Privacy policy

The protection of your personal data is important to us. According to the EU General Data Protection Regulation (GDPR), we are obliged to inform you about the purpose for which we collect, store or forward data. The information also tells you what rights you have in terms of data protection.

RESPONSIBILITY FOR DATA PROCESSING

Profs & Execs e.K.
Inhaber Jestervin Eickhorst
Recruiting Services
Bergfeld Nord 14
31319 Sehnde

Tel.: +49 5138/4892542
Mobile: 01590-1072635
E-Mail: j.eickhorst(at)profs-execs.com

You can reach our responsible data protection officer at:
legal.solutions GmbH
Große Hamburger Str. 32
10178 Berlin

I. Data protection information for website visitors

General information

The following notices provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Data collection on this website
Who is responsible for the data collection on this website?

The data processing on this website is carried out by the website operator. You can find his contact details in the imprint of this website.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This can be, for example, data that you enter in a contact form.

Other data is collected automatically or after your consent when you visit the website by our IT systems. This is mainly technical data (e.g. internet browser, operating system or time of page view). The collection of this data takes place automatically as soon as you enter this website.

II. Hosting

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include IP addresses, contact requests, meta and communication data, contractual data, contact data, names, website accesses and other data generated via a website.

The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

Our hoster will only process your data to the extent that this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data.

Conclusion of a contract on order processing

In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot, according to current knowledge, be read by third parties.

Cookies

Technically necessary session cookies from our order processor are used on our website. They are temporarily stored on your end device for the duration of a session. Session cookies are automatically deleted at the end of your visit.

One cookie generates an identification number on the server side to assign user requests to a session. The other cookie is responsible for storing the language settings.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • operating system used
  • referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimisation of his website – for this purpose, the server log files must be collected.

III. Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal obligations – in particular retention periods – remain unaffected.

IV. Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your enquiry including all personal data arising from it (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after processing your request has been completed). Mandatory legal obligations – in particular retention periods – remain unaffected.

V. Analysis tools and advertising

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool with the help of which we can integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager collects your IP address, which may also be transferred to Google’s parent company in the United States.

The use of the Google Tag Manager is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in a fast and uncomplicated integration and management of various tools on his website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, duration of visit, operating systems used and origin of the user. This data may be summarised by Google in a profile that is assigned to the respective user or their end device.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this analysis tool is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

For more information on how Google Analytics handles user data, please see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Storage period

Data stored by Google at user and event level that is linked to cookies, user identifiers (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymised or deleted after 14 months. For details, please see the following link:
https://support.google.com/analytics/answer/7667196?hl=de

VI. Our Social Media Presence

Data processing through social networks

We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.

Social networks such as Facebook, Twitter, etc. can usually comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous processing operations relevant to data protection. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presences are intended to ensure the most comprehensive possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. The analysis processes initiated by the social networks may be based on different legal bases, which are to be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a DSGVO).

We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies, such as Facebook/ Instagram, LinkedIn, even if they have locations in Ireland, are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence agencies) process, evaluate and permanently store your data located on US servers for surveillance purposes. We have no influence on these processing activities.

Therefore, please do not send us any applications or confidential data via these social networks!

Responsible party and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

Storage period

The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Social networks in detail

Facebook
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.

We have entered into a Joint Processing Agreement (Controller Addendum) with Facebook. This agreement specifies which data processing operations we or Facebook are responsible for when you visit our Facebook page. You can view this agreement at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in:
https://www.facebook.com/settings?tab=ads.

For details, see Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

Instagram
We have a profile on Instagram. The provider is Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal data, please refer to Instagram’s privacy policy: https://help.instagram.com/519522125107875.

LinkedIn
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you would like to disable LinkedIn advertising cookies, please use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

For details on how they handle your personal data, please see LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

XING
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

VII. Information for applicants within the scope of our personnel services

1. PURPOSE OF THE DATA PROCESSING
  • Collection and processing for communication purposes
  • Collection and processing for the preparation of an offer
  • Collection and processing for the performance of the contract or pre-contractual measures
  • Collection and processing in the context of the creation of a candidate profile
  • Collection and processing in the context of legal obligations
2. LEGAL BASIS AND STORAGE PERIOD

We offer you the opportunity to apply within the framework of our personnel service.

