for the processing of your data in the application process
(version: April 2024)
Data protection information
We are pleased about your visit to our careers page. The protection of your personal data is very important to us. With this Privacy Policy, we would like to inform you about the handling of your personal data as part of the application process, about the talent relationship management and about your rights
Haufe-Lexware Services GmbH & Co. KG and talentsconnect AG are jointly responsible for providing the application form. Further information on processing under joint responsibility can be found here. The information on data processing by talentsconnect AG can be found here.
I. Who are we and how can you reach us?
We,
Haufe-Lexware Services GmbH & Co. KG
A company of the Haufe Group
Munzinger Straße 9
79111 Freiburg, Germany
E-mail: hello@career.haufegroup.com
are the responsible party for protecting your personal data within the meaning of the EU General Data Protection Regulation (hereinafter referred to as GDPR).
Depending on which Haufe company has advertised the vacancy for which you are applying, one of the following Haufe Group SE companies may also be responsible:
Haufe-Lexware GmbH & Co. KG, Haufe-Lexware Services GmbH & Co. KG, Haufe Akademie GmbH & Co. KG, Haufe Akademie Inhouse Training und Consulting GmbH, Semigator GmbH, Smartsteuer GmbH, Haufe Group Software Solutions Spain S.L., Haufe-Lexware Real Estate AG, Haufe Lexware Real Estate Romania S.R.L., Haufe-Lexware SRL and Schäffer-Poeschel Verlag GmbH.
II. When you apply to us, what data is processed?
We inform you below about which data is collected and processed when you apply to us, for what purposes and by which recipients it is processed, on what legal basis the data processing takes place and when the data is deleted.
A. Transmission of applicant data on the website and implementation of the application procedure
1. Data collected
We collect and process personal data as part of the application process.
The following data is collected as a minimum:
• First name, last name
• E-mail address
• Telephone number
• Curriculum vitae
• Salary expectation
You can optionally enter the following data:
• Salutation
• Other documents relevant to your application (e.g. cover letter, references, certificates)
• Information on severe disability
The data you provide in the application form will be used to process the application procedure.
Information on severe disability
As part of the application process, we offer you the opportunity to voluntarily provide information about any severe disabilities you may have. We would like to expressly point out that there is no legal obligation for you to provide such information as part of the registration process. Nevertheless, we wish to give you the opportunity to already make use of the intended protection in the initiation stage. In the event that a severe disability is present, the representative body for severely disabled persons is involved in accordance with Section 178 (2) SGB IX ('Code of Social Law').
Severely disabled status is a health status within the meaning of Art. 4 No. 15 GDPR and therefore a particularly protection-relevant status within the meaning of Art. 9 (1) GDPR, which we process on the basis of your express consent in accordance with Art. 9 (2) lit. a GDPR.
You have the option to withdraw your consent at any time with effect for the future without providing reasons.
2. Purpose of processing
We process your personal data as part of the application process for the following purposes:
• To carry out the application process and to assess your suitability for the advertised vacancy.
• To contact you as part of the application process.
• To fulfill legal obligations or legal requirements.
• For anonymization in order to carry out evaluations based on this without personal reference.
3. Legal basis of processing
The legal basis for data processing is Art. 6 (1) lit. b GDPR.
For the processing of information on any severe disability, we rely on your consent in accordance with Art. 9 (2) lit. a GDPR.
4. Recipients of your data
Within Haufe Group, those persons, divisions or departments will then receive your data who require this data to carry out the application process (e.g. HR, Legal Department, IT, Works Council and if applicable: representative body for severely disabled persons) and those colleagues who are directly involved in the decision-making process.
Service providers employed by us and working on our behalf (so-called processors)
may also receive data for these purposes. These include, for example, hosting and IT service providers. For example, Haufe Group uses software solutions for efficient applicant management and for the organizational implementation of the application process.
In addition, in the event of a corresponding legal obligation or for the defense or assertion of legal claims, we may pass on your personal data to the following recipients or categories of recipients who act as data controllers under data protection law:
Authorities within their jurisdiction (e.g. tax office, police, public prosecutor's office), courts and/or other third parties, if you instruct us to pass on data or if you provide
your consent.
