Data Privacy Policy

How we respect and protect your personal data. Whether you are a visitor at our website, a customer or an applicant, we are invested in protecting your privacy.

interpersonal GmbH and its employees take the protection of your data very seriously! Please carefully read the following privacy policy, as it relates to your rights and responsibilities when using this website under European and German data protection law. Please note any possible changes. This data privacy policy explains the way, the scope and purpose of processing your personal data (subsequently referred to as 'data') within our online services, the connecting websites, functions and content as well as external online presence, for example our social media profile (subsequently referred to as 'online offer'. Concerning the terms used here, for example 'processing' or 'responsible person/entity', please refer to the definitions in article 4 of the European General Data Protection Regulation (DSGVO). This privacy policy was last updated on: 01-02-2022.

By using this website career.aero as well as by clicking the “I accept the privacy policy” checkbox during registration, or by sending an application for an employing company on whose behalf we are providing services, you explicitly consent without any limitation or qualification, to the collection, processing and transfer of the personal information and data provided by you, according to the manner described in this policy (see below 'data protection notice for applicants).

You may revoke this declaration of consent at any time with effect for the future. Where this is the case, please use the following e-mail address: datenschutz@career.aero

Responsible Entity

interpersonal GmbH
Geschwister-Beschütz-Bogen 4
D-22335 Hamburg, Germany
e-mail: info@career.aero

Data protection officer

RA Hendrik Sievers,
Beck Service GmbH
Ericusspitze 4,
D- 20457 Hamburg

If the user submits a specific application in response to a job advertisement of SunExpress, the required data will be transmitted to and processed by the following companies:

SunExpress
Flughafen Kloten
8058 Zürich

CEO: Bernd Bauer
Verwaltungsratspräsident: Dieter Vranckx

Responsible entities acc. Art. 4 DSGVO are the respective companies. interpersonal GmbH processes the necessary data on behalf of these companies.

Data protection officer

Swiss International Air Lines Ltd.
Betrieblicher Datenschutzverantwortlicher
ZRHLX/DHL
Postfach
8058 Zürich Flughafen
Schweiz

Types of processed data

• Inventory data (e.g. name, addresses)
• Contact data (e.g. e-mail address, telephone numbers)
• Biographical data (e.g. date of birth, nationality) as far as these data are relevant for processing applications
• Qualification data (e.g. level of formal qualification, license data, language skills, test data) as far as these data are relevant for processing applications
• psychometric data (e.g. test results) for selection services.
• content data (e.g. text submissions, images, videos)
• Usage data (e.g. visited websites, interest in content, time of access)
• Meta- or communication data (e.g. device information, IP addresses)
• Working hours, account and payment data, as far as this is required to process recruitment services.

Particular categories of data according to article 9 paragraph 1 DSGVO are generally not processed via our online portal career.aero. Exempt are certain data concerning the health and/or conduct of users/applicants, as far as these data are either legally required or are necessary to exercise a particular career (e.g. Medical Certificate, Background Check/ZUP)

Categories of Data Subjects

• Visitors and users of the online portal career.aero
• Interested parties and applicants of our job ads and training offers
• Providers of job ads and training offers
• service providers
• employees and independent appraisers

All data subjects will subsequently be referred to as "users".

Purpose of Processing

• Making the online offer available with all its functions and content.
• Responding to contact requests and communication with users.
• Making available of staffing, recruitment and applicant management services.
• Security measures
• Measuring market range and marketing purposes

Terminology

"Personal data" is all information relating to an identified or identifiable natural person (subsequently: data subject). An identifiable person is defined as a person who can directly or indirectly be identified, particularly by allocation to an ID like a name, an ID number, location data, to online data e.g. cookies, or to a particular trait which is an expression of psychological, psychic, physiological, genetic, economic, cultural or social identity of the natural person.

"Processing" is every procedure carried out with or without the help of automatized processes or every series of procedures within the context of personal data. The term is broadly defined and encompasses practically all data handling.

"Pseudonymisation" is the processing of personal data in a way whereby specific data subjects can no longer be allocated without the enlistment of additional information, so long as the additional information is maintained separately and is subject to technical and organisational measures which guarantee that the personal data cannot be allocated to an identified or identifiable natural person. 

"Profiling" is every kind of automatized processing of personal data which consists of being able to use certain of personal aspects relating to a natural person to be able to evaluate these aspects to analyse or predict in particular the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location of the natural person. 

"Responsible entity" is defined as the natural or legal person, authority, agency or any other body which makes decisions about the means and purpose of processing personal data, whether alone or together with others.

"Processor" is a natural or legal person, authority, agency or other body which processes personal data on behalf of the responsible entity.

