1. Objectives and responsibility
1. This data protection declaration clarifies the type, scope and purpose of the processing of personal data within our online offer and the associated websites, functions and content (hereinafter jointly referred to as "online offer" or "website"). The privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online offer is executed.
2. Provider of the online offer and responsible under data protection law is PMMG Group GmbH, Guerickestr. 25, 80805 Munich, e-mail: info@pmmg.group (hereinafter referred to as "we" or "us"). For information on the legal representative and other contact options, please refer to our legal notice:
www.pmmg.group/impressum/
3. You can reach our data protection officer at the following e-mail address: privacy@pmmg.group
4. The term "user" used below includes both applicants and other website visitors. All terms used, such as "applicant", are to be understood as gender-neutral.
2. Basic information on data processing and legal basis
1. We only process users' personal data in compliance with the relevant data protection regulations. This means that user data will only be processed if we have legal permission to do so. I.e., in particular if the data processing is necessary for the provision of our contractual services (e.g. processing of orders) and online services, or is required by law, the consent of the user is available, as well as due to our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR, or until the GDPR comes into force on the basis of Section 15 (3) TMG), in particular in measuring reach, creating profiles for advertising and marketing purposes, collecting access data and using the services of third-party providers.
2. With regard to the processing of personal data on the basis of the General Data Protection Regulation (GDPR), we would like to point out that the legal basis for consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and implementation of contractual measures Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR.
3. Security measures
1. We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
2. Security measures include in particular the encrypted transmission of data between your browser and our server.
4. Disclosure of data to third parties and third-party providers
1. Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is necessary, e.g. for billing purposes or for other purposes if these are necessary to fulfill our contractual obligations to the users.
2. If we use subcontractors to provide our services, we take appropriate legal precautions and appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.
3. If content, tools or other means from other providers (hereinafter jointly referred to as "third-party providers") are used within the scope of this data protection declaration and their registered office is located in a third country, it can be assumed that data will be transferred to the countries in which the third-party providers are based.
4. Third countries are countries in which the GDPR is not directly applicable law, i.e. generally countries outside the EU or the European Economic Area.
5. The transfer of data to third countries takes place either if there is an adequate level of data protection, user consent or other legal permission.
5. Purpose and scope of the processing of applicant data
1. We process the applicant data only for the purpose and in the context of the application procedure in accordance with the legal requirements. Applicant data is processed to fulfill our contractual obligations and on the basis of our legitimate interests, as well as the interests of applicants in the implementation of a fast and effective application process.
2. The application procedure requires applicants to provide us with the applicant data. The necessary applicant data is marked as such in our online form. This includes personal details, postal and contact addresses and the documents relating to the application, such as cover letter, CV and references. Applicants can also voluntarily provide us with additional information. By submitting their application to us, applicants consent to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this privacy policy.
6. Forwarding of applicant data
1. We do not pass on applicant data to third parties. However, we may be supported by external service providers or other companies within our group of companies as part of the application process. These service providers may also process applicant data. The service providers process the applicants' data only on our behalf and on the basis of contractual obligations that provide for compliance with the agreed organizational and technical measures.
2. Applicant data may also be passed on if a position has been expressly advertised by several companies within our group of companies, i.e. the application procedure is carried out by several companies.
3. In all other cases, we ask the applicants for permission before we pass on their data.
7. Type of transmission of applications
1. Applicants can send us their applications using the contact form on our website. The data is transmitted to us in encrypted form in accordance with the state of the art.
2 Alternatively, applicants can send us their applications by e-mail. Please note, however, that e-mails are not sent in encrypted form. We can therefore accept no responsibility for the transmission path of the application between the sender and receipt on our server and therefore recommend using the online form.
3. Instead of applying via the online form and e-mail, applicants still have the option of sending us their application by post.
8. Storage and deletion of applicant data
1. The data provided by applicants may be further processed by us for the purposes of the employment relationship in the event of a successful application.
2. Otherwise, if the application for a job offer is not successful, the applicant's data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which applicants are entitled to do at any time.
3. Subject to a justified revocation by the applicant, the deletion will take place after a period of six months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the General Equal Treatment Act (AGG).
9. Contact us
1. When contacting us, the user's details are processed to process the contact request and its handling.
2. User data must be stored as business letters for 6 years due to legal requirements and for 10 years in the case of legal tax relevance.
10. Rights of the users
1. Users have the right to request information about the personal data that we have stored about them In addition, users have the right to correct incorrect data, restrict the processing and deletion of their personal data, if applicable, to assert their rights to data portability and, in the event of the assumption of unlawful data processing, to lodge a complaint with the competent supervisory authority (Bavarian State Office for Data Protection Supervision, P.O. Box 606, 91511 Ansbach).
2. Users can also revoke their consent, in principle with effect for the future, without giving reasons.
11. Deletion of data
1. The data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the user's data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax law reasons.
2. In accordance with legal requirements, storage takes place for 6 years in accordance with § 257 para. 1 HGB (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 para. 1 AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
12. Right of objection
Nutzer können der künftigen Verarbeitung ihrer personenbezogenen Daten entsprechend den gesetzlichen Vorgaben jederzeit ohne Angaben von Gründen widersprechen. Der Widerspruch kann insbesondere gegen die Verarbeitung für Zwecke der Direktwerbung erfolgen.
13. Änderungen der Datenschutzerklärung
1. Wir behalten uns vor, die Datenschutzerklärung zu ändern, um sie an geänderte Rechtslagen, oder bei Änderungen des Dienstes sowie der Datenverarbeitung anzupassen. Dies gilt jedoch nur im Hinblick auf Erklärungen zur Datenverarbeitung. Sofern Einwilligungen der Nutzer erforderlich sind oder Bestandteile der Datenschutzerklärung Regelungen des Vertragsverhältnisses mit den Nutzern enthalten, erfolgen die Änderungen nur mit Zustimmung der Nutzer.
2. Die Nutzer werden gebeten sich regelmäßig über den Inhalt der Datenschutzerklärung zu informieren.
Google Analytics
Soweit Sie Ihre Einwilligung erklärt haben, wird auf dieser Website Google Analytics eingesetzt, ein Webanalysedienst der Google LLC. Zuständiger Dienstanbieter in der EU ist die Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland („Google“).
Umfang der Verarbeitung