PRIVACY NOTICE

With this notice we fulfill our legal obligation according to Art. 13, 14 DSGVO to provide you with the relevant information regarding the processing of your personal data:

The provider collects, uses and stores your personal data in accordance with the provisions of the EU General Data Protection Regulation (DSGVO), the Federal Data Protection Act and the Telemedia Act. Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person. In the following, we inform you about the type, scope and purpose of the collection and use of personal data.

GENERAL

The provider of this website and responsible for data processing is the

coparion GmbH & Co. KG
Ottoplatz 6
50679 Cologne
Phone: 030-58 58 44 00
E-mail: info [at] coparion.vc

The company data protection officer is available at the address

dhpg IT Services GmbH
Mr. Christian Lenz
Bunsenstraße 10a
51647 Gummersbach

respectively at datenschutz [at] dhpg.de and can be reached at the telephone number 02261-8195-0.

WHEN VISITING THE WEBSITE

When you visit our website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

  • shortened IP address
  • Browser type/version
  • Operating system used
  • Referrer URL (the previously visited page)
  • Date and time of the server request
  • Data volume transferred
  • the requesting provider.

The aforementioned data will be processed by us for the following purposes:

  • Ensuring a smooth connection of the website,
  • Ensuring comfortable use of the website,
  • Evaluation of system security and stability, and
  • for other administrative purposes.

The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest is the operation of our website and the associated presentation of our company.

Your data will be deleted as soon as it is no longer needed for the stated purposes, at the latest after 6 months.

PERSONAL DATA WITHIN THE APPLICATION PROCESS

Your personal data in the application documents are required in order to consider you as an applicant in the application process and to check whether you can be considered as an employee of our company. Only authorised employees from the HR department or employees involved in the application process have access to your data. In particular, the following data will be collected: Name (first and last name), e-mail address, telephone number, LinkedIn profile (optional) and channel, how you became aware of us. You also have the option of providing meaningful documents such as a cover letter, your CV and references by e-mail or by uploading them in the applications described below. These may contain additional personal data such as date of birth, address, etc. If you provide information that goes beyond this required information, you provide it to us voluntarily and declare your consent to the processing. The legal bases for the processing are thus Art. 6 para. 1 p. 1 lit. a DSGVO, § 26 para. 2 BDSG as well as Art. 88 DSGVO, § 26 para. 1 BDSG. The revocation of consent is possible at any time. You can send your revocation at any time by e-mail to info [at] coparion.vc.

After the end of the application process, we store your documents for a further 6 months for evidence purposes. Furthermore, there is the option of storing your data for inclusion in our "Talent Pool" for a further 12 months in order to identify any other interesting positions for you. This also applies, for example, to applications for apprenticeships or internships. Inclusion in the "Talent Pool" requires your written consent. If you receive an offer of employment with us as part of the application process and accept this, we will store the personal data collected as part of the application process for at least the duration of the employment relationship.

For a possible conclusion of a contract, it is necessary that you provide us with your personal data in the application documents. Otherwise, we will not be able to consider you in the application process.

a) Personio

The data transmitted as part of your application will be transferred via TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers personnel administration and applicant management software (https://www.personio.de/impressum/). Personio is our order processor in this context in accordance with Art. 28 DS-GVO. The basis for the processing here is an order processing contract between us as the controller and Personio.

b) Workwise, Join & Stepstone

In the course of handling application procedures in our company, we work together with the application platforms of the service providers Workwise GmbH (https://www.workwise.io/impressum), JOIN Solutions AG (https://join.com/imprint/) and StepStone Deutschland GmbH (https://www.stepstone.de/e-recruiting/en/imprint/). Recruiting on behalf of job seekers or employers is not commissioned processing, but the use of an external specialist service of an independently responsible person (LDA-Bayern, FAQ list dated 20.07.2018). Further information on the data protection of the service provider Workwise GmbH can be found in the data protection declaration
at https://www.workwise.io/datenschutz, of JOIN Solutions AG
at https://join.com/privacy-policy/ and of StepStone Deutschland GmbH
at https://www.stepstone.de/e-recruiting/privacy-policy/
 

COOKIES, ANALYSIS TOOLS, PLUGINS AND OTHER THIRD PARTY ELEMENTS

We use cookies on our site. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar). Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware. In the cookie, information is stored that arises in each case in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity. Analysis tools evaluate the user behavior of website visitors and enable the operator of a website to optimize it and adapt marketing measures. Plugins and other third-party elements are used to integrate content from these providers into the website.

a) Required first party cookies

The use of our required first-party cookies serves on the one hand to make the use of our offer more pleasant for you. Thus, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made, so that you do not have to enter them again.

