Data protection information for the website and social media appearances of PRODYNA SE and companies belonging to the group (hereinafter referred to as PRODYNA) and for sending e-mails by PRODYNA.
The website and the social media appearances are intended to provide information about PRODYNA’s services and about PRODYNA as an employer. Through the website and the social media appearances interested persons also have the opportunity to contact PRODYNA.
Personal data is processed in connection with the website, the offers made available on the website, social media appearances and sending of e-mails.
Below you will find information about the company responsible for processing your personal data, his representative and the data protection officer, as well as your rights with regard to the processing of your personal data.
In this policy, the term “personal data” refers to data that relates to an individual and identifies this person either directly or indirectly (in conjunction with other information that may be likely to come into the possession of PRODYNA), such as your name, email address or telephone number, particularly in connection with applications.
Information about each responsible company
- Qnit AG, Dornhofstraße 38a, 63263 Neu-Isenburg, Germany
- Qnit Austria GmbH, Leonard-Bernstein-Straße 10, 1220 Wien, Austria
- Qnit d.o.o., Starine Novaka 23, 11060 Belgrad, Serbia
Collection of personal data
In general, you can access PRODYNA’s website without providing any personal information. Your browser transmits information to our server which are technically necessary for display our website and to ensure stability and security. These are IP address, date and time of the request, time zone difference to GMT, content of requests, access status / http status code, amount of data transferred, webpage that the request comes from, browser, operating system and its interface and language and version of the browser software.
To access some areas of our website, for example to apply for a position, we may need to obtain personal data from you. The entering of personal data in such cases is voluntary, and you are explicitly requested to provide such personal data and informed about the intended use of such personal data. If you do not provide us with the required personal data, you may won’t be able to use some functions offered by our website. The typical reasons for us collecting personal data are listed below, along with a brief description of how your personal data is treated in each case.
- Communication with you. We will respond to any comments and requests that you submit to us through our website, such as online enquiries, comments, or registration to attend a conference. This may involve calling you on the telephone or sending an email to you.
- Creating aggregated statistics regarding the use of our website.
- Your personal data will be stored accordingly on our systems.
- Training and further education. Your personal data will be used for certification exams and certificates of participation for the purpose of legitimizing and issuing your training certificate. PRODYNA or external trainer use lists of participants with personal data for internal organization, e.g. individual preparation of participants or sending of training material. Participation in feedback questionnaires regarding training quality is voluntary and anonymous. Online registration for public trainings is done via Eventbrite.de or XING.de, their data protection regulations apply.
The following table lists the categories of personal data that PRODYNA processes or could process as part of the processing activities described in this Global Privacy Statement.
- Personal data: Name, preferred gender pronoun, contact information of any kind (such as email, phone numbers, address), gender, date of birth, age, place of birth.
- Confidential data: PRODYNA may also collect certain types of confidential information if permitted by or with your consent under the laws of that country, such as health/medical data (including disability status and dietary requirements/allergies at events organized/sponsored by us). PRODYNA will only use this confidential information for the purposes described in Table 3.
- Audiovisual media: Photographs and images/recordings taken on CCTV or other video systems and voice recordings.
- Position: Description of current position, job title, employer, location, PRODYNA contact(s).
- System and application access data: When you access PRODYNA systems, PRODYNA may collect data necessary to access such PRODYNA systems and applications, such as system ID, LAN ID, e-mail account, instant messaging account, mainframe ID, system passwords, access and activity logs, and electronic content created with PRODYNA systems.
In addition, PRODYNA may process the personal data listed in the table below for recruitment purposes.
- Personal data: In addition to the personal information listed above, PRODYNA may collect other personal information for recruitment purposes, such as National Identification Number, Social Security Number, Insurance Information, Family / Partnership Status, Life Partners, Relatives, Emergency Contacts, Military Service.
