PRIVACY POLICY
Status: 25.01.2023
Introduction
In our data privacy statement, we explain how we handle your personal or personally identifiable data when you access and use our website, contact us or apply for a job with us. In addition, we inform you about the social media platforms we use.
Name and contact details of the responsible persons
Dr. Frankenberg & Partner Unternehmensberatung GmbH
Blankensteiner Strasse 235
D – 44797 Bochum (Germany)
Phone: +49 (234) 415 68 767
E-mail: info@dfp-beratung.de
You can reach the data protection officer as follows
datenschutzbeauftragter@dfp-beratung.de
Data processing for the provision of the website & the creation of log files.
Each time our website is accessed, information is temporarily processed and stored in so-called log files or log files, which may allow identification. Log files contain the following data and information:
– IP address of the requesting computer
– Date and time of access to the website
– Request method & requested files
– message whether the request was successful (“status code”)
– the operating system used by the accessing system and information about the browser type and version used (“user agent”).
The temporary data processing is technically absolutely necessary for the course of a website visit in order to be able to deliver the website at all. Further storage of the log files takes place for control and verification purposes, in order to be able to check the functionality of the website and the security of the information technology systems retrospectively. The legal basis is Article 6 (1) sentence 1 letter f DSGVO.
The log files are stored for 7 days, unless concrete indications point to an abusive / illegal use and require a subsequent review.
Web hosting
Anbieter: Raidboxes GmbH
Hafenstraße 32
DE – 48153 Münster
Website: https://raidboxes.io/
Cookies
Cookies are small files that are automatically created and stored in the terminal device (web browser). Cookies can store information about your preferred settings.
When you first visit our website, the consent manager “Borlabs” stores a cookie (“borlabs-cookie”): This cookie remembers whether or not you consent to the reloading of external content (Google Maps). If you have made a selection in the Consent Manager, or reject or agree, the cookie stores this information. Otherwise, you would have to make a selection again each time you change pages or navigate our website. The legal basis for the data processing by this cookie is Article 6 (1) sentence 1 letter f DSGVO.
By using the external services (e.g. chat system) based on your consent (Article 6 (1) sentence 1 letter a DSGVO), visitor data is processed by third-party cookies. These external services are not a prerequisite for the use of our website.
Contact
If you contact us (e.g. by e-mail or contact form), we will process your information to the extent necessary to respond to your contact request and any requested action. The legal basis is Article 6 (1) sentence 1 letter b DSGVO.
Insofar as your contact request is neither necessary for the performance of a contract with us nor for the implementation of pre-contractual measures, Article 6 (1) sentence 1 letter f DSGVO is the legal basis for the processing of your data. Our legitimate interest is to finally process the received message and to contact you externally.
If your contact is based on consent, Article 6 (1) sentence 1 letter a DSGVO is the legal basis.
We store your message until the processing is completed. Longer storage only takes place if we are entitled or obliged to do so in individual cases.
Application procedure
We process your application data for the purpose of assessing your suitability, qualifications and professional performance for the position for which you are applying. In the application process, we will use all the information you provide to progress your application and to check whether we can offer you a job with us. The data we process in the process depends on what data you provide to us. We will only use your contact data to contact you and inform you about the progress of the application process. We will only use other information contained in the application documents to determine your suitability for the position to be filled. Furthermore, we process data collected during the job interview. The legal basis is Article 6 (1) sentence 1 letter b in conjunction with Article 88 DSGVO, Section 26 BDSG.
If your application documents contain special categories of personal data, e.g. information about health, religious beliefs or ethnic origin, we also base our processing on Article 9 (2) (b) DSGVO, Section 26 (3) sentence 1 BDSG due to our legal obligations as an employer and the associated protection of your fundamental rights. In addition, we also process your information on the basis of Article 9 (2) (h) DSGVO, Section 22 (1) (1) (b) BDSG in order to be able to assess the fitness for work of potential employees and, if necessary, to take occupational health and preventive health measures.
