We take your data protection very seriously!
The following links provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declarations. Simply click on the link you require.
Data protection website
Find out here how we handle your data on this website.
Data protection Video surveillance
Read here how we handle our video surveillance data.
Data protection social media
Our social media channels are subject to our strict data protection rules. Read more here.
Data protection for applicants
Your application is subject to the strictest data protection rules, on which you can view here.
Data protection statement
1. Data protection at a glance
General information
The following information provides a simple overview of what happens with your personal information when you visit this web site. Personal information is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection statement, which can be found below this text.
Data collection on our web site
Who is responsible for the data collection on our web site?
The data processing on this web site is carried out by the web site operator. The web site operator’s contact details can be found in the section of this data protection statement entitled “Information about the responsible party”.
How do we collect your data?
On the one hand, your data is collected because you provide us with it. For example, this could be data which you enter into a contact form.
Other data is collected by our IT systems automatically or with your consent when you visit the web site. This mainly concerns technical data (e.g. web browser, operating system or date/time when web site was accessed). This data is collected automatically as soon as you visit this web site.
What do we use your data for?
Some of the data is collected to ensure that the web site is provided free of errors. Other data can be used to analyse your usage behaviour.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request restriction of the processing of your personal information under certain circumstances. You also have the right to complain to the responsible supervisory authority.
You are welcome to contact us at any time concerning this and other matters concerning data protection.
Analysis tools and third party tools
Your surfing behaviour can be statistically evaluated when you visit this web site. This mainly takes place using so-called analysis programs.
Detailed information about these analysis programs can be found in the following data protection statement.
2. Hosting
We host the content of our web site with the following provider:
All-Inkl
The provider is ALL-INKL.COM - Neue Medien Münnich, owned by René Münnich, Hauptstraße 68, 02742 Friedersdorf (referred to in the following as All-Inkl). Details can be found in the All-Inkl data protection statement: https://all-inkl.com/datenschutzinformationen/.
The use of All-Inkl takes place on the basis of Art. 6 para. 1 lit. f GDPR. We have a justified interest in having our web site displayed in a way that is as reliable as possible. Provided that appropriate consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and section 25 para. 1 of the Telecommunications Digital Services Data Protection Act (TDDDG), provided that the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) in the meaning of the TDDDG. The consent can be revoked at any time.
Order processing
We have signed an order processing contract (AVV) for the use of the above-mentioned service. This is a contract which is prescribed by data protection law which ensures that the service can only process the personal information of our web site visitors in accordance with our instructions and in accordance with the GDPR.
3. General notes and mandatory information
Data protection
The operators of these pages take the protection of your personal information very seriously. We treat your personal information confidentially, in accordance with the statutory data protection guidelines and this data protection statement.
Various items of personal information are collected when you visit this web site. Personal information consists of data with which you can be personally identified. This data protection statement explains which data we can collect and what we use it for. It also explains how and for what purpose this takes place.
We would like to draw your attention to the fact that online data transfers (e.g. during e-mail communication) may involve security risks. It is impossible to provide data with complete protection against unauthorised access by third parties.
Note concerning the responsible authority
The responsible authority for the data processing on this web site is:
Malsch GmbH
Rohbergstraße 9
36208 Wildeck-Obersuhl, Germany
Phone: +49 6626 915100
E-Mail: info@bettenmalsch.de
The responsible authority is the natural or juristic person who decides on the purposes and means of the processing of personal information (e.g. names, e-mail addresses or the like), either individually or together with others.
Duration of storage
Unless a more specific storage duration has been specified within this data protection statement, your personal information will be stored by us until the purpose of the data processing no longer exists. If you submit a legitimate deletion request or revoke your consent for data processing, your data will be deleted unless we have other legally permitted reasons for storing your personal information (e.g. retention period under tax or commercial law); in the latter case, deletion will take place when these reasons no longer apply.