Relevant Legal Bases

Under stipulation of article 13 DSGVO we hereby inform you about the legal bases of our data processing. Insofar as the basis is not named in the data privacy policy, the following regulation applies: the legal basis for requesting consent is article 6 paragraph 1 lit. a and article 7 DSGVO. The legal basis for processing in order to fulfil our services and carry out contractual measures as well as responding to requests is article 6 paragraph 1 lit. b DSGVO. The legal basis for processing in order to fulfil our legal obligations is article 6 paragraph 1 lit. c DSGVO. The legal basis for processing and maintaining our legitimate interests is article 6 paragraph 1 lit. f DSGVO. In the case that the vital interests of data subjects or of other natural persons makes the processing of personal data necessary, then article 6 paragraph 1 lit. d DSGVO serves as the legal basis.

Security Measures

Under stipulation of article 32 DSGVO, taking into account technological progress, implementation costs and the kind, the scope the circumstances and the purpose of the processing, as well as the varying probability of occurrence and seriousness of the risk for the rights and liberties of natural persons, we take suitable technical and organisational measures in order to guarantee a level of protection appropriate for the risk at hand.

Included in these measures are in particular the securing of confidentiality, integrity and availability of data by controlling the physical access to the data as well as the respective access, entry, transmission, the securing of availability and its disconnection. Furthermore, we have established processes which guarantee the exercising of the data subjects and the deletion of data and reaction to endangerment of the data. In addition, we take into consideration the protection of personal data when developing or selecting hardware, software as well as processes according to the principle of data privacy by design and by data privacy-friendly settings (article 25 DSGVO). Among other things, our data are encrypted with the latest technology before transmission.  

Cooperation with Third Parties

Generally, all data are handled with extreme confidentiality and not passed on to third parties except in the following specific cases.

Provided that a user, during the process of a specific application for a job description at a company explicitly agrees to the disclosure of his personal registration and application data to particular employing companies in a separate data release declaration, then only the legitimate authorities of that company receive access to their data for a specific purpose.

Provided that the user, in the process of a job application or the creation of his profile, explicitly and separately agrees to the disclosure of his personal data to a particular employing company, then only the legitimate authorities of that company receive access to his data for a specific purpose.

We provide data processing-, technology- and related services for applicant management (also termed as "hosted career sites") to leading employing companies, so as to support the recruitment on the websites of these companies and to provide services in applicant management. The data and information provided by users on this site are processed by interpersonal GmbH under stipulation of this data privacy policy and are handled with extreme confidentiality. Only with the explicit consent of the user are they made accessible to the concerned companies.

Provided that within the framework of our data processing we disclose, transmit or otherwise grant other persons and companies (processors or third parties) access to the data, then this only takes place on the basis of a legal permission (e.g. when a transmission of data to third parties, such as a payment provider, is necessary for contractual obligations according to article 6 paragraph 1 lit. b DSGVO, when you as a user have agreed when a legal obligation requires this (e.g. in justified exceptions regarding the aviation or criminal punishment authorities for the safety in aviation) or on the basis of our legitimate interests (e.g. during deployment of agents, webhosts etc.). 

Provided that we contract third parties with the processing of data on the basis of a so-called "order management contract", this happens on the basis of article 28 DSGVO.

We and the employing companies selected in a separate declaration of consent by the user process the lifted data in aggregated and completely anonymised form for internal company purposes (e.g. needs analysis), quality assurance or scientific purposes.

Transmission in Third Countries

If we process data in a third country (i.e. outside of the European Union (EU) or of the European Economic Area (EEA)) or disclose these in the context of the use of services of third parties, or if any data is passed on to third parties, this takes place only if it fulfils our (pre)contractual obligations, on the basis of the user’s explicit consent, or on the basis of legal obligations or our legitimate interests. Subject to legal or contractual permissions we process the data or have it processed in a third country only when the special legal requirement is provided as stipulated in article 44 ff. DSGVO. That means the processing takes place on the basis of particular guarantees, like the officially recognised declaration of a corresponding data privacy policy (e.g. for the USA the "privacy shield"), or on the basis of the observation of officially recognised contractual obligations (so called "standard contractual clauses")

Your Rights as a Data Subject

You have the right to demand a confirmation whether the affected data is being processed and to receive details about this data as well as further details and a copy of the data in accordance with article 15 DSGVO. In accordance with article 16 DSGVO you have the right to demand the completion of data relating to you or the correction of incorrect data relating to you.

Under stipulation of article 17 DSGVO you have the right to demand that data concerning you be immediately deleted, or alternatively under stipulation of article 18 DSGVO to demand a restriction of the data processing.