As part of the application process, applicant data may be passed on to other Haufe companies within Haufe Group for further processing if you have provided your consent. (see C. Alternative assessment process)
5. Transfer to third countries
The technical infrastructure of our online application tool is operated in Germany. It is possible that your data may also be transferred to a so-called third country, meaning a country outside the European Economic Area (EEA). An sufficient level of data protection is ensured either through an adequacy decision by the EU Commission or by concluding standard data protection clauses.
6. Duration of storage and control option
If the application should lead to the establishment of an employment relationship, the personal data will be stored accordingly in compliance with the statutory provisions. If your application does not end with the establishment of an employment relationship, your applicant data will fundamentally be deleted four months after completion of the application process, taking into account the provisions of the General Equal Treatment Act (AGG), in particular the existing burden of proof compliant to Section 22 AGG.
The four-month retention period does not apply if statutory provisions prevent deletion.
You can revoke your consent informally at any time with effect for the future.
You can contact us at any time and object to the further processing of your data. All personal data processed by us in the course of the application process will be deleted in this case, unless this is contrary to statutory provisions.
B. Applications via other communication channels
1. E-mail
If you decide not to use the online application option offered on the careers page via the website, but instead contact us by e-mail, the application documents you send us will be reviewed by our HR team. We recommend to securely encrypt e-mails – various tools and programs are available that are suitable for this purpose.
After the documents have been reviewed, and if the application is suitable, it will be maintained manually in the system described under A.
The data you provide in the application form will be used exclusively for processing the application procedure and will fundamentally not be passed on to third parties. It should be noted that in the case of unsolicited applications, the HR department responsible for this will forward these to the department that, in the opinion of the HR department, is appropriate. The further processing of your data takes place in accordance with the process described under A.
2. Post
If you do not choose to apply via the website but instead contact us by post, the application documents you send will be reviewed by our HR team, scanned and manually entered into the system described under A. We will then return your application documents to you.
The data you provide will be used exclusively for processing the application procedure and will fundamentally not be passed on to third parties. It should be noted that in the case of unsolicited applications, the HR department responsible for this will forward these to the department that, in the opinion of the HR department, is appropriate. The further processing of your data takes place in accordance with the process described under A.
C. Alternative assessment process
1. Scope of data processing
During the application process, it may happen that you are not hired for the position for which you have applied, but you have nevertheless aroused our interest and we would like to make your application documents available to other divisions or Haufe companies.
If you have given your consent during the application process, your application profile will be forwarded within our team to other departments or Haufe companies.
If another department is also interested in your profile, you will be contacted and the process described under A. will be continued.
2. Purpose of processing
The processing of your data enables us – subject to your consent – to provide you with alternative job offers and thereby enable you to join a company of Haufe Group.
3. Legal basis
The processing of your applicant data in the form of passing on to other departments or Haufe companies to carry out the alternative assessment is based on your previously given consent in accordance with Art. 6 (1) lit. a GDPR.
4. Duration of storage and control option
Your data will be deleted four months after completion of the application process, also in the case of an alternative assessment, unless your application ends with the establishment of an employment relationship.
5. Right of withdrawal
You can revoke your consent at any time without giving reasons with effect for the future. To do this, please contact: hello@career.haufegroup.com
6. Recipients and transfer to third countries
Within Haufe Group, those departments will receive your data that require this in the course of their work (e.g. HR, Legal Department, IT, Works Council and if applicable: representative body for severely disabled persons) and those colleagues who are directly involved in the decision-making process.
Service providers employed by us and working on our behalf (so-called processors)
may receive data for these purposes. This includes in particular hosting and IT service providers and companies within Haufe Group that provide services for Haufe Group.
In addition, in the event of a corresponding legal obligation or for the defense or assertion of legal claims, we may pass on your personal data to the following recipients or categories of recipients who act as data controllers under data protection law:
Authorities within their jurisdiction (e.g. tax office, police, public prosecutor's office), courts and/or other third parties, insofar as you instruct us to pass on data or provide
your consent.
