Data protection information


for applicants

Data protection information for applicants

Dear applicant,

You have applied to us. We are very pleased about that. We want (and must) use this information to draw your attention to data protection with regard to your data. This data protection information refers to applicant data (if you are not one, please feel free to read it).

Our data protection declaration (to be found here: www.nabtesco.de/en/privacy-policy) refers to a large extent to our internet presence. We could certainly include the obligation to provide information on the collection of personal data from applicants, but this would be detrimental to the overview. And this is not in our interest, and certainly not in yours.

Ultimately it is about informing you about the collection of your data sent to us. Clear and understandable. We all don't have time, they say, not to read every data protection notice (but we would like to invite you to do so, data protection concerns us all and what is primarily important is not that someone, we, do something, but that is nothing unexpectedly surprising here).

But now in detail what and we process personal data, for what purpose, on what basis and what your rights are, in short, the duty to inform according to Article 13 GDPR.

Responsible and Data Protection Officer

Legal basis

The legal basis for the processing of your data is primarily based on Article 6 para. 1 lit. b GDPR, Article 88 para. 1 GDPR and §26 para. 1 BDSG-nF.

After all, your application (for a specific job advertisement or unsolicited application) involves the implementation of (pre)contractual measures for an employment relationship and is therefore necessary. The purpose of the processing is the applicant management (examination and assessment of your suitability for the position to be filled).

If a termination occurs, the basis is Article 6 (1) (c) and (e). We are also subject to laws such as the Works Constitution Act, the Social Security Code, commercial and tax laws or the Anti-Terror Law and others. The purposes include identity and age verification, fraud and money laundering prevention, company health management, guaranteeing work safety, fulfilment of tax control and reporting obligations and auditing by tax consultants and authorities.

Of course, like you, we also have a legitimate interest, we are looking for employees and you are looking for a new employer.

Which data we process

Your data sent by you. That would be a bit easy, in general this is the following data:

  • Master data (first name, surname, name supplements date of birth)
  • Skill data (special knowledge and skills)
  • Telephone number (landline/mobile)
  • If necessary, work permit/ residence title
  • Contact details (address, mobile, landline number, e-mail address)
  • If necessary, health suitability
  • covering letter
  • Further data (curriculum vitae, grades, employment periods, testimonies)

We may use other personal data that was not collected directly from you. We can obtain further data via publicly accessible sources, including social networks.

If it is an employment agency, we also receive data from third parties.

Who will now receive your data

Within our company, only the persons or organisational units who need your data to fulfil our contractual and legal obligations (such as managers and specialists who are looking for a new employee or are involved in the decision on staffing, accounting, company physician, occupational safety, employee representatives, etc.) or within the scope of the processing and implementation of our legitimate interests receive it.

Your data will not be disclosed to third parties. This is important to mention, even though it should be common sense. We would also need your consent for this.

In case of a possible hiring please look under "legal basis", because in this case we are obliged to pass on data (tax authority). And also contract processors who process data on our behalf need your data (credit institutions, tax consultants, travel agencies, post office and others).

Deletion of data

In principle, we delete personal data if there is no requirement for further storage. More precisely: A requirement can exist if data is still needed to fulfil contractual services, in particular to be able to ward off possible claims against us (or to check warranty and, if necessary, guarantee claims). In the case of statutory retention obligations, deletion is only possible after expiry of the respective retention obligation.

What exactly does this mean? In the event of a cancellation, we will delete your data two months after delivery of the cancellation to you. Basis for this is §15 Abs. 4 AGG. In principle, application data will be deleted by us after 6 months at the latest (or, if received by post, sent back to you for our relief). Exceptions are current job interviews or procedures, in which case the period for deletion is extended by an additional two months until hiring or rejection.

With a hiring, your data will be deleted after the hiring process has taken place or on the day of the hiring, yes after what occurs earlier.

This also applies to correspondence for applications via e-mail.

Your rights as a data subject

You have the right to information about your personal data. Please contact the above contacts here. If the request for information is not made in writing or cannot be verified in any other way, you must expect us to make inquiries. Why? Well, we need to make sure you're the person you impersonate.

Also the correction, deletion or restriction is your right, as far as this is legally entitled to you.

You also have a right of objection against the processing within the framework of legal requirements. Should a right of objection be asserted against a processing which takes place on the basis of our weighing of interests, we will examine this carefully.

Last but not least, there is the right of data transferability within the framework of legal requirements.

Right of appeal

You can complain about us to the competent supervisory authority regarding the processing of your personal data.

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf