Privacy Statement of Goodworx GmbH

We take data protection seriously

Protecting your privacy when processing personal data is important to us. When you visit our website, our web servers automatically store the IP of your internet service provider, the website from which you visit us, the pages you visit on our site, as well as the date and duration of your visit. This information is essential for the technical transmission of web pages and secure server operation. Personalized evaluation of this data does not occur.

If you send us data via a contact form, this data is stored on our servers as part of data backup. We exclusively use your data to process your request. Your data is treated as strictly confidential, and it is not disclosed to third parties.

Responsible person:

Goodworx GmbH
Prinz-Ludwig-Strasse 17
93055 Regensburg
Telephone: 0941/280759-0
email: info @goodworx - personal.de

Personal data

Personal data is data about yourself. These include your name, address and email address. You also do not have to provide any personal data to visit our website. In some cases, we need your name and address as well as further information in order to be able to offer you the desired service.

The same applies if we provide you with information material on request or if we answer your inquiries. In these cases, we will always point this out to you. In addition, we only store the data that you have submitted to us automatically or voluntarily.

When you use one of our services, we usually only collect the data that is necessary to provide you with our service. We may ask you for further information, but it is voluntary. Whenever we process personal data, we do so to be able to offer you our service or to pursue our commercial goals.

Automatically saved data

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • The date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • web browser and operating system used
  • full IP address of the requesting computer
  • Amount of data transferred

This data is not combined with other data sources. Processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website.
For reasons of technical security, in particular to ward off attempts to attack our web server, we store this data for a short time. Based on this data, it is not possible for us to draw conclusions about individual persons. After seven days at the latest, the data is anonymized at domain level by shortening the IP address, so that it is no longer possible to establish a connection to the individual user. In anonymized form, the data is also processed for statistical purposes; there is no comparison with other data sets or passed on to third parties, even in extracts. Only as part of our server statistics, which we publish every two years in our activity report, are the number of page views shown.

Cookies

When you visit our websites, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

By using session cookies, the person responsible can provide users of this website with a user-friendly service that would not be possible without the setting of cookies.

By means of a cookie, the information and offers on our website can be optimized for the user. As already mentioned, cookies enable us to recognize users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their login details every time they visit the website, because this is taken over by the website and the cookie stored on the user's computer system. Another example is a shopping cart cookie in the online shop. The online shop remembers the items that a customer has placed in the virtual shopping cart using a cookie.

Security

We have taken technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are required to comply with the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our privacy policies are constantly being revised. Please make sure you have the latest version.

Google Maps

This site uses the Google Maps map service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google can use Google Web Fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to find the locations we have specified on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be withdrawn at any time.

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://business.safety.google/controllerterms/ and
https://business.safety.google/controllerterms/sccs/

More information on handling user data can be found in Google's privacy policy: https://policies.google.com/privacy?hl=de

Google Web Fonts (local hosting)

This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. The Google fonts are installed locally. There is no connection to Google servers during this process.

For more information about Google Web Fonts, visit
https://developers.google.com/fonts/faq and in Google's privacy policy:
https://policies.google.com/privacy?hl=de

Applicant management

We collect various types of information as part of the application process. This includes, in particular, your personal data with contact information and a description of your education, work experience and skills. You also have the option to provide us with electronically stored documents such as certificates or cover letters.
We do not need any information from you that cannot be used under the General Equal Treatment Act (race, ethnic origin, gender, religion or belief, disability, age or sexual identity). We also ask you not to provide information about illnesses, pregnancy, ethnic origin, political views, philosophical or religious beliefs, trade union membership, physical or mental health or sex life. The same applies to content that is likely to infringe the rights of third parties (e.g. copyright, press law or general rights of third parties).
Personal data is only collected, stored, processed and used for purposes related to your interest in current or future employment with us and the processing of your application. It will not be passed on to third parties. To use the online application process, data such as name, address, telephone number, e-mail address, etc. are collected. This data is generally used to contact you about your application.
If your application is successful, the data provided can be used for administrative matters relating to employment.
Your online application will only be processed and reviewed by the relevant contact person at our company. All employees responsible for data processing are required to maintain the confidentiality of your data. Third parties will not be aware of your information under any circumstances. The data is processed exclusively in Germany.
If we are unable to offer you employment, we will store the data you provide for up to six months within the scope of legal retention periods for the purpose of answering questions relating to your application and rejection.
Should you give us your explicit written consent to also store and store your data accordingly, we may also consider you for future job offers. Otherwise, your application data will be completely deleted.