Within Haufe Group, the following Haufe companies may receive your data with your consent:
Haufe-Lexware GmbH & Co. KG, Haufe-Lexware Services GmbH & Co. KG, Haufe Akademie GmbH & Co. KG, Haufe Akademie Inhouse Training und Consulting GmbH, Semigator GmbH, Smartsteuer GmbH, Haufe Group Software Solutions Spain S.L., Haufe-Lexware Real Estate AG, Haufe Lexware Real Estate Romania S.R.L., Haufe-Lexware SRL and Schäffer-Poeschel Verlag GmbH.
D. Talent Relationship Management (TRM)
1. Scope of data processing
If an employment relationship is not established, we may send you a request via e-mail at the end of the application process asking whether you are interested in receiving information about Haufe Group and its associated Haufe companies and vacancies as part of the TRM.
2. Purpose of processing
The processing of your data as part of the TRM enables us to provide information about our company and potentially interesting job offers, provided you have given your consent.
3. Legal basis
The processing of your contact data for the purpose of sending the request is based on our legitimate interest in maintaining contact with talents in accordance with Art. 6 (1) lit. f GDPR.
If you are interested in being included in the TRM, your profile will be stored in the TRM on the basis of your consent in accordance with Art. 6 (1) lit. a GDPR.
4. Duration of storage and control option
Your data will be stored in the TRM for up to 12 months on the basis of your consent. If consent is revoked, the data will be deleted immediately after receipt of the revocation.
5. Right of withdrawal
You can revoke your consent at any time without giving reasons with effect for the future. To do this, please contact: hello@career.haufegroup.com
6. Recipients and transfer to third countries
For the operation of and communication via the TRM, we use a service provider as a processor on the basis of a corresponding contract for order processing. In the context of the use of our service provider, possible transfer to third countries cannot be completely excluded. For this reason, and to safeguard the level of data protection, so-called standard data protection clauses of the EU Commission have been concluded.
III. What rights do you have and how can you exercise these?
A. Revocation of consent
You can revoke any consent you have given to the processing of your personal data at any time with effect for the future and without giving reasons. Please note that the revocation has no effect on the legality of the previous data processing and that it does not extend to such data processing for which there is a legal reason for permission and which may therefore be processed without your consent.
B. Further data subject rights
In addition, you have the following data subject rights in accordance with Articles 15 to 21 and 77 GDPR if the legal requirements are met:
1. Information:
You can request at any time that we provide you with information about which of your personal data we process and how, and that we provide you with a copy of the personal data we have stored about you (Art. 15 GDPR).
2. Rectification
You can request the rectification of inaccurate personal data and the completion of incomplete personal data (Art. 16 GDPR).
3. Deletion:
Concerning the deletion of your personal data: Please note that data that we require for the performance and execution of contracts and for the assertion, exercise and defense of legal claims as well as data for which there are legal, regulatory or contractual retention obligations are exempt from deletion (Art. 17 GDPR).
4. Restriction of processing:
Under certain circumstances, you can request the restriction of processing, e.g. if you believe that your data is incorrect, if the processing is unlawful or if you have objected to the data processing. This means that your data may only be processed to a very limited extent without your consent, e.g. to assert, exercise and defend legal claims or to protect the rights of other natural and legal persons (Art. 18 GDPR).
5. Objection to data processing:
You have the option to object to data processing for direct marketing purposes at any time. Furthermore, if there are special reasons, you may object to data processing based on a legitimate interest at any time (Art. 21 GDPR).
6. Data portability:
You have the right to receive the data that you have provided to us and that we process on the basis of your consent or to fulfill a contract in a commonly used, machine-readable format and, where technically feasible, to request the direct transfer of this data to third parties (Art. 20 GDPR).
C. Right to file a complaint with a supervisory authority
If you believe that our data processing is unlawful or that we have not granted the rights described above to the extent necessary, you have the right to file a complaint with the competent data protection supervisory authority. The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart
poststelle@lfdi.bwl.de
D. Contact channels
To exercise your rights you can also contact our data protection officer:
Haufe Group
Mr. Raik Mickler
Data Protection Officer
Munzinger Straße 9
79111 Freiburg, Germany
E-mail: dsb@haufe-lexware.com