Please use our online application form for a secure and data protection compliant processing of your personal data.

Please refrain from applying by e-mail, as data transmission on the Internet has security vulnerabilities when communicating by e-mail. We therefore recommend that you do not send sensitive data such as references, CVs, etc. unencrypted by e-mail. If you would still like to send us an e-mail, please encrypt the attachments according to current technical standards and send us the password in a separate, different way, e.g. via messenger or telephone.

If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.), insofar as this is necessary for the decision on the establishment of an employment relationship. The legal basis for this is § 26 BDSG-neu according to German law (initiation of an employment relationship), Art. 6 para. 1 lit. b DSGVO (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG-neu and Art. 6 para. 1 lit. b DSGVO for the purpose of implementing the employment relationship.

Retention period of the data

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 para. 1 lit. f DSGVO) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted, and the physical application documents destroyed. This storage serves as possible evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g., due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies.

A longer storage can also take place if you have given a corresponding consent (Art. 6 para. 1 lit. a DSGVO) or if legal storage obligations oppose the deletion.

Inclusion in the applicant pool

If we do not make you a job offer, it may be possible to include you in our applicant pool. In the event of inclusion, all documents and details from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.

Inclusion in the applicant pool takes place exclusively on the basis of your express consent (Art. 6 para. 1 lit. a DSGVO). The provision of consent is voluntary and is not related to the current application process. The person concerned can revoke his/her consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention.

Health data is only processed if you send it to us without being asked. In this case, we assume that you have given your voluntary consent in accordance with Article 6 (1) (a) in conjunction with Article 9 (1) (a). Art. 9 para. 1 lit. a, which you can revoke at any time for the future.

3. RECIPIENT OF YOUR DATA

For our online application forms on our website, we use the services of a professional online recruiting software as SaaS.

This is done for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

Our processor will only process your data to the extent necessary for the performance of its obligations and will comply with our instructions in relation to such data.

In order to ensure data protection-compliant processing, we have concluded an order processing contract with our order processor.

Other recipients of your personal data may include potential employers and tax advisors.

We forward your application to potential employers. In doing so, we process your associated personal data (e.g., contact and communication data, application documents, notes in the context of job interviews, etc.), insofar as this is necessary for the decision on the establishment of an employment relationship. The legal basis for this is Art. 88 DSGVO, § 26 BDSG-neu under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b DSGVO (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time. Your personal data will be passed on to persons who have been named to us as contact persons by companies involved in the processing of your application.

Possible recipients in the event of legal disputes may be associations, lawyers, collection service providers, public prosecutors, courts or other authorities.

4. ORIGIN OF YOUR DATA

We may receive your personal data from:

  • the Federal Employment Agency, insofar as they process data about you and you have consented to their transmission
  • Online job platforms if you are registered
  • social networks if you are registered
5. TRANSFER OF DATA TO THIRD COUNTRIES

Your personal data will not be transferred to third countries.

6. AUTOMATED DECISION MAKING OR PROFILING

There is no automated decision making or profiling.

VIII. Applications for internal positions in our company

Handling of applicant data

If there are vacancies in our company, we offer you the possibility to apply via our online application form.

Please use our online application form for a secure and data protection compliant processing of your personal data.

Please refrain from applying by e-mail, as data transmission on the Internet has security vulnerabilities when communicating by e-mail. We therefore recommend that you do not send sensitive data such as references, CVs, etc. unencrypted by e-mail. If you would still like to send us an e-mail, please encrypt the attachments according to current technical standards and send us the password in a separate, different way, e.g. via messenger or telephone.

In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.), insofar as this is necessary for the decision on the establishment of an employment relationship. The legal basis for this is § 26 BDSG-neu according to German law (initiation of an employment relationship), Art. 6 para. 1 lit. b DSGVO (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems based on § 26 BDSG-neu and Art. 6 para. 1 lit. b DSGVO for the purpose of implementing the employment relationship.

Retention period of the data

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided based on our legitimate interests (Art. 6 para. 1 lit. f DSGVO) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. This storage serves as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g., due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies.