Rights of data subjects

You have the right to access, correct, delete or restrict the processing of your stored data, a right to object to processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law at any time.

Right to information:
You can request information from us as to whether and to what extent we process your data.
Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.
Right to delete:
You can request us to delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated storage obligations.
Irrespective of the exercise of your right to erasure, we will delete your data immediately and completely, unless there is a legal or statutory storage obligation to this effect.
Right to restrict processing:
You can ask us to restrict the processing of your data if

  • You dispute the accuracy of the data for a period of time that enables us to verify the accuracy of the data.
  • The processing of the data is unlawful, but you refuse to delete it and instead request a restriction on the use of the data,
  • We no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • You have filed an objection to the processing of the data.

Right to data portability:
You can demand that we provide you with the data you have provided to us in a structured, common and machine-readable format and that you can transfer this data to another person responsible without hindrance from us, provided that

  • We process this data on the basis of a consent given and revocable by you or to fulfill a contract between us, and
  • This processing is carried out using automated processes.

If it is technically feasible, you can request that we transfer your data directly to another person responsible.
Right of objection:
If we process your data for legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate reasons for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. You can object to the processing of your data for direct marketing purposes at any time without giving reasons.
Right of appeal:
If you believe that we are processing your data in violation of German or European data protection law, please contact us so that we can answer any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert any of the above rights against us, please contact our data protection officer. If in doubt, we may request additional information to confirm your identity.

Changes to this privacy statement

We reserve the right to change our privacy policies if this is necessary due to new technologies. Please make sure that you have the latest version. If fundamental changes are made to this privacy policy, we will announce them on our website.

All interested parties and visitors to our website can contact us regarding data protection issues at:

Mr. Christian Volkmer
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Phone: 0941 2986930
Fax: +49 941 298 6931 6
email: anfragen@projekt29.de
Website: www.projekt29.de

Information requirements in accordance with Art. 13/14 GDPR

The protection of your personal data is particularly important to us. We therefore process your personal data (“data” for short) exclusively on the basis of legal regulations. With this privacy policy, we want to provide you with comprehensive information about the processing of your data in our company and the data protection claims and rights to which you are entitled in accordance with Art. 13/14 of the European General Data Protection Regulation (EU GDPR).

1. Who is responsible for data processing and who can you contact?

Responsible is
Goodworx GmbH
Prinz-Ludwig-Strasse 17
93055 Regensburg
Telephone: 0941/280759-0
email: info @goodworx - personal.de

The company data protection officer is
Christian Volkmer
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
email: anfragen@projekt29.de
Phone: 0941-2986930

2. Which data is processed and from which sources does this data come?

We process the data that we have received from you as part of contract initiation or processing, on the basis of your consent or as part of your application with us or as part of your employment with us.

Personal data includes:

Your master/contact details, including Customers/prospects e.g. first and last name, address, contact details (e-mail address, telephone number, fax), bank details.

With applicants and employees This includes, for example, first and last name, address, contact details (e-mail address, telephone number, fax), date of birth, data from curriculum vitae and work references, bank details, religious affiliation, pictures.

With Business partners/suppliers This includes, for example, the name of your legal representative, company, trade register number, sales tax ID number, company number, address, contact person contact details (e-mail address, telephone number, fax), bank details.

