Data Privacy Statement for Job Applicants
to EDAG Engineering GmbH
This data privacy statement supplements our existing general data privacy statement, in which you are given concrete information explaining how we process your personal data during your visits to our website or with regard to subjects not specifically related to your application. You can find this general data privacy statement here: www.edag-engineering.de/datenschutz/
I. Name and Address of the Data Controller
In terms of the General Data Protection Regulation and other national data protection laws of the EU member states and other data protection-related regulations, the data controller is:
EDAG Engineering GmbH
Kreuzberger Ring 40
Tel.: +49 611 7375-0
Fax: +49 611 7375-265
II. Name and Address of the Data Protection Officer
The data controller's data protection officer is:
Tel.: +49 661 29698090
Fax: +49 661 29698099
III. General Data Processing Information
1. Extent to which personal data is processed
We process all personal data that you provide us with through your application, including the data that results from the context of your application.
We may also gather personal data about you from other sources, including personnel service providers, the references you have provided, websites and other data available to the public on the Internet. This includes, for instance, data you have clearly made public within the scope of an online profile on a business social network. We can also receive data that you transmit to us via third-party websites, for instance von job markets such as Stepstone or Monster. This data may include the following: your contact details, your desired salary, the type of employment you are seeking and the date of your availability.
We only gather special categories of personal data (information about racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, data concerning health or data concerning a person's sex life or sexual orientation) when this is prescribed by law. If you voluntarily provide us with special categories of personal data, you hereby expressly consent to the processing of this data as described in this data privacy statement.
If you apply via our online portal, we can gather access information such as the IP address of your access device. You can find further information relating to this in the data privacy statement on our website (https://www.edag-engineering.de/datenschutz/).
2. Purpose of and legal basis for the processing of personal data
We process your personal data in order to be able to fill vacant positions and carry out the selection procedure. The legal basis for this is Article 6 section 1 lit. b) of the GDPR in conjunction with Article 26 section 1 of the German Federal Data Protection Act (BDSG) (new).
The legal basis for the processing of your personal data in the context of inclusion in our talent pool is consent according to Article 6 section 1 lit. a) of the GDPR.
In addition, we can also process personal data about you insofar as this is necessary to conduct the defence, in the event of legal claims arising from the application process being made against us. The legal basis for this is Article 6 section 1 f) of the GDPR. The legitimate interest here is proof of interest in a judicial procedure. We have balanced our proof of interest and the interest in maintaining confidentiality of the person concerned. Our interest prevails.
In addition, for the purpose of security screening, we may check your master data (name, address, date of birth, place of birth) against the terrorist lists in the appendices to the current versions of Regulation (EC) No. 2580/2001 of 27 December 2001, Regulation (EC) No. 881/2002 of 27 May 2002 and/or Regulation (EU) No. 753/2011 of 1 August 2011, to ensure that the persons listed there are not provided with money or economic resources. The legal basis for this is Art. 6 para. 1 c) of the GDPR in conjunction with the relevant regulation.
3. Data erasure and storage period
We store application documents for a maximum of 6 months after completion of the application process, after which they are destroyed. Insofar as our processing is based on a legitimate interest or consent, we store your personal data for as long as this is necessary for the respective purpose, or for as long as we are entitled or obliged to process the data.
If you consent to being included in our talent pool, we store your application documents for a period of 24 months from the start of the application process, in order to be available for future job offers. You can withdraw your consent for the talent pool at any time.
4. Data recipients
If you consent to being included in our talent pool, in order to be able to offer you suitable jobs, we can also pass on your application documents to Group companies associated with us, as defined by Articles 15 et seq. of the German Companies Act (AktG).
Moreover, personal data can also be processed on our behalf on the basis of contracts in accordance with Article 28 of the GDPR, in particular by suppliers of recruiting management and applicant selection process systems.
Personal data is also handed on to the public authorities and/or law enforcement authorities if necessary for the above-mentioned purposes, if prescribed by law or if necessary for the protection of our legitimate interests, in compliance with applicable law.
5. Data transmission to third countries
Should we transmit personal data to service providers or Group companies outside of the European Economic Area (EEA), the data is only transmitted insofar as the EU Commission has confirmed that the third country provides an adequate level of data protection, or other data protection guarantees (e.g. binding corporate data protection regulations or EU standard contract clauses) exist.
IV. Rights of Data Subject
If personal data concerning you is processed, you are the data subject as defined in the GDPR, and have the following rights against the data controller:
1. Right to information
You are entitled to request information about your data that is being processed by us at any time.
2. Right to rectification and completion
Should your personal data be incorrect or incomplete, you are entitled to have it corrected or completed.
3. Right to restrict processing
If the legal conditions are met, you may request that processing of your personal data be restricted.
4. Right to deletion
You may at any time request that your personal data be deleted, provided we are not legally obliged or entitled to further process your data.
5. Right to data portability
If processing is carried out on the basis of your consent or within the scope of a contract, then you have the right to transfer the data provided by you, provided that the rights and freedoms of other persons will not be impaired as a result.
6. Right to object
You have the right to object to the processing of your data for direct marketing or profiling purposes. You may object to processing on the basis of an assessment of interests, stating the reasons arising from your particular situation.
7. Right to withdraw declaration of consent under data protection law
You have the right to withdraw your declaration of consent to the processing of personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on your consent before its withdrawal.
8. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR.
The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy in accordance with Art. 78 of the GDPR.
The authorised supervisory authority is:
The Hessian Commissioner for Data Protection and Freedom of Information
Version: November 2019
Here you will find our Declaration of consent to the processing of application data in our eRecruiting Portal (pdf, 80 KB).
Here you will find our Supplementary declaration for special data categories in our eRecruiting Portal (pdf, 85 KB)
In order to read the PDF document you will need the free Acrobat Reader, Version 8.0 or higher.