Data protection declaration

Content of this declaration

  1. General notes and mandatory information

  2. Data processing when visiting this website

  3. Information on data protection for applicants

  4. Information on data protection for business partners

  1. General notes and mandatory information

    This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

    In this section you will find general information that applies to all processing operations covered in this declaration. The following sections provide specific information on individual processing operations and groups of data subjects.

    We would like to point out that transmitting data via the internet (e.g. communication by e-mail) may be subject to security gaps. It is impossible to ensure data is protected seamlessly from access by third parties.

    Responsible person

    The person responsible for data processing is:

    office people Personalmanagement GmbH
    Königsstraße 60
    48143 Münster
    Germany

    Telephone: +49 (0) 251 / 135342-0
    E-mail: muenster@office-people.de

    Data Protection Officer

    Sachverständigenbüro Mülot GmbH
    Langenberg office: Westfalenweg 2
    33449 Langenberg, Germany

    Telephone: +49 (0) 2571 / 5402-0
    Fax: +49 (0) 2571 / 5402-199
    E-mail: datenschutz@svb-muelot.de

    Headquarters: Grüner Weg 80, 48268 Greven, Germany
    Managing Director: Claus Wissing | HRB 11824 AG Steinfurt

    Your data protection rights

    Every data subject has the right of access under Article 15 of GDPR, the right of rectification under Article 16 of GDPR, the right of erasure under Article 17 of GDPR, the right to restrict processing under Article 18 of GDPR, the right to object under Article 21 of GDPR and the right to data portability under Article 20 of GDPR. With regard to the right to information and the right of deletion, the restrictions according to Sections 34 and 35 of the German Federal Data Protection Act (BDSG) apply. Furthermore, there is a right of appeal to a data protection supervisory authority (Article 77 of GDPR in conjunction with Section 19 of BDSG).

    You can revoke your consent to the processing of personal data at any time. This also applies to revoking any declarations of consent given to us before the EU General Data Protection Regulation came into force, i.e. before 25 May 2018. Please note that revocation is only effective for the future. Processing that took place before revocation is therefore not affected by said revocation. Please also note that despite revocation of consent, we may under certain circumstances continue to process your personal data in whole or in part on the basis of a legal permissible circumstance.

    Storage period

    We process and store your personal data as long as it is necessary to fulfil our contractual and legal obligations, or as long as we have a legitimate interest in storing it and this interest outweighs your interest in not storing it.

    If the data is no longer required to fulfil the processing purpose or contractual or legal obligations, it is regularly deleted, unless temporary further processing is required for legal reasons or we have a legitimate interest in further processing it.

    Should an application be unsuccessful, we will generally delete your data after six months, unless you have given us permission to store it in our applicant database. If you have given us your consent to be included in our applicant database, we will store the data until you revoke your consent or until its expiry date, if applicable.

    The personal data that we have to store to comply with archiving obligations will be stored until the expiry of the respective archiving obligation. Insofar as we store personal data only to fulfil archiving obligations, the data is generally blocked so that it can only be accessed if it is necessary for the purpose of the archiving obligation.

    Obligation to supply data

    In principle, you voluntarily give us your data.

    However, we need to process certain data to be able to answer an enquiry or to consider you as part of an application process, for example. If you do not provide us with the relevant data, we may not be able to process your request.

    Automated decision-making

    We do not undertake an automated decision-making process, including profiling.

  2. Data processing when visiting our website

    SSL and TLS encryption

    This website uses SSL and TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and there is a lock symbol in your browser line.

    If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

    Cookies

    The website pages partly use cookies. These serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

    Most of the cookies we use are “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies allow us to recognise your browser on your next visit.

    You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

    Server log files

    The provider of the pages automatically collects and stores information in server log files, which your browser automatically sends to us. These are:

    • Browser type and browser version

    • Operating system used

    • Referrer URL

    • Host name of the accessing computer

    • Time of the server request

    • IP address

    This data is not merged with other data sources.

    Contact form

    If you send us enquiries using the contact form, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up enquiries. We will not pass on this data without your consent.

    Google web fonts

    This site uses web fonts provided by Google to uniformly display fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

    For this purpose, the browser you use must connect to Google’s servers. This allows Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of ensuring our online offer is presented in a uniform and appealing manner. This constitutes a legitimate interest within the meaning of Article 6.1 lit. f of GDPR.