This data is deleted after 6 months at the latest.

We process their data based on our legitimate interest in the external presentation of our company via the website you accessed and to promote user-friendliness. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f DSGVO.

Most browsers accept these cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before such a cookie is created. However, the complete deactivation of cookies may result in the website not being displayed correctly or you not being able to use all the functions of our website.

b) Third-party cookies, plugins and other third-party elements

The third-party cookies, plugins and other third-party elements listed below and used by us are only used with your express consent and thus on the basis of Art. 6 (1) p. 1 lit. a DSGVO. You can revoke your granted consent at any time with effect for the future. Failure to grant or revocation of consent may result in the website not being displayed correctly to you or you not being able to use all the functions of the website.

With the third-party cookies, plugins or other third-party elements that are used, we want to ensure a needs-based design and the ongoing optimization of our website.

The respective function descriptions, any recipients of the data, information on possible transfers to a third country and the storage period can be found in the following notes on the individual processing processes provided with third-party cookies, plugins or other third-party elements.

1) Monotype

We use the Monotype Imaging Holdings Inc. service (600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA; hereinafter "Monotype") on our site in the dynamic variant, to ensure a high quality of presentation of our site. With Monotype, we can access a wide range of fonts to better design the site. A connection is established to the Monotype server when you visit our site in order to obtain the required font directly from there. In this context, at least your IP address is transmitted to Monotype when you visit our site.

For more information about privacy related to Monotype, please see Monotype's Privacy Policy (https://www.monotype.com/legal/terms-use).

We have entered into standard contractual clauses with Monotype to address the lack of or limited redress that may be available and the lower level of data protection in the U.S., unlike the EU.

2) Other third party cookies, plugins and other third party elements.

Otherwise, we do not use third-party cookies, plugins and other third-party elements that are relevant to data protection.

DISCLOSURE OF DATA

We do not transfer your personal data to third parties for purposes other than those listed below. We will only disclose your personal data to third parties if:

  • you have given your express consent to this in accordance with Art. 6 (1) p. 1 lit. a DSGVO,
  • the disclosure pursuant to Art. 6 para. 1 p. 1 lit. f DSGVO for the assertion, exercise or
  • defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that a legal obligation exists for the disclosure pursuant to Art. 6 (1) sentence 1 lit. c DSGVO, or
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you.

In addition, our order processors receive your personal data for processing in accordance with instructions, insofar as this is necessary for the fulfillment of the order. Our order processors do not have their own right to use your data.

INFORMATION ON THE TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY

We transmit data to third countries exclusively in accordance with the legal regulations. The permissibility of data transfer to third countries is governed by Art. 44 et seq. DSGVO. If we transfer your data to a third country, you will be informed about this in the special data protection information on the respective processing process, stating the respective legal regulation.

We use various cloud services as part of our service, e.g. US-based providers that also process personal data (name, email address and possibly others):

  • Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-7329, USA (for details on the use of personal data, see: https://privacy.microsoft.com),
  • Pipedrive Inc, 460 Park Ave South, New York, NY 10016, USA (for details on the use of personal data, see: https://www.pipedrive.com/en/privacy),
  • Freshworks Technologies Private Limited, Module - 1 & 2, 1st Floor, Block B, No 40, Global Infocity Park, MGR Salai, Perungudi Chennai - 600096, Tamil Nadu, India (For details on the use of personal data, please visit: https://www.freshworks.com/privacy/).

We expressly point out that no adequacy decision has yet been issued by the European Commission for the USA. We will only transfer personal data to a provider in the USA if you give us your express consent to do so after we have informed you about the risks of transferring your personal data to the USA. In addition, we have concluded the European Commission's standard contractual clauses with all U.S.-based providers in accordance with Article 46 (2) (c) of the GDPR and conducted transfer impact assessments for these providers, which allow us to assess the specific risks for personal data with each provider.

You can find the standard contractual clauses here:

https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32021D0914&from=DE

IS THERE AN AUTOMATED DECISION-MAKING PROCESS?

We do not use automated decision-making processes pursuant to Art. 22 DSGVO to initiate decisions on the establishment or performance of the business relationship that would have legal consequences for the data subject or similar significant negative effects on that person.

SSL ENCRYPTION

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

RIGHTS OF THE AFFECTED

You have the right:

  • in accordance with Art. 15 DSGVO to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 DSGVO to immediately demand the correction of incorrect or completion of your personal data stored by us;
  • pursuant to Art. 17 DSGVO to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
  • pursuant to Art. 20 DSGVO to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
  • to revoke your consent at any time in accordance with Art. 7 (3) DSGVO. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
  • complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office.

RIGHT OF OBJECTION

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation. If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to info [at] coparion.vc.