PRIVACY POLICY REGARDING APPLICATIONS
General
Thank you for your interest in applying to INSITE. We are providing you with this Privacy Policy, which relates exclusively to the data collected as part of the
online application process pursuant to Article 13 GDPR, in order
to give you information on how we deal with the personal information we collect
from you during the application process. By submitting your application, you agree to this Privacy Policy.
1. Controller
INSITE-Interventions GmbH, Clemensstr. 10-12, 60487 Frankfurt am Main is the controller within the meaning of Article 28 GDPR and Sec. 62 BDSG (German Federal Data Protection Act, new).
CEOs: Dr. Matthias Conradt and Alexander Oster
2. Data Protection Officer
For all questions relating to the processing of your personal data and the exercising of your rights pursuant to the GDPR, please contact our Data Protection Officer.
The controller's Data Protection Officer is:
Ms Deborah Schütt
Clemensstr. 10-12
60487 Frankfurt am Main
Germany
Tel: +49 69 90555 29-0, Direct dial -20
Email: datenschutz@insite.de
3. For what purposes and on what legal basis do we process personal data?
We process personal data concerning you for the purposes of processing your job application, insofar as this is necessary in order to make a decision on establishing an employment relationship with us. The legal basis for this is Sec. 26(1) in conjunction with Sec. 8(2) BDSG.
We may also process personal data concerning you, insofar as this is necessary in order to defend legal claims that are enforced against us from the application process. The legal basis for this is Article 6(1), point (f) GDPR, whereby our legitimate interest may be, for example, a burden of proof in proceedings according to the German General Act on Equal Treatment (Allgemeines Gleichbehandlungsgesetz – AGG).
Should an employment relationship be established between you and us, we may continue processing personal data we have already received from you for the purposes of this employment relationship pursuant to Sec. 26(1) BDSG, provided this is necessary for the performance or ending of the employment relationship or for the exercise or fulfilment of rights and obligations of the worker representative body which arise from a law or collective bargaining agreement or from a works or services agreement (collective agreement).
4. What categories of personal data do we process?
We process data relating to your application. This may be general data concerning your person (such as your name, address and contact details), information concerning your professional qualifications and education, information concerning continued professional development, or other information which you provide to us in connection with your application. We may also process professional information which you have made publicly available, such as a profile on professional social media platforms.
If you submit your application to us by electronic means, i.e via e-mail or our web form, then we collect and process your personal data for the purposes of conducting the application process and taking steps prior to entering into a contract. By submitting an application on our recruitment page, you are declaring your interest in taking up employment with us. In this regard, you transmit to us personal data which we will use and store exclusively for the purposes of recruitment/applications.
- We collect the following data in particular:
- Name (first name and surname)
- E-mail address
- Telephone number
- Which location you are applying to
- Whether you are applying for full-time or part time (incl. number of preferred hours where applicable)
- Your CV as an attachment
You also have the option of uploading other relevant documentation, such as a cover letter or references. These documents may contain personal data such as your date of birth, address etc.
Only authorised employees from the HR department or other employees involved in the application process have access to your data.
If you send your application directly via e-mail to team@insite.de or if you submit your application via the web form, your message will be transmitted without encryption. Encrypted electronic communication with our company is not possible at this time. Your e-mail application will therefore be sent in unencrypted form.
Please feel free to send us your attachments in an encrypted or password-protected form (e.g. using software like "7-Zip"). Please let us know the password by phone.
5. Do we intend to transfer data to a third country?
We do not intend to transfer data to a third country.
6. How long are your data kept for?
We store your personal data for as long as is necessary in order to reach a decision on your application. In the event that an employment relationship is not established between you and us, your application documents will be erased six months after you are informed of the outcome, unless we are required to keep these for a longer period due to legal concerns.