General information about the legal basis for the data processing on this web site
If you have given your consent to data processing, we will process your personal information on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, provided that special categories of data in accordance with Art. 9 para. 1 GDPR are being processed. In the case of explicit consent for the transmission of personal information to non-member states, the data processing also takes place on the basis of Art. 49 para. 1 lit. a GDPR. If you have given consent for the storage of cookies or access to information on your terminal device (e.g. via device fingerprinting), the data processing also takes place on the basis of section 25 para. 1 TDDDG. The consent can be revoked at any time. If your data is required to fulfil a contract or carry out pre-contractual measures, we will process your data on the basis of Art. 6 para. 1 lit. b GDPR. We will also process your data if it is required to fulfil a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. The data processing can also take place on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Information about the legal basis that applies in individual cases is provided in the following paragraphs of this data protection statement.
Data protection officer
We have nominated a data protection officer.
bits + bytes it-solutions GmbH & Co. KG Krombacher Straße 24
57223 Kreuztal, Germany
Phone: 0700 20 30 10 30
E-mail: datenschutz@bits-bytes.de
Recipient of personal information
Within the scope of our business activities, we cooperate with various external bodies. In some cases, personal information also needs to be transferred to these external bodies. We only pass on personal information to external bodies if this is needed to fulfil a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in the transfer in accordance with Art. 6 para. 1 lit. f GDPR or if another legal basis allows the information to be passed on. When processing companies are being used, we only pass on the personal information of our customers on the basis of a valid order processing contract. In the case of joint processing, a joint processing contract is concluded.
Revocation of your consent for data processing
Many data processing procedures are only possible if you have given your explicit consent. You can revoke consent that you have already given at any time. The legality of the data processing which has been carried out up to the time of revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)
IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL INFORMATION AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION STATEMENT. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL INFORMATION UNLESS WE CAN PROVE COMPELLING LEGITIMATE REASONS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION IN ACCORDANCE WITH ART. 21 PARA. 1 GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL INFORMATION THAT CONCERNS YOU FOR THE PURPOSE OF THIS KIND OF ADVERTISING AT ANY TIME. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSES OF DIRECT MARKETING (OBJECTION IN ACCORDANCE WITH ART. 21 PARA. 2 GDPR).
Right to complain to the responsible supervisory body
In the event of violations of the GDPR, the persons affected can complain to a supervisory authority, particularly in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to complain is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in order to fulfil a contract given to you or to a third party in a common, machine-readable format. If you request direct transfer of the data to another responsible party, this will only take place if it is technically feasible.
Information, correction and deletion
Within the framework of the applicable legal provisions,you are entitled at any time to obtain free information about your stored personal data, its origin and the recipient, and the purpose of the data processing and, if applicable, have the right to correction or deletion of this data. You can contact us at any time about this and other matters concerning personal data.
Right to restriction of processing
You have the right to request restriction of the processing of your personal data. You can contact us at any time to do this. The right to restriction of processing exists in the following cases:
- If you dispute the accuracy of your personal data which we have stored, we will usually need time to check this. You have the right to request restriction of the processing of your personal data for the duration of the checking.
- If the processing of your personal data was/is unlawful, you can request restriction of the data processing rather than deletion of the data.
- If we no longer require your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data rather than the deletion thereof.
- If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. Until it is clear whose interests prevail, you have the right to request restriction of the processing of your personal data.
If you have restricted the processing of your personal data, with the exception of the storage thereof it may only be processed if you have given your consent or for the purpose of asserting, exercising or defending legal claims or to protect the rights of another natural or legal person, or for reasons of important public interest of the European Union or an EU member state.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the operator of the web site. An encrypted connection is recognisable from the fact that the address line of the browser changes from "http://" to "https://" and by the padlock symbol in your browser line.
If SSL or TLS encryption is activated, the data which you send to us cannot be read by third parties.
Objection to advertising emails
The use of contact data which has been published within the context of legal notice regulations for the sending of promotional material and information which has not been explicitly requested is hereby expressly prohibited. The site operators explicitly reserve the right to take legal action against any party which sends unsolicited advertising information by means of spam e-mails, for example.
4. Data collection on our web site
Cookies
Our websites use so-called "cookies". Cookies are small data packets which are harmless to your terminal device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them or they are automatically deleted by your web browser.
Cookies may come from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies make it possible to integrate certain third-party services within websites (cookies for processing payment services, for example).
Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behaviour, or for advertising purposes.
