V. Data Processing in the Recruitment Context
1. Processing Purposes, Categories of Personal Data
We process the application data mentioned in this section for the purpose of initiating or performing an employment
relationship or a similar employment relationship to the extent described below.
In particular, the following categories of data may be processed:
- General Personal Data (name, address and other contact details, application photo, date of birth, nationality, marital
status, and any other (potentially sensitive) data you provide); - Professional Data (professional contact information, current position, responsibilities, current employer, current
compensation, notice period, possession status, restrictions); - Experience Data (previous positions and employers, education, vocational training, experience, skills);
- Future-oriented Data (wishes and expectations, assessments, potential areas of application, placement ideas);
- Other Data (information about your professional life that you provide through the application).
2. Additional Data Processing by the Data Controller; Legal Basis for Data Processing
If you contact us proactively, we process the data you provide during the initial contact, as well as any additional
data we request.
We treat and process all information (including resumes, certificates, and qualifications) as application data, as well
as any other information (e.g., from phone interviews or personal meetings). This is done for the contractual or
pre-contractual purposes mentioned above.
Providing certain accurate data is necessary to process your request; further information (including the submission of a
photo) is optional.
As far as your data is required for the recruitment process, Article 88 GDPR is the legal basis for processing your
data.
If the data concerns special categories of personal data (e.g., health data, union or religious affiliation, or other
‘sensitive’ data), processing is based on your consent according to Article 9(2)(a) GDPR, which you have expressed by
disclosing this data.
If your application is successful and an employment relationship is established, your data will be stored for the
duration of the employment relationship. After you leave the company, we will process your data for evidence purposes
for up to three years.
The processed personal data will be deleted if processing is no longer necessary for contract performance or if you
request deletion as part of your rights as a data subject. This usually occurs no later than six (6) months after the
conclusion of the application process, if there are no longer retention obligations. If no hiring takes place, in
individual cases, a longer retention period of 24 months from the last individual contact with you may apply—e.g., to
defend against potential OPENAX claims—based on our legitimate interests according to Article 6(1)(f) GDPR.
