Data privacy policy

Privacy Policy for online applications
Protecting your personal data is very important to us. We handle data provided to us in accordance with legal requirements, in particular those of the General Data Protection Regulation (GDPRR) and the German Data Protection Act (Bundesdatenschutzgesetz, or BDSG).

1. Application information

We collect different kinds of information. This includes in particular your personal data with contact information (salutation, first/surname, address, telephone number, email). Furthermore, you have the opportunity to transmit electronically stored documents such as references, cover letters or your CV.
 
We do not require any information from you that cannot be used in accordance with the German General Equal Treatment Act (Allgemeine Gleichbehandlungsgesetz), such as your race, ethnic origin, religion, ideology, disability, age or sexual identity). Please do not transmit any disclosures about illnesses, pregnancy, ethnic origin, political views, philosophical or religious convictions, membership of a trade union, physical or mental health or sex life either. If we identify that we have received such information, we will erase it.
 

2. Collection, processing, use and transferring your data

We will only collect, store, process and use personal data for purposes in connection with your interest in current or future employment with us and to process your application. Your data will not be passed to third parties. This applies insofar as your application applies to our company, not for affiliates in accordance with section 15 AktG (Aktiengesetz, or German Companies Act). Contact information will generally be collected and used to make contact concerning your application. If your application is successful, the data given will be used for administrative purposes within the scope of employment. The preceding collections, usages and transmissions of your application, making contact and possible transfer for administrative purposes will be done on the basis of Art. 6 (1) sentence 1 b) GDPR.
Your online application will be processed and made known exclusively to the relevant contacts in our company. All employees entrusted with data processing are obliged to maintain confidentiality. Third parties (with the exception of any employees responsible) will not become aware of your disclosures under any circumstances.
The data will be processed exclusively in Germany.

3. Storage

If we cannot offer you employment, we will store the data you have transmitted for up to 18 months, if necessary in a reduced form, also on the basis of Art. 6 (1) sentence 1 b) GDPR.

4. Data security

We place a great emphasis on the security of our system and use modern data storage and security techniques in order to protect your data optimally. This includes measures such as anti-virus software or a firewall. Our security measures are continuously improved in accordance with technological developments as a matter of course. Your data will be transmitted in encrypted form and then stored in a database. All systems in which your personal data is stored are protected against access and are only accessible to a certain group of people responsible for HR.

5. Matomo

a) Description and scope of data processing
This website uses the website analysis software Matomo (www.matomo.org) to collect and store data for marketing purposes and optimisation purposes. This data is used to create user profiles under a pseudonym. To do this, Matomo uses cookies. Cookies are small text files stored locally in the cache of the Internet browser used by the website visitor. The cookies facilitate the recognition of your Internet browser when you return to the website. The data collected using the Matomo technology (including your anonymised IP address) will be transmitted to our server and stored for usage analysis purposes, which will help us to optimise our website. The data generated by the cookie stored in the pseudonymised user profile will not be used to identify the visitor of this website or linked with any personal data about the bearer of the pseudonym. You can prevent cookies from being used and tracking by setting your browser not to accept cookies. Please note that if you do this, you may not be able to completely use all the functions and features of this website.

b) Legal basis
The legal basis for the processing of personal data of users is Article 6 (1) (f) GDPR.

c) Purpose of data processing
The processing of users' personal data enables us to analyse the browsing behaviour of our users. The analysis of the data obtained helps us to put together information about the use of the individual components of our website, enabling us to continue improving the website and making it more user-friendly. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Article 6 (1) (f) GDPR. The anonymisation of the IP address sufficiently takes account of the interests of users in their protection of personal data.

d) Duration of storage
The data will be erased as soon as it is no longer required for the purpose for which they were originally stored.

e) Possibility of objection and removal
Cookies are stored on the user's computer and transmitted to our site. This gives you as the user full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If you choose to disable cookies for our website, you may not be able to completely use all the functions and features of the website.
For more information on the privacy settings of the Matomo software, please click on the following link: https://matomo.org/docs/privacy/.

