(1) In the following, we inform about the collection of personal data when using our website, as in accordance with Art. 13 of the EU General Data Protection Regulation (EU-GDPR). Personal data are all data that are personally identifiable to you, e.g. name, address, e-mail addresses, user behavior.
(2) The person responsible in accordance with Art. 4(7) EU-GDPR is
(see our imprint).
You can contact our Data Protection Officer at:
Bugl & Kollegen Gesellschaft für Datenschutz und Informationssicherheit mbH
93055 Regensburg Germany
(3) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, if applicable your name and your telephone number) will be stored by us in order to answer your questions. The legal basis for the processing of the data is our legitimate interest in responding to your request pursuant to Art. 6(1) lit. f) EU-GDPR. If your contacting is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6(1) lit. b) EU-GDPR. We delete the data arising in this context after the storage is no longer necessary, or limit the processing if statutory retention obligations exist.
(4) If we make use of contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also specify the defined criteria for the storage period.
(1) You have the following rights towards us regarding your personal data:
(2) You also have the right to complain to a data protection supervisory authority about our processing of your personal data. The responsible supervisory authority can be found in the following list:
(1) The hosting services used by us serve the provision of the following services: infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services which we use for the purpose of operating this online service.
(2) Here we (or respectively our Hostingvendor) process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in the efficient and secure provision of this online service acc. Art. 6 (1) lit. f) EU-GDPR in connection with Art. 28 EU-GDPR (Conclusion of order processing contract).
(1) When using the website for information purposes only, i.e., if you do not register or provide us with information in any other way, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website to you and to ensure stability and security:
We collect and store this data for a limited time on the basis of our legitimate interest in order to induce derivation of personal data in the event of unauthorised access or attempted access to local servers Art. 6 (1) lit. f) EU-GDPR.
(1) In addition to the previously mentioned data, Cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flow to the location that sets the Cookie (in this case by us). They are used to make the internet offer more user-friendly and more effective.
(2) We distinguish between two categories of Cookies: (a) essential Cookies, without which the functionality of our website would be limited, and (b) optional Cookies for website analysis and marketing purposes.
The use of optional Cookies is based on your consent (Art. 6 (1) lit. a) EU-GDPR).
The following table and subsequent paragraphs describe in detail the optional Cookies used on this website:
|Kind||Purpose and Content||Storage Period|
|Functional Cookies (These Cookies enable us to analyse the usage of the website in order to measure and improve its performance.)||Google reCAPTCHA|
For more Information refer to §7
|Marketing Cookies (Marketing Cookies are generally used to show you advertisements that are in line with your interests. When you visit another website, your browser’s Cookie is recognized and selected ads are displayed based on the information stored in that Cookie.)||Google Analytics|
For more Information refer to §6
Adjust cookie settings
(2) The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
(4) This website uses Google Analytics with the extension „anonymizeIp“. As a result, IP addresses are further processed in abbreviated form, so that a personal relationship can be ruled out. As far as the data collected about you is personally identifiable, it will be excluded immediately and the personal data will be deleted immediately.
(5) We use Google Analytics to analyse and regularly improve the use of our website. With the statistics gained we can improve our offer and make it more interesting for you as a user. The legal basis for the use of Google Analytics is Art. 6 (1) lit. a) EU-GDPR.
(6) Third party information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
General information on data protection: https://policies.google.com/privacy?hl=en#infocollect
Terms of Service: https://policies.google.com/terms?hl=en
(7) This website also uses Google Analytics for a device-independent analysis of visitor flows that is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under “My data”, “Personal data”.
(8) Used Cookies:
Storage period: 2 years
Usage: Differentiation of website visitors
Example value: GA1.2.889313483.1571824789
Storage period: 24 hours
Usage: Differentiation of website visitors
Example value: GA1.2.1449137967.1571824789
Storage period: 1 minute
Usage: Used to throttle the requirement rateIf Google Analytics is provided through the Google Tag Manager, this Cookie is named _dc_gtm_ <property-id>.
Example value: 1
(1) The purpose of reCAPTCHA is to check whether the data input on our websites (e. g. in a contact form) is made by a person or by an automated program. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the purpose of analyses, reCAPTCHA evaluates various information (e. g. IP address, length of stay of the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the system background. Data processing is carried out on the basis of Art. 6 (1) lit. a) EU-GDPR.
(2) Third party information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
(3) Further information on the purpose and scope of data collection and processing by the provider can be found in the provider’s data protection declarations. There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy.
(5) Used Cookies:
Following Cookies are used by reCAPTCHA: All these Cookies require a unique identifier for tracking purposes. Here is a list of Cookies that Google reCAPTCHA sets on the site on the page /contact:
Storage period: 6 months
Usage: NID is used by Google to match ads to your Google search. Google uses the Cookie to “remember” your most commonly entered searches or your previous interaction with ads. So you always get tailor-made advertisements. The Cookie contains a unique ID that Google uses to collect the user’s personal information for advertising purposes.