In addition, we also process the following other personal data:

  • Information about the type and content of contract data, order data, sales and document data, customer and supplier history, and consulting documents,
  • Advertising and sales data,
  • Information from your electronic transactions with us (e.g. IP address, login data),
  • Other data that we have received from you as part of our business relationship (e.g. in customer interviews/job interviews),
  • Data that we generate ourselves from master and contact data and other data, such as through customer needs and customer potential analyses,
  • Photographs taken during events.

3. For what purposes and on which legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018, as amended from time to time:

  • To fulfill (pre) contractual obligations (Art. 6 para. 1lit.b GDPR):
    Your data is processed online for contract processing or at our location for contract processing for your employees in our company. The data is processed in particular when initiating business transactions and executing contracts with you.
  • To fulfill legal obligations (Art. 6 para. 1 lit. c GDPR):
    It is necessary to process your data for the purpose of fulfilling various legal obligations, e.g. from the Commercial Code or the Tax Code.
  • To protect legitimate interests (Article 6 Paragraph 1 lit. f GDPR):
    On the basis of a balance of interests, data processing may take place beyond the actual fulfilment of the contract to protect legitimate interests of us or third parties. Data processing to protect legitimate interests takes place, for example, in the following cases:
  • Advertising or marketing (see No. 4),
  • Measures for business management and development of services
  • Maintaining an internal customer database to improve customer service
  • In the context of legal prosecution
  • Sending non-sales-promoting information and press releases.
  • Within the framework of your consent (Art. 6 para. 1lit.a DSGVO):
    If you have given us consent to process your data, e.g. to send you our newsletter, publish photos, competitions, etc.

4. Processing of personal data for advertising purposes

You can object to the use of your personal data for advertising purposes in whole or for individual measures at any time without incurring any costs other than the transmission costs at the basic rates.

Under the legal requirements of Section 7 Paragraph 3 UWG, we are entitled to use the e-mail address that you provided when concluding the contract for direct marketing for services.
If you do not wish to receive such recommendations from us by email, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs at the basic rates. A message in text form is sufficient for this purpose.

5. Who receives my data?

If we use a service provider for order processing, we still remain responsible for protecting your data. All contract processors are contractually obliged to keep your data confidential and to process it only as part of the provision of services. The processors commissioned by us will receive your data if they need the data to perform their respective services. These include IT service providers that we need for the operation and security of our IT system, as well as advertising and address publishers for our own advertising campaigns.
Your data is processed in our customer database. The customer database supports the improvement of the data quality of existing customer data (duplicate adjustment, deleted/deceased license plates, address correction), and enables the enrichment with data from public sources.
This data is made available to business partners where necessary to process the contract.
If there is a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.
In addition, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of contract initiation and fulfilment.

6. How long will my data be stored?

We process your data until the end of the business relationship or until the expiry of the applicable legal retention periods (such as from the Commercial Code, the Tax Code, or the Working Hours Act); furthermore until the end of any legal disputes in which the data is required as evidence.

7. Is personal data transferred to a third country?

In principle, we do not transfer any data to a third country. In individual cases, a transfer will only take place on the basis of an adequacy decision by the European Commission, standard contractual clauses, appropriate guarantees or your express consent.

8. What data protection rights do I have?

You have the right to access, correct, delete or restrict the processing of your stored data, a right to object to processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law at any time.

Right to information:
You can request information from us as to whether and to what extent we process your data.
Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.
Right to delete:
You can request us to delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated storage obligations.
Irrespective of the exercise of your right to erasure, we will delete your data immediately and completely, unless there is a legal or statutory storage obligation to this effect.
Right to restrict processing:
You can ask us to restrict the processing of your data if

  • You dispute the accuracy of the data for a period of time that enables us to verify the accuracy of the data.
  • The processing of the data is unlawful, but you refuse to delete it and instead request a restriction on the use of the data,
  • We no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • You have filed an objection to the processing of the data.

Right to data portability:
You can demand that we provide you with the data you have provided to us in a structured, common and machine-readable format and that you can transfer this data to another person responsible without hindrance from us, provided that

  • We process this data on the basis of a consent given and revocable by you or to fulfill a contract between us, and
  • This processing is carried out using automated processes.