7. What rights do you have?
As an applicant, you have the following rights, depending on the individual situation. You can exercise these rights by contacting our Data Protection Officer at any time using the contact details indicated under S. 1 and 2:
7.1 Access
You have the right to demand information regarding the personal data concerning you that we are processing and the right to demand access to your personal data and/or copies of these data. This includes information on the purpose of use, the categories of data use, their recipients and persons authorised to access them, and, if possible, the planned duration of storage or, where this is not possible, the criteria for setting this storage period;
7.2 Rectification, erasure or restriction of processing
You have the right to demand from us rectification of incorrect personal data concerning you without undue delay. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
7.3 Right to object
Insofar as the processing of personal data concerning you is based on Article 6(1), point (f) GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of these data. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
7.4 Right to withdraw consent
Where processing is based on consent, you have the right to withdraw this consent at any time, whereby this shall not affect the lawfulness of processing based on consent before its withdrawal. You can do this by contacting us or our Data Protection Officer at any time using the contact details above.
7.5 Right to erasure
You have the right to demand from us that the personal data concerning you be erased immediately and we have a duty to erase these data without undue delay, provided one of the following reasons applies:
- The personal data are no longer required for the purposes, for which they were collected or otherwise processed;
- You object to the processing pursuant to S. 8(c) above and there do not exist any superior legitimate interests in the processing.
- The personal data were being processed unlawfully.
- The erasure of the personal data is necessary in order to fulfil a legal obligation under EU law or the law of the Member States which we are subject to.
This does not apply insofar as the processing is necessary:
- in order to fulfil a legal obligation which makes the processing necessary under EU law or the law of the Member States which we are subject to;
- for the establishment, exercise or defence of legal claims.
7.6 Right to restriction of processing
You have the right to demand from us restriction of processing, provided one of the following conditions is met:
- If you are contesting the correctness of the personal data, for a period which allows us to verify the correctness of the personal data;
- The processing is unlawful and you reject erasure of the personal data and instead demand restriction of the use of the personal data;
- We no longer require the personal data for the purposes of the processing but you require these data for the establishment, exercise or defence of legal claims; or
- You have objected to the processing pursuant to S. 7(c), provided it has not yet been determined whether our legitimate interests outweigh yours.
If the processing of personal data pursuant to this point (e) has been restricted, these personal data may only be processed – excluding storage – with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If you have enforced restriction of processing, we will notify you before this restriction is lifted.
7.7 Right to lodge a complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the suspected breach, if you are of the opinion that the processing of the personal data concerning you is in breach of the GDPR.
A list of supervisory authorities in Germany can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
7.8 Necessity to provide personal data
The provision of personal data is not stipulated by law or contract, and you are furthermore not obliged to provide personal data. However, the provision of personal data is necessary in order to conclude an employment contract with us. This means that if you do not provide any personal data in your application, then we will not be able to enter into an employment relationship with you.
7.9 No automated decision-making
We do not conduct any automated individual decision-making within the meaning of Article 22 GDPR, i.e. the decision on your application is not based exclusively on automated processing.
7.10 Forwarding of data to third parties
The data that are transmitted in your application are transmitted via TLS encryption
and stored in a database. This database is maintained by Personio SE & Co. KG, which provides HR administration and applicant management software
(https://www.personio.de/impressum/). In this regard, Personio
is our data processor according to Article 28 GDPR. The basis for this processing is
a data processing agreement between us, as controller, and Personio.
7.11 Amendments to the Privacy Policy
We reserve the right to amend this Privacy Policy in order to adapt it to changes in the legal framework or changes to the service and the data processing. Users are therefore kindly requested to review the content of this policy regularly.
Frankfurt am Main, January 2024
Management, INSITE-Interventions GmbH
Processing of (personal) data by the operator of the recruitment page
General
This recruitment page is operated by Personio SE & Co. KG, a company with registered office in Germany which provides HR administration and applicant management software (https://www.personio.de/impressum/). The data that are transmitted in your application are transmitted via TLS encryption and stored in a database. Only the company conducting this online application process is responsible for these data within the meaning of Article 24 GDPR. Personio is only a provider of the software and of this recruitment page and is a data processor in this context in accordance with Article 28 GDPR. The basis for this processing by Personio is a data processing agreement between the controller and Personio. Personio SE & Co. KG also processes other data, which may include personal data, in order to render its services, in particular in order to run this recruitment page. More details are provided below.
