Privacy Policy

Important notice: This is a translation of the original privacy policy. If this translation is inaccurate or contains deviations from the original privacy policy, then the text of the original privacy policy in German applies.

General Terms

As the operator of our online services (including this website and the training platform) and as a company, we come into contact with your personal data. This means all data that says something about you and with which you can be identified. In this privacy policy, we would like to explain how, for what purpose and on what legal basis we process your data.

Responsible for data processing on this website and in our company:

CYRINAS AG
Türlihof 1b
6414 Oberarth
Switzerland

Phone: +41 41 855 09 09
Email: privacy@cyrinas.com

General notes

TLS encryption

When you enter your data on websites, place online orders or send emails over the Internet, you must always be prepared for unauthorized third parties to access your data. There is no perfect protection against such access. However, we do everything we can to protect your data as best as possible and to close the security gaps as far as we can.

An important protection mechanism is the TLS encryption of our online services, which ensures that data that you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the entered internet address in your browser and by the fact that our internet address begins with "https://".

How long do we store your data?

At some points in this privacy policy we will inform you about how long we or the companies that process your data on our behalf store your data. If there is no such information, we will store your data until the purpose of the data processing no longer applies, you object to the data processing or you revoke your consent to the data processing.

In the event of an objection or revocation, however, we may continue to process your data if at least one of the following prerequisites is met:

We have compelling legitimate reasons for continuing the data processing that outweigh your interests, rights and freedoms (only if you object to data processing; if the objection is to direct mail, we cannot provide legitimate reasons).

The data processing is necessary to enforce, exercise or defend legal claims (does not apply if your objection is directed towards direct advertising).

We are required by law to keep your data.

In this case, we will delete your data as soon as the prerequisite(s) no longer apply.

Your rights

Cross-country data protection

CYRINAS AG is active in several countries, including Switzerland (headquarters), Germany, other EU countries and countries outside the EU. We therefore process your data at least in accordance with the strict standard of the Swiss Data Privacy Law (DSG) or the General Data Protection Regulation of the European Union (EU-GDPR). This does not restrict your rights under the local data privacy laws applicable to you.

Objection to data processing

IF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS IN THE PROCESSING OF YOUR DATA AND THEREFORE PROCESS IT BASED ON ARTICLE 6 PARA. 1 (1) (F) GDPR, YOU HAVE ACCORDING TO ARTICLE 21 GDPR THE RIGHT TO OBJECT TO THIS. THIS ALSO APPLIES TO PROFILING TAKEN ON THE BASIS OF THE MENTIONED REGULATION. A CONDITION IS THAT YOU STATE REASONS FOR THE OBJECTION THAT RESULT FROM YOUR PARTICULAR SITUATION. NO JUSTIFICATION IS REQUIRED IF THE OBJECTION IS AGAINST THE USE OF YOUR DATA FOR DIRECT ADVERTISING.

AS A CONSEQUENCE OF THE OBJECTION WE ARE NO LONGER ALLOWED TO PROCESS YOUR DATA. THIS DOES NOT APPLY IF ONE OF THE FOLLOWING REQUIREMENTS APPLY:

THE EXCLUSIONS DO NOT APPLY IF YOUR OBJECTION IS AGAINST DIRECT ADVERTISING OR RELATED PROFILING.

Other rights

Revocation of your consent to data processing

Many data processing operations are based on your consent. You grant this e.g. by ticking the appropriate box on online forms before you submit the form, or by allowing certain cookies when you visit our website. You can revoke your consent at any time without giving reasons (article 7 (3) GDPR). From the time of revocation, we may no longer process your data. The only exception is if we are legally obliged to keep the data for a certain period of time. Such retention periods exist in particular in tax and commercial law.

Right to lodge a complaint with the competent supervisory authority

If you believe that we are in breach of the General Data Protection Regulation (GDPR), you have the right under article 77 GDPR to complain to a supervisory authority. You can contact a supervisory authority in the member state where you live, where you work or where the alleged infringement took place. The right to complain exists in addition to administrative or judicial remedies.

