Privacy Notice


This Privacy Notice has been prepared by Cybernetica AS (registered in the Republic of Estonia with registry code 10140133, located at Mäealuse tn 2/1, 12618 Tallinn, Republic of Estonia; hereinafter “Cybernetica”, “we”, “us” or “our”) to inform the candidate (hereinafter “Data Subject”, “you” or “your”) about the processing of personal data when recruiting staff.

In the Privacy Notice we explain:

Cybernetica as the Controller

Cybernetica shall request from the Data Subject and, if necessary, from other sources, only such personal data in the extent necessary to find a suitable employee (hereinafter referred to as the “Purpose”) and for the processing of which there is a legal basis.

This includes:

Cybernetica refrains from:


Processors – Cybernetica, as the controller, may, if necessary, grant the right to use personal data to processors who have the right to use the data only for the purpose of performing the contract with Cybernetica (e.g. recruitment companies). If Cybernetica decides to use processor on a permanent basis, it shall list the processor in Cybernetica’s Register of Personal Data Processing Operations, to which the Data Subject shall be ensured access.

Rights of the Data Subject

Data subjects have certain rights concerning their personal data and controllers have an obligation to enable these rights to be exercised. In situations where Cybernetica decides how and why personal data is processed, Cybernetica is the controller and must provide further information on the rights of data subjects and the use thereof.

If the Data Subject wishes to submit a request to Cybernetica to exercise the above right(s), please send a relevant e-mail to the address


If the Data Subject wishes to submit a complaint to Cybernetica regarding the use of his or her personal data, please send a relevant e-mail to the address

In addition, the Data Subject always has the right to file a complaint with the Estonian Data Protection Inspectorate or apply to a court.


Organizational, physical and IT security measures have been implemented to protect personal data in accordance with ISO/IEC 27001:2013 requirements to protect data from unintentional or unauthorized processing, disclosure or destruction. These measures cover the entire organization, including people, information, infrastructure and equipment.

Data Retention

Cybernetica retains personal data until the necessary purpose has been achieved or until the statute of limitations for any legal claim has expired.

Contact Data

The contact persons for the processing of personal data are Head of HR, Head of IT and the lawyer. Supervision shall be performed by the Head of Information Security.

If you have questions about the Privacy Notice or how and why we process personal information, please contact us: