1. GENERAL NOTICE
Protecting your privacy is important to us. With the following data protection declaration, we explain to you which personal data we process from you when you visit our website or use our online services, or more generally when we provide services for you. Our aim is to make it easy to read and understand. Accordingly, we explain important terms at the beginning of the chapter.
We collect and process your personal data carefully and only for the purposes described in this data protection declaration and only to the extent necessary for this purpose and within the framework of the applicable legal provisions. We retain your personal data only to the extent and for as long as necessary to provide our services or as required by law. In close cooperation with our hosting providers, we make every effort to protect the databases from unauthorized access, loss, misuse or falsification.
2. DATA PROTECTION STATEMENT
The following are responsible for compliance with the applicable data protection regulations
Callista Group AG
Callista ACE AG
Callista Digital AG
Callista ISS GmbH
If you have any concerns regarding data protection, you can send them to us at the following contact address by email: email@example.com and/or call us at: +41 43 540 56 85.
3. CONSENT PROCESSING OF PERSONAL DATA
Consent shall mean the following: Any freely given indication of the data subject’s wishes for the specific case, in an informed and unambiguous manner, in the form of a statement or other unambiguous affirmative act by which the data subject signifies that he or she consents to the processing of personal data relating to him or her.
Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This means specifically that personal data, such as name, address or e-mail address are collected on a voluntary basis and stored only with consent.
Data that cannot be directly related to your person is stored by us on the server for statistical purposes. This happens in the context of the use of our website, because data such as accessed pages or names of the accessed file, date and time are stored.
If a data subject contacts the controller by e-mail, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller will be stored for the purpose of processing or contacting the data subject. No disclosure of this personal data to third parties takes place.
We primarily process personal data that is fundamental in the context of carrying out our business activity / purpose. In doing so, we distinguish data of three categories of persons: candidates, employees and business partners (so-called customers).
For the group of candidates in the context of the application and application process, we refer to the following data protection:
The controller collects and processes the personal data of candidates for the purpose of handling the application procedure. The processing may also take place electronically. This is particularly the case if an applicant sends corresponding application documents to the controller by electronic means, for example by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be deleted upon request after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion.
In the case of the two categories, employees and customers, we point out the following handling: Here, only the data that is necessary within the framework of legal and contractual regulations (e.g. tax regulations, employment law) is collected and stored. For the conclusion of the contract it is necessary that the person concerned provides us with personal data. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. As soon as the basis for the collection and storage ceases to apply, the data will be deleted on request in compliance with the statutory retention period.
4. PURPOSES OF DATA PROCESSING AND LEGAL BASES
Data processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
We use the Personal Data we collect primarily, for the purpose of administering and screening, and for the placement and referral of suitable candidates with our clients. Furthermore, we use the data to conclude and process our contracts with our employees, customers and business partners, in particular in the context of our services with our employees and the procurement of services for our customers, as well as to comply with our legal obligations in Germany. If you work for such a customer or business partner, your personal data may of course also be affected in this capacity.
Information on offers, services, websites and other platforms on which we are present;
Communication with third parties and processing of their inquiries (e.g. applications, media inquiries);
Examination and optimization of procedures for demand analysis for the purpose of direct approach as well as collection of personal data from publicly accessible sources for the purpose of customer and employee acquisition;
Advertising and information on our services and offers (including the organization of events), provided you have not objected to the use of your data (if we send you advertising, e.g. in the form of a newsletter, as an existing customer or employee of ours, you can object to this at any time and we will then place you on a blacklist against further advertising mailings);
Market and opinion research, media monitoring;
Assertion of legal claims and defense in connection with legal disputes and official proceedings;
Prevention and investigation of criminal offenses and other misconduct (e.g., conducting internal investigations, data analyses to combat fraud);
Guarantees of our operations, in particular IT, our websites and other platforms;
Measures for IT, building and facility security and protection of our employees and other persons and assets belonging to or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone records);
If you have given us your consent to process your personal data for specific purposes, we process your personal data within the scope of and based on this consent, unless we have another legal basis and we require such a basis. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place.
