Privacy policy

For the use of our website

Trenkwalder Group Deutschland Privacy Policy

 

Last updated: 18 December 2023

 

1. How we collect personal data

 

We collect and utilise our users’ personal data only to the extent necessary to provide a functional website and our content and services. The collection and use of our users’ personal data takes place regularly, exclusively with the user’s consent. An exception applies in cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by law.

 

We collect personal data in various ways, e.g. via our website and social media channels, for job applications and in relation to face-to-face interviews, via telephone and email, at events organised by us and in the course of interaction with customers and suppliers.

 

Depending on the nature of the business relationship, we may also collect the following personal data in particular:

  • Contact details (e.g. name, postal address, email address and telephone number);

  • User name and password if you register on our websites or in [our] apps;

  • Contact details of people you want us to contact on your behalf (we assume that these people have given you their prior consent to provide us with their details), and

  • Other information that you provide to us.

In addition, we collect, process and store the personal data provided by you as an applicant, employee or freelancer in accordance with the provisions of the GDPR and the German Federal Data Protection Act (BDSG-neu). In addition, when you apply, we may collect these types of personal data to the extent permitted by national law:

  • Career history and educational background,

  • List of projects;

  • Language skills and other job-related skills;

  • Social insurance number, national identification number or other identification number issued by the authorities;

  • Date of birth;

  • Gender;

  • Account information;

  • Nationality and work permit status;

  • Information on social security benefits;

  • Tax information;

  • Information from references and your CV, as well as information you provide to us about your professional interests and other information about your professional qualifications.

As well as, where required by law and with your express consent:

  • Information related to your health and any disabilities;

  • Results of drug tests, criminal record checks and other background checks.

In addition, we may collect information that you provide to us about other people, e.g. emergency contact details.

 

If we conclude an employment or service contract with you, in accordance with the provisions of the German Federal Data Protection Act (BDSG-neu), in particular Section 26 BDSG-neu, we shall collect, process and store personal data which you have provided to us as an employee or independent contractor (freelancer) or which arise during your employment or service relationship, insofar as this is necessary to fulfil our contractual and/or legal obligations.

 

Please also note our privacy policy for applicants.


2. Purpose and legal basis of data processing

 

We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG-neu). Depending on the individual case, the legal basis for the processing of your personal data is as follows:

  • Due to the establishment of an employment relationship:
    primarily, the data processing serves to establish the employment relationship. The primary legal basis for this is Art. 88 para. 1 GDPR in conjunction with Section 26 para. 1 BDSG-neu.

  • On the basis of consent (in accordance with  Art.  6 para. 1 lit. a GDPR)
    The purposes of the processing of personal data result from the granting of consent. You may revoke your consent at any time with effect for the future. Consent given before the GDPR came into force (25 May 2018) can also be revoked. Processing that took place prior to the revocation of consent remains unaffected.

 

In addition, European anti-terrorism regulations 2580/2001 and 881/2002 require us to check your data against the so-called  “EU terror lists” to ensure that no funds or other economic resources are made available for terrorist purposes.

The data controller collects and uses personal data for the following purposes:
a. To provide staffing solutions and employment services;
b. To create and manage online accounts;
c. To process payments;
d. To manage our customer and supplier relationships;
e. To the extent permitted by law and in accordance with the data controller's communication on cookies and advertising, to send promotional material, notices of available positions and other communications;
f. To the extent permitted by law, to communicate and manage special events, promotions, programmes, offers, surveys, competitions and market research;
g. To respond to individual enquiries;
h. To operate, evaluate and improve our business (including developing, improving, analysing and enhancing our services; to manage our communications; to carry out data analysis; to carry out accounting, auditing and other internal functions);
i. To protect against fraud and other unlawful acts, claims and other liabilities; and
j. To comply with and enforce applicable legal requirements, relevant industry standards, contractual obligations and our policies.

In summary, we process your personal data under the following legal bases, depending on the individual case:

a. Consent or explicit consent of the data subject where required by applicable law;
b. To ensure that we fulfil a legal or contractual obligation or an obligation necessary for the conclusion of a contract (for example, processing your personal data to ensure that your wages and taxes are paid);
c. Where processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject (for example, to enable the user to access the website in order to be provided with the services offered).