If it is technically feasible, you can request that we transfer your data directly to another person responsible.
Right of objection:
If we process your data for legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate reasons for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. You can object to the processing of your data for direct marketing purposes at any time without giving reasons.
Right of appeal:
If you believe that we are processing your data in violation of German or European data protection law, please contact us so that we can answer any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert any of the above rights against us, please contact our data protection officer. If in doubt, we may request additional information to confirm your identity.

9. Am I required to provide data?

The processing of your data is necessary to conclude or fulfill your contract with us. If you do not provide us with this data, we will usually have to refuse to conclude the contract or will no longer be able to carry out an existing contract and will therefore have to terminate it. However, you are not obliged to give consent to data processing with regard to data that is not relevant or not required by law for the fulfilment of the contract.

Facebook privacy policy in accordance with Art. 26/13 GDPR

Welcome to the Goodworx GmbH Facebook page
Responsible bodies:

Meta Platforms Ireland Limited (hereafter referred to as “Facebook”)
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland

and

Goodworx GmbH
Prinz-Ludwig-Strasse 17
93055 Regensburg
Telephone: 0941/280759-0
Email: info @goodworx - personal.de

Information about the Facebook page of: Goodworx GmbH

The use of this Facebook page is for the purpose of generating advertising for the services and to seek contact with potential customers/applicants as well as existing customers.

As the operator of the Facebook page, we have no interest in collecting and processing the individual personal data of our visitors. We do not collect any data here for market analysis or marketing purposes. Detailed information on how I/we handle your personal data can be found in our privacy policy on our website.

The legal basis for operating this Facebook page — including the processing of personal data — is based on legitimate interest in accordance with Art. 6 para. 1 lit. f. EU GDPR.

Processing of personal data by Facebook

According to the ruling of the European Court of Justice (ECJ) of 5.06.2018, it was decided that the operator of a Facebook page together with Facebook is a joint controller for the processing of personal data.

The following data is collected by Facebook as a user:

  • Advertising (analysis tools, trackers and personalized advertising)
  • Preparation and evaluation of user profiles
  • Market research and marketing analyses

Facebook Inc., is the American parent company of Facebook Ltd. Ireland

We have no influence or insight into compliance with these data protection guidelines (e.g.: DPA, standard contractual clauses). We cannot rule out the possibility that risks and transfers of user data to third countries take place.

Cookies through Facebook

When you visit the Facebook page, Facebook may store information on your computer in the form of cookies. Cookies are small files that are transferred from an Internet server to your browser and stored on its hard drive. Only the Internet Protocol address is stored here — no personal data. This information, which is stored in cookies, allows us to automatically recognize you the next time you visit our website, making it easier for you to use it. The legal basis for the use of cookies is the legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO.

Of course, you can also visit the Facebook page without accepting cookies. If you do not want your computer to be recognized the next time you visit, you can also refuse the use of cookies by changing the settings in your browser to “Reject cookies.” The respective procedure can be found in the user manual of your respective browser. However, if you reject the use of cookies, the use of some areas of our websites may be restricted.

Facebook's privacy policy provides further information on data processing: https://www.facebook.com/about/privacy/

Objection options (so-called opt-out) can be found here:
https://www.facebook.com/settings?tab=ads And here http://www.youronlinechoices.com be set.

Statistical data collection by Facebook

Facebook provides us with statistical data using Facebook Insights. This application can help you discover further information about the demographics, location, or consumer behavior of potential customers. Facebook Insights examines who you have reached with your own advertising message. The corresponding data can then be displayed either for all Facebook users or for the fans of a page as well as for a defined custom audience. The insights then provide more detailed information:

  • Demographic information: age, gender, relationship status, etc.
  • Like: Information from fans for other Facebook pages
  • Users' location and language settings
  • Telephone number
  • Activity of selected users
  • Proportion of men and women
  • Professions
  • Route planner

According to Facebook, all data that can be viewed in Insights is aggregated and anonymous for advertisers. Therefore, no conclusions can be drawn about individual persons. We use these in aggregate form to make the contributions and activities on our site more attractive for each user. I/we use, for example, the distribution according to age and gender for adapted communication and prioritized visiting times of users in order to plan the posts on this Facebook page in a time-optimized manner. Information about the type of devices used by visitors helps us to adapt the contributions visually and creatively. In accordance with the Facebook terms of use, which each user has agreed to when creating a Facebook profile, we can identify subscribers and fans of the page and view their profiles and other information shared by them.

