Responsible for data processing is:
CISPA - Helmholtz-Zentrum für Informationssicherheit gGmbH
Phone: +49 681 87083 1001
Fax: +49 681 302 71942
CISPA is represented by the managing directors Prof. Dr. Dr. h. c. Michael Backes and Bernd Therre.
You can reach our data protection officer at:
Jens Engelhardt (deputy Erdem Durmus)
c/o NOTOS Xperts GmbH
Heidelberger Str. 6
Phone: +49 6151-52010-0
The following data may be subject to processing: Name, address, date of birth, application documents, telephone number, e-mail address and other data, such as disability, age, gender, place of residence, citizenship, job, availability, current job title, multiple degrees, supervisor of the degree, date of graduation, university of the degree, topic and title of the thesis, summary of the research career, link to the DBLP profile, link to the Google Scholar profile, citation statistics (h-index, i10-index, honours, publication statistics), cover letter, CV, research statement, certificates, letters of recommendation, references, teaching statement, work permit.
We process your applicant data provided by email or via the online form only for the purpose and within the scope of the application process. We process the data you send us in connection with your application in order to check your suitability for the position (or other open positions in our companies, if applicable) and to conduct the application process. This may include arranging appointments for job interviews, pre-contractual measures at the applicant's request, and the decision on whether to establish an employment relationship.
The processing of the applicant data is carried out to fulfil our (pre-)contractual obligations within the framework of the application process in accordance with Art. 6 Par. 1 letter b. DSGVO, to fulfil a legal obligation of the responsible person according to art. 6 para. 1 sentence 1 letter c. DSGVO, to safeguard a legitimate interest of the responsible person/ third party, unless interests, fundamental rights and fundamental freedoms of the applicant, which affect the protection of personal data
are predominant according to Art. 6 para. 1 sentence 1 lit. f DSGVO. A legitimate interest in this context is data protection and data archiving as technical and organisational measures for the purpose of ensuring data availability, resilience and recoverability in accordance with Art. 32 para. 1 lit. b, c DSGVO. Processing for the purpose of deciding on the establishment of an employment relationship is carried out in accordance with Article 26 Paragraph 1 Sentence 1 BDSG. The provision of data is necessary for the application procedure of the responsible person. Alternatively, the consent of the applicant may be the legal basis.
Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 DSGVO are voluntarily disclosed during the application procedure, their processing is additionally carried out in accordance with Art. 9 Para. 2 letter b DSGVO (e.g. health data, such as severely disabled status or ethnic origin).
By submitting their application to us, applicants declare that they agree to their data being processed for the purposes of the application procedure in accordance with the type and scope set out in this data protection declaration.
If the applicants provide names and addresses of references, the applicant must first obtain the consent of the persons concerned and draw their attention to our data protection declaration. In this case, the contact data of the reference persons will be processed. These will not be passed on and will be deleted as soon as the reference has been obtained.
Applicants may submit their applications using an online form on our website. The data will be transmitted to us in encrypted form according to the state of the art. Applicants can also send us their applications by e-mail. In this case, the applicants themselves must ensure the encryption and signature of the e-mail and any attachments in order to guarantee the confidentiality and integrity of the application data during transmission.
The data provided by the applicants may be processed by us for the purposes of the employment relationship in the event of a successful application. Otherwise, if the application for a job offer is not successful, the applicants' data is deleted. The applicants' data is also deleted if an application is withdrawn, which the applicants are entitled to do at any time.
Subject to a justified revocation or objection by the applicants, the data will be deleted after the expiry of a period of six months after the position has been filled (conclusion of the application process), so that we can answer any follow-up questions regarding the application and meet our obligations to provide evidence under the Equal Treatment Act. Invoices for any reimbursement of travel expenses will be archived in accordance with tax law requirements.
Your applicant data will be reviewed by the Onboarding and Talent Management department after receipt of your application. Suitable applications are forwarded internally to the department managers responsible for the respective open position. In the context of the cooperation between CISPA and Saarland University (UdS), applicant data of faculty and PhD will be forwarded to the UdS, as far as this is necessary for the recruitment of PhDs through the so-called Graduate School of the UdS, or as far as professors of the UdS participate in applicant committees for the recruitment of faculty. In principle, only those persons who need access to your data for the proper processing of our application procedure have access to your data.
Data is not processed outside the European Union.
You have the following rights in relation to the processing of your data by CISPA:
If you wish to revoke your consent or exercise your right of objection, simply send an e-mail to firstname.lastname@example.org.
It may become necessary to amend this data protection declaration as a result of the further development of our website and further offers or due to changes in legal or official requirements. You can access and print out the current data protection declaration at any time.