- Confidential data: PRODYNA may collect certain types of confidential information if permitted by applicable local law or if you have consented to it, such as health/medical information (including disability), trade union membership information, religion, race or ethnicity, minority flag and (to the extent permitted by law) information about criminal convictions and offences. PRODYNA collects this information for specific purposes, such as health/medical information, to address a disability or illness and provide care; background checks; religious or church affiliation in countries such as Germany, where such information is required for statutory tax deductions; and personal diversity data (such as race or ethnicity) to comply with legal obligations and internal policies regarding diversity and equal treatment.
- Immigration data: PRODYNA may collect information about citizenship, passport, residence or work permit (physical copy and/or electronic copy).
- Information talentmanagement: Information required for a background check, details of performance decisions and outcomes, performance feedback and alerts, e-learning/training programs, performance and development reviews (including information you provide when requesting/providing feedback, prioritizing, updating your input into relevant tools), driver’s license and vehicle letter, and biographical information.
As stated in the Global Privacy Statement, PRODYNA processes your personal data for various purposes. The following table lists the individual purposes for which PRODYNA processes your personal data.
- Facilitation of communication with you (also in emergencies): Facilitate communication with you, ensure business continuity, protect the health and safety of employees and others, protect IT infrastructure, office equipment and other assets, facilitate communication with you and the emergency contacts you specify.
- Tracking your use of PRODYNA’s property: Monitor activities in accordance with the laws of the country and/or PRODYNA policies in force (including monitoring the use of PRODYNA resources).
- Data analysis: Analysis of business processes and data to describe, predict and improve PRODYNA’s economic performance and/or to provide the user with a better experience. The analyses include in particular descriptive analyses, predictive analyses, analyses of the behaviour of individuals (customers, business contacts) through the use of personal data as well as marketing, individual customer view and customer journey analyses.
- Recruitment: Managing applications, including conducting interviews and assessments, performance appraisals, financial planning, managing payments, managing inclusion and diversity programs, conducting background checks, planning and monitoring training requirements.
Use of personal data for marketing purposes
The bulk of the personal data we collect and use for marketing purposes relates to individual employees of our clients and other companies with which we have an existing business relationship. We may also obtain contact information from public sources, including content made public at social media websites, to make an initial contact with a relevant individual at a client or other company.
We send commercial e-mail to individuals at our client or other companies with whom we want to develop or maintain a business relationship in accordance with applicable marketing laws. Our targeted e-mail messages typically include web beacons, cookies, and similar technologies that allow us to know whether you open, read, or delete the message, and links you may click. When you click a link in a marketing e-mail you receive from PRODYNA, we will also use a cookie to log what pages you view and what content you download from our websites, even if you are not registered at or signed into our site.
Targeted e-mails from PRODYNA may include additional data privacy information, as required by applicable laws.
Like most companies, PRODYNA uses customer relationship management (CRM) database technology to manage and track our marketing efforts. Our CRM databases include personal data belonging to individuals at our client and other companies with whom we already have a business relationship or want to develop one. The personal data used for these purposes includes relevant business information, such as: contact data, publicly available information (e.g. board membership, published articles, press releases, your public posts on social media sites if relevant for business purpose), your responses to targeted e-mails (including web activity following links from our e-mails), website activity of registered users of our website, and other business information included by PRODYNA professionals based on their personal interactions with you. If you wish to be excluded from our CRM databases, please contact us.
We may transfer personal data to our service providers, professional advisors, public and governmental authorities or third parties in connection with a (potential) corporate or commercial transaction. Such third parties may be located in other countries. Before we do so, we shall take the necessary steps to ensure that your personal data is protected adequately as required by relevant data privacy laws and PRODYNA’s internal policies.
Unless you are otherwise notified, any transfers of your personal data from within the European Economic Area (EEA) to third parties outside the EEA will be based on an adequacy decision or are governed by the standard contractual clauses. Any other non-EEA related transfers of your personal data will take place in accordance with the appropriate international data transfer mechanisms and standards.