You have the right to demand to receive the concerned data which you have provided us according to article 20 DSGVO and to demand their transmission to other responsible entities. In addition, you have the right, according to article 77 DSGVO to submit an official complaint to the corresponding supervisory authorities.

Right of cancellation

In accordance with article 7 paragraph 3 DSGVO, you have the right to revoke any given consent with effect for the future.

Right of Objection

In accordance with article 21 DSGVO, you can object to the future processing of the data concerning you at all times. The objection can be made in particular against the processing for purposes of direct advertising.

To exercise these rights please contact us directly using the e-mail address: service@career.aero

Cookies and Right of Objection to Direct Advertising

Cookies are defined as small files which are stored on the user's computer. Various information can be stored within the cookies. Primarily a cookie is designed to save information about a user, or about their device during their visit to an online offer. "Temporary cookies", "session cookies" or “transient cookies" are cookies which are deleted after the user leaves the online offer and closes the browser. In such a cookie, information such as the content of a shopping basket or a login status can be saved. "permanent" or "persistent cookies" are defined as cookies which remain stored after closing the browser. In this way the login status can be saved when the user reopens it days later. In the same way, the user's interests can be saved in such a cookie, which can be used for range measurement and marketing purposes. Third-Party cookies are defined as cookies which can be offered by other providers other than the responsible entity operating the online offer (otherwise if it is only the online offer’s cookies, one speaks of "first party cookies").

We can use temporary and permanent cookies and clarify this process in our data privacy policy.

If users do not want cookies to be stored on their computer, they are prompted to deactivate the corresponding option in their settings. Deactivating cookies can lead to restricted functionality and unavailability of some services.

A general rejection of the use of cookies for purposes of online marketing, especially in the case of tracking but also for many other services, is explained at the American site http://www.aboutads.info/choices/ or the European Union site http://www.youronlinechoices.com/ Furthermore you can manage to deactivate cookies being saved using your browser settings. Please note that this can lead to a limited or restricted functionality.

Your Obligations

If you provide us data with a personal point of reference, you are obliged to ensure that the affected person is notified and has agreed to the transmission of their personal data (e.g. e-mail address, telephone number). We cannot assume responsibility for compliance to these data protection regulations in this case. If you as a user transfer data via the online portal career.aero by starting a registration process, an application a job advert or any other creation, these data may not contain any details concerning racial or ethnic background, political opinions, philosophical or religious beliefs or sexual orientation. Details regarding committing of infringements, crimes, criminal trials or other relating penalties, fines, dependencies or physical and mental health are only permitted in a few select security-relevant professions (e.g. passenger airplane pilot).

In order to ensure a high level of data privacy, every user is obliged to keep their personal login credentials strictly confidential!

Alteration and Deletion of Data

The data we process are deleted or are subject to limited processing according to the stipulation in article 17 and 18 DSGVO. Unless otherwise specified in the following data privacy policy, the data we save will be deleted as soon as they are no longer required for their specific purpose and no legal retention requirements hinder this.

If you would like to change your profile data, you can also do so at any time by accessing your account and selecting the “Maintain applicant profile” option. Please note that doing so will not automatically change the data you possibly used to apply for a position with an employer at an earlier date.

In submitting your registration and/or submitting your application you explicitly consent to the policy that registration/application data will be kept for a period of 5 years in the application system to cover longer qualification and periods of creditable selections as well as possible periods of re-application.

If you would like to close your account (delete registration) and erase your data in the application system, please contact us at: service@career.aero. We will delete your personal details and send you a confirmation e-mail. If your data is or was used for the purpose of a specific application to an employing company, or requested by an employing company to post a profile or job application, and the rights of these companies are affected, data might remain in the files of the employing company for a limited time under the full authority and responsibility of the employing company compliant with the data protection policies of this company. This can apply to data for which there is a legal burden of proof for the employing company, e.g. in order to fulfil the Equal Treatment Act (AAG) or to data which must be kept due to commercial or tax regulations, e.g. proof of travel reimbursements are archived according to the corresponding fiscal law.

In accordance with legal requirements in Germany, storage of books, records, reviews of operations, booking receipts, trading books or documents relevant for taxation takes place for 10 years according to §§ 147 paragraph. 1 AO, 257 Paragraph. 1 Nr. 1 and 4, paragraph. 4 of the German Commercial Code. Moreover, it can take place for 6 years for trading documents and letters in accordance with § 257 paragraph. 1 Nr. 2 and 3, paragraph. 4 of the German Commercial Code.

According to legal requirements in Austria § 132 paragraph. 1 BAO (Federal Fiscal Code) bookkeeping documents, receipts and invoices, accounts, business papers, statements of revenue and expenditure etc., can be kept for up to 7 years, for 22 years within the context of property lots, and for 10 years with documents regarding electronically rendered services, telecommunications, radio and television services for non-entrepreneurs in EU member states and for whom the Mini-One-Stop-Shop (MOSS) is used.