Users' rights of affected persons

Unfortunately, we are unable to comply with our information obligations under Article 13 EU GDPR, as only Facebook has full access to user data. If you want to exercise your data subject rights, please contact Facebook directly here. These rights include the following:

Right to information:
You can request information from us as to whether and to what extent we process your data.
Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.
Right to delete:
You can request us to delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated storage obligations.
Irrespective of the exercise of your right to erasure, we will delete your data immediately and completely, unless there is a legal or statutory storage obligation to this effect.
Right to restrict processing:
You can ask us to restrict the processing of your data if

  • You dispute the accuracy of the data for a period of time that enables us to verify the accuracy of the data.
  • The processing of the data is unlawful, but you refuse to delete it and instead request a restriction on the use of the data,
  • We no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • You have filed an objection to the processing of the data.

Right to data portability:
You can demand that we provide you with the data you have provided to us in a structured, common and machine-readable format and that you can transfer this data to another person responsible without hindrance from us, provided that

  • We process this data on the basis of a consent given and revocable by you or to fulfill a contract between us, and
  • This processing is carried out using automated processes.

If it is technically feasible, you can request that we transfer your data directly to another person responsible.
Right of objection:
If we process your data for legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate reasons for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. You can object to the processing of your data for direct marketing purposes at any time without giving reasons.
Right of appeal:
If you believe that we are processing your data in violation of German or European data protection law, please contact us so that we can answer any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert any of the above rights against us, please contact our data protection officer. If in doubt, we may request additional information to confirm your identity.

If you need assistance with this or have any other questions, feel free to contact us by email. If you no longer want the data processing described here in the future, please unlink your user profile to our site by using the “I don't like this page anymore” and/or “Don't subscribe to this page anymore” functions.

Information on data protection in applicant management in accordance with Art. 13 GDPR

Personal data is collected from you during your employment relationship. As a result of the new regulations in the General Data Protection Regulation (GDPR), we are therefore obliged to inform you of the following in accordance with Art. 13 et seq. of the GDPR:

Your employer is responsible for collecting and processing your data:

Goodworx GmbH
Prinz-Ludwig-Strasse 17
93055 Regensburg
Telephone: 0941/280759-0
email: info @goodworx - personal.de

The contact details of our data protection officer are:
Christian Volkmer
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
email: anfragen@projekt29.de
Phone: 0941-2986930

