The following Privacy and Data Protection policy applies to the processing of your personal data when using our website (hereinafter referred to as the ” website “) and any data stored.
- The types of data collected
- The purposes of processing
- The processing of personal data – detailed information
- Your rights
- Additional information
Types of data collected
Among the types of Personal Data that this Website collects, by itself or through third parties, there are: Cookies, Usage Data, first name, last name, phone number, company name, email address, field of activity, and website in order to process user enquiries, call backs, or in order to provide more detailed information about a service enquiry.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Website.
Unless specified otherwise, all Data requested by this Website is mandatory and failure to provide this Data may make it impossible for this Website to provide its services. In cases where this Website specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users are responsible for any third-party Personal Data obtained, published or shared through this Website and confirm that they have the third party’s consent to provide the Data to the Owner.
Legal basis of processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes.
- Provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- Processing is necessary for compliance with a legal obligation to which the Owner is subject;
- Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfil such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The purposes of processing
The Data concerning the User is collected to allow the Owner to provide its Services, as well as for the following purposes: Analytics, Contacting the User, displaying content from external platforms, Interaction with external social networks and platforms, managing landing and invitation pages, Registration and authentication, Hosting and backend infrastructure, SPAM protection, Remarketing and behavioural targeting, User database management and Data transfer outside the EU.
The processing of personal data – detailed information
Personal Data is collected for the following purposes and using the following services:
Our website uses Google Analytics with the extension “anonymizeIp”, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (” Google “).
Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. A personal reference can thus be excluded. Insofar as the data collected about you is assigned a personal reference, it will be immediately excluded and the personal data will be deleted immediately.
The legal basis for our use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f) GDPR. On our behalf, Google will use the data obtained to evaluate your use of our website, to compile reports on website activity and to provide us with other services related to website usage and internet usage. The only purpose of the processing is to analyze and optimize our website.
We do not use social media plug-ins. However, at various points on our website, we offer you the opportunity to visit our social networking sites such as Facebook, Twitter, Instagram, XING and LinkedIn. If you click on the respective logo or the name of a social network, you will be forwarded via a link to our respective website.
Before you click on the respective logos or links, no personal data will be transmitted to the social networks. The possibility of personal data being transmitted to and processed by the respective social network only exists from the moment you click on the logo on our website and are forwarded to the social network website. In particular, if you are logged in with your respective social media account at the time of forwarding, personal data processing will occur. In addition, however, data – such as your IP address – can be processed if you do not have a social media account.
We have no influence on the collected data and data processing operations, nor are we aware of the full extent of data collection, the purpose of the processing, the retention periods. We also have no information to delete the data collected by the respective social network.
Legal basis for Data transfer abroad
If no other legal basis applies, Personal Data shall be transferred from the EU to third countries only if at least one of the following conditions is met:
- the transfer is necessary for the performance of a contract between the User and the Owner or of pre-contractual measures taken at the User’s request;
- the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the User between the Owner and another natural or legal person;
- the transfer is necessary for important reasons of public interest;
- the transfer is necessary for establishment, exercise or defence of legal claims;
- the transfer is necessary in order to protect the vital interests of the data subject or of other persons, where the data subject is physically or legally incapable of giving consent. In such cases, the Owner shall inform the User about the legal bases the transfer is based on via this Website.
Disclosure of data to 3rd Parties
Your data would only be passed to third parties if this is justified by data protection law.
Concrete information on scope and recipients can be found in the above provisions. Incidentally, we only disclose your personal information to other companies and individuals whom we have assigned to perform individual tasks and services for us, including;
- to companies and individuals, we employ to perform business functions and services on our behalf. Examples of service providers include: providing payroll services to enable us to pay our employees and temporary workers who work on client premises; background screening and verification services; data storage facilities including in the US and the Cloud; hosting our Web servers; analysing data and producing statistics and legal, accounting, audit and other professional services.
- to government agencies including: HM Revenue & Customs; UK Border Agency; Home Office; Police and other law enforcement agencies; regulatory and supervisory authorities (such as the UK Information Commissioner); credit reference agencies; the Disclosure and Barring Service; and 3rd parties performing sanctions and terrorism checks.
- to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to: (a) comply with the law requiring such disclosure; (b) protect the rights or property of Talentschmiede or its group companies; (c) prevent a crime, protect national security or for fraud detection or prevention; or (d) protect the personal safety of individuals using our website or members of the public.
Where applicable, we will impose appropriate contractual, security, confidentiality and other obligations on to 3rd party service providers and processors we have appointed, based on the nature of the services they provide to us. We will only permit them to process your Personal Information in accordance with the law and our instructions. We do not allow them to use your Personal information for their own purposes and when our relationship ends we will ensure your Personal Information is securely returned or destroyed.