Business related processing

In addition, we process the:

• Contract data (e.g. contract clauses, duration, customer category)
• Payment data (e.g. Bank account number, payment history)

of our customers, interested parties, and business partners for the purposes of contractual services, service and customer care, marketing, advertising and market research.

Agency Services

We process the data of our customers within the frame of our contractual services which include staffing and recruiting services, advisory services, concept and strategic consulting, campaign planning, software and design development and maintenance, execution of campaign and processes/handling, server administration, data analysis/consultation services and training services.

In this case we process inventory data (e.g. customer master data like name and address), contact data (e.g. e-mail address, telephone numbers), content data (e.g. text entries, images, videos), contract data (e.g. contract objects, duration), payment data (e.g. bank account number, payment history), usage and metadata (e.g. in the context of evaluation and success measuring of marketing measures).

There are particular categories of personal data that we generally do not process in this context, except when these are content-related constituents of a contracted processing. Included in the data subjects are our customers, interested parties as well as their customers, users, website visitors, employees as well as third parties. The purpose of processing such data is for the fulfilment of a contracted service, invoicing and after sale services.

The legal basis for this processing is Article. 6 paragraph. 1 lit. b DSGVO (contractual services), Article. 6 paragraph. 1 lit. f DSGVO (analysis, statistics, optimisation, security measures). we process data which are required for justification and fulfilment of contractual services and draw your attention to the necessity of their disclosure. A disclosure to external parties will only happen if it is required within the framework of a contract. When processing the data within the framework of a contractual agreement, we only act according to the instructions of the contractor as well as the legal requirements for job processing in accordance with article 28 DSGVO. We process the data only for the contractual purpose and for no other purpose.

We delete these data upon expiry of legal warranty and comparable obligations. The necessity of keeping the data will be controlled every three years. In the case of a legal archiving obligation, the deletion will take place after its expiry (6 years, in accordance with. § 257 paragraph. 1 German Commercial Code, 10 years, in accordance with. § 147 paragraph. 1 Federal Code. In the case of data which have been disclosed to us within the framework of a contract given by a contractor, we delete the data according to the regulations stated in the contract, generally upon completion of the contract.

Consultency, Recruiting & Selection Services

We provide employing companies and training providers with consulting and recruiting services for the selection of appropriate applicants for their business. We process the data of these contractors or contracting parties as well as the applicant's data in accordance with article 6 paragraph 1 lit. b DSGVO, in order to fulfil our (pre) contractual services. The data we process in this case, the kind, scope and purpose of the processing are determined by the underlying contractual relationship as well as the legal regulations. The following data are included in the processing: customer master data, name and address, contact data and the contract data (e.g. e-mail address, telephone, the contracted services, remuneration, bank account number, payment history etc.). of the contracting companies and their legitimate parts (e.g. consultants and surveyors).

Provided it is legally required or to fulfil a contract, we disclose these data of the client companies within the contact of communication with other experts (e.g. consultants), third parties who are required to fulfil the contract or typically involved third parties (e.g. accounting offices or comparable service providers), provided this takes place in order to fulfil our contractual requirements in accordance with article 6 paragraph 1 lit. b DSGVO, is legally prescribed or happens within a prior agreement in accordance with article 6 paragraph 1 lit. a, article 7 DSGVO.

The deletion of these data takes places when the data is no longer necessary for the contractual or legal obligations as well as for the possible warrant of any other obligations. However, the necessity of keeping the data is checked every three years and otherwise the usual legal retention laws apply here.

Within the context of these services, relevant applicant data are also processed which applicants provide when applying or being consulted during the selection process. Insofar as this is required we can process psychometric data and particular data categories according to Article. 9 paragraph. 1 DSGVO, in particular data regarding health, personality and the committing of infringements, crimes or criminal cases, other connected criminal cases, penalties and fines, dependencies or psychological or mental health of applicants. This is only permitted in a few select security-relevant professions (e.g. passenger airplane pilot). In this case we will request the permission of the applicant if this should be necessary (according to Article 6 paragraph 1 lit. a, article 7, article 9 paragraph 2 lit. a DSGVO. In all other cases we process the data according to Article 9 paragraph 2 lit. h DSGVO, § 22 paragraph. 1 Nr. 1 b. Federal Data Privacy Act.