Your rights regarding marketing communications
You can exercise your right to prevent marketing communications to you by checking certain boxes on the forms we use to collect your personal data, or by utilizing opt-out mechanisms in e-mails we send to you. You can also exercise the right to discontinue marketing communications to you, or to have your personal data removed from our customer relationship management (CRM) databases at any time by contacting us. In such cases, we will retain minimum personal data to note that you opted out in order to avoid contacting you again. Alternatively, you may want to email us under firstname.lastname@example.org to inform us about your opt-out preferences.
If you have any questions about privacy or would like to provide us with permissions for websites or for promotional purposes, please contact us.
Use of personal data during your visit to our business premises
In addition to the information provided above, this section tells you how we use personal data when you visit PRODYNA’s offices.
This information also relates to the potential processing of your personal data by video surveillance and access control systems where such systems are active.
When entering our business premises, personal data such as name, first name and, if applicable, employer, as well as your time of arrival and departure are collected. This is based on project-specific requirements, which have an increased level of security and make this documentation necessary. This data is also usually stored for 12 months.
If you have received an access card from us, access to the premises is recorded and stored by the office complex’s own access control system. If you would like further information on this, please contact us at the specific address you have requested.
Particularly sensitive personal data
As a rule, PRODYNA does not obtain any “particularly sensitive personal data” via its website. “Particularly sensitive personal data” includes personal data concerning race, political opinion, religious or philosophical beliefs, trade union membership, health or sex life. By voluntarily providing us with particularly sensitive personal data (such as by submitting your CV or applying for a job online), you expressly consent to the use of your personal data as described in this policy.
Disclosure of your personal data
PRODYNA is a global organisation. We have various legal entities (e.g. national companies) and partners in Switzerland, in certain EU Member States as well as in other European countries. Our internal processes and infrastructures are therefore international in their nature and scope.
Accordingly, you should be aware that we may share your personal data with third parties, for the purpose of processing it on our behalf. We require that third parties treat the personal data they receive in accordance with PRODYNA’s Data Privacy and Security Policies.
Your personal data may therefore also be subject to cross-border disclosure. Cross-border disclosure of your personal data will be conducted only (i) to countries with equivalent data protection standards, or (ii) on the basis of officially recognized data protection agreements, or (iii) on the basis of officially recogniz ed standard data protection clauses.
Below you find more detailed information on your rights regarding the processing of your personal data under the General Data Protection Right (GDPR):
I. Right of access
As a data subject, you have a right to obtain access and information under the conditions provided in Article 15 of the GDPR. This means that you have the right to obtain confirmation from us as to whether we are processing your personal data. If so, you also have the right to obtain access to the personal data and the information listed in Article 15 paragraph 1 of the GDPR. This includes information regarding the purposes of the processing, the categories of personal data that are being processed and the recipients or categories of recipients to whom the personal data have been or will be disclosed (points (a), (b) and (c) of Article 15 paragraph 1 of the GDPR). You can find the full extent of your right to access and information in Article 15 of the GDPR, which can be accessed using this link.
II. Right to rectification
As a data subject, you have the right to rectification under the conditions provided in Article 16 of the GDPR. This means that you have the right to receive from us without undue delay the rectification of inaccuracies in your personal data and completion of incomplete personal data. You can find the full extent of your right to rectification in Article 16 of the GDPR, which can be accessed using this link.
III. Right to erasure (“right to be forgotten”)
As a data subject, you have a right to erasure (“right to be forgotten”) under the conditions provided in Article 17 of the GDPR. This means that you have the right to obtain from us the erasure of your personal data and we are obliged to erase your personal data without undue delay when one of the reasons listed in Article 17 paragraph 1 of the GDPR applies. This can be the case, for example, if personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed (point (a) of Article 17 paragraph 1 of the GDPR). If we have made the personal data public and are obliged to erase it, we are also obliged, taking account of available technology and the cost of implementation, to take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of those personal data (Article 17 paragraph 2 of the GDPR). The right to erasure (“right to be forgotten”) does not apply if the processing is necessary for one of the reasons listed in Article 17 paragraph 3 of the GDPR. This can be the case, for example, if the processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims (points (a) and (4) of Article 17 paragraph 3 of the GDPR). You can find the full extent of your right to erasure (“right to be forgotten”) in Article 17 of the GDPR, which can be accessed using this link.