Talentschmiede has put in place appropriate security measures to prevent your Personal Information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to do so.
Talentschmiede have put in place procedures to deal with any suspected Personal Information breaches and we will notify you and the applicable supervisory authority of a breach where we are legally required to do so.
Talentschmiede will retain your Personal Information only for as long as necessary to fulfil the purposes that we collected it for after which the personal data is deleted.
We are required by law to keep basic information about our Candidates, Clients and customers (including contracts, evidence of identity, financial and transaction data) for up to 7 years from when our relationship ends, for legal, compliance and tax purposes.
Clients and Suppliers
If you are a Client or supplier or a potential client or supplier, of goods and services we will collect and process information about individuals in your organisation. We may enter the individual’s name and business email address in to our database as a designated corporate point of contact for that organisation, together with the individual’s other business contact data. Usually the only Personal Information we process about a corporate contact is the individual’s name for the purposes of contacting the organisation in relation to our services or the supplier as a recipient of the supplier’s goods and services.
The source of a corporate point of contact may be the individual themselves, or their name and business details may be provided to us by a member of their HR or Procurement department or another hiring manager or existing business contact or a candidate we have placed at the organisation. We may also obtain these details from websites, social media and other sources. We may send business to business email marketing to corporate points of contact. An individual corporate point of contact can ask us at any time to stop sending business marketing emails to their business email address by contacting: email@example.com
Generally, we do not rely on consent as a legal basis for processing Personal Information except in relation to sending direct marketing communications via email or text message. However, where we are providing you with work finding services, you will receive email marketing communications from us even if you have not given us consent as we rely on the ‘soft opt in’ form of consent.
You may receive marketing communications from us if you provided us with your details when you entered a competition or registered with us at a job fair, promotional or networking event or attended a training course and you have given us consent to send you marketing. We may also use your identity, contact details, technical data, usage data and profile data to form a view and decide which services may of interest or relevant for you.
We have established an email preference centre where you can view and make decisions about your email marketing preferences and opt out of receiving email marketing from us at any time.
You have the right to withdraw your consent to marketing at any time by:
- following the opt out links contained in our marketing email messages;
- following the opt out process described in our text marketing messages;
- Sending an email with “UNSUBSCRIBE ME”in the subject field to: firstname.lastname@example.org
Opting out of receiving marketing messages does not apply to:
- Personal Information that you have provided to us as a result of your request for work finding services;
- Personal Information that you have provided to us in connection with the performance of a contract between us;
We will never sell or disclose your Personal Information to any 3rd parties to use for marketing.
Users may exercise certain rights regarding their Data processed by the Owner.
You have the right to:
Make a Data Subject Access Request to access your Personal Information at any time. This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it.
Request correction of the Personal Information that we hold about you.
This enables you to have any incomplete or inaccurate Personal Information we hold about you corrected, although we may need to verify the accuracy of the new data you provide to us.
Request erasure / deletion / removal of your Personal Information.
This enables you to ask us to delete or remove your Personal Information where we do not have a valid reason to continue to process it. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Please Note: we may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your Personal Information
Where we are relying on a legitimate interest (or those of a 3rd party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your Personal Information
This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to process it.
Request the transfer of your Personal Information to you or directly to another controller. This right only applies to automated information which you initially provided consent for us to use or where we used the Personal Information to perform a contract with you. We will (unless there is an exemption) assist you by securely transferring your Personal Information directly to another controller where technically feasible or by providing you with a copy in a structured commonly used machine-readable format.
Withdraw consent at any time.
Where we are relying on your consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
We want to ensure we keep your Personal Information accurate and up to date. In addition to your legal rights, you may ask us to make changes or request a copy of your Personal Information informally, by contacting your local Talentschmiede branch.
Insofar as we base the processing of your personal data on the balance of interests (Article 6 (1) (f) of the GDPR), you can object to the processing. In the event of such a disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.
Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. About your advertising contradiction you can inform us under the following contact details: Talentschmiede Unternehmensberatung AG, Weserstr. 4,, D-60329 Frankfurt a.M.. E-Mail: email@example.com.
You also have the right to complain to us about the processing of your personal data by a data protection supervisory authority.
Responsible person within the meaning of Art. 4 Abs. 7 GDPR is Talentschmiede Unternehmensberatung AG, Weserstr. 4, D-60329 Frankfurt a.M., E-Mail: firstname.lastname@example.org . You can contact our data protection officer at the e-mail address email@example.com
Owner contact email: firstname.lastname@example.org
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.
This Website (or this Application)
The means by which the Personal Data of the User is collected and processed.
The service provided by this Website as described in the relative terms (if available) and on this site/application.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Small piece of data stored in the User’s device.