The deletion of these data takes place subject to any legally necessary burden of proof at the point in time agreed at the time of permission, (see above "Deletion of Data"

Contractual Services

We process the data of our client companies, interested parties, other contractors, customers, mandates, clients (subsequently referred to as "client companies", in accordance with article 6 paragraph 1 lit. b DSGVO to be able to fulfil our (pre) contractual services. The processed data, the type, scope, purpose and necessity is determined by the underlying contract. The following data are included in the processing: customer master data, name and address, contact data and the contract data (e.g. e-mail address, telephone, the contracted services, remuneration, bank account number, payment history etc.). of the contracting companies and their legitimate parts (e.g. consultants and surveyors).

There are particular categories of personal data that we generally do not process in this context, except when these are content-related constituents of a contracted processing. Included in the data subjects are our customers, interested parties as well as their customers, users, website visitors, employees as well as third parties. The purpose of processing such data is for the fulfilment of a contracted service, invoicing and after sale services.

The legal basis for this processing is Article. 6 paragraph. 1 lit. b DSGVO (contractual services), Article. 6 paragraph. 1 lit. f DSGVO (analysis, statistics, optimisation, security measures). we process data which are required for justification and fulfilment of contractual services and draw your attention to the necessity of their disclosure. A disclosure to external parties will only happen if it is required within the framework of a contract. When processing the data within the framework of a contractual agreement, we only act according to the instructions of the contractor as well as the legal requirements for job processing in accordance with article 28 DSGVO. We process the data only for the contractual purpose and for no other purpose.

Within the framework of our online services being contracted, we may store IP addresses and the point of time of the user action. The storage is based on our legitimate interests as well as the interests of our users to protect against misuse and other improper use. Transmission to third parties generally does not take place, unless it is necessary for the pursuit of our requirements in accordance with article 6 paragraph 1 lit. f. DSGVO or if any legal obligations are present according to article 6 paragraph 1 lit. c. DSGVO.

We delete these data upon expiry of legal warranty and comparable obligations. The necessity of keeping the data will be controlled every three years. In the case of a legal archiving obligation, the deletion will take place after its expiry (6 years, in accordance with. § 257 paragraph. 1 German Commercial Code)

Administration, Accounting, Office Organisation, Contact Administration

We process data as a part of our administrative tasks as well as the operation of our business, accounting and fulfilment of legal obligations, for example archiving. In this case we are processing the same data that we process in order to fulfil our contractual services. The legal basis for this is article 6 paragraph 1 lit. c. DSGVO, article 6 paragraph 1 lit. f. DSGVO. The data subjects in this case are customers, interested parties, business partners and the visitors to the website. Our interest in processing these data serves purposes in the administration, accounting, office organisation, archiving of data, etc., in other words, tasks which are necessary for the upkeep of our business operations, the fulfilment of our offered services. The deletion of the data regarding contractual services and contractual communication corresponds with the above named processing operations.

During this process we disclose or transmit your data to the financial authorities, consultants e.g. tax advisors or auditors, as well as other points of payment and payment providers.

Furthermore, based on our business interests we save data concerning service providers, event managers, and other business partners in order to relieve future contacting. In general, we save these data, the majority of which are business-related data, permanently.

Business Analysis and Market Research

In order to operate our business economically, to be able to recognise market trends and the preferences of our customers and users, we analyse the data provided to us from business procedures, contracts, requests etc. We analyse customer master data, communication data, contract data, payment data, user data, metadata in accordance with article 6 paragraph 1 lit. f. DSGVO. Included in the data subjects are contract partners, interested partners, customers, visitors and users of our site.

The analyses take place for reasons of economic evaluation, marketing and market research. For this we take into account the profiles of the registered users with data, e.g. the services they make use of. The analyses help us to improve our user experience, optimise our online offers and our economic efficiency. The analyses serve only our interests and are not disclosed to third parties, provided we are not dealing with anonymous analyses and summarised values.

Provided the analyses or profiles are personal, they will be deleted or made anonymous when users terminate their contracts, otherwise two years after conclusion of contract. In all other cases, business and economic analyses will be compiled anonymously. 

Data Privacy Notice for the Application Process

We process the applicant data exclusively within all legal boundaries and only for purposes and in the framework of the application process in order to initiate an employment relationship.

The processing of applicant data takes place in accordance with article 6 paragraph 1 lit.  b. DSGVO and article 6 paragraph 1 lit. f. DSGVO in order to fulfil our (pre) contractual obligations within the framework of the application process, provided that the data processing is legally necessary (In Germany § 26 BDSG Federal Data Protection Act applies additionally).

The application process requires applicants to provide applicant data. The necessary data are marked accordingly and result from the job specifications or the requirements of the employing company. In general, these data include details to the person, postal address and all documents and evidence required for the application e.g. letter of motivation, curriculum vitae, references, as well as proof of aviation experience, such as licence data, certificate of air worthiness, background checks. In addition, applicants may give other details.

