Data protection - ARTES Recruitment

General notice

The following notice is a simple overview of what happens to your personal data when you visit this website, when we introduce ourselves to you, when we assist you in your job search, when we maintain a relationship with you after we have found a position for you, when we perform a service for you or you perform a service for us, when we use your information to contact you for assistance in connection with one of our candidates.

Personal data is defined as any data by which you can be personally identified. This privacy policy applies to the personal data of visitors to our website, potential candidates, candidates and clients.

Important: this privacy policy may be amended from time to time. Please use this page to keep informed as we post any changes here.

If you do not agree with any aspect of our privacy policy, you may have legal rights, which are also described here at the appropriate point.

Privacy notice part1:

General privacy policy of our website

Data collection on this website

Who is responsible for the data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website.

How do we collect your data?

Your data is collected firstly by you providing it to us. This can be, for example, data that you enter in a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you access this website.

What do we use your data for?

Part of the data is collected in order to ensure error-free provision of the website. Other data may be used to analyse your user behaviour.

What rights do you have regarding your data?

You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request the rectification or deletion of this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. You also have the right to request the restriction of the processing of your personal data in certain circumstances. Furthermore, you have the right to lodge a complaint with the respective supervisory authority.

You can contact us about this or regarding any other questions on the subject of data protection at any time using the address given in the imprint.

Third-party analytics and tools

When visiting this website, your surfing behaviour can be statistically evaluated. This is done mainly using so-called analysis programs.

Detailed information on these analysis programs can be found in the following privacy policy.

Hosting and Content Delivery Networks (CDN)

External hosting

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website traffic and other data generated by a website.

The host is used for the purpose of fulfilling the contract with our potential and existing clients (Art. 6 (1)(b) GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 (1)(f) GDPR).

Our host will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data.

Conclude a contract on order processing

In order to ensure data protection-compliant processing, we have concluded an order processing contract with our host.

General notice and required information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data will be collected. Personal data is defined as data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how this is done and for what purpose.

Please note that data transmission on the Internet (e.g. communication by email) can have security gaps. Complete protection of the data against access by third parties is not possible.

Note on the responsible body

The data controller for this website is:

ARTES Recruitment GmbH
JUNGHOF PLAZA
Junghofstraße 16, c/o SPARK
60311 Frankfurt am Main

Phone: + 49 69 9 2020 85 – 0
Email:

The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

Legally required data protection officer

We have appointed a data protection officer for our company.

Frau Tamara Fels
ARTES Recruitment GmbH
JUNGHOF PLAZA
Junghofstraße 16, c/o SPARK
60311 Frankfurt am Main

Phone: +49 69 9 2020 85 – 11
Email:

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent that has already been given at any time. The legality of the data processing carried out up to the revocation remains unaffected by this revocation.

Right to object to the collection of data in specific cases and to direct marketing (Art. 21 GDPR)

IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 (1) (E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS NECESSARY FOR THE ASSERTION, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 (2) GDPR).

Right of appeal to the respective supervisory authority

In the event of breaches of the GDPR, data subjects shall have a right of appeal to a supervisory authority, in particular in the member state of their habitual residence, place of work or the place of the alleged breach. The right of appeal shall be without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL and TLS encryption

This site uses SSL and TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Access, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, the right to correct or delete this data. You can contact us about this or regarding any other questions on the subject of personal data at any time using the address given in the imprint.

Right to restrict processing

You have the right to request the restriction of the processing of your personal data. You can contact us about this at any time using the address given in the imprint. The right to restrict processing exists in the following cases:

If you dispute the accuracy of the personal data we hold about you, we will usually need time to investigate this. For the duration of the investigation, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
If you wish to lodge an objection under Art. 21 (1) GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests are predominant, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest to the European Union or a member state.

Objection to advertising emails

The use of contact details published within the scope of the imprint obligation for the transmission of not expressly requested advertising and information materials is hereby contradicted. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

Data collection on this website

Cookies

Our Internet pages use so-called ‘cookies’. Cookies are small text files and do not cause any damage to your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behaviour or to display advertising.

Cookies that are necessary to implement the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 (1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies has been requested, the cookies in question are stored exclusively on the basis of this consent (Art. 6 (1)(a) GDPR); consent can be revoked at any time.

You can set your browser to inform you about the setting of cookies and only allow cookies in individual cases, to exclude the acceptance of cookies for certain cases or in general and to activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

If cookies are used by third-party companies or for analysis purposes, we will inform you separately within the framework of this privacy policy and, if necessary, request your consent.