Cookies which are required to perform electronic communication, provide certain functions you require (e.g. for the shopping cart function) or optimise the website (e.g. cookies for measuring the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for providing its services in a technically error-free and optimised way. If consent has been requested for the storage of cookies and comparable recognition technologies, processing will take place exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG), whereby the consent can be revoked at any time.
You can set up your browser to inform you about the setting of cookies, and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or all cookies, and activate the automatic deletion of cookies when the browser is closed. The functionality of this website may be restricted if cookies are deactivated.
You can find out which cookies and services are used on this website in this data protection statement.
If you prohibit the use of cookies, you may encounter restrictions in your use of the website. We use Matomo with the extension "AnonymizeIP". In this way IP addresses are only further processed in truncated form. Direct personal identification is excluded in this way. The IP address transferred by your browser by means of Matomo will not be combined with any other data collected by us.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser sends to us automatically. This information includes:
- Browser type and browser version, the operating system which is used, and the referrer URL
- Host name of the accessing computer, date/time of server request
- IP address
This data is not merged with other data sources.
This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website, for which purpose the server log files must be recorded.
Contact form
When you send us inquiries via the contact form, the information provided on the form will be saved, including the contact data which you have provided, in order to process the inquiry and deal with any subsequent queries. We will not pass on this data on to third parties without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your inquiry is related to the fulfilment of a contract or is required to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries which are sent to us (Art. 6 para. 1 lit. f GDPR) or based on your consent (Art. 6 para. 1 lit. a GDPR) if this was requested; the consent can be revoked at any time.
We will retain the data which you enter in the contact form until you ask us to delete it, revoke your consent to the storage thereof or if the purpose for storing the data no longer exists (e.g. upon completion of the processing of your inquiry). Mandatory legal provisions, particularly retention periods, remain unaffected.
Inquiry by email, telephone or fax
If you contact us by email, telephone or fax, your inquiry, including all of the personal data resulting from it (name, inquiry), will be stored and processed by us for the purpose of processing your concern. We will not pass on this data on to third parties without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your inquiry is related to the fulfilment of a contract or is required to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries which are sent to us (Art. 6 para. 1 lit. f GDPR) or based on your consent (Art. 6 para. 1 lit. a GDPR) if this was requested; the consent can be revoked at any time.
We will retain the data which you send to us via contact requests until you ask us to delete it, revoke your consent to the storage thereof or if the purpose for storing the data no longer applies (e.g. upon completion of the processing of your concern). Mandatory legal provisions, particularly statutory retention periods, remain unaffected.
5. Analysis tools and advertising
Matomo
This website uses the Matomo open source web analysis service.
Matomo helps us to collect and analyse data regarding the use of our website by website visitors. Among other thing, this allows us to find out when which page views took place, and which region they come from. We also record various log files (e.g. IP address, referrer, browsers and operating systems used), and can determine whether our website visitors carry out certain actions (e.g. clicks, purchases etc.).
The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise its web site content and its advertising. Provided that appropriate consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and section 25 para. 1 of the Telecommunications Digital Services Data Protection Act (TDDDG), provided that the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) in the meaning of the TDDDG. The consent can be revoked at any time.
IP anonymisation
We use IP anonymisation during the analysis with Matomo. This means that your IP address is shortened prior to the analysis so that it can no longer be clearly assigned to you.
Hosting
Matomo is hosted exclusively on our own servers, so that all analysis data remains with us and is not passed on.
6. Own services
Handling of applicant data
We give you the opportunity to apply to us (e.g. by email, post or via an online application form). In the following, we will inform you about the scope, purpose and use of your personal data that is collected as part of the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other legal provisions, and that your data is treated in strict confidence.
Scope and purpose of data collection
If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes from job interviews, etc.) insofar as this is necessary to decide whether we wish to establish an employment relationship. The legal basis for this is section 26 of the Federal Data Protection Act (BDSG) under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and, provided that you have given your consent, Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.
If the application is successful, the data which you have submitted will be stored in our data processing systems on the basis of section 26 of the Federal Data Protection Act (BDSG) and Art. 6 para. 1 lit. b GDPR in order to carry out the employment relationship.
Data retention period
If we are unable to make you a job offer, you reject a job offer or you withdraw your application, we reserve the right to store the data which you have provided us with on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application).