5. COOKIES / TRACKING AND OTHER TECHNOLOGIES IN CONNECTION WITH THE USE OF OUR WEBSITE.
We typically use “cookies” and similar technologies on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website. This allows us to recognize you when you return to this website, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your website visit (“session cookies”), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) (“permanent cookies”). However, you can set your browser to reject cookies, store them for one session only, or otherwise delete them early. Most browsers are preset to accept cookies. We use persistent cookies so that we can better understand how you use our offerings and content. If you block cookies, certain functionalities may no longer work.
By using our websites, you agree to the use of these techniques. If you do not want this, you must set your browser or e-mail program accordingly.
WE SOMETIMES USE GOOGLE ANALYTICS ON OUR WEBSITES.
This website uses Google Analytics, a web analytics service provided by the
1600 Amphitheatre Parkway,
CA 94043, USA (“Google”).
The statistics obtained enable us to improve our offer and make it more interesting for you as a user. This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. If you have a Google user account, you can deactivate the cross-device analysis of your usage in the settings there under “My data”, “Personal data”.
The legal basis for the use of Google Analytics is Art. 6 para. 1 p. 1 lit. f DS-GVO. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. We would like to point out that on this website Google Analytics has been extended by the code “_anonymizeIp();” to ensure anonymized collection of IP addresses. This means that IP addresses are processed in abbreviated form, which means that they cannot be linked to a specific person. If the data collected about you is related to a person, this is immediately excluded and the personal data is deleted immediately.
Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
In addition, you can also prevent the use of Google Analytics by clicking on this link: Disable Google Analytics. This will save a so-called opt-out cookie on your data carrier, which prevents the processing of personal data by Google Analytics. Please note that if you delete all cookies on your terminal device, these opt-out cookies will also be deleted, i.e. you will have to set the opt-out cookies again if you wish to continue to prevent this form of data collection. The opt-out cookies are set per browser and computer/end device and must therefore be activated separately for each browser, computer or other end device.
WE FURTHER USE ON OUR WEBSITES SO CALLED. PLUG-INS FROM SOCIAL NETWORKS SUCH AS LINKEDIN.
This website uses functions of the network LinkedIn provider is the
2029 Stierlin Court,
For data protection matters outside the USA is
Wilton Place, Dublin 2,
Ireland, is responsible.
Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the “Recommend Button” of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and its use by LinkedIn.
Data protection issues of JOIN Solutions AG are answered at the following address:
JOIN Solutions AG
If you are looking for a new job and click on one of our job postings, which you can find on our homepage under “Work with us”, you will be redirected to the JOIN page. Here you can enter your contact details, among other things, and initiate the application process. The following data will then be transmitted to us by JOIN Solutions AG:
Email address; contact details; first name, last name; CV, if applicable; certificates, if applicable, and all data transmitted or entered by the candidate himself/herself for this purpose, such as the stated qualifications, professional experience, preferences, etc….
PRIVACY STATEMENT RECRUITEE
We publish numerous job advertisements directly on Recruitee B.V.. Here the visitor has the opportunity to contact us directly. Accordingly, we use the services of Recuritee B.V. to organize and process the application process for the legal reasons of Art. 6 para. 1 lit. b and lit. f DSGVO.
Johan Huizingalaan 763,
(1066 VH) Amsterdam,
Netherlands (hereinafter: “Recruitee”).
When a visitor visits the Recruitee Website, personal access data is automatically collected, such as the requesting device, the web browser you use and the operating system of your device, the IP address of the requesting device, the requests and responses sent to and from your device, the website from which the Recruitee Website was requested and your behavior on the Recruitee Website.
The collection of your personal data and the integration of Recruitee as part of your visit to our Recruitee website, as well as the related data processing, is necessary to monitor and improve the recruitment process and the performance of the Recruitee website, based on our legitimate interest in the efficient design of our internal operations and service, Art. 6 (1) lit. f DSGVO.