Cookie consent with Usercentrics

This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, website: https://usercentrics.com/de/ (hereinafter “Usercentrics”).

When you enter our website, the following personal data is transferred to Usercentrics:

Your consent(s) or the revocation of your consent(s)
Your IP address
Information about your browser
Information about your end device
Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to allocate the consent granted or its revocation to you. The data collected in this way is stored until you request us to delete it, until you delete the Usercentrics cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Usercentrics is used to obtain consent for the use of certain technologies as required by law. The legal basis for this is Art. 6 (1)(1)(c) GDPR.

Cookie consent with Borlabs Cookie

Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent to the storage of certain cookies in your browser and to document this in accordance with data protection law. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser to record the consents you have given or the revocation of those consents. This information is not shared with the Borlabs Cookie provider.

The data collected is stored until you request us to delete it, until you delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

Borlabs Cookie consent technology is used to obtain consent for the use of cookies as required by law. The legal basis for this is Art. 6 (1)(1)(c) GDPR.

Cookie consent with Consent Manager Provider

Our website uses the cookie consent technology of Consent Manager Provider to obtain your consent to the storage of certain cookies on your end device and to document this in accordance with data protection law. The provider of this technology is Jaohawi AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website: https://www.consentmanager.de (hereinafter “Consent Manager Provider”).

When you enter our website, a connection is made to Consent Manager Provider’s servers to obtain your consents and other declarations regarding cookie use. Consent Manager Provider then stores a cookie in your browser in order to be able to allocate the consent granted or its revocation to you. The data collected in this way is stored until you request us to delete it, until you delete the Consent Manager Provider cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Consent Manager Provider is used to obtain consent for the use of cookies as required by law. The legal basis for this is Art. 6 (1)(1)(c) GDPR.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

This data is collected based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of their website – the server log files must be recorded for this purpose.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up enquiries. We will not pass on this data without your consent.

This data is processed based on Art. 6 (1)(b) GDPR insofar as your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the enquiries addressed to us (Art. 6 (1)(f) GDPR) or on your consent (Art. 6 (1)(a) GDPR) if this was requested.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory statutory regulations – in particular retention periods – remain unaffected.

Enquiries by email, telephone or fax

If you contact us by email, telephone or fax, your enquiry including all personal data resulting from it (name, enquiry) will be stored and processed by us for the purpose of dealing with your enquiry. We will not pass on this data without your consent.

The data you send to us in contact enquiries will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory statutory regulations – in particular statutory retention periods – remain unaffected.

Registration on this website

You can register on this website to use additional features on the site. We only use the data you enter for the purpose of using the particular offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will refuse the registration.

We use the email address provided during registration to inform you of important changes, for example in the scope of the offer or in the case of technically required changes.

The data entered during registration is processed for the purpose of implementing the user relationship established by registration and, if necessary, for initiating further contracts (Art. 6 (1)(b) GDPR).

The data collected during registration will be stored by us for as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected.

Social media

Instagram plug-in

Functions from the service Instagram are integrated into this website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. Please note that we, as the provider of the pages, have no knowledge of the content of the shared data or its use by Instagram.

The storage and analysis of the data is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media. If corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR; consent can be revoked at any time.

For more information, please see Instagram’s privacy policy: https://instagram.com/about/legal/privacy/.

LinkedIn plug-in

This website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Each time a page of this website containing LinkedIn functions is accessed, a connection to servers of LinkedIn is established. LinkedIn is informed that you have visited this website with your IP address. If you click on the ‘Recommend Button’ of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to this website to you and your user account. Please note that we, as the provider of the pages, have no knowledge of the content of the shared data or its use by LinkedIn.

The use of the LinkedIn plug-in is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media. If corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR; consent can be revoked at any time.

For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

XING plug-in

This website uses functions of the XING network. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time one of our pages containing XING functions is called up, a connection to XING servers is established. To our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored or usage behaviour evaluated.

Further information on data protection and the XING Share button can be found in XING’s privacy policy at: https://www.xing.com/app/share?op=data_protection.

Analysis tools and advertising

Google Analytics

This website uses functions of the Google Analytics web analysis service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. As a result, the website operator receives various usage data, such as page views, duration of visit, operating systems used and location of the user. This data may be summarised by Google in a profile that is assigned to the respective user or their end device.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this analysis tool is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both their website and their advertising. If corresponding consent was requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR; consent can be revoked at any time.

IP anonymisation

We have activated the IP anonymisation function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data.