If you are an employee, or if you are an applicant or freelancer and you apply for a job, we will also use the data described above to the extent permitted by law:

a. To provide you with job offers and projects and to offer you work;
b. To provide you with human resources services, including the implementation of benefit plans, payroll, performance management and disciplinary actions;
c. To provide you with additional services such as training and development, career counselling and career reorientation support;
d. To determine your suitability as an applicant or freelancer and your job-related skills; and
e. To conduct data analytics, such as (i) analysing our database of applicants and employees; (ii) assessing individual performance, individual and job-related skills; (iii) identifying skills shortages; (iv) using information to identify potential opportunities for individuals; and (v) analysing trends in hiring practices.

We may also use the data for other purposes, about which we will inform you separately at the time of data collection or beforehand.

If you are an applicant or employee, we process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG-neu) and all other relevant laws (e.g. the German Works Constitution Act (BetrVG) or the German Working Hours Act (ArbZG)).

 

The primary purpose of data collection and processing is to handle the application process. The primary legal basis for this is Art. 6 para. 1 lit. b GDPR in conjunction with Section 26 para. 1 BDSG-neu.

If necessary, we also process your data on the basis of Art.  6 para. 1 lit. f GDPR in order to protect our legitimate interests or those of third parties (e.g. authorities). This applies in particular to the investigation of criminal offences (legal basis Section 26 para. 1 sentence 2 BDSG) or for the purposes of group management, internal communication and other administrative purposes.

 

3. Legitimate interest

 

The data controller may process personal data for certain legitimate business purposes (so-called legitimate interest, Art. 6 para. 1 lit. f GDPR), including in particular the following:

  • To improve, modify or personalise our services and communication with our customers, applicants and employees;

  • To detect and prevent fraud;

  • To improve the security of our network and information systems;

  • To improve our understanding of how people interact with our websites:

  • For direct marketing purposes;

  • To send you communications that we think may be of interest to you;

  • To determine the effectiveness of promotional campaigns and advertising.

When we process data for these purposes, we ensure that we take your rights into consideration and respect them. You have the right to object to such processing. Before objecting, please note that this may affect our ability to provide the requested service.

 

4. Processing and protection of personal data

 

We process personal data (including automated processing) for the purposes stated. We store such data for a specific period of time in accordance with our internal retention policy to ensure that the personal data is not stored for longer than necessary.

We maintain (constant) administrative, technical and physical security measures to protect your personal data against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use. We use the following security measures to ensure the appropriate protection and confidential treatment of personal data:

  • Encryption of data during transmission;

  • Strict monitoring of user ID;

  • Protection of the network infrastructure;

  • Network monitoring solutions.

 

5. Storage and retention of personal data

 

We store your personal data in our systems in such a way that you cannot be identified for longer than necessary. We determine this period by taking into account:

  • The need to continue storing personal data in order to provide services set up with the user;

  • The need to protect the legitimate/authorised interest of the data controller as described in the purposes of data processing;

  • The existence of specific legal (national) obligations that necessitate the processing and storage of data for certain periods of time.

The following also applies to the storage of data about applicants:

  • If we or a customer conclude an employment contract with an applicant, the transmitted data shall be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.

  • If no employment contract is concluded with the applicant or if the applicant is not placed, the application documents shall be deleted no later than six months after notification of the decision to reject the applicant, provided that deletion does not conflict with any other legitimate interests of the controller. Other legitimate interests in this sense include retaining evidence for use in proceedings under the German Equal Opportunities Act (AGG).

  • The applicant’s consent is obtained for longer storage to be able to propose further job or project offers matching the applicant’s qualifications and skills even after the end of the initial application phase during which the applicant could not be placed. After completion of the initial application phase and in the event of a corresponding offer, we will of course contact the applicant beforehand and obtain their consent. If consent is given for longer storage, we shall not delete the applicant’s data until this period has expired, unless the applicant gives us renewed consent for further storage.

6. Disclosure of personal data

We shall exclusively share your personal data in accordance with this privacy policy or, with regard to certain activities, in accordance with separate privacy policies. We share personal data with suppliers who provide services on our behalf in accordance with our instructions. We authorise these suppliers to use or disclose the data only to the extent necessary to provide the services on our behalf or to comply with legal requirements. We disclose your personal data as follows:

  • If you are an applicant or freelancer, we disclose your personal data to clients who have vacancies or projects or who are interested in hiring our applicants or freelancers; and

  • To other people we work with, such as subcontractors, in order to find you a job or project-related position.

  • Within the company to subsidiaries and companies affiliated with us;

In addition, we may disclose your personal data

  • If we are required to do so by law;

  • To law enforcement authorities or government officials based on a lawful disclosure request; and

  • If we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity.

We also reserve the right to transfer personal data if we sell or transfer all or part of our business or assets (including in the event of reorganisation, dissolution or liquidation).