A longer storage can also take place if you have given a corresponding consent (Art. 6 para. 1 lit. a DSGVO) or if legal storage obligations oppose the deletion.

Inclusion in the applicant pool

If we do not make you a job offer, it may be possible to include you in our applicant pool. In the event of inclusion, all documents and details from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.

Inclusion in the applicant pool takes place exclusively based on your express consent (Art. 6 para. 1 lit. a DSGVO). The provision of consent is voluntary and is not related to the current application process. The person concerned can revoke his/her consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.

IX. Information for customers, partners, third parties

1. PURPOSE OF THE DATA PROCESSING
  • Collection and processing for communication purposes
  • Collection and processing for the preparation of an offer
  • Collection and processing for the performance of the contract
  • Collection and processing within the framework of a contract and the resulting job description
  • Collection and processing in the context of invoicing
  • Collection and processing in the context of legal obligations
2. LEGAL BASIS AND STORAGE PERIOD

The legal basis for the processing of your data is:

Art. 6 para. 1 lit a DSGVO, if you have given us your consent. The data is stored until you, as the person concerned, request its deletion.

Art. 6 para. 1 lit. b DSGVO, for the fulfilment of the contract or pre-contractual measures

Article 6 (1) (f) DSGVO, based on the legitimate interest of the controller, insofar as the fundamental rights and freedoms of the data subject do not conflict with this.

The data that we process on the basis of Art. 6 (1) (b), Art. 6 (1) (f) will be deleted as soon as they are no longer necessary for the purpose of their processing, unless deletion is not possible due to legal retention periods and further processing is mandatory pursuant to Art. 6 (1) (c) DSGVO or you have given us your consent to store your data beyond this pursuant to Art. 6 (1) (a) DSGVO. Article 6 (1) (c) DSGVO is mandatory, or you have given us your consent to store your data beyond this in accordance with Article 6 (1) (a) DSGVO or this is necessary for the assertion, exercise and defence of legal claims in accordance with Article 17 (3) (e) DSGVO.

3. RECIPIENT OF YOUR DATA

Recipients of your personal data may be order processors, tax advisors.

Possible recipients in the case of legal disputes can be associations, lawyers, collection service providers, public prosecutors, courts or other authorities.

4. ORIGIN OF YOUR DATA

We may receive your personal data from:

  • of the Federal Employment Agency
  • Online job platforms
  • social networking
5. TRANSFER OF DATA TO THIRD COUNTRIES

There is no transfer of your personal data to third countries

6. AUTOMATED DECISION-MAKING OR PROFILING

There is no automated decision making or profiling.


X. YOUR RIGHTS

REVOCATION OF YOUR CONSENT TO DATA PROCESSING

Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

RIGHT TO INFORMATION

As a data subject, you have the right to request confirmation from the controller as to whether personal data relating to you are being processed. If this is the case, you as the data subject have the right to obtain information about this personal data.

RIGHT TO CORRECTION, DELETION OR RESTRICTION

As a data subject, you have the right to have any incorrect data processed by us corrected. Furthermore, you have the right to demand the deletion or restriction of the processing of your data. If parts of the data are subject to a legal or official obligation to retain data, the data subject to the obligation to retain data will be blocked instead of deleted. You can assert your rights by post or by e-mail.

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of erasure.
  • If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
  • If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. If it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

RIGHT TO DATA PORTABILITY

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

RIGHT TO OBJECT TO PROCESSING

As a data subject, you have the right to object to the processing of your personal data in accordance with Article 21 DS-GVO. In individual cases, the exercise of the objection may result in you no longer being able to use the services offered by us. You can exercise your right of objection by post or by e-mail.

RIGHT OF APPEAL TO THE SUPERVISORY AUTHORITY

As a data subject, you have the right to lodge a complaint with the competent supervisory authority if you do not agree with this request for information or the way in which the data is processed.

The supervisory authority responsible for a company is located in the federal state in which the company has its registered office. You can find the contact details of the supervisory authority for data protection responsible for us under this link:

https://www.datenschutz-wiki.de/Aufsichtsbehörden_und_Landesdatenschutzbeauftragte