6. Changing the Privacy Policy

If we change the contents of this Privacy Policy, we will announce these changes on our website. We will always provide earlier versions of the Privacy Policy in an easily accessible form or make these available on request.

7. Your rights as a data subject in accordance with Art. 4 (1) GDPR

As a data subject in accordance with the GDPR (Art. 4 (1) GDPR) you have numerous rights towards us, which we would like to inform you of below:
  • Right to information: You have the right to receive information about whether we process data about you. In addition, you can have a copy of this data provided by us.
  • Right to correction: You have the right that we correct disclosures about you that do not relate to you or do not relate to you anymore without delay. In addition, you can demand your incomplete personal data is completed. If this is legally stipulated, we will also inform third parties about this, if we have transferred your data to them.
  • Right to erasure: You have the right to demand the erasure of your data without delay, if one of the following reasons applies:
    • Your data is no longer necessary for the purposes for which it was collected or was processed in another manner, or the purpose has been accomplished;
    • You withdraw your consent and we do not have any other legal basis for processing;
    • You object to processing and there are no overriding justified reasons for the processing;
    • You object to processing,
    • Your personal data was illegally processed;
    • It is necessary to erase the personal data to meet a legal obligation in accordance with Union law or the law of the member states to which we are subject.
Please note that your right to erasure can be restricted by legal provisions. This includes in particular the restrictions detailed in Art. 17 GDPR and section 35 German Data Protection Act (Bundesdatenschutzgesetz) (in the version applicable from 25 May 2018).
  • Right to restriction of processing (blocking) You have the right to demand the restriction of the processing of your data without delay, if one of the following conditions is met:
    • You dispute the accuracy of your personal data and do so for a period that enables us to check the accuracy of the personal data;
    • The processing is illegal, you reject the erasure of the personal data and instead demand the restriction of use of your personal data.
    • We no longer require the personal data for the purposes of processing but you require it to assert, exercise or defend legal claims.
    • You have objected to processing as long as it has not been identified whether our justified reasons outweigh your interests.
If you have brought about a restriction of processing according to the preceding itemisation, we will inform you before the restriction is lifted.
  • Right to objection: If we process your data due to our justified interests, third-party justified interests or in the public interest, you have the right to object to the processing of your data.
  • Withdrawing consent: You can withdraw any consent you have given us at any time with effect in the future. This withdrawal can be made in the form of an informal notification to the contact addresses detailed below. This also applies to any consent you gave us before the GDPR came into effect (i.e. before 25 May 2018). If you withdraw your consent, the legality of the data processing carried out until that point will not be affected.
  • Right to data portability: You have the right to receive personal data that affects you and that you have provided to us in a structured, common and machine-readable format and to transmit this data to others. You can take the details and restrictions from Art. 20 GDPR. Exercising this right does not affect your right to erasure.
  • Right to complain to the supervisory authorities: If you think our processing of your data has breached applicable data protection law, you have the right to complain to the competent supervisory authorities, i.e. in particular the independent State Centre for Data Protection Schleswig-Holstein (Kiel) or the relevant member state where you are resident, have your workplace or the location of the alleged breach of data protection.

 
You will also find details about your rights in Articles 15 to 21 of the GDPR and in sections 32 to 37 BDSG (in the version applicable from 25 May 2018).
To assert your rights, please contact (including informally) our Data Protection Officer, Mr Dennis Schäfer, SLM Solutions Group AG, Estlandring 4, 23560 Lübeck, Deutschland (datenschutz@slm-solutions.com).

8. Questions and suggestions on data protection

If you have any questions about this Privacy Policy, please also contact our Data Protection Officer, Mr Dennis Schäfer, SLM Solutions Group AG, Estlandring 4, 23560 Lübeck, Deutschland (datenschutz@slm-solutions.com).
You will also find further information in the Privacy Policy.