Processing of (personal) data by the entity in charge of the online application process
1. What is the purpose of this data protection statement?
We at GRÜNECKER Patent- und Rechtsanwälte PartG mbB (hereafter referred to as “Grunecker” or “We”) are pleased with your interest in our company and to receive your application.We take Data protection seriously and would like to inform you about what personal data (or “data”) we collect from your application and how this is processed. We would also like to inform you about your rights in regard to the processing of this data.
2. Who is responsible for data protection?
In the context of the General Data Protection Regulation (GDPR), the responsible party is GRÜNECKER Patent- und Rechtsanwälte PartG mbB, Leopoldstr. 4, 80802 München.We have appointed a data protection officer who can be contacted at:
GRÜNECKER Patent Attorneys and Attorneys at Law PartG mbB
attn. Data Protection Officer
Leopoldstraße 4
80802 Munich
dsb@tec4net.com
3. What personal data do we collect and process?
GRÜNECKER collects and processes the personal data that you have sent us as part of your application by e-mail, post, via the application form of our website or via a job website. This includes your name, address and contact data, the identification number of the position for which are applying for, your earliest date of availability, your salary requirements (annual salary) and any other data or documents you have provided, such as your CV including information contained therein, certificates filed, your date of birth (optional), etc. (referred to here as “application data”).In the application forms on our website, we also collect information on how you became aware of us and your entries within the spam protection test (captcha query).
In addition, we hold data about our communication with you during the application process and internal notes regarding the processing of your application, such as the date of receipt of your application, the processing status or date of interview.
4. For what purposes and on what legal basis will my data be processed?
Your data is used for the purpose of processing your application and selecting candidates for the position to be filled.For this purpose, we require the application data (name, contact data, CV and proof of qualifications) that are relevant for the advertised position. Unfortunately, we cannot consider your application without this data. Your data will be processed on the legal basis of Art. 6 para. 1 sentence 1 b), Art. 88 para. 1 GDPR in conjunction with § 26 para. 1 sentence 1 Federal Protection Act for the purpose of deciding on the establishment of an employment relationship.
We do not require any ‘special categories’ of personal data, such as health data, racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, or sexual orientation. Should you nevertheless voluntarily provide us with such data in your application it will be processed on the legal basis of Art. 9 para. 2 lit. a) GDPR with your consent.
We use the voluntary information of your date of birth for easier identification and assignment if you apply to us several times. This data processing takes place on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR (balancing of interests) and in our interest in order to facilitate the allocation of multiple applications by the same person.
We process your information on how you became aware of us in order to analyse and optimise the scope of our job advertisements. Your details will be stored together with your application data and deleted together with these (see point 6.).
This data processing takes place on the legal basis of Art. 6 para. sentence 1 f) GDPR (balancing of interests) and in our interest to better manage our job advertisements in the future.
We process the captcha query required to use the application forms on our website in order to be able to check that the application is genuine and not automated spam queries. Your input there will only be used for this purpose and will not be stored.
The data processing of the captcha query is carried out on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR (balancing of interests) and in our interest to prevent automated spam queries.
5. Who receives my data?
Within GRÜNECKER, your application data will be sent to the following recipients: the personnel department, and the partner and the head or deputy head of the department for which the position is advertised. In certain cases colleagues in specialist departments may also be shown your documents if they are involved for technical reasons.Your data may also be passed on to technical service providers who provide us with support (e.g. Application Management, General IT Support). These providers have been carefully selected and commissioned in writing. These service providers are obliged to follow our instructions and are regularly monitored by us. Otherwise, your data will only be passed on to other third parties if we are legally obliged to do so.
6. When will my application data be deleted?
If you start working for us, the data from your application procedure will be transferred to your personnel file. If someone else fills the position, we will store your data for six months after completion of the application process.If you have expressly consented to your data being stored for a period of two years, your data will only be deleted after the end of this period.
7. Can I agree to my application being considered for other vacancies and to my data being stored for a longer period of time?