Example value: 189=tXrvCHz-LJfKguyZskTVZ8bP9lEpJ0utRMgrpwQYmC6eFv88pn-zmKgCoRNxqC13HI5JkekJUZgigHKwpIpTa3tlnQrB0WlL7IvquJZ3vKBBjiGIsM_BljSjg8mepkPgERWcAR1kyf28m-U-Dmf3SyK51QIoJGOlEealQljtTqo
(1) We have integrated YouTube-videos into our online offer, which are stored on https://www.YouTube.com and can be played directly from our website. These are all integrated in the “advanced privacy mode”, which means that no data about you as a user will be transferred to YouTube if you do not watch the videos. Only when you start playing the videos will the data referred to in paragraph 2 be transmitted. We have no influence on this data transmission.
We have online presences within social networks in order to inform active users about our services and, on demand, to communicate directly via the platforms. We are currently represented in the following networks:
All of our social media channels can only be accessed by visitors to the website via an external link. We do not use any plugins or other interfaces on our website which the respective networks offer for embedding the offers on websites.
We have no influence on the data collection and its further use by the social networks. We have no knowledge of the extent to which, where and for how long the data will be stored, to what extent the networks will comply with existing deletion obligations, which evaluations and links will be made with the data and to whom the data will be passed. We therefore expressly draw your attention to the fact that user data (e. g. personal information, IP address) is stored by the network operators in accordance with their data usage guidelines and used for business purposes.
We process the data of the users in the social media presences insofar as they contact and communicate with us via e. g. comments or direct messages. The legal basis for the processing of the user’s data is Art. 6 (1) lit. b) and f) EU-GDPR.
Within our online offer no functions and contents of the service Xing, offered by the New Work SE, Dammtorstraße 29-32, 20354 Hamburg, Germany, are included. The Xing channels can only be accessed via an external link.
If the visitors to our website are members of the Xing platform, Xing can assign the call of the social media channel to the user’s profile there if the user visits the XING profile in the logged in state.
Within our online offer no functions and contents of the service LinkedIn, offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland, are merged. The LinkedIn channels can only be accessed via an external link.
If the visitors to our website are members of the LinkedIn platform, LinkedIn can assign the call of the social media channel to the user’s profile there if the user visits the LinkedIn profile in the logged in state.
Which personal data do we collect and where do we get them from?
As part of the application process, we may process the following personal data:
As a matter of principle, your personal data will be collected directly from you during the recruitment process, in particular from the application documents, the job interview and the personnel questionnaire. Possibly we may get data from third parties (e. g. job placement, employment agency). In addition, we process personal data that we have permissibly obtained from public accessible sources (e. g. professional networks).
For which purposes and on what legal basis do we process the data?
We process your personal data in compliance with the provisions of the EU-GDPR and the Federal Data Protection Act (BDSG). First and foremost, data processing serves to establish the employment relationship. The primary legal basis for this is Art. 88 (1) EU-GDPR in conjunction with §26 (1) BDSG.
Your data will only be used to fill the specific position you have applied for. In addition, the processing of health data may be necessary for the assessment of your ability to work in accordance with Art. 9 Para. 2 h) in conjunction with §22 Para. 1 b) BDSG.
If you would like to be added to our applicant database in the event of a rejection, or if your application is to be considered for other vacancies in our company, we require a declaration of consent from you.
In addition, European anti-terrorism regulations 2580/2001 and 881/2002 require us to compare your data with the so-called “EU Terror Lists” in order to ensure that no funds or other economic resources are made available for terrorist purposes.
How long do we store your data?
In the event of an employment, we will include your application documents in your personnel file. After termination of the employment relationship, we store the personal data that we are legally obliged to. This regularly results from legal obligations to provide evidence and to retain records, which are regulated among others in the German Commercial Code and the German Tax Code. Thereafter, the storage periods are up to ten years. Furthermore, personal data may be stored for the period during which claims may be made against us (statutory limitation period of three or up to thirty years).
In the event of rejection, your application documents will be deleted six months after completion of the application process at the latest, unless you have given us permission to store them for a longer period (applicant database).
Who gets your data?
We have outsourced the data processing for application procedures to our external service provider Goodworx GmbH, Prinz-Ludwig-Str. 17, 93055 Regensburg, Germany. We have concluded a contract for order processing with this company.
During the application process, only the persons and departments at our service provider and within our company (e.g. personnel department, special department, works council, severely disabled representatives) receive your personal data, who/which are involved in the decision on your recruitment.
In principle, you have the right not to be subject to any decision based solely on automated processing, including profiling, which has legal effect on you or which substantially affects you in a similar manner. In particular, these decisions may normally not be based on special categories of personal data pursuant to Art. 9 (1) EU-GDPR. We do not use any such decision-making processes within the framework of our website and the associated data processing.