We are pleased that you are visiting our websites. Below, we would like to inform you about how we handle your data in accordance with Article 13 of the General Data Protection Regulation (GDPR).
Controller
Usage Data
When you visit our websites, so-called usage data is temporarily collected on our web server. This data record consists of
- the name and address of the requested content,
- the date and time of the request,
- the amount of data transferred,
- the access status (content delivered, content not found),
- the description of the web browser and operating system used,
- the referrer link indicating from which page you arrived at ours,
- the IP address of the requesting computer, which is shortened in such a way that it can no longer be linked to a specific individual.
The aforementioned log data is evaluated only in anonymised form.
Storage of the IP address for security purposes
In addition, we store the full IP address transmitted by your web browser for a strictly limited purpose for a period of seven days, in order to detect, limit and remedy attacks on our websites. After this period of time has expired, we delete or anonymise the IP address. The legal basis for this is Article 6 (1) sentence 1 lit. f GDPR.
Data security
In order to protect your data as comprehensively as possible against unwanted access, we implement technical and organisational measures. We use an encryption procedure on our websites. Your information is transmitted from your computer to our server and vice versa over the internet using TLS encryption. You can usually recognise this by the fact that the padlock symbol in your browser´s status bar is shown as closed and the address line begins with https://.
Cookies
We use cookies on our websites that are required for the use of our websites. Cookies are small text files that are stored on your device and can be read by it. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond a single session. We do not use these required cookies for analytics, tracking or advertising purposes. In some cases, these cookies contain only information relating to certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and the operation of the website.
We use these cookies on the basis of Article 6 (1) sentence 1 lit. f GDPR and in our legitimate interest in optimising or enabling user guidance and adapting the presentation of our website. You can configure your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the relevant browser settings and prevent new cookies from being set. Please note that our websites may then no longer be displayed correctly and some functions may no longer be technically available.
Job Alert
You can subscribe to notifications of new job postings (“Job Alert”) on our website. Please note that we require certain data (at least your email address) for registration to the Job Alert.
Information about new job postings will only be sent to you if you have given us your explicit consent in accordance with Article 6 (1) sentence 1 lit. a GDPR. After you have subscribed on our website, you will receive a confirmation email to the email address you provided (so-called double opt-in). You can revoke your consent at any time. An easy way to withdraw your consent is, for example, via the unsubscribe link included in every Job Alert email.
As part of the registration process for the Job Alert, we also store additional data beyond the information already mentioned, insofar as this is necessary to be able to prove that you have subscribed to our Job Alert. This may include storing the full IP address at the time of subscription and/or confirmation of the Job Alert, as well as a copy of the confirmation email sent by us. This data processing is carried out on the basis of Article 6 (1) sentence 1 lit. f GDPR and in our legitimate interest in being able to demonstrate the lawfulness of sending job offers.
Application
You have the option of applying for the positions we have advertised via the email address provided or through our application portal.
In order for us to consider your application, at least the following information is required:
- Name and address
- Email address
- CV / complete application documents (e.g. cover letter, certificates)
- How you found us
These fields are marked as mandatory fields in our application portal. We process this information solely for the purpose of applicant selection pursuant to Section 26 (1) BDSG (German Federal Data Protection Act) and Article 6 (1) sentence 1 lit. b GDPR. The data will not be processed for any other purposes.
You can also decide whether you wish to provide us with additional information, such as your telephone number to better assess your application and/or to facilitate communication, or your bank details if travel expenses are to be reimbursed. This information is provided voluntarily and is not mandatory for the application. In our application portal, these fields are accordingly marked as voluntary. We process your voluntary information on the basis of your consent pursuant to Article 6 (1) sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To do so, please contact the entity named in the legal notice (Impressum).
We will of course treat your data confidentially. The company seeking to fill the position as stated in the job description, as well as DSN Holding GmbH, are responsible for the collection and processing of your data within the application process. Data is transferred exclusively within the DSN GROUP, insofar as this is permissible under data protection law in the individual case.
