Processing of (personal) data by the entity in charge of the online application process
Processing of personal data by the person responsible for the online application procedure
Version 1.1, Status June 2021
General
We provide you with this privacy statement, which relates to the data collected as part of the online application process to inform you about how we handle your personal data collected in the application process.
Controller
The responsible party for data processing in terms of data protection law is:
New Flag GmbH
Leopoldstrasse 154, 80804 Munich, Germany
Phone: +49 89 4111 938 85
E-Mail: info@new-flag.com
Data protection officer
We have designated a data protection officer. For the attention of the data protection officer you can contact him through our postal address or by e-mail at datenschutz@new-flag.com.
Personal data we need
When you apply, we process data about you that we obtain through your application documents as well as through interviews with you. This can be contact data, all data related to the application (CV, certificates, qualifications, photo, etc.) and, if applicable, data on bank details (for reimbursement of travel expenses). In addition, your data will be processed when conducting our interviews.
Basis and purposes of data processing
We process your data to carry out the application process and to check whether we can offer you the position for which you have applied and employ you with us. The legal basis for this results from Art. 6 (1) 1 lit. b) DSGVO in conjunction with Art. 26 (1) 1 BDSG. If the data is in special categories of personal data (such as data about your health), which you yourself provide to us (for example, information about a severe disability), the processing is based on the legal basis of Art. 9 (2) b) DSGVO in conjunction with § 26 (3) BDSG.
Only authorized HR employees and managers involved in the application process have access to your data.
Erasion of your data
Your data will be stored for a period of 6 months after completion of the application process. This is done to fulfill legal obligations or to defend against possible claims arising from legal regulations. Afterwards, your data will be deleted or anonymized on the basis of our legitimate interests in analyzing the applicant profiles. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (for example, the proportion of women or men in applications, number of applications per period, etc.).
If your profile is of interest to us and you give us your consent, we will include your data in our "Talent Pool". After 24 months, your data will be permanently deleted. This also applies to applications for apprenticeships or internships.
Transfer of data to third countries
Your data transmitted during the application process will be transferred to us via TLS encryption. Personio GmbH provides us with our applicant management system. This company processes your data within the scope of an order processing contract. In this context, it is our order processor according to Art. 28 DSGVO.
In addition, we use other service providers who support us in the areas of website hosting, video conferencing, maintenance and support of IT systems, and archiving and destruction of documents, and with whom we have also concluded separate contracts for order processing.
Data subject rights
As a data subject, you have the right to information about the personal data concerning you (Art. 15 DSGVO), to correction of incorrect data (Art. 16 DSGVO) and to deletion, provided that one of the reasons stated in Art. 17 DSGVO applies, e.g. if the data is no longer required for the purposes pursued. There is also the right to restriction of processing if the conditions of Art. 18 DSGVO are met and in the cases of Art. 20 DSGVO the right to data portability. If the processing of personal data is based on your consent, you may revoke it in accordance with Art. 7 (3) DS-GVO.
Please contact our data protection officer at datenschutz@new-flag.com to assert your rights.
Right to lodge a complaint
In addition, as a data subject, you have the right to lodge a complaint with the data protection supervisory authority if you believe that the processing of your data violates data protection regulations. The data protection supervisory authority responsible for us is “Bayerisches Landesamt für Datenschutzaufsicht”, Postfach 1349, 91504 Ansbach, e-mail: poststelle@lda.bayern.de.
Final provisions
We reserve the right to adapt this data protection statement at any time to ensure that it always complies with current legal requirements or in the event of changes in the application process.
In addition to this privacy policy, you can find our privacy policy for the use of the website here.
Version 1.1, Status June 2021
General
We provide you with this privacy statement, which relates to the data collected as part of the online application process to inform you about how we handle your personal data collected in the application process.
Controller
The responsible party for data processing in terms of data protection law is:
New Flag GmbH
Leopoldstrasse 154, 80804 Munich, Germany
Phone: +49 89 4111 938 85
E-Mail: info@new-flag.com
Data protection officer
We have designated a data protection officer. For the attention of the data protection officer you can contact him through our postal address or by e-mail at datenschutz@new-flag.com.
Personal data we need
When you apply, we process data about you that we obtain through your application documents as well as through interviews with you. This can be contact data, all data related to the application (CV, certificates, qualifications, photo, etc.) and, if applicable, data on bank details (for reimbursement of travel expenses). In addition, your data will be processed when conducting our interviews.
Basis and purposes of data processing
We process your data to carry out the application process and to check whether we can offer you the position for which you have applied and employ you with us. The legal basis for this results from Art. 6 (1) 1 lit. b) DSGVO in conjunction with Art. 26 (1) 1 BDSG. If the data is in special categories of personal data (such as data about your health), which you yourself provide to us (for example, information about a severe disability), the processing is based on the legal basis of Art. 9 (2) b) DSGVO in conjunction with § 26 (3) BDSG.
Only authorized HR employees and managers involved in the application process have access to your data.
Erasion of your data
Your data will be stored for a period of 6 months after completion of the application process. This is done to fulfill legal obligations or to defend against possible claims arising from legal regulations. Afterwards, your data will be deleted or anonymized on the basis of our legitimate interests in analyzing the applicant profiles. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (for example, the proportion of women or men in applications, number of applications per period, etc.).
If your profile is of interest to us and you give us your consent, we will include your data in our "Talent Pool". After 24 months, your data will be permanently deleted. This also applies to applications for apprenticeships or internships.
Transfer of data to third countries
Your data transmitted during the application process will be transferred to us via TLS encryption. Personio GmbH provides us with our applicant management system. This company processes your data within the scope of an order processing contract. In this context, it is our order processor according to Art. 28 DSGVO.
In addition, we use other service providers who support us in the areas of website hosting, video conferencing, maintenance and support of IT systems, and archiving and destruction of documents, and with whom we have also concluded separate contracts for order processing.
Data subject rights
As a data subject, you have the right to information about the personal data concerning you (Art. 15 DSGVO), to correction of incorrect data (Art. 16 DSGVO) and to deletion, provided that one of the reasons stated in Art. 17 DSGVO applies, e.g. if the data is no longer required for the purposes pursued. There is also the right to restriction of processing if the conditions of Art. 18 DSGVO are met and in the cases of Art. 20 DSGVO the right to data portability. If the processing of personal data is based on your consent, you may revoke it in accordance with Art. 7 (3) DS-GVO.
Please contact our data protection officer at datenschutz@new-flag.com to assert your rights.
Right to lodge a complaint
In addition, as a data subject, you have the right to lodge a complaint with the data protection supervisory authority if you believe that the processing of your data violates data protection regulations. The data protection supervisory authority responsible for us is “Bayerisches Landesamt für Datenschutzaufsicht”, Postfach 1349, 91504 Ansbach, e-mail: poststelle@lda.bayern.de.
Final provisions
We reserve the right to adapt this data protection statement at any time to ensure that it always complies with current legal requirements or in the event of changes in the application process.
In addition to this privacy policy, you can find our privacy policy for the use of the website here.