7. Data transfer

In individual cases, personal data may also be transferred to recipients in countries other than the country where the data was originally collected, namely Germany. These countries may not be subject to the same data protection legislation as Germany.

In the event that your personal data is transferred to other countries in individual cases, we shall protect the data as described in this privacy policy. All data transfers are subject to the applicable data protection legislation.

We may transfer your personal data to countries within or outside the European Union. The GDPR guarantees the same high level of data protection throughout the European Union. When selecting our service providers, we therefore rely on European partners wherever possible if your personal data is to be processed. Only in exceptional cases will we have data processed outside the European Union as part of the use of third-party services. We only authorise the processing of your data in a third country if the special requirements of Art.  44 et seq. GDPR are fulfilled. This means that your data may only be processed on the basis of special guarantees, such as the EU Commission's officially recognised determination of a level of data protection corresponding to the EU or compliance with officially recognised special contractual obligations, the so-called standard data protection clauses.

 

8. Your rights as a data subject

 

Data subjects may exercise the following specific rights in accordance with Articles 15 to 22 GDPR:

a. The right to information: Data subjects have the right to request information on the categories of data processed, processing purposes, any recipients of the data and the planned storage period (Art.  15 GDPR)

b. The right to rectification: Data subjects have the right to request the rectification of inaccurate or incomplete data stored about them in order to protect the accuracy of this information and to adapt it to the data processing.

c. The right to erasure: Data subjects have the right to request that the data controller deletes information about them and no longer processes this data, unless the data cannot be deleted due to a legal obligation to retain it, for example.

d. The right to restriction of processing: Data subjects have the right to request that the data controller restricts the processing of their data.

e. The right to data portability: Data subjects have the right to request data portability, which means that data subjects may receive the personal data they originally provided in a structured and commonly used format or that data subjects may request that their data is transferred to another data controller.

f. The right to object: Data subjects who provide personal data to a data controller have the right to object to data processing at any time for a number of reasons as set out in the General Data Protection Regulation, without having to justify the decision.

g. The right not to be the subject of automated individual decision-making: Data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning the data subjects or similarly significantly affects them.

h. The right to lodge a complaint with a supervisory authority: Data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement if the data subjects consider that the processing of their personal data infringes the GDPR.

i. If processing is based on consent in accordance with Art.  7 GDPR, data subjects may revoke their consent at any time.

If you require further information about the processing of your personal data, you can contact us at any time.

 

9. Use of our website, general information

 

Each time our website is accessed, our system automatically collects data and information from the user’s computer system. Information is collected about:

1. The user’s IP address;
2. The browser type and version used;
3. The user’s operating system;
4. The user’s Internet service provider;
5. The date and time of access;
6. Websites from which the user’s system accesses our website;
7. Websites accessed by the user’s system via our website;

The data described is stored in our system’s log files. This data is not stored together with any other personal data about the user.

The system needs to store the user’s IP address temporarily in order to enable delivery of the website to the user’s computer. To this end, the user’s IP address must be stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our information technology systems.

The data is not analysed for marketing purposes in this context.

The legal basis for the temporary storage of data and log files is Art.  6 para. 1 lit. f GDPR.

Collecting your personal data in order to provide our internet presence and storing data in log files is absolutely necessary for the website to function. Users therefore have no option to object.

Your data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. If your data is collected to ensure the provision of the website, the data will be deleted when the respective session has ended.

 

10. General information on the use of cookies

 

We use cookies on our website. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. When you access a website, a cookie may be stored on your operating system. This cookie contains a distinctive string of characters that enables the browser to be uniquely identified when the website is accessed again.
Legal basis for the storage of cookies:

European ePrivacy Directive in conjunction with Section 25 para. 1 sentence 1 TTDSG: 
The legal basis for the storage of cookies, device identifiers and similar tracking technologies or for the storage of information in the end user’s terminal equipment and access to this information is the European ePrivacy Directive in conjunction with the German Act on the Regulation of Data Protection and the Protection of Privacy in Telecommunications and Telemedia (TTDSG). 

 

We would hereby like to point out that the legal basis for the processing of the personal data collected in this context results from the GDPR (Art.  6 para. 1 sentence 1 GDPR). The relevant legal basis for the processing of personal data in each specific case can be found below in the information on each respective cookie or type of processing.  

