor in connection with this website. For questions or to assert the rights of data subjects, please contact:
cyan Security Group GmbH
ICON Tower 24, 16th floor
Wiedner Gürtel 13, 1100 Vienna
Austria
E-mail: privacy@cyansecurity.com
Website: www.cyansecurity.com

3. collection of your data
When you visit our webs