When our website is displayed, the standard fonts on your device are replaced by fonts. This is done to make the text on our website easier to read and more aesthetically appealing. When it comes to font replacement, we have opted for a privacy-friendly solution. In fact, we do not integrate any external services, such as Google Fonts or Adobe Fonts. Instead, we store the fonts to be replaced locally on our server. This has the advantage that when you visit our site, your browser does not request external font replacement services and therefore no data, in particular your IP address in connection with the address of our website, is transmitted to third parties.
Our website uses services from “Vimeo”, a video platform operated by Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA (hereinafter referred to as “Vimeo”). We use Vimeo by embedding individual videos from the platform on our website as so-called iframes (embedding) so that they can be played directly on our website. When you visit a subpage of our website on which a video is embedded, a connection to the Vimeo servers is established and the video is displayed within the website. This tells Vimeo which website you have visited. Your IP address may also be transmitted to Vimeo. When you play an embedded video, this information is also shared with Vimeo. If you are logged in as a Vimeo user, Vimeo assigns this data to your user account. For more information about Vimeo's data protection, please visit vimeo.com/privacy.
The processing is carried out in order to be able to show you videos on our website.
Processing is based on consent in accordance with Article 6 (1) (a) GDPR. We obtain this as part of a content blocker at the point on our website where a Vimeo video is to be displayed. Such consent is voluntary.
You can withdraw your consent to display Vimeo videos on our website at any time with effect for the future.
By integrating Vimeo videos, personal data may be transmitted to Vimeo LCC. Vimeo also processes data in the USA.
We process the data that you provide in connection with your application to check your suitability for the position (or any other open positions in our company) and to carry out the application process. This includes general information about you (such as name, address and contact details), information about your professional qualification and education, information about continuing professional development, knowledge and skills, and other information that you disclose to us in connection with your application. This is usually done by means of a letter of application, curriculum vitae, certificates, correspondence, telephone or oral information from you.
We would like to rate all applicants only on the basis of their qualifications and therefore ask you to refrain as far as possible from the notification of “special categories of personal data” in accordance with Article 9 of the General Data Protection Regulation in the application (e.g. a photo showing ethnic origin, information about the status of the severely disabled, etc.). If your application contains such information, please send us a corresponding declaration of consent, otherwise your application cannot be considered. If your application is successful, we will include your data in your personnel file and use it to carry out and terminate your employment relationship.
If we are currently unable to offer you employment, we will process your data even after the rejection has been sent to defend ourselves against any legal claims, in particular due to alleged discrimination in the application process. If you are not selected for the vacant position, we will — provided we have your consent — add your data to our pool of applicants.
Processing is carried out to carry out the application process, to decide whether to establish an employment relationship with us and to document compliance with legal requirements in the application process.
Data processing in connection with the application process has its legal basis in Art. 6 para. 1 lit. b GDPR. If your application is successful, further data processing will take place in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for the purpose of establishing, implementing and terminating the employment relationship. If you have given your consent, e.g. to include your data in our pool of applicants, data processing is based on Article 6 (1) (1) (a) GDPR. The legal basis for data processing following a rejection is also Article 6 (1) (f) GDPR.
If your application is successful, your data will be transferred to your personnel file and deleted in accordance with the regulations applicable to personnel files. If we are currently unable to offer you employment, we will process your data up to six months after the cancellation has been sent. If we add your data to our pool of applicants after completion of the application process, we will delete it from the applicant pool in the event of a subsequent establishment of an employment relationship or otherwise two years after admission.
Your applicant data will be reviewed by the HR department after receipt of your application. Suitable applications are then forwarded internally to department managers for each open position. The rest of the process is then coordinated. In principle, only people within the company have access to your data who need it to properly complete our application process. This includes a transfer to the works council. The data will not be transferred to third parties. There is also no transfer of data to third countries, nor is this planned.
To protect your personal data from third-party access, we have provided our website with an SSL or TLS certificate. SSL stands for “Secure Sockets Layer” and TLS for “Transport Layer Security” and encrypts the communication of data between a website and the user's device. You can recognize the active SSL or TLS encryption by a small lock logo, which is displayed on the far left of the browser's address bar.
With regard to the data processing described above by our company, you have the following data subject rights:
You have the right to request confirmation from us as to whether we are processing personal data relating to you. If this is the case, they have the right to information about this personal data and to the information detailed in Article 15 GDPR under the conditions set out in Article 15 GDPR.
You have the right to request from us immediately to correct incorrect personal data concerning you and, if necessary, to complete incomplete personal data.
You have the right to request that we delete personal data relating to you immediately, provided that one of the details listed in Article 17 GDPR
reasons apply, such as when your data is no longer required for the purposes we pursue.
Under the conditions set out in Article 20 GDPR, you have the right to request the release of data concerning you in a structured, common and machine-readable format.
You have the right to withdraw your consent at any time when processing is based on consent. The revocation is valid from the time it is asserted. In other words, it works for the future. The processing is therefore not retroactively unlawful as a result of the withdrawal of consent.
If you believe that the processing of personal data concerning you violates the GDPR, you have the right to lodge a complaint with a supervisory authority. You can assert this right with a supervisory authority in the EU member state of your residence, place of work or place of the alleged infringement.
Decisions that result in legal consequences for you or significantly affect you must not be based exclusively on automated processing of personal data — including profiling. We inform you that we do not use automated decision-making, including profiling, with regard to your personal data.
If we process your personal data on the basis of Article 6 (1) (f) GDPR (to protect overriding legitimate interests), you have the right to object to this under the conditions set out in Article 21 GDPR. However, this only applies if there are reasons arising from your particular situation. Following an objection, we will no longer process your personal data unless we can prove compelling legitimate reasons for processing that outweigh your interests, rights and freedoms. We also do not have to stop processing if it serves to assert, exercise or defend legal claims. In any case — even regardless of a particular situation — you have the right to object to the processing of your personal data for direct marketing at any time.
Status: september 2024