The primary legal basis for the storage of information in the end user's terminal equipment – in particular for the storage of cookies – is your consent (Section 25 para. 1, sentence 1 TTDSG). You give your consent when you visit our website – although of course you are not obliged to do so – and may revoke it at any time in the cookie settings.  In accordance with Section 25 para. 2, no. 2 TTDSG, consent is not required if the storage of information in the end user's terminal equipment or access to information already stored in the end user's terminal equipment is absolutely necessary for the provider of a telemedia service to provide a telemedia service expressly requested by the user. The cookie settings allow you to see which cookies are categorised as absolutely necessary (often also referred to as “technically necessary cookies”) and which therefore fall under the exemption set out in Section 25 para. 2 TTDSG and thus do not require consent. 

We also use cookies to make our website more user-friendly. Some elements of our website require that the browser can be identified even after a page change. The following data is stored and transmitted:
1. Language settings
2. Login information
The legal basis for the processing of personal data using cookies results from Art.  6 para. 1 lit. f GDPR. The purpose of using technically necessary cookies is to simplify the use of our website.
We would hereby like to point out that we can only offer certain features of our website by using cookies. These include:
1. Registration
2. Remembering search terms
We do not use personal data collected by technically necessary cookies to create user profiles. Cookies are stored on the user’s computer and transmitted by it to our website. As the user, you therefore have control over the use of cookies. You can restrict or deactivate the transmission of cookies by making changes in your internet browser settings. You can also delete cookies that have been stored there. Please note that you may no longer be able to use all the features of our website if you deactivate cookies.

 

11. Cookies

 

Our website uses cookies. Cookies are text files that are stored on your device, for example to make using a website easier or to recognise your device and save your settings or similar. Cookies can save your inputs and settings on a website so that you do not have to enter them again each time you visit the website. Cookies contain a so-called cookie ID that makes it possible to identify the device in which the cookie was stored. We use the following cookies in particular:
Cookies that contain a randomly generated, specific identification number that makes you or your device identifiable during your visit to our website. These cookies are automatically deleted at the end of your visit.

Cookies that contain a randomly generated, specific identification number that makes you or your device identifiable on our website. These cookies are automatically deleted after one year.

 

We use cookies to enable our online tools to interact with the web browser software on your computer or mobile device. This allows us to improve our service and your user experience. We use cookies to store session information between your browser and our online tools and to retrieve it when you visit our website again. We use cookies to track your navigation and use of the website.

 

The processing of your data for the purposes mentioned here is partly based on our legitimate interest in accordance with Art.  6 para. 1 lit. f GDPR, but in some cases we also require your consent in accordance with  Art.  6 para. 1 lit. a GDPR and Section 25 para. 1 TTDSG.

 

You have the right to revoke your consent or to object.
You can restrict or completely prevent the setting of cookies in your browser settings.

You can also arrange for cookies to be deleted automatically when you close the browser window. The provision of personal data is not required by law or contract and is not necessary for the conclusion of a contract. You are also not obliged to provide your personal data.

 

However, failure to do so may mean that you cannot use our website or cannot use it to its full extent. Other services we use also utilise cookies. We shall inform you separately about the use of cookies in the individual services.

 

12. Google Tag Manager

 

We use the Google Tag Manager service provided by Google. Google is a group of companies consisting of Google Ireland Ltd  (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliated companies of Google LLC. Google Tag Manager is an auxiliary service and processes personal data itself only for technically necessary purposes. Google Tag Manager ensures that other components are loaded, which in turn may collect data. Google Tag Manager does not access this data. It only collects data on how the individual tags are used.

 

The legal basis for the processing of your personal data is your consent in accordance with  Art.  6 para. 1 lit. a GDPR and Section 25 para. 1 TTDSG, insofar as this consent includes the storage of cookies or access to information on the user's terminal device within the meaning of the TTDSG. Your personal data may be transferred to the United States. The transfer of your data is subject to appropriate safeguards in accordance with Art.  46 GDPR. For this purpose, appropriate safeguards within the meaning of Art.  46 para. 2 GDPR have been agreed with the data importer to the extent necessary. The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected.

 

You have the right to revoke your consent at any time, see Art.  7 para. 3 sentence 1 GDPR. The revocation of consent is effective for the future and does not affect the legality of the processing carried out prior to revocation. You can revoke your consent to data processing and third-country transfer at any time by accessing the “Cookie settings” via the footer at the bottom of the website and unchecking the box under “Performance cookies”. This does not affect the legitimacy of any prior processing of your data.

 

Further information about the handling of user data can be found in Google Tag Manager's privacy policy: https://policies.google.com/privacy?hl=en-US#intro.