    If your browser does not support web fonts, a standard font is used by your computer.

    Further information about Google web fonts can be found here https://developers.google.com/​fonts/faq and in Google’s privacy policy: https://www.google.com/​policies/privacy/.

    Google Maps

    This website uses the Google Maps service via an API. Google Maps is provided by Google. For you to use Google Maps functions, your IP address must be stored. This data is usually transferred to a Google server in the USA and stored there. The operator of this website has no influence on this data transfer. Further information about the handling of user data can be found in Google’s privacy policy: https://www.google.com/​policies/privacy/.

    Links to other websites

    Our website also provides links to other offerings (including our online presence on Facebook and XING). These links are not “social plug-ins” (i.e. buttons via which the operator providing the corresponding offer can already collect information about our website’s users when they access our website). However, please note that when accessing this other offer, information (possibly including personal data) about your visit may be collected by the operator of this offer. Further information can be found in the privacy policy of the operator responsible for the corresponding offer.

    Transfer to third parties

    As a rule, your personal data is processed within our company. As a rule, only certain functions that require the necessary access to complete their tasks have access to your personal data.

    To the extent permitted by law, we may also disclose your personal data to third parties outside our company. In particular, we may pass on data to service providers commissioned by us, as well as their subcontractors, insofar as this is necessary for the provision of services (in particular order processors, shipping companies, credit institutions), as well as non-public and public bodies, insofar as we are obliged to pass on your personal data to comply with legal obligations.

    Data transfer to third countries

    Within the scope of our web analytics services, plug-ins and tools, as well as in connection with the use of our website and contacting us, information may be transmitted to recipients in “third countries”, in particular the USA (e.g. to Google). “Third countries” are considered to be countries outside the European Union or the European Economic Area. Before transferring any data, we will ensure that an appropriate level of data protection is guaranteed at the recipient.

    Unless there is an adequacy decision from the European Commission, we may also transfer data in particular on the basis of EU standard contractual clauses agreed with a recipient or on the basis of compliance with the principles of the Privacy Shield established between the EU and the USA.

    Information on the guarantees used, as well as the corresponding agreements, can be obtained from the data controller or the data protection officer. For information on the participants in the Privacy Shield between the EU and the US, see: www.privacyshield.gov/list; for information on the EU standard contractual clauses, see: http://eur-lex.europa.eu/​LexUriServ/LexUriServ.do​?uri=OJ:L:2010:039:​0005:0018:DE:PDF and information about adequacy decisions can be found here: https://ec.europa.eu/info/​law/law-topic/data​-protection/data-transfers​-outside-eu/adequacy​-protection-personal​-data-non-eu-countries_en​#DataProtectionInCountrie​sOutsideTheEU.

    Purposes of data processing and legal basis

    Any personal data possibly contained in the log files are processed to enable you to use our website; the processing is carried out in accordance with Section 15.1 of the German Telemedia Act (TMG), and Article 6.1 lit. f of GDPR to protect our legitimate interest in operating our website.

    The data collected via cookies (including web analytics services, plug-ins and tools) and the pseudonymised user profiles are processed for advertising and market research purposes and for the purpose of designing a user-friendly website on the basis of Section 15.3 of the German Telemedia Act (TMG) and Article 6.1 lit. f of GDPR to protect our legitimate interest in analysing the use and user-friendly design of our website.

    Data processing in the context of responding to an enquiry is based on Article 6.1 lit. f of GDPR to protect our legitimate interest in establishing and maintaining business contacts. Insofar as your enquiry relates to the conclusion of a contract or to pre-contractual measures, we process your personal data on the basis of Article 6.1 lit. b of GDPR, in the context of employment relationships on the basis of Section 26 German Federal Data Protection Act (BDSG).

    We may also process personal data processed in connection with your use of our website to comply with legal obligations to which we are subject; this is done on the basis of Article 6.1 lit. c of GDPR.

    Where applicable, we also process personal data, in addition to the above-mentioned purposes, to protect our legitimate interests or the interests of third parties; this is done on the basis of Article 6.1 lit. f of GDPR. Our legitimate interests include asserting legal claims and defending our interests in legal disputes, preventing and investigating criminal offences, and managing and further developing our business activities, including risk management.

