Trust Center

DE EN Login

Security & Data Protection

Privacy Policy

Our platform processes personal data in accordance with GDPR guidelines. All data is stored exclusively within the EU and encrypted following best practices.

Technical Measures

  • TLS 1.2 and 1.3 encryption across all layers
  • Database is encrypted in accordance with best practices
  • Strong password policy for administrators
  • Strong password policy for administrators

Organizational Measures

  • Developer training in line with OWASP SCP
  • Regular security updates and patches
  • Regular penetration tests
  • Frequent vulnerability scans
  • Code reviews for security-critical changes

Internal access rights: Only authorized personnel have access to personal data – based on the principle of least privilege (need-to-know basis).

Authentication:

  • Logically separated admin access
  • Secure password policies for all users

Accreditations:

ISO 27001 CyberTrust
SSL Certificate: WE1 (Google Trust Services)

Security Incidents

What happens in an emergency?

  • Internal contingency plan for security incidents
  • Reporting obligation to data protection authorities within 72 hours (in accordance with GDPR)
  • Transparent communication with affected users

Reporting Process

Mail: [email protected]
Tel: +43 664 780 65500

Infrastructure & Data Types

Cloud Infrastructure

The infrastructure is managed by the hosting provider. Updates, configuration, etc. are handled and monitored by the provider.

The hosting provider is Strato.de

Data Types

  • Personal data: name, email, business phone number and company affiliation
  • Audit data: evaluation tables, potential vulnerabilities and recommendations
  • No processing of health or financial data

Data Processing Partners

  • Hosting in ISO 27001-certified data centers
Server location: Germany / EU
Back
Imprint

CyRiSo Cyber Risk Solutions GmbH
Deutschmeisterplatz 4
1010 Wien

[email protected]
+43 664 780 65500

Company Register Number: FN631222v
Company Register Court: Vienna Commercial Court
VAT ID: ATU80880557

Links
CyRiSo Logo

CyRiSo is a cybersecurity consulting company focused on as-a-Service solutions for the most pressing challenges in cybersecurity, such as the technical security of systems, applications, and networks, rapid incident response and Business Continuity Management, comprehensive information security, compliance with legal data protection regulations, and adherence to industry-specific standards and norms.

CyRiSo places cyber risk at the core of its approach, assisting with assessment, benchmarking against others, and improving the risk landscape. This cyber rating serves as the foundation for planning measures together with our clients, ensuring that cyber risks are maintained at an acceptable and low level.

© 2025 CyRiSo Cyber Risk Solutions GmbH