Right of data portability

Data that we process automatically on the basis of your consent or in fulfillment of a contract must be handed over to you or a third party in a common machine-readable format if you request this. We can only transfer the data to another person or legal entity if this is technically possible.

Right of information, deletion and correction

According to article 15 GDPR, you have the right to receive information free of charge about what personal data we have stored about you, where the data comes from, to whom we transmit the data and for what purpose it is stored. If the data is incorrect, you have the right to rectification (article 16 GDPR), under the conditions of article 17 GDPR you may request that we delete the data.

Right of restriction of processing

In certain situations, according to article 18 GDPR, you can request that we restrict the processing of your data. Apart from storage, the data may then only be processed as follows:

The right of restriction of processing exists in the following situations:

Cloud Providers

External servers

Our online services is located on servers within Switzerland and the EU operated by the following cloud provider:

Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy
L-1855
Luxembourg

We have concluded a data processing agreement with Amazon Web Services EMEA SARL with the standard contractual clauses of the EU.

How do we process your data?

The host saves all data of our website and web application (like the training platform). This also includes all personal data that is collected automatically or through your input. In particular, this can be: your IP address, pages viewed, name, contact data and requests, training progress, and meta and communication data. When processing data, Amazon Web Services EMEA SARL adheres to our instructions and only processes the data to the extent that this is necessary to fulfill it's obligation towards us.

On what legal basis do we process your data?

Since we address potential customers via our website, maintain contacts with existing customers, and provide the services to our customers with our training platform, the data processing by our cloud provider is required to initiate and fulfill the contract and is therefore based on article 6 (1) (b) GDPR. In addition, it is in our legitimate interest as a company to provide a professional website that meets the necessary security, speed and efficiency requirements. In this respect, we also process your data on the basis of article 6 (1) (f) GDPR.

Data collection on this website

Use of cookies

Our website places cookies on your device. These are small text files that are used for different purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are required to perform certain actions or functions on the site (functional cookies). For example, without cookies it would not be possible to use the advantages of a shopping cart in an online shop. Other cookies are used to analyze user behavior or to optimize advertising measures. If we use third-party services on our website, e.g. to process payment transactions, these companies can also leave cookies on your device when you visit the website (so-called third-party cookies).

How do we process your data?

Session cookies are only stored on your device for the duration of a session. As soon as you close the browser, they disappear by themselves. Permanent cookies, on the other hand, remain on your device if you do not delete them yourself. This can e.g. lead to your user behavior being analyzed permanently. You can use the settings in your browser to influence how it handles cookies:

If you deactivate or do not allow cookies, the functionality of the website may be limited and you cannot use some of our services.

If we use cookies from other companies or for analysis purposes, we will inform you about this in this privacy policy. We also ask for your consent in this regard when you visit our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our online offerings can be used by visitors without any technical problems and that all desired functionality is available to them. Necessary and functional cookies are therefore stored on your device on the basis of article 6 (1) (f) GDPR. We use all other cookies on the basis of article 6 (1) (a) GDPR, provided you give us your consent. You can revoke this at any time with effect for the future. If you consented to the placement of necessary and functional cookies when we asked for your consent, these cookies will also be stored exclusively on the basis of your consent.

Server log files

Server log files record all requests and accesses to our website and record error messages. They also include personal data, in particular your IP address. The data is automatically transmitted from your browser to our cloud provider.

How do we process your data?

Our cloud provider saves the server log files in order to be able to track the activities on our website and to locate errors. The files contain the following data:

We do not merge this data with other data, we only use it for statistical analysis and to improve our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our website und web applications runs error-free and secure. It is also in our legitimate interest to receive an anonymous overview of access to our website. Data processing is therefore lawful in accordance with article 6 (1) (f) GDPR.

Contact form

You can send us a message using the contact form on this website.

How do we process your data?

We save your message and the information from the form in order to be able to process your request including follow-up questions. This also applies to the contact details provided. We will not pass on the data to other people without your consent.

How long do we store your data?