  3. Data protection for applicants

    Data categories processed

    We may process the following personal data in particular as part of the application process:

    • Master data (first name, surname, date of birth, place of birth, education, professional career, special knowledge, etc.)

    • Contact details, e.g. address, e-mail address, telephone numbers

    • If necessary, further documents such as residence and work permits, validity dates for identity documents

    • Correspondence exchanged with you

    • Call information for telephone contact (number, time, duration of call)

    • Photos that you make available to us or that are taken voluntarily in the context of events of which you are a participant/attendee or in the context of a job interview

    • Personal data that we are permitted to process from publicly accessible sources (e.g. commercial register, credit rating information from credit agencies)

    As a rule, we receive the abovementioned data (with the exception of the final point) directly from you. If we receive the data from other sources, we will inform you separately.

    Purpose of data processing

    We process your personal data on the basis of Section 26 of BDSG to carry out the application procedure. The purpose of this is to initiate an employment relationship.

    Once an unsuccessful application procedure has been concluded, we will continue to process your data for six months on the basis of Article 6.1 lit. f of GDPR, in particular to defend against any claims.

    If you have given us your consent to be included in our applicant database, we will process your data to select suitable employment options for you. The legal basis for this is Section 26.2 of BDSG in conjunction with your consent.

    Transfer to third parties

    As a rule, your personal data is processed within our company. As a rule, only certain functions that require the necessary access to complete their tasks have access to your personal data.

    To the extent permitted by law, we may also disclose your personal data to third parties outside our company. In particular, we may pass on data to service providers commissioned by us, as well as their subcontractors, insofar as this is necessary for the provision of services (in particular order processors, shipping companies, credit institutions), as well as non-public and public bodies, insofar as we are obliged to pass on your personal data to comply with legal obligations.

    In the event that you have applied for an external position as part of a recruitment agency or personnel leasing agency, the following also applies:

    The applicant’s personal data is transferred to (potential) office people clients if this is necessary in the context of initiating temporary employment relationships and recruitment.​ This necessity is based on the applicant’s job and competence profile, insofar as personnel leasing or placement with a (potential) office people client appears to be possible. To do this, a profile is created from the information you provide, which may include the following information: First name, surname, date of birth, place of residence, photograph, school education, training, professional background, special knowledge and your time availability. This profile is sent to our clients for them to consider a possible assignment.

    Data transfer to third countries

    Your application data will not be transferred to countries outside the EU/EEA.

  4. Data protection for business partners

    Data categories processed

    Within the scope of our business relationship, we process the following personal data in particular:

    • Personal information, e.g. name, position, business contact details (esp. address, telephone, e-mail address).

    • Other business information, e.g. your industry, previous business activities, business history with us

    • Other personal information you have provided (e.g. your birthday)

    • Contractual data (esp. customer number, bank details, tax number/VAT ID no.)

    • Credit rating information

    • Bank information

    • Personal data that we are permitted to process from publicly accessible sources (e.g. commercial register, credit rating information from credit agencies, work-related social networks such as XING or LinkedIn)

    As a rule, we receive the abovementioned data (with the exception of the final point) directly from you. We may receive further data from your employer, colleagues or third parties, or collect it from publicly available sources (e.g. your company’s website, work-related social networks).

    Purpose of data processing and legal basis

    We process your personal data to establish and implement our business relationship, to fulfil our legal obligations and insofar as this is necessary for our legitimate interests, unless your interests or fundamental rights and obligations prevail.

    In particular, the legal basis for data processing is Article 6.1 lit. b and Article 6.1 lit. f of GDPR or your consent, insofar as you have given us such consent.

    Transfer to third parties

    As a rule, your personal data is processed within our company. As a rule, only certain functions that require the necessary access to complete their tasks have access to your personal data.

    To the extent permitted by law, we may also disclose your personal data to third parties outside our company, insofar as this is necessary to conduct our business relationship or to protect our legitimate interests. In particular, we may pass on data to service providers commissioned by us, as well as their subcontractors, insofar as this is necessary for the provision of services (in particular order processors, shipping companies, credit institutions), as well as non-public and public bodies, insofar as we are obliged to pass on your personal data to comply with legal obligations.

    Data transfer to third countries

    Your application data will not be transferred to countries outside the EU/EEA.