By submitting an application the applicant consents to the processing of his/her data in the way and scope described in this data privacy policy for the purpose of the application process expressly agrees that the data of a specific application process for an employing company (application data) may be stored in the career.aero application system for a period of 5 years after the application has been completed or latest changed in order to facilitate longer-term qualification processes and, if necessary, to enable the recognition of selection levels and / or reapplications according to certain terms or periods set by the employer.

As far as any sensitive personal information is disclosed within the framework of the application process in terms of article 9 paragraph 1 DSGVO, the processing of these data happens in accordance with article 9 paragraph 2 lit. b. DSGVO (e.g. health records such as a severe disability). Provided any sensitive personal data are required within the framework of the application process, the processing takes place in accordance with article 9 paragraph 2 lit. a. DSGVO (e.g. biometric data, health records), if these data are required for aeronautical regulations. 

If an applicant requests the deletion of his application data in accordance with Art. 17 DSGVO, revokes his consent stipulating Art. 7 paragraph 3 DSGVO or objects to the future processing of his personal data stipulating Art. 21 DSGVO, then his data will be deleted or archived in accordance with the aforementioned regulation.
If a deletion of partial data is requested, e.g. an individual application, then generally all application data and registration data will be deleted, as complete deletion of all application and applicant data is required in accordance with Art. 17 and Art.18 and every application uses registration data (e.g. name, address etc.)

The processing of all data via the internet portal career.aero is all encrypted using the latest cutting-edge technology. If applicants transmit data to us it shall be noted that e-mails are generally not encrypted and applicants must take responsibility for encryption themselves. Therefore, we cannot take on any responsibility for the applicant's transmission route between sender and receiver on our server and recommend using the upload function on the online portal.

If an applicant makes use of the option of uploading an application photo or video to his/her application documents, he/she hereby consents agrees to the collection, storage and use of theses image data solely for the purpose of possible employment with the employer. Image and video data are only shared with the employer's authorized bodies. The upload of application photos and videos is completely voluntary.

Talent Pool

In the course of the application we offer applicants the option of being affiliated in our "talent pool" for a time period of five years based on consent in terms of article 6 paragraph 1 lit. b. and article 7 DSGVO. The application documents in the talent pool are processed only within the confines of future job advertisements and recruitment and will be deleted on conclusion of the deadline at the latest. Applicants are instructed that consent for being recorded in the talent pool is voluntary and can be revoked or objected to at all times with effect for the future in accordance with article 21 DSGVO. 

The disclosure of applicant data from the talent pool to interested parties, employing companies shall only take place with the previous expressed consent of the applicant.

Registration Function

Users can set up an account. The registration is free of charge. In the scope of the registration, the users are informed about mandatory data, and these data are processed in accordance with article 6 paragraph 1 lit. b. DSGVO for purposes of creating the user account. Included in the processed data in particular are the log-in data (name, address, password, e-mail address and basic profile data). The data which are processed in the course of registering are only used for purposes of the user account and its purposes and can be used by the applicant to easily and repeatedly create applications for numerous companies. 

The users can be informed about information relevant to their account via e-mail, for example technical data. Once users have terminated their account, the data in respect to their account will be deleted with the exception of any legally required data. We are entitled to reject registration data or delete it if it violates legal regulations, is being used inappropriately or because of other serious reasons.  

In the course of the use of our registration and sign-in functions and the user account, e store the IP address and the point of time of the user's action. This storage takes place bases on our legitimate interests and also the interests of the user to avoid improper use. These data are generally not transmitted to third parties, unless there is a legal obligation to do so as described in article 6 paragraph 1 lit. c DSGVO.

Making contact

When contact is established to us, (e.g. via e-mail, telephone or social media) the user's data are processed in order to handle and settle the communication in accordance with article 6 paragraph 1 lit. b. DSGVO. The user's data may be stored in a customer Relationship Management System or similar system. 

We delete requests insofar as these are no longer required. We check this necessity every two years, otherwise legal storing obligations apply.

Newsletter

In the following notes, we shall inform you about the content of our newsletter as well as the sign-in, sending and statistical evaluation procedure including your rights of objection. By subscribing to our newsletter you consent to receiving our mail and to the procedure described below. 

Content: we send newsletters, e-mails and further electronic notifications with employment and training offers and other advertising information (subsequently termed "newsletter") only with the consent of the receiver or a legal permission. 

Double opt-in and logging: signing up for our newsletter happens in a so-called double opt-in process. This means you receive an email after registering in which you are requested to confirm your sign-up. This confirmation is necessary so that no one can sign up using someone else's email address. The sign-up for the newsletter is logged to be able to prove this for legal demands. This includes the storing of sign-up, the point of time of the confirmation as well as the IP address. Additionally, we save any changes in data at the messaging provider. 