 

13. Google Analytics

 

We use Google Analytics on our website (service provider:  Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), a web analysis service that provides statistics and basic analysis tools for search engine optimisation (SEO) and marketing purposes. Google Analytics collects user data from each website visitor by using page tags that run on each visitor’s web browser to collect data and send it to one of Google’s data collection servers.

 

The legal basis for processing your personal data is Art.  6 para. 1 lit. a GDPR. The recipient of your personal data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In Google Analytics 4, the anonymisation of IP addresses is activated by default. As a result, your IP address will be shortened by Google within Member states of the European Union or in other signatory states to the Agreement on the European Economic Area. According to Google, the truncated IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. During your visit to the website, your user behaviour is recorded in the form of “events”. Events can be:

  • Page views

  • Your first visit to the website

  • Start of your session

  • Interaction with the website

  • Clicks on external links

  • Internal search queries

  • Interaction with videos

  • Downloads

  • Adverts you view/click on

  • Scrolling behaviour.

 

In addition, Google Analytics records:

  • Your approximate location (region)

  • Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)

  • The referrer URL (via which website/advertising medium you came to this website).

 

We are aware of our responsibility with regard to your personal data and we take measures to protect it. IP addresses are only processed in truncated form so that they cannot be traced back to individuals. If the data collected about you enables you to be identified as an individual, it is immediately excluded and deleted. We only use Google Analytics if you agree to performance cookies. We use Google Analytics to analyse the use of our website and to make regular improvements to it. The statistics we obtain by using Google Analytics enable us to improve our services and make them more interesting for you as a user. The legal basis for the use of Google Analytics is your consent in accordance with Art.  6 para. 1 sentence 1 lit. a GDPR.

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. You have the right to object to the processing of your personal data at any time in accordance with Art.  21 para. 2 GDPR. If you exercise this right, your personal data will no longer be processed for this purpose. You can also prevent cookies from being stored on your computer from the outset by selecting the appropriate settings in your browser software. However, if you configure your browser to reject all cookies, this may restrict the functionality of this and other websites. You can also prevent Google from collecting and processing the data generated by the cookie and data about your use of the website (including your IP address) by: a. not giving your consent to the setting of cookies or b. downloading and installing the browser add-on to deactivate Google Analytics HERE.

 

Further information on the handling of user data can be found in the Google Analytics privacy policy at: https://policies.google.com/privacy?hl=en-US#intro

 

14. Google reCaptcha

 

We also use the Google reCaptcha service on our website to determine whether a human or a computer is making a specific entry in our contact form or newsletter form. Google uses the following data to check whether a human or a computer is making entries: IP address of the end device used, the website visited where the reCaptcha service is integrated, the date and duration of the visit, information on the browser and operating system used, the Google account used if you are logged in to Google, mouse movements over the reCaptcha areas and tasks in which users have to identify images.

The legal basis for the aforementioned data processing is Art.  6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest in this data processing is to ensure the security of our website and to protect against automated entries (attacks).

Further information about the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland can be found at https://www.google.com/policies/privacy/

Opt-Out: https://adssettings.google.com/authenticated.

 

15. Google Maps

 

We use Google Maps (provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin, 4 Ireland) on our website to visualise geographical information. By using Google Maps, information about the use of our website, including your IP address, may be transmitted to Google in the USA. When you access a page on our website that contains Google Maps, your browser establishes a direct connection to Google’s servers. The map content is transmitted by Google directly to your browser, which integrates it into the website. We therefore have no influence on the scope of the data collected by Google in this way. To the best of our knowledge, this includes at least the following data:

 

  • Date and time of the visit to the website in question,

  • Internet address or URL of the website accessed,

  • IP address, (starting) address entered as part of route planning.

 

We have no influence on the further processing and use of the data by Google and can therefore accept no responsibility for this.
If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. However, in this case you will not be able to use the map display.
The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this regard and setting options to protect your privacy can be found in Google’s privacy policy (https://policies.google.com/privacy?hl=de).
By using our website, you consent to the processing of your personal data by the Google Maps route planner in the manner and for the purposes set out above.

 

16. Google Web Fonts

 

In order to set out our content correctly on all browsers and in an attractive graphical form, we use script libraries and text libraries such as Google Web Fonts (https://www.google.com/webfonts/) on this website.

 

Google Web Fonts are transferred to your browser cache to avoid multiple loading. If your browser does not support Google Web Fonts or prevents access, content is displayed in a standard font. Accessing script libraries or font libraries automatically activates a connection to the library operator. It is theoretically possible – although it is currently unclear whether and, if so, for what purposes – that the operators of such libraries collect data.
The legal basis for the use of script libraries is our legitimate interest in accordance with Art.  6 para. 1 sentence 1 lit. f GDPR.