If you are not successful with your application, we can offer to save your data for two years in case any other positions become available. If you expressly wish for this, please inform us in your application. We will then be able to check your details for suitability and contact you where appropriate.You can of course withdraw your consent for the longer-term storage of your data at any time with immediate effect.
The legal basis for considering your application for other job advertisements and storing the data for up to two years is Art. 6 para. 1 sentence 1 a), Art. 88 para. 1 GDPR in conjunction with your declaration of consent.
8. Use of cookies on the application pages of our website
a. Which cookies do we use?On our website, we use the technology of cookies on the application pages, which include forms. Cookies are small text files that are sent from our web server to your browser as part of your visit to our application pages and are stored on your computer, tablet computer or smartphone for later retrieval.
We use the following technically required cookies on our application pages:
[PHPSESSID] Function: This cookie is used to execute the scripts on our application pages and serves as a session ID to identify the individual user during a single web page visit (“session management”). It contains an identification number created individually for each browser session and is only stored until the end of the respective browser session. The cookie is a so-called initial provider cookie, which is controlled from our website.
[AOPortal_bewerbung.grunecker.de] Function: This cookie is used to control the flow and routing of data. It contains the value “true”. The cookie is stored until the end of the session and is an initial provider cookie, i.e. a cookie that is controlled from our website.
[swap] Function: This cookie is used to control the flow and routing of data and contains an alphanumeric sequence of digits. The cookie is stored until the end of the session and is an initial provider cookie, i.e. a cookie that is controlled from our website.
We do not use cookies on our application pages for tracking or advertising purposes, nor do we use cookies from third parties.
b. Disabling Cookies
You can determine whether cookies can be set and retrieved yourself by the settings in your browser. For example, you can completely deactivate the storage of cookies in your browser, restrict it to certain websites or configure your browser so that it automatically notifies you as soon as a cookie is to be set and asks you for feedback. You can block or delete individual cookies. For technical reasons, however, this can lead to some functions of our website being impaired and no longer functioning completely.
9. What rights do I have with regard to my data?
You have the right to request confirmation as to whether personal data relating to you has been processed; if this is the case, you have a right of access to this personal data and the information specified in Art. 15 GDPR.You have the right to request the immediate correction of any incorrect personal data concerning you and, if necessary, the immediate completion of incomplete personal data (Art. 16 GDPR).
You have the right to the deletion of personal data relating to you immediately if one of the reasons listed in Art. 17 GDPR applies in detail, e.g. if the data is no longer required for the purposes pursued (right of deletion).
You have the right to request us to restrict processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have filed an objection to the processing, for the duration of our examination.
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you on the basis of Art. 6 para. 1 e) or f) GDPR. We will then no longer process the personal data unless we can prove compelling grounds for processing worthy of protection, which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims (Art. 21 GDPR).
You have the right to withdraw your consent to us at any time with immediate effect (right of revocation).
You have the right to receive from us the data concerning you that you have provided to us in a structured, common and machine-readable format. You can also transfer this data elsewhere or have it transferred by us (right to data transferability).
To exercise your rights, please contact dsb@tec4net.com
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority if you believe that the processing of your personal data is contrary to the GDPR (Art. 77 GDPR). In Bavaria, the competent supervisory authority is: Bayerisches Landesamt für Datenschutzaufsicht, Postfach 1349, 91504 Ansbach, www.lda.bayern.de.
10. Data security
We use technical and organisational security measures to protect personal data, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments.For a secure transmission of your application data and communication by e-mail, we offer you the possibility of an encrypted transmission via PGP (“Pretty Good Privacy”). You can download our public PGP key from our website www.grunecker.de under the menu item “Contact”.
If you apply via an application form on our website, the data and application documents you enter are encrypted using SSL/TLS technology to prevent unauthorised third party access.
August 2021 GRÜNECKER Patent- und Rechtsanwälte PartG mbB
Notice regarding the right of objection:
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Art. 6 Para. 1 sentence 1 e) or f) GDPR (Art. 21 GDPR).We will then no longer process the personal data unless we can prove compelling reasons for the processing worthy of protection, which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
August 2021
GRÜNECKER Patent- und Rechtsanwälte PartG mbB