IV. Right to restriction of processing
As a data subject, you have a right to restriction of processing under the conditions provided in Article 18 of the GDPR. This means that you have the right to obtain from us the restriction of processing if one of the conditions provided in Article 18 paragraph 1 of the GDPR applies. This can be the case, for example, if you contest the accuracy of the personal data. In such a case, the restriction of processing lasts for a period that enables us to verify the accuracy of the personal data (point (a) of Article 18 paragraph 1 of the GDPR). Restriction means that stored personal data are marked with the goal of restricting their future processing (Article 4 paragraph 3 of the GDPR). You can find the full extent of your right to restriction of processing in Article 18 of the GDPR, which can be accessed using this link.
V. Right to data portability
As a data subject, you have a right to data portability under the conditions provided in Article 20 of the GDPR. This means that you generally have the right to receive your personal data with which you have provided us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us if the processing is based on consent pursuant to point (a) of Article 6 paragraph 1 or point (a) of Article 9 paragraph 2 of the GDPR or on a contract pursuant to point (b) of Article 6 paragraph 1 of the GDPR and the processing is carried out by automated means (Article 20 paragraph 1 of the GDPR). You can find information as to whether an instance of processing is based on consent pursuant to point (a) of Article 6 paragraph 1 or point (a) of Article 9 paragraph 2 of the GDPR or on a contract pursuant to point (b) of Article 6 paragraph 1 of the GDPR in the information regarding the legal basis of processing in Section C of this Data Protection Information. In exercising your right to data portability, you also generally have the right to have your personal data transmitted directly from us to another controller if technically feasible (Article 20 paragraph 2 of the GDPR). You can find the full extent of your right to data portability in Article 20 of the GDPR, which can be accessed using this link.
VI. Right to object
As a data subject, you have a right to object under the conditions provided in Article 21 of the GDPR. At the latest in our first communication with you, we expressly inform you of your right, as a data subject, to object. As a data subject, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Article 6 paragraph 1, including profiling based on those provisions. In the event of an objection relating to your particular situation, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. You can find the full extent of your right to objection in Article 21 of the GDPR, which can be accessed using this link.
VII. Right to withdraw consent
Where an instance of processing is based on consent pursuant to point (a) of Article 6 paragraph 1 or point (a) of Article 9 paragraph 2 of the General Data Protection Regulation, as a data subject, you have the right, pursuant to Article 7 paragraph 3 of the General Data Protection Regulation, to withdraw your consent at any time. The withdrawal of your consent does not affect the legitimacy of the processing that occurred based on your consent until the withdrawal. We inform you of this before you grant your consent.
VIII. Right to lodge a complaint with a supervisory authority
As a data subject, you have a right to lodge a complaint with a supervisory authority under the conditions provided in point (f) of Article 57 paragraph 1 of the General Data Protection Regulation.
Duration of retention
PRODYNA stores your personal data only as long as necessary. In addition, PRODYNA maintains specific policies and procedures for the management and retention of records and data so that personal information is deleted after a reasonable period of time in accordance with the following retention criteria:
- PRODYNA will keep your personal information for as long as we have a business relationship with you.
- PRODYNA will retain your personal information for as long as it is necessary to fulfill a legal obligation.
- PRODYNA will retain your personal data for as long as it is necessary to maintain or improve PRODYNA’s legal position (e.g. in relation to limitation periods, litigation or government investigations).
Please keep your personal data up to date at all times and inform PRODYNA of any significant changes to your personal data.
