Use of our website generally does not require users to reveal personal data. In as far as personal data which can be related to you personally (for example names, addresses, email addresses, user behavior) are collected on our website, such data shall always be provided on a voluntary basis. These data shall only be passed on to third parties with your explicit consent. The purpose of processing is the operation of a website for the purpose of offering services in the field of recruitment consultancy, in particular recruitment services.
Please note that there may be security gaps when transferring data via the internet (e.g. communication by email). It is not possible to fully protect data from access by third parties.
Please read on for an explanation of how we process your personal data as an applicant when you apply for a position or as a prospect/customer, as well as other relevant information on this topic.
Your consultant is responsible for the purposes of the data protection act, who commissions the BESTMINDS GmbH as a processor to fulfill his/her contractual obligations towards you. BESTMINDS GmbH, Basler Straße 65, D 79100 Freiburg, Tel. +49 761 888 51 23 0, Fax +49 761 888 51 23 99, email@example.com, www.bestminds.de is your primary point of contact to reach out to your consultant.
All issues related to the processing and protection of your personal data as well as issues related to the exercising of your rights in accordance with the GDPR can be discussed with our contact person Mr. RA Evers, DataSEKure Rechtsanwaltsgesellschaft mbH, Burgunder Straße 20, 79104 Freiburg at firstname.lastname@example.org as well as online on www.datasekure.de.
We process personal data relating to you solely for the purpose of your application for employment with one of our clients, and only to the extent that this is necessary in order for the client to make a decision regarding your application. The legal basis for this is your consent pursuant to Article 6(1)(a) GDPR.
As a prospect / customer, we process personal data relating to you solely for the purpose of the fulfillment of our contract and business relationship with you and only insofar as this is necessary for the fulfillment of this purpose. The legal basis for this is the need to fulfill the underlying contract or similar contractual agreement between your consultant and you as a client to Article 6 (1)(b) GDPR.
We process data concerning you as an individual, information on your professional qualifications or other information that you transfer to us in connection with your application. We only process the data that you yourself provide to us via your application.
As a prospect / customer, we process data concerning your company, contact detail of employees named as contact persons for the contract, information regarding the position described in the contract and other information that you give us for the purpose of communicating with you, initiating business with you or performing the contract with you.
We only process the data that you yourself provide to us via your application.
If you send us inquiries via the contact form, your input from the inquiry form, including the contact details given there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent. The processing of the data entered into the contact form is therefore exclusively based on your consent. You can revoke this consent at any time. To do so an informal message by e-mail to us is sufficient. The legality of the data processing operations carried out before the revocation remains unaffected by the revocation. The data entered by you in the contact form will be stored in our database until you ask us to delete it, revoke your consent for storage or the purpose for the data storage is omitted (e.g. after completion of your request). Mandatory statutory provisions - especially retention periods - remain unaffected.
We may transmit your personal data, which you provide to us via your application, to clients of ours who are offering a role matching the one you are seeking.
We may transmit the contact details of the contact person in your organization to the applicants.
We have no plans to transfer data to a third country.
We store your personal data for as long as this is necessary in order to make a decision on your particular application. The data will be erased after this purpose has been fulfilled, i.e. when the application process for the position in question ends, unless you explicitly state that you would like to be included in our talent pool until you withdraw your consent. If you send an unsolicited application and give your consent, you will be included in our talent pool directly and your data will be stored until you withdraw your consent. Your data will be erased immediately upon your request (withdrawal of consent) and can also be viewed or updated.
We, or our hosting provider, collect data regarding every instance of access to the server (log files) on the basis of legitimate interests (Article 6(1)(f) GDPR). The access data include the name of the website requested, file, date, time, quantity of data transferred, notification of successful request, browser type and version, user’s operating system, previously visited website, IP address and the provider making the request. Log files are stored for a maximum of seven days, for security reasons (e.g. to enable the investigation of attacks) and to enable troubleshooting, and are subsequently erased. They will only be used in other ways (in order to provide evidence) in the event of a security incident (e.g. an attack on the website).
We require cookies for the following applications: Google Analytics and Google DoubleClick. The functioning of Google Analytics is explained in the following section. The third-party DoubleClick cookie is used for Display Advertiser features provided by Google Analytics, such as remarketing. developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
These cookies store and transfer the following data: a unique ID, domain and path information and a parameter name with an associated value. The user data collected by technically necessary cookies are not used to create user profiles.
