Data protection / privacy declaration for our online job application process

This data protection/ privacy declaration supplements our existing general data protection/ privacy declaration, which provides specific information on how we process your personal data when you visit the website or in connection with non-job application related issues.

  1. Responsibilities

    Please see our legal notice for the data controller’s name and contact details.

  2. Data Protection Officer

    You can contact our external data protection officer in writing by postal mail at the following address. Please include the additional delivery information “Data Protection Officer” in the address: https://nect.com/en/data-protection/.

  3. Contract processors

    You can apply for vacant positions on line via our careers portal. The portal is operated by Kenjo GmbH (Urbanstrasse 71, 10967 Berlin, Germany; hereinafter: Kenjo) on our behalf. In accordance with Art. 28 GDPR (General Data Protection Regulation) we have concluded a contract processing agreement with Kenjo.

  4. Purpose and legal basis for processing

    We will process your personal data in compliance with the regulations of the GDPR and the German Data Protection Act (“BDSG”) insofar as this is required for the application process. The legal basis for this is Art. 88 GDPR in conjunction with Art. 26 BDSG regarding the initiation and performance of employment relationships.

    In addition to this, we may process your personal data insofar as this is required to protect our legitimate interests or legitimate third-party interests and these interests are not overridden by your interests or fundamental rights and/or fundamental freedoms which require the protection of personal data. Legitimate interests may, in particular, be:

    • Defence against or exercising of legal claims against or by us or third parties arising from the application process

    • Ensuring of IT security and IT operations

    • Measures to ensure building and system security (such as access controls)

    • Use of external service providers who we have commissioned to process your personal data on our behalf

  5. Personal data categories

    We will only process data which is related to your application. This includes general personal data (form of address, first and surnames, address, date of birth, contact details, etc.); application data (cover letter, CV, enclosures, certificates and additional information provided by you); feedback information resulting from the application process and protocol data such IP address or the date and time when the application was submitted.

    Use of the contact form is regulated by an opt-in procedure. In other words, we will transmit your application data insofar as you have confirmed that you have read the data protection/ privacy note.

    We use cookies within the scope of the online application process. Cookies are text files which are stored on your Internet browser or installed on your end device by the Internet browser. These cookies contain characteristic strings which make it possible to explicitly identify your end device during use. We use technically necessary cookies to make our website more user-friendly. Some elements of our website may make it necessary for your end device to be identified when you change to another page. These elements serve, for example, to ensure that you, as a registered user, always remain logged on when accessing various sub-pages of our online presence and so do not have to re-enter your data every time you request a new page. Mandatory cookies on our website can only be used if you consent to this use. Mandatory cookies cannot therefore be individually deactivated or activated. You may, however, select a general deactivation option for cookies in your browser settings at any time. Cookies will be automatically erased when you close the browser.

  6. Data sources

    We process personal data which you have provided directly to us or via an HR consultant for the purpose of initiating or carrying out the application process.

  7. Data recipients

    Within our company we will only give your personal data to departments and individuals who require it to carry out the application process. Your personal data will be processed by Kenjo on our behalf on the basis of contract processing agreements as defined by Art. 28 GDPR. In such cases we will ensure that processing complies with GDPR regulations. Forwarding of data to recipients outside the company will otherwise only take place insofar as legal regulations allow or demand this; forwarding is required to deal with and thus carry out the application process; we have your consent; or we are authorised to provide information.

  8. Data processing location

    Data processing will only take place in countries in the European Union (EU). Should we transfer data to third countries - i.e. countries outside the European Union - then the transfer will be carried out exclusively in compliance with legally regulated conditions of admissibility. Conditions of admissibility are regulated by Art. 44-49 GDPR.

  9. Duration of data storage

    Data will be stored until the application process has been completed. Data will be erased at the latest after six months. In specific cases data may continue to be stored after a decision has been made regarding whether or not to establish the envisaged contractual relationship. This could, for example, be the case if there are indications that you will exercise claims against us. In such cases data will be stored for as long as processing is required for the establishment, exercise or defence of legal claims. When doing so, the criteria for the duration of data storage may include statutory periods such as those specified by Art. 15 Para. 4 Clause 1 German General Equal Treatment Act (“AGG”); Art. 61b German Labour Courts Act (“ArbGG”); statutes of limitation or legal archiving obligations. Data may also be stored if this is envisaged or specified by European or national legislative authorities in EU regulations, laws or other legislation which the data controller is subject to.

  10. Your rights under Art. 15 ff. GDPR

    It goes without saying that you, as a job applicant, have the option of exercising your data subject rights as stated in the GDPR. For more information on this, click here: https://nect.com/en/privacy-concern/.

  11. Necessity of providing personal data

    The provision of personal data within the scope of the application process is not required by law. You are thus not obliged to make your personal data available. Please however note that this data is required for the application process. Should you fail to provide us with personal data, then we will not be able to carry out any valid application process with you. We recommend that you only provide the personal data which is necessary to initiate and carry out the application process.

  12. Automated decision-making

    Since any decision on your application is not solely based on automated processing, no automated decision-making as defined by Art. 22 GDPR takes place within the scope of individual application processes.

Current as of: June 2022