Reorganization of the company
As is the case with many other organizations, PRODYNA may reorganize its business units around the world, either as a result of the acquisition of new entities or the disposal or merger of existing entities. If this is done, personal data may be disclosed to potential or actual purchasers of parts of our business or personal data may be obtained from potential sellers. In doing so, we strive to ensure that confidentiality is suitably maintained for personal data that is disclosed in the course of such transactions.
Data security and integrity
PRODYNA takes various technological and procedural security measures to protect the personal data we collect, use or transfer against loss, misuse, alteration or destruction. However, please note that, due to the openness and insecure nature of the internet, PRODYNA cannot take responsibility for the security of the transmission of personal data over the internet.
Analysis software and cookies
The website uses analysis software, cookies and social media plug-ins. More information about these is available in the Cookies Policy.
Data Protection Officer
63263 Neu-Isenburg, Germany
We endeavour to respond promptly to enquiries, but a reasonable handling time must be expected.
This policy was last updated on January 18, 2019. Please consult this page regularly to see if this policy has been changed.
This website uses Google Analytics, a web analysis service of Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”). The use includes the “Universal Analytics” operating mode. This facilitates the assignment of data, sessions and interactions across several devices to a pseudonymous user ID and thus the analysis of a user’s activities across devices.
Use of HubSpot
On our website we use the HubSpot marketing automation software of the American company HubSpot Inc., 25 First Street, Cambridge, MA 02141 USA (hereinafter referred to as “HubSpot”) based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our web offer in order to optimize it and to offer you the best possible and user-friendly service). HubSpot is an integrated software solution by which we cover different aspects of our digital marketing, sales and customer relation management.
We use HubSpot for:
- contacting us through the contact form.
- landing pages as part of advertising campaigns including options such as the download of white papers or similar content.
- social media linking and/or social media sharing.
- evaluating the usage of our web pages (e.g. access, pages visited, session time, etc.) as well as publications in social networks.
The contents of our web pages as well as your personal data which you provide, e.g. when using our contact form are usually transmitted to and stored by a HubSpot server in the United States. HubSpot, Inc. has certified to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as administered by the U.S. Department of Commerce, in order to implement appropriate safeguards for such transfers pursuant to Article 46 of the GDPR.
By using our website, you agree to the placement of cookies on your device, as explained in more detail below.
The PRODYNA website uses the following cookies:
- Recognition cookie: identifies unique visitors. The Google Analytics utma cookie allocates a unique ID, which is used to identify the visitor in the case of repeat visits (Duration: 2 years).
- Session cookie: counts the number of visits rather than the number of unique visitors. The Google Analytics utmb cookie deletes itself automatically after 30 minutes. It is placed on a device together with the utmc cookie.
- Session cookie: deletes itself automatically when the browser window is closed. It is placed on the device together with the Google Analytics utmb cookie.
- Campaign Cookie: Measures traffic across all online marketing channels. This means that within this period, the user will carry the data from the last traffic source on the website and, as a result, statistically allocate the conversion or conversion rate to the respective online marketing channel (Name: utmb-Cookie and duration: 6 months).
- These cookies are used by the ShareThis widget. The ShareThis widget allows the user to share content on various social media. No personal information is stored (Name: stid _unam and duration: 1 year according to the browser).
- These cookies are used by the ShareThis widget. ShareThis widget allows the user to share content on various social media. No personal information is stored (Name: _uset and duration: 8 hours).
- Additional cookies that are placed via ShareThis, in order to analyze the audience size. Deregistration from these two cookies is possible here (Name: _UID _UIDR and duration: 2 years).
If you do not wish to be assigned cookies by our website, you must make the setting in your browser that does not allow cookies or that notifies you when a cookie is placed on your device. You can then reject this placement when you receive the message. To find out how to do this, please consult the “Help“ section of your browser.
Google Analytics cookies
As explained above, PRODYNA uses Universal Analytics cookies to obtain standard internet login information as well as details about user behaviour. PRODYNA does this to improve the website. This information does not contain any personal data. The data used for analytical purposes may be linked to personal data obtained from this website or otherwise.