Browser plug-in

You can prevent the collection and processing of your data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

For more information on how Google Analytics handles user data, please see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographics in Google Analytics

This website uses the ‘Demographics’ function of Google Analytics to display appropriate advertisements to website visitors within the Google advertising network. This allows reports to be generated that include statements about the age, gender and interests of site visitors. This data comes from Google’s interest-based advertising and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section ‘Object to data collection’.

Google Analytics E-Commerce Tracking

This website uses the ‘E-Commerce Tracking’ function of Google Analytics. Through E-Commerce Tracking, the website owner can analyse the buying behaviour of the website visitors to improve their online marketing campaigns. Recorded information includes orders placed, average order values, shipping costs and the time from viewing to purchasing a product. This data can be summarised by Google under a transaction ID, which is assigned to the respective user or their device.

Storage period

Data stored by Google at user and event level that is linked to cookies, user identifiers (e.g. user ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymised or deleted after 14 months. Details can be found at the following link: https://support.google.com/analytics/answer/7667196?hl=de

WordPress Stats

This website uses the WordPress tool Stats to statistically evaluate visitor traffic. The provider is Automattic Inc, 60 29th Street #343, San Francisco, CA 94110-4929, USA.

WordPress Stats uses technologies that enable cross-page user recognition for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected in this way about the use of this website is stored on servers in the USA. Your IP address is anonymised after processing and before storage.

The use of this analysis tool is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in anonymously analysing user behaviour in order to optimise both their website and their advertising. If corresponding consent was requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR; consent can be revoked at any time.

You can object to the collection and use of your data for the future by setting an opt-out cookie in your browser by clicking on this link: https://www.quantcast.com/opt-out/.

If you delete the cookies on your computer, you must reset the opt-out cookie.

Google Remarketing

This website uses the functions of Google Analytics Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyses your user behaviour on our website (e.g. clicking on certain products) in order to categorise you in certain advertising target groups and subsequently display suitable advertising messages to you when you visit other online offers (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked to Google’s cross-device features. In this way, interest-based, personalised advertising messages that have been adapted to you based on your previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).

If you have a Google account, you can object to personalised advertising at the following link: https://www.google.com/settings/ads/onweb/.

The use of this Google Remarketing is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in marketing their products as effectively as possible. If corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR; consent can be revoked at any time.

For more information and the data protection regulations, please see Google’s privacy policy at: https://policies.google.com/technologies/ads?hl=de.

Target group formation with Customer Match

To form target groups, we use tools including Customer Match from Google Remarketing. In doing so, we transfer certain client data (e.g. email addresses) from our client lists to Google. If the clients in question are Google users and logged into their Google account, they are shown relevant advertising messages within the Google network (e.g. on YouTube, Gmail or in the search engine).

Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use this data exclusively to send the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 (1)(a) GDPR). You can revoke your consent to the storage of the data, the email address and its use for sending the newsletter at any time, for example via the ‘unsubscribe’ link in the newsletter. The legality of the data processing operations already carried out remains unaffected by this revocation.

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that we have stored for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your email address will be stored by us or the newsletter service provider in a blacklist, if necessary, in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 (1)(f) GDPR). Storage in the blacklist is not subject to a time limit. You can object to the storage if your interests outweigh our legitimate interest.

MailChimp with disabled success measurement

This website uses the services of MailChimp to send newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

MailChimp is a service with can be used to organise the sending of newsletters, among other services. If you enter data for the purpose of receiving the newsletter (e.g. email address), this data will be stored on MailChimp’s servers in the USA. We have disabled success measurement with MailChimp, so MailChimp will not evaluate your behaviour when you open our newsletters.

MailChimp is certified in accordance with the ‘EU-US Privacy Shield’. The ‘Privacy Shield’ is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.

If you do not want your data to be transferred to MailChimp, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can unsubscribe from the newsletter directly on the website.

The data processing is based on your consent (Art. 6 (1)(a) GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by this revocation.

After you have unsubscribed from the newsletter distribution list, your email address will be stored by us or the newsletter service provider in a blacklist, if necessary, in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 (1)(f) GDPR). Storage in the blacklist is not subject to a time limit. You can object to the storage if your interests outweigh our legitimate interest.

For more details, please see MailChimp’s privacy policy at: https://mailchimp.com/legal/terms/.

Conclusion of a data processing agreement

We have concluded a so-called ‘Data Processing Agreement’ with MailChimp, in which we obligate MailChimp to protect our clients’ data and not to share it with third parties.

