Last updated: 26/10/2018
For the purposes of the applicant selection process, it is necessary to process the personal data of the applicant. This is done in accordance with statutory provisions, internal regulations and the personality rights of the data subjects.
The data controller is
D-79261 Gutach im Breisgau
Tel: +49 7681 21 267
Fax: +49 7681 21 5267
You may contact our Data Protection Officer at
Tel.: +49 7681 21 460
Fax: +49 7681 21 5460
Internal mail: 460
1. Data scope
The following data may be collected, partly voluntarily, from you and processed:
a. Identification data, e.g. Title, name, date of birth, place of birth, gender, application photo
b. Any business address and contact details, e.g. work address, e-mail address, telephone numbers, fax number, organisation data such as department, function, position and reporting lines
c. Private address and contact details, e.g. private e-mail and telephone number, marital status and dependents (spouse, children, guardians) (if applicable)
d. Data used for the selection of applicant
E.g. salary expectations and expectations of additional benefits (company car, variable salary components etc.), residence status and work rights, as well as possible date of entry, work restrictions (e.g. severe disability), working time composition (weekly working hours, home office), résumé, references, qualifications, evaluations, training, vocational school, professional training, test results, driving licence
e. Data you may provide to us voluntarily, but which we do not process
E.g. religion, nationality,
F. Data required for the reimbursement of expenses
E.g. bank details, home/company distance, means of transport, hotel
Your data may be used for the following purposes:
a. to fulfil obligations arising from the initiation of an employment relationship
- Identification data
- Any business address and contact details,
- Private address and contact details,
- Data required for the reimbursement of expenses
b. based on your consent
- Retention of your application for future vacancies.
c. on the basis of the company’s legitimate interest
- Data used for the selection of applicant
- Application management
- HR files in the event of appointment
- Internal and external communication (e-mail, telephone, fax, etc.)
3. Data sources
It is possible that you did not apply to us directly. In these cases, we obtained your application from a temporary employment agency, from a recruitment company, from a Job Centre or another employment brokerage service.
4. Data disclosure
Having regard to statutory provisions and the existing internal regulations, the data required for the relevant purpose may be disclosed to other internal and external bodies for the following purposes:
- Applications for management-level positions are sent to the parent company American & Efird LLC in the USA.
Notification and disclosure obligations
- To authorities and other government bodies such as employment agencies
Clarification of claims and complaints
- To lawyers and other government bodies
Recipients you have appointed.
5. Transfer to countries outside the European Union
The above data may be transferred with your permission to the parent company American & Efird LLC in the USA. These transfers are subject to the European Union’s standard “Controller to Controller” contractual clauses. You may view this agreement at any time. If necessary, we will request your consent in advance.
6. Data storage
Your data will only be stored for as long as necessary to fulfil the relevant purpose and to fulfil regulatory provisions.
If an employment relationship is entered into, we will usually store your data for the duration of the contractual relationship including any applicable statutory retention period.
If you give us consent to store your data, the storage period will be one year.
If you do not give us consent to store your data, your documents will be stored for three months for evidence purposes on the basis of the legitimate interest of the company and then erased or destroyed.
The same applies to unsolicited applications.
The data will be erased within the scope of routine erasure implemented by the process owner. Documents in paper form will be destroyed in accordance with data protection regulations.
7. IT security and internal monitoring and investigation
We will protect your personal data with appropriate technical and organisational measures. We use service providers for the maintenance and support of our IT systems. If these have access to your data, they are obliged to maintain data secrecy under corresponding contractual agreements.
We use appropriate processes in order to protect your IT against threats such as malware, hacker attacks and spam. These procedures detect irregularities in the information and connection data exchanged. Irregularities are notified to the corresponding IT bodies so that they can take counter-measures.
In all cases, our internal regulations, statutory provisions and the personality rights of the data subjects are observed.
8. Your rights
Please be prompt in making any necessary changes to your data.
Please be aware that you can withdraw your consent at any time. You also have the right to receive information at any time about the data we have stored about you. If these data are incorrect or, in your opinion, no longer required because the purpose has ceased to exist, you have the right to request rectification or erasure or the restriction of processing. You also have a right to data portability. Furthermore, you have the right to lodge a complaint with your data protection supervisory authority.
Should you have any further questions about how your personal data are handled, you may contact the Data Protection Officer at Gütermann GmbH at any time.