Your personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the event that an employment relationship, training relationship, internship or other service relationship is established following the application process, the data will initially continue to be stored and transferred to the personnel file. Otherwise, the application process ends for you with the receipt of a rejection. In the event of a rejection, we will store your data for six months as soon as you have received the rejection decision, unless longer storage is necessary for the defense of legal claims.
The provision of personal data is necessary for the legality of the selection procedure to be carried out. The absence of relevant personal data in the application documents may result in non-inclusion in the allocation of the vacant position.
If you wish, we can include you in a subsequent selection procedure after your application has been rejected. In order to include you in our application pool, we require your consent (Article 6 (1) sentence 1 letter a DSGVO). Your consent is voluntary and can be revoked at any time.
LinkedIn
We maintain a page on LinkedIn. LinkedIn, a service of LinkedIn Corp, 1000 West Maude Avenue, Sunnyvale, CA 94085 USA, is the best-known web-based and international social network for maintaining existing (permanent) contacts and making new business connections.
The data controller for individuals located in the EU is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland: “If you are located in the ‘Designated Countries,’ LinkedIn Ireland Unlimited Company (“LinkedIn Ireland”) becomes the data controller for your personal data provided to, collected for, or processed by or in connection with our Services,” en.linkedin.com/legal/privacy-policy.
If you visit LinkedIn, the data and information collected about you when using the service (including IP address, user agent, browsing history, location [geotargeting]) is processed by LinkedIn, for which LinkedIn uses cookies and other web tracking technologies. The recipient of this data is first LinkedIn, where it may be shared with third parties for LinkedIn’s own purposes and under LinkedIn’s responsibility, as LinkedIn and its partners collaborate globally and use cookies, e.g. for statistics, personalization, ads / offers / content tailored to you and profile building. We process data when you message us on LinkedIn or leave comments You are free to access our LinkedIn page and take further actions, such as leaving comments or messages, contacting us or following our page. Alternatively, all information on our website is available to you.
LinkedIn is an international corporation and provides its services globally. It cannot be ruled out that personal or personally identifiable information may be stored and processed globally, including on servers in the United States, where there may be an inadequate level of data protection. Due to the possibly lower level of data protection in the third countries, data subject rights may not or only partially be enforced with these recipients. Furthermore, data could be exposed to access by foreign authorities and remedies before courts and authorities abroad could be unsuccessful. There is no adequacy decision by the EU Commission within the meaning of Article 45 GDPR for the USA. Appropriate safeguards within the meaning of Article 46 DSGVO for the data transfer form EU standard contractual clauses used here. A copy of the standard contractual clauses approved by the EU Commission on which LinkedIn relies can be found at:
www.linkedin.com/legal/l/eu-sccs
www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy
XING
We maintain a XING profile. New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany, is responsible for processing personal data. We process data when you notify us via XING or leave comments. When you visit our XING site, XING collects in particular your IP address, user agent and processes data on its own authority through cookies. For more information, please refer to XING’s privacy policy at:
privacy.xing.com/en/privacy-policy/print-version.
According to XING’s privacy policy, data transfers to third countries take place. These are based on EU standard data protection clauses:
privacy.xing.com/en/data-protection-clause/who-receives-data-to-your-person/third-countries.
Your rights
In accordance with Article 15 DSGVO, you have the right to receive information about the data stored about you, including any recipients and the planned storage period.
You have the right to revoke your consent without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
If incorrect personal data is processed, you have the right to rectification in accordance with Article 16 DSGVO.
If the legal requirements are met, you have the right to erasure or restriction of processing of the data concerned (Article 17 and Article 18 DSGVO).
You have a right to data portability (Article 20 GDPR).
You have the right under Article 21 DSGVO to object at any time, on grounds relating to your particular situation, to the processing of your personal data carried out on the basis of Article 6(1), first sentence, point (f) DSGVO. We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims. The collection of data for the provision of the website and the storage of log files are mandatory for the operation of the website.
In accordance with Article 77(1) DSGVO, you have a right of appeal to a supervisory authority.
We refrain from automated decision-making including profiling.