Our online offering makes use of content or services offered by third parties in order to include this content or these services on the basis of our legitimate interests (Article 6(1)(f) GDPR). These third-party providers receive users’ IP addresses in order to be able to send the content to users’ browsers. We make every effort only to use content whose providers will use the IP addresses solely for the purpose of providing this content. Third-party providers may also use pixel tags (invisible graphics or “web beacons”) for statistical purposes. These make it possible to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device, may contain technical information concerning the browser and operating system, referring web pages and time of visit as well as other information on the use of our online offering, and may be combined with information of this nature from other sources.
Google will only use this information on our behalf in order to analyze the use of our online offering by users. We only use Google Analytics with IP anonymization activated. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser will not be merged with other Google data.
You may prevent the storage of cookies by selecting the appropriate settings in your browser software and your consent will be revoked at any time with effect for the future. You can use the following deactivation link: Disable Google Analytics
You can also prevent these data from being collected and used by installing this browser plug-in: https://tools.google.com/dlpage/gaoptout?hl=en.
For more information on the use of data by Google, on the settings you can use and on the possibility of making an objection, please see policies.google.com/technologies/partner-sites (“How Google uses information from sites or apps that use our services”), https://policies.google.com/technologies/ads?hl=en (“Advertising”), https://www.google.com/settings/ads (“Manage the information Google uses to show you ads”).
We have concluded a data processing contract with Google and implement the strict regulations of the German data protection authorities in full in our use of Google Analytics.
Our online offering may include features and content belonging to the service Xing. The provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany.
This may include content such as images, videos or text as well as buttons. If the user is a member of Xing, Xing may associate the access to the above-mentioned content and features with the user’s personal profile.
Our online offering may include features and content belonging to the service LinkedIn. The provider is LinkedIn AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany.
This may include content such as images, videos or text as well as buttons. If the user is a member of LinkedIn, LinkedIn may associate the access to the above-mentioned content and features with the user’s personal profile.
LinkedIn is certified under the Privacy Shield Framework, which means that it guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active, opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Within our online offer the so-called "Facebook pixel" of the social network Facebook is used due to our legitimate interests in the analysis and optimization and economical operation of our online offer and for these purposes. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA.
With the help of the Facebook pixel, it is on the one hand possible for Facebook to designate the visitors of our offer as a target group for the presentation of advertisements, so-called "Facebook Ads". Accordingly, we use the Facebook pixel to display the Facebook ads we have been sent, only to those Facebook users who are likely to be interested in the ad.
Our online offering may include features and content belonging to the service Facebook.
This may include content such as images, videos or text as well as buttons. If the user is a member of Facebook, Facebook may associate the access to the above-mentioned content and features with the user’s personal profile.
Facebook Data Policy: https://www.facebook.com/policy.php.
Our online offering may include features and content belonging to the service Twitter. The provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
This may include content such as images, videos or text as well as buttons. If the user is a member of Twitter, Twitter may associate the access to the above-mentioned content and features with the user’s personal profile.
Twitter is certified under the Privacy Shield Framework, which means that it has committed to complying with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active).
You have the following data protection rights — subject to individual circumstances — and can contact us at any time using the contact details provided in Sections 1 and 2 above in order to exercise these rights.
You have the right to obtain information regarding the personal data relating to you which we process and to obtain access to your personal data and/or copies of these data. This includes information on the purpose of use, the category of the data used, the recipients of the data and parties who are entitled to access the data and, where possible, the envisaged period of data storage, or, if not possible, the criteria used to determine that period.
You have the right to have incorrect personal data relating to you corrected or, if they are incomplete, completed by us without undue delay.
Insofar as personal data relating to you are processed on the basis of Article 6(1)(f) GDPR, you have the right to object at any time, for reasons relating to your particular situation, to the processing of these data. We will then no longer process these personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or unless the data are processed for the establishment, exercise or defense of legal claims.
Where the processing is based on consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to obtain from us the erasure of personal data concerning you without undue delay and we have the obligation to erase personal data without undue delay where one of the following grounds applies:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
You object to the processing pursuant to Section 8c above and there are no overriding legitimate grounds for the processing.
The personal data have been unlawfully processed.
The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject.
This shall not apply to the extent that processing is necessary:
For the establishment, exercise or defense of legal claims.
You have the right to obtain from us restriction of processing where one of the following applies:
The accuracy of the personal data is contested by you — restriction may then be obtained for a period enabling us to verify the accuracy of the personal data,
The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead,
We no longer need the personal data for the purposes of processing, but they are required by you for the establishment, exercise or defense of legal claims, or
You have filed an objection to processing pursuant to Section 8c above — restriction may then be obtained for as long as it remains unclear whether our legitimate grounds outweigh yours.
Where processing has been restricted under this subsection e, such personal data shall — with the exception of storage — only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If you have obtained a restriction of processing, we will inform you before lifting this restriction.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.