Furthermore, the following personal application data may be processed as part of the application process, in particular, but not exclusively, all personal data that you provide to us via the application form: Name, email address, phone number, picture, cover letter, resume, LinkedIn profile, and the job you have applied for, status, notes and plans regarding your application and email communications.
The collection of your personal data and the integration of Recruitee as part of the application process, as well as the associated data processing, is necessary for the implementation of pre-contractual measures, which are carried out at your request, Art. 6 para. 1 lit. b DSGVO.
6. TRANSFER OF DATA TO THIRD PARTIES
Your personal data will not be disclosed, sold or otherwise transferred to third parties, unless this is necessary for the purpose of contract execution or to fulfill our legal duties, or unless you have expressly consented to this. In addition, data may be transferred to third parties if we are required to do so by law or by enforceable governmental or court order.
The recipients of such data are sometimes domestic, but may be anywhere in the world. If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection by using appropriate contracts or rely on the legal exceptions of consent, contract performance, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the data subjects. You may ask us at any time for information about the contractual guarantees mentioned. However, we reserve the right to black out copies for reasons of data protection or confidentiality or to provide only excerpts.
7. DURATION OF THE RETENTION OF PERSONAL DATA
We process and store your personal data as long as it is necessary for the fulfillment of our contractual and legal obligations or otherwise the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) as well as beyond that in accordance with the statutory retention and documentation obligations. In this context, it is possible that personal data will be retained for the time during which claims can be asserted against our company and insofar as we are otherwise legally obligated or authorized to do so or legitimate business interests require this (e.g. for evidence and documentation purposes).
If the purpose of storage no longer applies or if a storage period prescribed by the European Directive and Regulation Body or another competent legislator expires, the personal data will be routinely blocked in accordance with the statutory provisions or also deleted in consultation with the respective person. In addition to compliance with data protection regulations, this process also serves to maintain our data quality. We retain data from employees or customers in accordance with the applicable and prescribed storage periods.
The criterion for the duration of storage of personal data depends on individual consent and/or expediency and/or mutual agreement.
8. DATA SECURITY
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible. However, in cooperation with our hosting providers, we make every effort to protect the databases as well as possible against unauthorized access, loss, misuse or falsification.
In addition, we take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as issuing instructions, IT and network security solutions, access controls.
9. OBLIGATION TO PROVIDE PERSONAL DATA
Within the scope of our business relationship, you must provide those personal data that are necessary for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations (you do not generally have a legal obligation to provide us with data). Without this data, we will generally not be in a position to conclude a contract with you and the potential employment company, to process this contract or to fulfill our legal duties.
10. PROFILING AND AUTOMATED DECISION-MAKING
Profiling is any form of automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person. In particular, this involves analyzing or predicting aspects relating to the job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location of this natural person.
As a responsible company, we do not use automated decision-making and do not engage in profiling.
11. RIGHTS OF THE DATA SUBJECT
Within the framework of the data protection law applicable to you and where provided for therein (such as in the case of the GDPR), you have the right to information, correction, deletion, the right to restrict data processing and otherwise object to our data processing, as well as the right to surrender certain personal data for the purpose of transfer to another entity (so-called data portability). Please note, however, that we reserve the right to enforce the restrictions provided for by law, for example if we are obliged to retain or process certain data, if we have an overriding interest in doing so (insofar as we are entitled to rely on this) or if we require the data in order to assert claims. If you incur costs, we will inform you in advance. We have already informed you about the possibility of revoking your consent in section 4. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or cost consequences. We will inform you in advance if this is not already contractually or legally regulated.
The exercise of such rights usually requires that you clearly prove your identity (e.g. by means of a copy of your identity card, where your identity is otherwise not clear or cannot be verified). To assert your rights, you can contact us at the address given in section 2.
Every data subject also has the right to enforce his or her claims in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
(Status: October 2022)