To obtain more information about Universal Analytics cookies, please click here.
Browser add-on for disabling Google Analytics and opt-out cookie
Please click here to find out more about the Google Analytics deactivation add-on for browsers.
Alternatively, you can set a cookie to prevent collection of data by Universal Analytics. Click here to set the opt-out cookie.
Social media / ShareThis cookies
PRODYNA gives users the ability to share pages from our website and blog posts on social networks such as Facebook, Instagram and Twitter. To provide this service, the website uses a plug-in from a third-party website, called ShareThis. If you use our Share button, you will be directed to a website managed by ShareThis, and then to a website managed by the specific social media platform. We do not have any control over the cookies that are placed by ShareThis or the relevant social media platform if you use their services. Cookies from ShareThis can be deactivated here.
Facebook Social Plugins
PRODYNA uses Social Plugins of Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94394, USA (so called: Plugins). By using this service, your browser establishes a direct connection with Facebook or Instagram which belongs to Facebook. Unless you are already on Facebook or Instagram anyway, the content of the plugins will be transmitted to your browser and incorporated by the latter into the website.
Further information about the plugins of Facebook.
You can also prevent the transmission of data to Facebook with an appropriate plugin for your browser. Sharing PRODYNA’s offer with Facebook (e.g. “like” or “share”) is then no longer possible.
PRODYNA also uses the Twitter button, a news service from Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. You can share a post via Twitter or follow PRODYNA on Twitter. When you call up the service, your browser establishes a direct connection with Twitter. Unless you are on Twitter anyway, the contents of the button will be sent to your browser and incorporated into the website.
You can also prevent the data transmission to Twitter with an appropriate plugin for your browser. Sharing the offer of PRODYNA together with Twitter (e.g. “share”) is then no longer possible.
PRODYNA also uses the LinkedIn button, a social network from LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. You can share a post through LinkedIn using LinkedIn. By using this service, your browser establishes a direct connection to LinkedIn. Unless you are on LinkedIn anyway, the contents of the button will be sent to your browser and incorporated into the website.
You can also prevent the transmission of data to LinkedIn with an appropriate plugin for your browser. Sharing the offer of PRODYNA together with LinkedIn (e.g. “share”) is then no longer possible.
PRODYNA also uses the button of XING, a social network of XING AG, Dammtorstr. 29-32, 20354 Hamburg, Germany. You can share a post via XING using the button. Bay using this service, your browser establishes a direct connection with XING. Unless you are on XING anyway, the contents of the button will be sent to your browser and incorporated into the website.
You can also prevent data transmission to XING with an appropriate plugin for your browser. Sharing the offer of PRODYNA together with XING (e.g. “share”) is then no longer possible.
Further information relating the collection, use and disclosure of personal data as part of our application process
Purpose of the collection of personal data
Any personal data, including any personal data contained in the attachments, which you make available to us via the applicant portal or by email, will be collected, processed, and used by PRODYNA exclusively for the purpose of processing your application.
Your data will only be used by the respective company to fill the vacancies for which you have applied. They are not passed on to other companies. If you have submitted an unsolicited application, we will consider your data for all current application procedures that fit your profile. The same applies in the event that you have given us your express consent to the further storage of your applicant profile after completion of an application procedure.
The legal basis for data processing, type and purpose of data collection
We primarily collect your personal data for the purpose of carrying out the application procedure on the legal basis of § 6(1)(b), § 88 General Data Protection Regulation (GDPR) in conjunction with § 26(1) sentence 1(1) of the Federal Data Protection Act (old) (BDSG-alt). Further legal bases are § 6(1)(a) GDPR (“Permission”) and § 6(1)(f) GDPR (“Weighing of interests”), e.g., for personnel evaluations and reporting. Insofar as the processing of personal data is necessary to fulfill a legal obligation to which the data controller is subject, the legal basis is § 6 (1)(c) GDPR.