If your application is unsuccessful, your documents will be deleted no later than three months after the rejection notification has been sent. If your application is addressed to FIRST PRIVACY B.V., we will delete your data no later than one month after the rejection notification has been sent. If your application is addressed to FIRST PRIVACY Austria GmbH, we will delete your data no later than seven months after the rejection notification has been sent. The legal basis for this processing is Article 6 (1) sentence 1 lit. f GDPR and our legitimate interest in defending possible legal claims. In individual cases, certain data may be stored for a longer period (e.g. travel expense records). The storage period is then based on the statutory retention obligations, for example under tax law or commercial law, and may be 6 or 10 years.
If your application is also to be considered for other or future job postings, this will only be done on the basis of your consent. In this case, we process your data on the basis of Article 6 (1) sentence 1 lit. a GDPR and delete your application after two years, or after one year if your application is addressed to FIRST PRIVACY B.V. or FIRST PRIVACY Austria GmbH. You can revoke your consent at any time with effect for the future. Please send your withdrawal of consent to the entity named in the legal notice (Impressum).
Contact
You have the option of contacting us via our contact form. In order to use our contact form, you must first provide the data marked as mandatory fields.
We use this data on the basis of Article 6 (1) sentence 1 lit. f GDPR to respond to your enquiry.
You can also decide whether you wish to provide us with further information. Such information is provided voluntarily and is not required in order to contact us. We process your voluntary information on the basis of your consent pursuant to Article 6 (1) sentence 1 lit. a GDPR. Your data will be processed solely for the purpose of responding to your enquiry. We delete your data once it is no longer required and no statutory retention obligations prevent deletion.
Insofar as the data you transmit via the contact form is processed on the basis of Article 6 (1) sentence 1 lit. f GDPR, you can object to the processing at any time. You can also revoke your consent to the processing of the voluntary information at any time. To do so, please contact the email address stated in the legal notice
(Impressum).
You can also contact our representatives directly by email or telephone. Data that you provide in this context will be processed exclusively for handling your enquiry, likewise on the basis of Article 6 (1) sentence 1 lit. f GDPR. In this case as well, you have the right to object to the processing.
If you contact us by email, depending on the configuration of your mail server, this may take place without transport encryption. If you wish to send us confidential data, we recommend that you encrypt it beforehand and send us the corresponding password via a different communication channel.
Storage period
Unless we have already provided information on the storage period for specific processing operations, we delete personal data when it is no longer required for the aforementioned processing purposes and no statutory retention obligations prevent deletion.
Additional processors
We pass on your data to service providers within the scope of processing on our behalf in accordance with Article 28 GDPR, who support us in operating our websites and the related processes. These include, for example, hosting providers. Our service providers are strictly bound by our instructions and are contractually obligated accordingly.
Your rights as a data subject
When we process your personal data, the GDPR grants you, as a data subject, certain rights:
Right of access (Article 15 GDPR)
You have the right to obtain confirmation as to whether or not personal data concerning you is being processed; where that is the case, you have the right to access such personal data and the information listed in detail in Article 15 GDPR.
Right to rectification (Article 16 GDPR)
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, where applicable, the completion of incomplete data.
Right to erasure (Article 17 GDPR)
You have the right to obtain the erasure of personal data concerning you without undue delay where one of the grounds listed in detail in Article 17 GDPR applies.
Right to restriction of processing (Article 18 GDPR)
You have the right to obtain restriction of processing where one of the conditions listed in Article 18 GDPR applies, for example, if you have objected to processing, for the duration of the assessment by the controller.
Right to data portability (Article 20 GDPR)
In certain cases, as detailed in Article 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and to have that data transmitted to another controller.
Right to object (Article 21 GDPR)
Where data is processed on the basis of Article 6 (1) sentence 1 lit. f GDPR (data processing for the purposes of legitimate interests) or on the basis of Article 6 (1) sentence 1 lit. e GDPR (data processing for the performance of a task carried out in the public interest or in the exercise of official authority), you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you. We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
You have the right, in accordance with Article 77 GDPR, to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes data protection provisions. The right to lodge a complaint may in particular be exercised with a supervisory authority in the Member State of your habitual residence, place of work or the place of the alleged infringement.
Contact details of the Data Protection Officer:
Our Data Protection Officer will be happy to answer any questions you may have or receive any suggestions you may wish to make regarding data protection:
Florian Wallrapp
Data Protection Officer of the DSN GROUP
Wörthstraße 15
97082 Würzburg
E-Mail: dsb@dsn-group.de
Telefon: +49 931 304 976-0