Controller
The controller within the meaning of data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 Munich
Tel.: +49 (89) 1250 1005
Registered with the Commercial Court
Reg. no.: HRA 115934
Register court: District Court Munich
Data Protection Officer: datenschutz@personio.de
Server logs
General logs, called server logs, are automatically generated every time this recruitment page is accessed. These data are generally anonymised and therefore cannot be traced back to a natural person. Without these data, it would not be technically possible to provide and present the content of the software. Processing of this data is also absolutely necessary from a security perspective, in particular for access, input, transfer and storage controls. Furthermore, the anonymous information can be used for statistical purposes and for optimising the offering and the technology. Log files can also be retroactively reviewed and evaluated where there is a suspicion of unlawful use of the software. The legal basis for this is contained in Sec. 25(2)(2) TTDSG (German Telecommunications-Telemedia Data Protection Act). Generally speaking, the data collected include the domain name of the website, the web browser and browser version, the operating system, the IP address and the timestamp for when the software was accessed. The scope of these logs does not exceed the standard scope of any other website on the internet. The storage period for these server logs is up to 7 days. You do not have a right to object.
Error logs
So-called error logs are generated for the purposes of troubleshooting and debugging. This is absolutely necessary for us to be able to react to potential problems with the presentation and implementation of content as quickly as possible (legitimate interest). These data are generally anonymised and therefore cannot be traced back to a natural person. The legal basis for this is contained in Sec. 25(2)(2) TTDSG (German Telecommunications-Telemedia Data Protection Act). When an error is registered, general data, such as the domain name of the website, the web browser and browser version, the operating system, the IP address and the timestamp, are recorded for the corresponding error message/specification. The storage period for these error logs is up to 7 days. You do not have a right to object.
Use of cookies
In some parts of this recruitment page we use so-called cookies. These are small text files which are stored on the device you are accessing this recruitment page from. In principle, these cookies are used to guarantee security when you visit a website ("strictly necessary"), to implement certain functionalities such as standard language settings ("functional"), to improve the user experience or performance of the website ("performance"), or to display target group-based advertising ("marketing"). In principle, the only cookies used on this recruitment page are strictly necessary, functional and performance cookies, in particular cookies that are used to implement certain pre-configurations, e.g. language, identification of the application channel, or for analysing the performance of a job ad which has led a user to this recruitment page. The use of cookies is absolutely necessary for the rendering of our services and therefore for the performance of a contract (Article 6(1), point (b) GDPR). Storage period: up to 1 month or until the end of the browser session Right to object: you can adjust your own browser settings to either allow or reject cookies. Please note that deactivating cookies may limit or completely prohibit the functionality of this recruitment page.
Data subject rights
Where personal data are processed by Personio SE & Co. KG as controller, you have certain rights as a data subject arising from Chapter 3 of the EU General Data Protection Regulation (GDPR), depending on the legal basis and purpose of the processing. These rights may include Right of access (Article 15 GDPR), Right to rectification (Article 16 GDPR), Right to erasure (Article 17 GDPR), Right to restriction of processing (Article 18 GDPR), Right to data portability (Article 20 GDPR), Right to object (Article 21 GDPR). Where the processing of personal data is based on your consent, you have a right to withdraw this consent according to Article 7(3) GDPR. To enforce your rights in regards to data that are processed for the purposes of maintaining this recruitment page, please contact the data protection officer for Personio SE & Co. KG (see Section B).
Final provisions
Personio reserves the right to revise this Privacy Policy at any time in order that it always reflects the current legal requirements or so that changes to services are reflected in the Privacy Policy, e.g. when introducing new services. The new Privacy Policy shall then apply the next time you visit this recruitment page or submit a new application.