 

The privacy policy of the library operator Google can be found here: https://www.google.com/policies/privacy/

17. Newsletter

 

We use our free newsletter to inform you about developments within our company and our latest interesting offers.
We collect the following data on the basis of your consent: Surname, first name, email address, IP address of the accessing computer, date and time of registration for the newsletter. In the context of data processing to enable the sending of newsletters, there is no disclosure of data to third parties. Your data is used exclusively to send you our newsletter via Brevo (formerly sendinblue).

We use a double opt-in process when users subscribe to our newsletter. After subscribing, you will receive an email asking you to confirm your subscription. You are required to confirm your subscription to prevent people from subscribing using other people’s email addresses. New subscriptions to the newsletter are logged in order to verify that the subscription process complies with the legal requirements. This includes storing the time of subscription and confirmation as well as the IP address.

The legal basis for the data processing is the user’s consent in accordance with Art.  6 para. 1 lit. a GDPR.  The purpose of collecting the user’s email address is to send the newsletter. Your data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. Your email address will therefore be stored for as long as your subscription to the newsletter is active. You can cancel your subscription to the newsletter at any time by revoking your consent.

Each copy of the newsletter contains a link for this purpose.

We would hereby also like to point out that you can object to the future processing of your personal data at any time in accordance with the legal requirements under Art. 21 GDPR.

In particular, you may object to any data processing for the purposes of direct advertising.

We send our newsletters via Brevo (formerly sendinbliue). Brevo processes personal data exclusively on systems located in Germany. Brevo’s contact details are: Sendinblue GmbH
Köpenicker Straße 126, 10179 Berlin, email: datenschutz@brevo.com. Brevo processes the personal data described above on our behalf. Furthermore, Brevo can use this data to optimise or improve its own services, e.g. to enhance how the distribution process operates on a technical level and how the newsletter is presented, or for financial reasons in order to determine which countries the newsletter recipients are based in. However, the service provider does not use our newsletter recipients’ data to contact them or to disclose this information to third parties. We have placed our trust in the reliability and the security of Brevo’s IT systems and data protection processes. We have concluded an “data processing contract” with the service provider. This is a contract in which Brevo undertakes to protect our users’ data, to process it on our behalf in accordance with its privacy policy and, in particular, not to pass data on to third parties.

You can view the Brevo privacy policy here: https://www.brevo.com/de/legal/privacypolicy/

 

18. White papers, events

 

On our websites, you occasionally have the option of registering for an event or downloading a white paper. For this purpose, we process the personal data provided by the data subject, which generally includes the following: Surname, first name, email address, telephone number, company, job title. 

Registering for an event and downloading white papers are generally free of charge. To participate in an event and/or download white papers, you must grant your consent to the processing of your personal data for advertising purposes, as the services offered are financed through the placement of advertising. You may revoke your consent at any time. Otherwise, event participation and/or downloading white papers is not tied to any further requirements or costs. The legal basis for data processing in this context is Art.  6 para. 1 sentence 1 lit. a GDPR (consent). Your data will not be passed on to third parties. This does not apply to agencies or other service providers that we commission as part of the process e.g. to organise events or send white papers. With the data subject’s consent, we inform them about our products and services via email.  The data subject has the right to revoke their consent to the processing of their personal data for advertising purposes at any time without providing
a reason. Revocation of consent does not result in any
disadvantages.

 

19. Contact via electronic channels

 

If you wish to contact us, you can use the form available on our home page to contact us electronically. The data you enter in the input field will be transmitted to us and stored. This data includes: Name, email address, telephone number, post code.


At the time the message is sent, the following data is also stored: 1. the user's IP address; 2. the date and time of registration
You can also contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored. Your data will not be passed on to third parties in this context; the data will be used exclusively for processing your message. The legal basis for the data processing is the user’s consent in accordance with Art.  6 para. 1 lit. a GDPR. The legal basis for the processing of data transmitted in the course of sending an email is Art.  6 para. 1 lit. f GDPR. If the aim of the email is to conclude a contract, then the additional legal basis for processing the data is Art.  6 para. 1 lit. b GDPR.

In this context, we process your personal data solely in order to process your contact request. If contact is made by email, this also constitutes our necessary legitimate interest in processing the data.
If further personal data is processed during the sending process, this is only used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Your data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For personal data entered into the contact form input field and for personal data sent via email, this is the case when the respective conversation with the user has ended. The conversation is deemed to have ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. Any additional personal data collected during the submission process will be deleted after no more than seven days.