The data will then be deleted, and the physical application documents will be destroyed. The data that is stored is particularly important for providing evidence in the event of legal disputes. If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), it will not be deleted until the purpose for further storage no longer applies.
A longer storage period can also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention periods prevent the deletion of the data.
Data protection information regarding video surveillance
We use video surveillance on the premises of Malsch GmbH, and some information on the subject of data protection can be found in the following.
Who is responsible for data processing?
The responsible party within the meaning of data protection law is:
Malsch GmbH
Rohbergstr. 9
36208 Wildeck-Obersuhl, Germany
More information about our company, details of the authorized representatives and also other contact alternatives can be found in the legal information of our website: https://bettenmalsch.com/de/impressum.html
Purpose of video surveillance and legal basis
Video surveillance takes place in order to monitor access rights, prevent criminal offences and preserve evidence if criminal offences occur.
The legal basis for video surveillance is Art. 6 para. 1 lit. f) GDPR, whereby our interests arise from the above-mentioned purposes.
Recipient / passing on of data
If criminal offences are suspected, we will pass the information on to the law enforcement authorities if necessary.
Otherwise, the data will only be passed on if there is a legal basis for passing it on. This may particularly be the case if the police or other security authorities become involved as part of so-called threat prevention and request access to the video surveillance data.
Data processing outside the European Union
No processing of personal data takes place within the scope of video surveillance.
Data protection officer
We have nominated a data protection officer. Contact details:
bits + bytes it-solutions GmbH & Co. KG
- Data Protection Officer –
Krombacher Straße 24
57223 Kreuztal, Germany
E-mail: datenschutz@bits-bytes.de
Your rights as a data subject
You have the right to information about your own personal data. You can contact us at any time to request information.
If you make a request for information that is not in writing, please understand that we may require proof from you that you are the person you claim to be.
You also have the right to correction, deletion or restriction of processing, insofar as you are legally entitled to this.
Finally, you have the right to object to processing within the framework of the statutory requirements.
You also have the right to data portability within the scope of the data protection law specifications.
Deletion of data
Video surveillance data is generally deleted after 72 hours.
Storage can take place for a longer period on an ad hoc basis if the facts justify the assumption that recordings from a limited period of time reveal actions that are to be prosecuted as a criminal offence or used to assert claims in accordance with civil law.
In the event of absence or illness of the responsible personnel, video recordings can take place for up to 10 days in isolated cases.
Right to complain to a supervisory authority
You have the right to complain to a data protection supervisory authority concerning our processing of personal data.
Data protection Social Media
Our social media presences
This data protection statement applies to the following social media presences
https://www.facebook.com/malschgmbh/
https://www.xing.com/pages/malsch-gmbh
https://www.linkedin.com/company/malsch-gmbh/
https://www.youtube.com/channel/UCVbJiz5ni4L7NDwkeLSZ4Tg
Data processing by social networks
We maintain profiles on social networks which are accessible to the public. You can find the social networks which we use in the following.
Social networks such as Facebook, X etc. can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (such as "Like" buttons or advertising banners). Visiting our social media presences triggers numerous data protection-related processing operations. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected via cookies which are stored on your device or by recording your IP address, for example.
With the aid of the data that is collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. This makes it possible for interest-based advertising to be displayed to you inside and outside of the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on any device on which you are or were logged into.
Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details concerning this, please refer to the terms of use and data protection provisions of the respective social media portals.
Legal basis
Our social media presences are intended to provide the most comprehensive possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes which are initiated by the social networks may have different legal grounds, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).
Responsible party and assertion of rights
If you visit one of our social media presences (such as Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations which are triggered during this visit. You can basically assert your rights (for information, correction, deletion, restriction of processing, data portability and complaints) against both us and the operator of the respective social media portal (e.g. Facebook).
Please note that despite our joint responsibility with the social media portal operators, we do not have complete control over the data processing procedures of the social media portals. Our options are essentially based on the corporate policy of the respective provider.
Duration of storage
The data which we collect directly via the social media presence will be deleted from our systems as soon as you request deletion, revoke your consent to storage or if the purpose for storing the data no longer applies. Stored cookies will remain on your terminal device until you delete them. Mandatory legal provisions, particularly retention periods, remain unaffected.
We have no control over the storage duration of your data which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).