Plug-ins and tools

Google Web Fonts

This website uses so-called web fonts, which are provided by Google, for the uniform display of fonts. Google Fonts are installed locally. No connection is made with Google servers.

For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and read Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Google Maps

This website uses the map service Google Maps via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Your IP address must be stored for the use of the functions of Google Maps. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

The use of Google Maps is in the interest of presenting our online offers attractively and ensuring the places indicated by us on the website can be easily located. This constitutes a legitimate interest within the meaning of Art. 6 (1)(f) GDPR. If corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR; consent can be revoked at any time.

For more information on how user data is processed, please see Google’s privacy policy: https://policies.google.com/privacy?hl=de.

eCommerce and payment providers

Processing of data (client and contract data)

We collect, process and use personal data only to the extent that it is necessary for the establishment, content design or modification of the legal relationship (inventory data). This is based on Art. 6 (1)(b) GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data about the use of this website (usage data) only insofar as this is necessary to allow the user to use the service or to charge the user.

The client data collected will be deleted after completion of the contract or termination of the business relationship. Statutory retention periods remain unaffected.

Data transmission upon conclusion of a contract for services and digital content

We only transmit personal data to third parties if this is necessary for the processing of the contract, for example to the credit institution commissioned with the processing of payments.

Data will not be transferred further or will only be transferred further if you have expressly agreed to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.

The data processing is based on Art. 6 (1)(b) GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Audio and video conferencing

Data processing

In addition to other platforms, we use online conferencing tools to communicate with our clients. The specific tools we use are listed below. If you communicate with us by video or audio conference via the Internet, your personal data will be collected and processed by us and the provider of the respective conferencing tool.

The conferencing tools collect all the data you provide/enter to use the tools (email address and/or phone number). Furthermore, the conferencing tools process the duration of the meeting, start and end (time) of participation in the meeting, number of participants and other ‘contextual information’ related to the communication process (metadata).

Furthermore, the provider of the tool processes all technical data required for the handling of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and connection type.

If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. This content specifically includes cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. Further information on data processing by the conferencing tools can be found in the privacy policies of the respective tools used, which we have listed below this text.

Purpose and legal basis

The conferencing tools are used to communicate with prospective or existing contractual partners or to offer certain services to our clients (Art. 6 (1)(1)(b) GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 (1)(f) GDPR). Insofar as consent has been requested, the tools in question are used on the basis of this consent; consent can be revoked at any time with effect for the future.

Storage period

The data collected directly by us via the video and conferencing tools will be deleted from our systems as soon as you request that we delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conferencing tools for their own purposes. For details, please contact the operators of the conferencing tools directly.

Conferencing tools used

We use the following conferencing tools:

Zoom

We use Zoom. The provider of this service is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113. Zoom is certified in accordance with the EU-US Privacy Shield. For details on data processing, please refer to Zoom’s privacy policy: https://zoom.us/de-de/privacy.html.

Skype for Business

We use Skype for Business. The provider is Skype Communications SARL, 23-29 Rives de Clausen, L-2165 Luxembourg. Skype is certified in accordance with the EU-US Privacy Shield. For details on data processing, please refer to Skype’s privacy policy: https://privacy.microsoft.com/de-de/privacystatement/.

Conclusion of a contract on order processing

We have concluded an order processing contract with the provider of Skype for Business and fully implement the strict requirements of the German data protection authorities when using Skype for Business.

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft Teams is certified in accordance with the EU-US Privacy Shield. For details on data processing, please refer to Microsoft Teams’ privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

Conclusion of a contract on order processing

We have concluded an order processing contract with the provider of Microsoft Teams and fully implement the strict requirements of the German data protection authorities when using Microsoft Teams.

Own services

Handling of applicant data

We offer you the opportunity to apply to us (e.g. by email, by post or via the online application form). In the following, we inform you about the scope, purpose and use of your personal data collected during the application process. We ensure that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection

If you send us an application, we will process your associated personal data (e.g. contact and communication details, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 of the new German Federal Data Protection Act [BDSG-neu] (initiation of an employment relationship), Art. 6 (1)(b) GDPR (general contract initiation) and – if you have given your consent – Art. 6 (1)(a) GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be processed on the basis of § 26 BDSG-neu and Art. 6 (1)(b) GDPR for the purpose of implementing the employment relationship in our data processing systems.

Retention period of the data

If we are unable to make you a job offer, if you decline a job offer or if you withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 (1)(f) GDPR) for up to six months from the end of the application process (rejection or withdrawal of the application). The data shall then be deleted and the physical application documents destroyed. Storage serves in particular evidence purposes in the case of a legal dispute. If it is evident that the data will be required after the expiry of the six-month period (e.g. due to an imminent or pending legal dispute), the data will only be deleted when the purpose for continued storage no longer applies.