We will delete your data as soon as one of the following occurs:

This does not apply if we are legally obliged to keep the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves to carry out pre-contractual measures, we process your data on the basis of article 6 (1) (b) GDPR. In all other cases, it is our legitimate interest to effectively process inquiries addressed to us. The legal basis for data processing is therefore article 6 (1) (f) GDPR. If you have consented to the storage of your data, article 6 (1) (a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Inquiry by email, telephone or direct messaging

You can send us a message by email or direct messaging, or give us a call.

How do we process your data?

We save your message as well as your self-made contact details or the transmitted telephone number in order to be able to process your request including follow-up questions. We will not pass on the data to other people without your consent.

How long do we store your data?

We will delete your data as soon as one of the following occurs:

This does not apply if we are legally obliged to keep the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves to carry out pre-contractual measures, we process your data on the basis of article 6 (1) (b) GDPR. In all other cases, it is our legitimate interest to effectively process inquiries addressed to us. The legal basis for data processing is therefore article 6 (1) (f) GDPR. If you have consented to the storage of your data, article 6 (1) (a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Contracts and Payments

Customer and contract data

How do we process your data?

If we conclude a contract with you, we require certain personal data from you. We collect, process and use this data only insofar as it is necessary to establish our legal relationship, to structure it in terms of content or to change it. If you can only use our services via our website or if the services are billed via the website, we also collect usage data if this is necessary to enable you to use our offer or to bill you for the service used.

How long do we store your data?

We store your data until our legal relationship ends, unless we are required by law to keep the data for longer.

On what legal basis do we process your data?

We store your data in order to fulfill the contract with you or to carry out pre-contractual measures. The basis for data processing is therefore article 6 (1) (b) GDPR.

Data transmission when using services and digital content

How do we process your data?

To process the payment, we transmit your data to a payment service or the bank commissioned with processing the payment. We only pass on data that is absolutely necessary for the payment process. If we want to pass on data beyond this, we will obtain your consent.

On what legal basis do we process your data?

We share your information in order to perform the contract we have with you. The basis for data processing is therefore article 6 (1) (b) GDPR. If you have consented to the transfer of your data, data processing is based on article 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

Own Services / Miscellaneous

Handling of applicant data

If you would like to work for us, we would be happy to receive your application. We treat all transmitted personal data as strictly confidential. This also applies to such data that we only collect later in the application process.

How do we process your data?

We save all data that we collect as part of the application process and use it to the extent that this is necessary to make a decision about establishing an employment relationship. This applies to contact and communication data as well as application documents, e.g. B. also notes that we make in the context of job interviews. We only pass on your data within our company to people who are involved in processing your application.

If the application is successful, we store the data required to carry out the employment relationship in our data processing systems.

If we are currently unable to offer you a suitable position, we will be happy to include your data in our pool of applicants with your consent. This gives us the opportunity to contact you if a position that suits your profile becomes available.

How long do we store your data?

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to keep your documents and other application data for up to 6 months after the end of the application process. This is because we may need the data for evidence purposes in the event of a legal dispute. After the deadline, we delete the data and destroy the documents. If a legal dispute is actually imminent or is already pending, we will delete the data and documents when they are no longer required for evidence purposes.

We delete data in the applicant pool no later than 2 years after consent has been given. If you revoke your consent before this period has expired, we will delete it earlier.

The deletion of your data always presupposes that we are not legally obliged to keep it longer.

On what legal basis do we process your data?

We process your applicant data on the basis of article 328 b OR (Switzerland) or Section 26 BDSG-new (initiation of an employment relationship) (Germany) and article 6 (1) (b) GDPR (general contract initiation) .

The same applies if your application is successful.

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we have a legitimate interest in using your data as evidence in a possible legal dispute. The data processing is therefore based on article 6 (1) (f) GDPR.

If you have expressly consented to the storage of your data, we will process your data on the basis of article 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.

This GDPR-compliant privacy policy was automatically and manually translated from the original German privacy policy created with the intelligent privacy policy generator PRIVE Datenschutz-Software.