Login-data: in order to sign up for the newsletter it is sufficient to provide your email address. Optionally we may ask you for your name in order to enable direct communication.

The sending of the newsletter and the connected success measurement take place based on consent of the recipient in accordance with article 6 paragraph 1 lit. a. and article 7 DSGVO in connection with article 7 paragraph 2 nr. 3 UWG, or in the case that consent is not necessary, this is based on our legitimate interest in direct marketing in accordance with article 6 paragraph 1 lit. f. DSGVO in connection with article 7 paragraph 3 UWG.

The logging of the sign-up procedure takes place based on our legitimate interests in accordance with article 6 paragraph 1 lit. f. DSGVO. Our interest is directed at a user-friendly and secure newsletter system, which serves our business interests as well as the expectations of the user and further permits the proof of consents.

After consenting via the double opt-in method, our newsletter subscribers receive a newsletter that provides them information about current job offers available on career.aero. You can unsubscribe from this newsletter at any time, your email may be stored for up to three years based on our legitimate interests before being deleted, in order to be able to prove previous consent. you can unsubscribe by a) clicking on the respective link at the bottom of the newsletter b) calling up the link below and completing the deregistration process: http://seu1.cleverreach.com/f/60118-123165/wwu/ or c) sending an e-mail to press-inbox@career.aero.
Our newsletter is sent via the Germany-based provider CleverReach (Cleverreach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany). To this end, your e-mail address and your stated interests are transferred to CleverReach and stored there in such a manner that third parties have no access to this data. You can find more information about this on the CleverReach website. CleverReach is a certified member of the Certified Senders Alliance. In our html newsletters, we measure clicks and openings. Learn more about this at CleverReach. This messaging service is used based on our legitimate interests and in accordance with article 6 paragraph 1 lit. f DSGVO. 

Newsletter - Success Evaluation

o this we and or our hosting providers process master customer data, content data, contract data, user data, meta and communication data of customers, interested parties, and visitors to our sites, based on our legitimate interest in an efficient and secure offer in accordance with article 6 paragraph lit. f. DSGVO in connection with article 28. DSGVO (contract for processing of data)

Hosting and Dispatch of E-mails

The hosting services we use serve purposes of making available the following services: infrastructure and platform services, computing performance, storage capacity and databank services, e-mail dispatching, security services as well as technical maintenance which we use to operate our online services.

In doing this we and or our hosting providers process customer master data, contact data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to our sites. This is bases on our legitimate interest in an efficient and secure providing of our online services in accordance with article 6 paragraph 1 lit. f. DSGVO in connection with article 28 DSGVO (agreement contract for processing of data).

Lifting of Login Data and Log Files

On the basis of our legitimate interests in terms of article 6 paragraph 1 lit. f. DSGVO, we and or our hosting providers lift data about every access to the server, on which our services take place (so called server log files). Included in the access data are the name of the fetched website, file, time and date of retrieval, transferred data volume, confirmation of successful retrieval of data, browser type and version, operating system of the user, referrer URL (last visited site), IP address and the requesting provider.

Log file information are saved for a maximum of seven days and thereafter deleted due to security reasons, e.g. clarification of improper use or fraud. Further storage may happen in the exceptions where proof is necessary in case of such as incident.

MS Teams

Data protection information in accordance with Art. 13, 14 GDPR for employees, business partners and applicants

We use Microsoft Teams to conduct conference calls, online meetings and / or video conferences and video interviews. Microsoft Teams is a service from Microsoft Ireland Operations, Ltd. For this we have concluded a contractual agreement with the provider. Various types of data are processed when using Microsoft Teams. The scope of the data also depends on the information you provide before or when participating in an online meeting.

The following personal data are processed:
• User information: display name, email address, profile picture (optional)
• Meeting metadata: e.g. B. Date, time, meeting ID, possibly telephone number, possibly location
• Text, audio and video data: You may have the option of using the chat function in an online meeting. In this case, the text entries you have made are processed in order to display them in the online meeting.

In order to enable the display of video and the playback of audio, the data from the microphone of your end device and a video camera of the end device are processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the "Microsoft Teams" applications.

The online meetings are not recorded. If a recording is made in special cases, the consent of the interlocutor will be obtained in advance.

If video interviews are used in the course of selection services, these will only be carried out after prior agreement with the interlocutors. Such consent is only given voluntarily. Refusing to consent to the video interview has no effect on the outcome of the application process.

If there is no contractual relationship with you, the legal basis for the processing of your personal data is Article 6 (1) (f) GDPR, our legitimate interest in the effective implementation of online meetings.