  • Your data is collected and processed as part of the recruitment process or to carry out the employment relationship.
  • The required data includes in particular your master data (in particular first and last name, name additions, nationality), your contact details (especially private address, mobile and landline number, e-mail address), other employment data, such as time recording data, vacation periods, periods of incapacity for work, skill data, social data, bank details, social security number, pension insurance number, salary data, tax identification number, special health data and, if applicable, criminal records) as well as log data that are used when using the IT systems arise.
  • Most of your personal data is collected directly from you. However, due to legal regulations, some of your data is also collected from other agencies, such as the tax office to request tax-relevant information on an occasional basis, the health insurance company for information on periods of incapacity for work or, if applicable, from other third parties, such as a job agency or from publicly available sources (e.g. professional networks).
  • Within our company, only the persons who need it to fulfill our contractual and legal obligations, such as the HR department and accounting, receive your personal data. Your data will also be transferred to certain companies on the basis of the contractual agreement and service.
  • If we use service providers to fulfill our contractual and legal obligations, they will also receive the necessary data.
  • Outside the company, we transfer your data to other recipients insofar as this is necessary to fulfill our contractual and legal obligations. These include, in particular, social security institutions, health insurance, pension insurance, professional pension institutions, the employment agency, the professional association, tax authorities, accident and liability insurance, courts, business partners, banks, competent authorities to guarantee claims arising from occupational pension schemes or capital benefits, third-party debtors in the event of wage and salary attachments or insolvency administrators in the event of private bankruptcy.
  • Your data will not be transferred to a third country.
  • We process your personal data in compliance with all relevant laws, such as the GDPR, the Federal Data Protection Act (BDSG), the Works Constitution Act, the Working Hours Act, etc.
    Data processing is primarily used to establish, implement and terminate the employment relationship. The relevant legal basis for this is Article 6 Paragraph 1 b) GDPR in conjunction with Section 26 Paragraph 1 BDSG or based on consent in accordance with Article 6 Paragraph 1 a), 7 GDPR in conjunction with Section 26 Paragraph 2 BDSG
    We also process your data in order to be able to fulfill our legal obligations as an employer, in particular in the area of tax and social security law. This is done on the basis of Article 6 Paragraph 1 c) GDPR in conjunction with Section 26 BDSG.
    Where necessary, we also process your data on the basis of Article 6 (1) f) GDPR to protect our legitimate interests or those of third parties (e.g. authorities). This applies in particular to the investigation of criminal offences (legal basis Section 26 Paragraph 1 S. 2 BDSG) or for internal communication and other administrative purposes.
    Insofar as special categories of personal data are processed in accordance with Article 9 (1) GDPR, this is used as part of the employment relationship to exercise rights or fulfill legal obligations arising from employment law, social security law and social protection (e.g. provision of health data to health insurance companies, recording of severe disability due to additional leave and determining the severely disabled tax). This is done on the basis of Article 9 Paragraph 2 b) GDPR in conjunction with Section 26 Paragraph 3 BDSG. In addition, the processing of health data may be necessary to assess your ability to work in accordance with Art. 9 para. 2 h) in conjunction with § 22 para. 1 b) BDSG.
    In addition, the processing of special categories of personal data may be based on consent in accordance with Article 9 Paragraph 2 a) GDPR in conjunction with Section 26 Paragraph 2 BDSG.
    Should we wish to process your personal data for a purpose not mentioned above, we will inform you beforehand.
  • If your job application is rejected, the data you have provided will be deleted six months after notification of the rejection. This does not apply if longer storage is necessary due to legal requirements (such as the duty of proof under the General Equal Treatment Act) or if you have expressly agreed to longer storage in our database of interested parties.
  • The storage period of the collected data is limited to the employment relationship. We will delete your personal data as soon as it is no longer required for the purposes mentioned above. After termination of the employment relationship, the data will be stored and then deleted in accordance with the legal or regulatory retention periods, which result, among other things, from the Commercial Code and the Tax Code. The storage periods are then up to ten years. In addition, personal data may be stored for the period of the statutory limitation period of three or up to 30 years if claims can be asserted against us.
  • You have the right to obtain information from the employer about the data stored about you. Under certain conditions, you can request the correction or deletion of your data. You may also have the right to restrict the processing of your data and the right to have the data provided by you published in a structured, commonly used and machine-readable format.

Right of objection:
You also have the right to object to the processing of your personal data for direct marketing purposes without giving reasons. If we process your data to protect legitimate interests, you can object to this processing for reasons arising from your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate reasons for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.

  • You have the right to lodge a complaint regarding the handling of your personal data with the above-mentioned data protection officer or the data protection supervisory authority. The supervisory authority responsible for you is:
    Bavarian State Office for Data Protection Supervision
    Promenade 18
    91522 Ansbach
    Phone: 0981 180093-0
    Fax: +49 981 180 0938 00
    email: poststelle@lda.bayern.de).
  • The provision of personal data is necessary for the establishment, implementation and termination of the employment relationship and represents an ancillary contractual obligation of the employee. If we do not receive the required data, it is not possible to carry out the employment relationship with you.