You may revoke your consent to the processing of your personal data at any time. If you contact us by email, you may also object to the storage of your personal data at any time. However, we would hereby like to point out that in such cases we cannot continue our conversation with you. In such cases, all personal data stored in the course of making contact will be deleted.

 

20. Registration

 

You can register on our website, which will enable you to use additional features on the site. We only use the data entered to enable you to make use of the respective offer or service for which you have registered. The compulsory fields shown on registration must be completed in full. In the event of important changes or technically necessary changes, we will use the email address provided during registration to inform you of said changes.
The data collected during registration will be stored by us for as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected. The data will not be passed on to third parties.

 

The following data is collected as part of the registration process: Name, email address and mobile phone number. Please note that we collect your mobile phone number for two-factor authentication in order to offer you a high level of data security. 

As part of the registration process, you set your own password for your profile. 
Once you have registered, you can access your profile and save further data and information. This includes, for example: Interests, qualifications, education, professional background. You are not obliged to enter this additional data. 


During the registration process, we obtain your consent to the processing of this data, whereby the legal basis for the processing of your data is Art.  6 para. 1 sentence 1 lit. a GDPR. You may cancel your registration at any time. You also have the right to request that any personal data stored about you be amended or deleted at any time. If you wish to revoke your consent and/or request the deletion of your data, please contact us via email.

 

21. Social media presence

 

We maintain fan pages on various social networks and platforms with the aim of communicating with the applicants, customers, interested parties and users active there and informing them about our services. We would hereby like to point out that your personal data may be processed outside the European Union, which may result in considerable data protection risks for you. Please note that some US providers are certified under the Privacy Shield and have therefore undertaken to comply with EU data protection standards.

Furthermore, user data is usually processed for market research and advertising purposes. For example, user profiles can be created from user behaviour and the user interests revealed in this way. These user profiles can in turn be used, for example, to place adverts inside and outside the platforms that supposedly correspond to users’ interests. For these purposes, cookies are usually stored on users’ computers. These cookies store information on user behaviour and interests. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them). In the application forms, you have the option to enter basic data such as your first name and surname, email, telephone, photo from user profiles on social media. 

The processing of users’ personal data is based on our legitimate interests in informing users effectively and communicating with users in accordance with  Art. 6 para. 1 lit. f. GDPR. If users are asked by the respective providers to consent to data processing (i.e. to give their consent by ticking a checkbox or clicking on a button to confirm, for example), the legal basis for processing is Art. 6 para. 1 lit. a., Art. 7 GDPR.

Further information on the processing of your personal data and your options to object can be found in the links to the respective service providers listed below. Of course, we are available to answer any questions you may have and provide support if you need help.

List of service providers: 
1. Facebook 
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland 
Privacy policy: https://www.facebook.com/privacy/policy/

Opt-out: https://www.facebook.com/settings?tab=ads 
und http://www.youronlinechoices.com
2. Instagram 
Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA
Privacy policy/opt-out: http://instagram.com/about/legal/privacy/
3. Tik Tok
TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland.
Privacy policy:  https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE
4. Google/YouTube 
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) 
Privacy policy: https://policies.google.com/privacy
Opt-outhttps://adssettings.google.com/authenticated
5. LinkedIn 
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Privacy policy  https://www.linkedin.com/legal/privacy-policy 
Opt-out:  https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
6. Xing 
XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany
Privacy policy/opt-out: 
https://privacy.xing.com/de/datenschutzerklaerung

 

22. YouTube videos

 

We have integrated YouTube videos into our online offering, which are stored on http://www.youtube.com and can be played directly from our website. These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transmitted. We have no influence on this data transfer.

When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether YouTube makes available a user account via which you are logged in or no user account exists.

 

If you are logged in to a Google account, your YouTube data will be directly associated with your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data in the form of user profiles and uses them for the purposes of advertising, market research and/or customising its website. This type of evaluation also takes place (even for users who are not logged in) for the purposes of providing customised advertising and to inform other social network users about activities on our website. You have the right to object to the creation of user profiles of this type. You must contact YouTube to exercise this right.

For more information on the purpose and scope of data collection and processing by YouTube, please refer to the privacy policy. You will also find further information on your rights and settings options for protecting your privacy: https://www.google.de/intl/de/policies/privacy.

 

 

23. Chatbot

 

A chatbot is an application that uses artificial intelligence to converse with people using natural language. Users can ask questions, to which the system responds using natural language. It can support text input, audio input or both.