Further information on how Microsoft processes data can be found here:
https://docs.microsoft.com/de-de/microsoftteams/teams-privacy

Google Analytics

On the basis of our legitimate interests, for optimisation and economic running of our website, this website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files saved on your computer, to help the website analyze how you use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. If this website anonymizes IP addresses, your IP address will be truncated by Google within a EU member state or other EEA state before being transmitted to the US. Only in exceptional situations will your full IP address be transmitted to Google servers in the United States and truncated there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can also prevent Google from collecting information (including your IP address) via cookies and processing this information by downloading this browser plugin and installing it: https://tools.google.com/dlpage/gaoptout

You can prevent data collection via Google Analytics by clicking here. An "Opt-out Cookie" shall then be applied to your website which shall prevent any future collection of your data when visiting this website.

Further information concerning the terms and conditions of use and data privacy can be found at the Google Analytics Terms of Service or at the Google Analytics Privacy Overview. Please note that on this website, Google Analytics is supplemented by "gat._anonymizeIp();" to ensure anonymized collection of IP addresses (IP masking).

The personal user data will be deleted or anonymised after 14 months.

Google AdWords and Conversion Measurement

On the basis of our legitimate interest in the analysis, optimisation, and economic running of our web services in terms of article 6 paragraph 1 lit. f. DSGVO, we use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, („Google“). We use Google AdWords to advertise our website in Google search results and on third-party websites. For this purpose, when you visit our website, the so-called remarketing cookie of Google is set on your browser, which allows the automatic displaying of interest-based advertising using a pseudonymous cookie ID and information about your website visits. This serves the protection of our legitimate interests in the optimal marketing of our website according to art. 6 (1) 1 lit f GDPR that are overriding in the process of balancing of interests.

Any data processing that goes beyond that scope takes place only if you have allowed Google to associate your web and app browsing history with your Google account and to use information from your Google account to personalise ads that you see across the web. If, in such a case, you visit our website while being signed in to Google, Google will use your data together with Google Analytics data to build and define audience lists for cross-device remarketing. For this purpose, Google will temporarily join your data with Google Analytics data to build audiences.

Google AdWords remarketing is offered by Google LLC (www.google.com). Google LLC is headquartered in the USA und and is certified to the EU-US-Privacy Shield. You will see the up-to-date certificate here. Based on this agreement between the USA and the European Commission, the latter has recognised entities certified to the Privacy Shield as those ensuring an adequate level of data protection.

You can disable the remarketing cookie via this link. In addition, you can obtain information about the setting of cookies from the Digital Advertising Alliance and accordingly adapt the settings of your browser.

Online Presence in Social Media

We maintain online presence on various social media networks and platforms so as to communicate with customers interested parties and users and inform them about our services. When retrieving the sites of these networks and platforms, the terms and conditions of the respective operators apply.

Provided it is not stated elsewhere in our privacy policy, we process the user data insofar as the users communicate with us on the social media and platforms, for example written contributions on our posts or messages sent to us.

Integration of Services and Content provided by Third Parties

In our online services we use content or service offers of third-party providers. This happens bases on our legitimate interests (this means interest in the analysis, optimisation and economic running of our online services in terms of article 6 paragraph 1 lit. f. DSGVO. We use these services and content in order to integrate them into our site e.g. videos or fonts (subsequently termed "content")

This requires that third party providers of this content recognise the IP address of the user as they can otherwise not send the content to the user’s browser. The IP address is therefore necessary in order to display the content. We go to efforts to only use content of which the respective providers only use your IP address for displaying the content. Third party providers may use so called pixel-tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. Using the pixel tags, data such as user traffic on the pages of the website can be analysed. Furthermore, the pseudonym data can be stored in cookies and contain other technical details such as browser and operating system, linking websites, duration on the site, as well as other usage data and information connected with other sources.

YouTube

We incorporate videos of the "YouTube" platform of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Google Fonts

We incorporate ("Google Fonts") from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Google Maps

We incorporate Maps services by “Google Maps” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Included in the processed data are in particular IP addresses and location data of the user, which are however not lifted without the consent of the user (usually done in the context of the device settings). The data may be processed in the USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Google Tag Manager

Google Tag Manager is a solution with which we can administrate so-called website-tags via a user interface (and therefore integrate Google Analytics as well as other Google marketing services in our web services). The tag manager itself (which implements the tags) does not process any user data. Concerning the processing of personal user data, we refer you to the Google Services Usage Guidelines https://www.google.com/intl/de/tagmanager/use-policy.html.

For all further questions about our Privacy Policy, please feel free to contact us at the e-mail address: service@career.aero