If special categories of personal data are processed pursuant to § 9(1) GDPR (e.g., health data), this is done on the basis of § 9(2)(b) GDPR. In addition, the processing might be required to assess your work capacities pursuant to § 9(1)(h) GDPR.
In the case of an online application for a specific vacancy or with unsolicited applications, your data are entered by you into the corresponding application form and the associated documents uploaded.
With email applications, we collect all relevant data in our applicant portal and upload your documents including your email. Your email will be deleted from our mailbox afterwards. Please don´t send any applications by post (paper applications), because we cannot process them due to data protection reasons.
Data controller, recipients or categories of recipients to whom the data might be disclosed
Your personal data will be treated strictly confidentially and will only be made available to the responsible persons involved in the application process. To ensure proper operation, only selected employees of PRODYNA involved in the application process have access to your data.
In any case, your personal data will only be processed by the company responsible for the vacancy and, if applicable, by service providers who are contractually bound and legally obliged to comply with the relevant data protection regulations. This does not apply in the event that you have submitted an unsolicited application or have given us your express consent to the further storage of your applicant profile after completion of an application procedure (rejection or hiring). In this case, we consider your data for all current application procedures, i.e. your personal data can be processed by different national companies. You can actively consent to the transfer of your personal data to individual or all national companies. If you do not provide or revoke this consent, your personal data cannot be taken into account for positions within these companies.
If you are hired, your data will be transferred from our applicant portal to our HR administration systems. Your data are processed there as employee data.
PRODYNA works with the software partner Haufe-umantis AG for the operation and maintenance of the applicant portal. Your data will be stored and processed on the systems of our software partner Haufe-umantis AG. Haufe-umantis AG has taken the necessary organizational and technical measures to ensure the confidentiality of your application. Further information can be found on the Haufe website.
Duration of data storage
Your personal data will generally be deleted when the processing is no longer necessary to make a decision on establishing an employment relationship. The duration of the storage depends on the duration of the decision-making process.
When applying online for a specific position, and submitting data to the applicant portal, you have access to your data and the attachments (e.g., your CV) at any time and can delete them yourself. You also have the option to request us to delete your data. If you wish to have your applicant profile deleted immediately, please contact our data protection officer (see above).
Our standard deletion period for an application is six months after completion of the relevant application procedure (rejection or recruitment). If we reject your application, we will inform you by email that you can provide your express consent to the further storage of your applicant profile after completion of an application procedure. In this case, your applicant profile will be deleted automatically from the applicant portal twelve months after the deletion of your last application. The same applies to an applicant profile created for an unsolicited application.
If legal regulations, e.g., storage obligations, do not permit deletion, the processing of your data will instead be limited (i.e. blocked), meaning that they are only accessible to observe mandatory legal regulations. This is also the case if there are indications that you will assert claims against us. The data will be stored as long as the processing of the data is necessary for the assertion, exercise, or defense of legal claims.
Current safety standards
Your data are protected against unauthorized access by encrypted transmission, encrypted storage, a role and authorization concept, a data backup concept, and physical security measures for the servers used. The transmission of your personal data to the servers follows to the security standards of the TLS method.
Use of our applicant portal
Insofar as you wish to use our applicant portal, you must register by stating your email address, a chosen password, your name and the details of how you became aware of us. It is not mandatory to use your real name; the use of an alias is possible. The specification of the data mentioned above is necessary. All further information can be provided voluntarily through the use of our applicant portal.
If you use our applicant portal, we will save the voluntary data provided by you for the time in which you utilize the applicant portal, unless you delete these data beforehand. All information can be managed and amended in the secured applicant section. The legal basis is § 6 (1)(1)(f) GDPR.
In order to prevent unauthorized access to your personal data by third parties, the connection is encrypted using TLS technology.
Further information about your applicant data can be found here.
Use of the chatbot
We collect your data exclusively to contact you or to carry out a simplified application process. We only store your specified data for as long as they are necessary for the communication or the application process. You can revoke your consent at any time. Further information can be found under “Your rights” or under “Data Privacy Applicant“.