 

Our chatbot offers you the opportunity to enter into a dialogue with us. It answers your questions automatically using pre-formulated answers. Access to the chatbot does not require prior registration or any other provision of personal data. When you use the chatbot, we collect and process the information that is automatically transmitted to us by technical means or that you transmit to us voluntarily.

 

A randomly generated registration ID is assigned every time the chatbot is accessed. No connection can be established between this registration ID and your website identification (e.g. IP address) or your personal data.

 

It is generally not possible to draw conclusions about you from the chat process, unless you enter personal data into the chat (for example by providing your name for the purpose of assigning the request or for feedback).

 

We use cookies or similar technologies to operate the chatbot. This allows you to return to your conversation with the chatbot at any time while you are surfing on the website in which the chatbot is integrated or on other websites. You can prevent cookies from being saved by changing your browser settings. You can also delete stored cookies via your browser settings. However, blocking or deleting cookies may mean that you cannot use certain features of the chatbot.

The registration ID and any entries you make in the chatbot are automatically deleted after 7 days. We retain anonymised metadata that is necessary for statistical purposes.

 

The processing of users’ personal data is based on our legitimate interests in informing users effectively and communicating with users in accordance with  Art.  6 para. 1 lit. f. GDPR. If you give your consent, the legal basis for processing is Art. 6 para. 1 lit. a., Art.  7 GDPR. You have the right to information about the data you have entered, as well as the right to request its rectification or deletion. If you wish to revoke your consent and/or request the deletion of your data, please contact us via email.

 

24. WhatsApp (PitchYou)

 

At the request of candidates, we offer the option of applying via WhatsApp as part of the recruitment process. We use the PitchYou service provided by SBB Software und Beratung GmbH in Naila, Germany (Bahnhofstraße 7, 95119 Naila, Germany) for this purpose, which enables a connection and transfers the information provided to our applicant management system and guarantees the protection of applicant data. We have concluded an data processing contract with the service provider in accordance with Art.  28 GDPR. 

PitchYou provides multi-stage deletion to protect the rights of data subjects.

We have no influence on data processing by WhatsApp. Data processing is subject to WhatsApp’s privacy policy, which you must agree to in advance. We would hereby like to point out that the information you provide will be stored and processed in the USA. We would also like to point out that data processing by WhatsApp is associated with security risks. The USA is currently regarded as a country with an inadequate level of data protection by EU standards. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you being informed about this data processing and without you having the option of a legal remedy against this data processing by the US authorities.

The legal basis for the data processing is the voluntary consent given  within the meaning of  Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with Section 26 BDSG for the execution of the application process.

Applicants may revoke the consent expressly given above at any time with effect for the future by sending us a message via WhatsApp. The legality of any processing that takes place before you revoke your consent will not be affected.

Information on WhatsApp’s privacy policy:
https://www.whatsapp.com/legal?eea=0#privacy-policy 

Further information on PitchYou's privacy policy can be found at: 
https://www.pitchyou.de/datenschutz sowie https://www.pitchyou.de/pitchyou-dsgvo

Information on consenting to the use of WhatsApp can be found at: https://www.pitchyou.de/datenschutz-whatsapp

 

25. Updates to our privacy policy

 

This privacy policy (including any amendments) may be updated at regular intervals to reflect changes in our handling of personal data and to comply with legal updates. We will notify you of any material changes by posting an easily identifiable notice on our websites. The date of the most recent update will be indicated at the top of the policy.

 

26. Contact details/data controller

Depending on which company in our Group you are in contact with and which of the corresponding homepages you visit, the data controller is one of the organisations listed below. If you have any uncertainties or questions regarding the data controller, you can also contact our data protection officer. The data protection officer is responsible for all the data controllers listed below and can be contacted via:

Ms Helene Yagolnitser

h.yagolnitser@trenkwalder.com

 

Postal address:
Trenkwalder Personaldienste GmbH
Werner-Eckert-Strasse 6
81829 Munich

Telephone: +49 89 99 19 99-0
Email: infogermany@trenkwalder.com
Internet: https://de.trenkwalder.com

Managing Director: Mark Pollok

Data subject enquiries:
You can address enquiries about your rights as a data subject under the GDPR to the data protection officer.

The individual data controllers are:

 

Trenkwalder Personaldienste GmbH
Werner-Eckert-Strasse 6
81829 Munich

 

Trenkwalder Personaldienste Medical Care GmbH
Werner-Eckert-Strasse 6
81829 Munich

 

Trenkwalder Business Solution GmbH
Werner-Eckert-Strasse 6
81829 Munich

Back to main pageNext: For applicants