Your rights
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to object, to data portability and the right to lodge a complaint with the responsible supervisory authority. You can also request the correction, blocking, deletion and, under certain circumstances, restriction of the processing of your personal data.
Individual social networks
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter referred to as Meta). According to Meta, the data that is collected is also transferred to the USA and other third countries.
We have concluded a joint processing agreement with Meta (Controller Addendum). This agreement specifies which data processing operations we or Meta are responsible for when you visit our Facebook page. You can view this agreement at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum.
You can change your advertising settings yourself in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.
Details can be found in the Facebook data protection statement:
https://www.facebook.com/about/privacy/.
The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA which is intended to ensure compliance with European data protection standards when data is being processed in the USA. Every company that is certified under the DPF undertakes to adhere to these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on how your personal data is dealt with can be found in YouTube’s privacy policy:
https://privacy.xing.com/de/datenschutzerklaerung.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you wish to deactivate LinkedIn advertising cookies, use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:
https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
Details on how your personal data is dealt with can be found in LinkedIn’s privacy policy:
https://www.linkedin.com/legal/privacy-policy.
YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how your personal data is dealt with can be found in YouTube’s privacy policy:
https://policies.google.com/privacy?hl=de.
The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA which is intended to ensure compliance with European data protection standards when data is being processed in the USA. Every company that is certified under the DPF undertakes to adhere to these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt000000001L5AAI&status=Active
Data protection information for applicants
We are pleased that you have shown an interest in us and are applying or have applied for a position within our company. We would like to provide you with information concerning the processing of your personal data in connection with the application in the following.
Who is responsible for data processing?
The responsible party within the meaning of data protection law is:
Malsch GmbH
Rohbergstr. 9
36208 Wildeck-Obersuhl, Germany
You can find further information about our company, details of the authorized representatives and other contact alternatives in the legal information of our website at:
https://bettenmalsch.com/de/impressum.html
Which data of yours do we process? And for which purposes?
We process the data that you have sent to us in connection with your application in order to check your suitability for the position (or other vacancies within our company) and to carry out the application process.
What is the legal basis for this?
The legal basis for processing your personal data in this application process is primarily section 26 of the Federal Data Protection Act (BDSG) in the version applicable from May 25, 2018. According to this, data may be processed that is required in connection with making the decision as to whether to establish an employment relationship.
If the data is required for legal proceedings after the application process has been completed, data processing can take place on the basis of the requirements of Art. 6 GDPR, particularly in order to protect legitimate interests in accordance with Art. 6 Paragraph 1 lit. f) GDPR. Our interest then lies in the assertion or defending of claims.
For how long is the data stored?
If the application is rejected, the applicants' data is deleted after 6 months.
If you have agreed to the storage of your personal data for a longer period, your data will be transferred to our applicant pool. The data in the applicant pool will be deleted after two years.
If you are offered a position/employed as part of the application process, the data from the applicant data system will be transferred to our HR information system.
Who will receive the data?
We use Indeed for the application process. Indeed acts as a service provider for us, and may also receive knowledge of your personal data in connection with your application. We have concluded a so-called order processing agreement with this provider, which ensures that the data processing takes place in a permissible manner.
Your applicant data will be reviewed by the HR department after we receive the application. Suitable applications will then be forwarded internally to the heads of department for the respective vacancy. The rest of the procedure will then be coordinated. Only the persons within the company who need it to carry out our application procedure properly will have access to your data.
Your rights as a "data subject"
You have the right to information about the personal data of yours which we process.
If you make a request for information that is not in writing, please understand that we may then require proof from you that you are the person you claim to be.
You also have the right to correction, deletion or restriction of processing, insofar as you are legally entitled to this.
You also have the right to object to processing within the framework of the legal specifications. The same applies to the right to data portability.
Our data protection officer
We are not legally obliged to appoint a data protection officer. If you have any questions about data protection, please contact us.
We have nominated a data protection officer. Contact details:
bits + bytes it-solutions GmbH & Co. KG
- Data Protection Officer –
Krombacher Straße 24
57223 Kreuztal, Germany
E-mail: datenschutz@bits-bytes.de
Right to complain
You have the right to complain to a data protection supervisory authority concerning our processing of personal data.