Prolonged storage may also take place if you have given corresponding consent (Art. 6 (1)(a) GDPR) or if legal storage obligations oppose the deletion.

Inclusion in the applicant pool

If we do not make you a job offer, we may be able to include you in our pool of applicants. In this case, all documents and details from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.

Inclusion in the applicant pool takes place exclusively on the basis of your express consent (Art. 6 (1)(a) GDPR). Submission of the consent is voluntary and is not related to the ongoing application process. The data subject may revoke their consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, provided that there are no legal reasons for retention.

The data from the applicant pool will be irrevocably deleted no later than two years after consent is given.

Inclusion in the ARTES Talent Pool

To bring you to the attention of our clients, there is the opportunity for you to be included in our ARTES Talent Pool. The ARTES Talent Pool will publish an anonymous profile of you, which will contain your job title (possibly in a modified form), your experience (in a yearly range), your desired region, your desired annual fee, and any other salary expectations. Clients can request your full profile from us if they are interested, potentially to contact you.

Inclusion in the ARTES Talent Pool is based solely on your explicit consent (Art. 6 para. 1 lit. a GDPR). Giving consent is voluntary and is not related to the ongoing application process. The affected individual can revoke their consent at any time. In this case, the data from the ARTES Talent Pool will be irreversibly deleted unless there are legal retention requirements.

You can find the ARTES Talent Pool at: Find personnel that makes a difference | Talent Pool (artes-recruitment.com)

The data from the ARTES Talent Pool will be irreversibly deleted no later than two years after the granting of consent.

Privacy notice part2:

privacy policy on the processing of personal data

This privacy policy gives you information about how we use your personal data and, perhaps more importantly, what your rights are in relation to this (for example, you have the right at any time to request that we delete it or confirm what information we hold about you, withdraw consent you have given and/or lodge a complaint with the supervisory authority if you are not happy with something we have done).

The following is included in this privacy policy:

What types of personal data are collected?
How is your personal data collected?
How will your personal data be used?
Who will your personal data be shared with?
How is your personal data protected?
How long will your personal data be stored?
How can you access, change or withdraw personal data that you have given us?

This privacy policy also includes some defined terms, therefore we have included a glossary at the end of this document.

This privacy policy is divided into different subsections for each category of person who needs to take notice of it (for example, in the section entitled ‘What types of personal data are collected?’ there are subsections for ‘Candidates’ and ‘Visitors to our website’ as well as the other persons to whom this privacy policy applies). The privacy policy contains different information depending on the section, so make sure you are in the right section.

What types of personal data are collected?

The information described below is of course in addition to the personal data that we are legally obliged to process in the respective situations.

CANDIDATE DATA: Depending on the applicable conditions, we may collect some or all of the information listed below in order to offer you job opportunities tailored to your situation and interests.

Name
Age/date of birth
Birth number
Gender
Photography
Marital status
Contact details
Education details
Professional career
Emergency contacts and details of dependants
Contact details for a reference
Right to work status
Nationality/citizenship/place of birth
Start date or availability date
Diversity information (such as race or ethnic origin, religious or similar beliefs, and physical and mental health, including any information related to disabilities)
Details of any previous convictions if this is relevant to a job you are applying for
Details of your previous and current remuneration, pension and benefit arrangements
Sexual orientation (for example, if you disclose this by providing details of relatives)
Information about your interests and aspirations for future employment, both directly collected and derived from, for example, job listings or articles you read on our website or links you click in emails we send to you
Additional information that you provide to us on your own initiative
Additional information that your reference contacts provide us with about you on their own initiative
Additional information that our clients provide to us about you themselves or that we receive from third parties, e.g. job portals
IP address
Date, time and frequency of your access to our services
Video recordings when you enter our premises.

Please note that this is not an exhaustive list of the personal data we collect.

POTENTIAL CANDIDATES DATA: If we believe that our services may be of interest or benefit to you, we may collect limited data about you to evaluate how we might be able to help you. This data is likely to include your name and contact details so that we can get in touch with you. We may also collect other information about you, for example, if we found you in our search on LinkedIn or other job posting sites. In this case, we collect information such as your employment history, education, qualifications, skills and interests, as well as additional information that you have provided in a profile or CV that you have uploaded to one of these sites.

CLIENT DATA: We only collect data about our clients to a very limited extent. Generally, we only need your contact details or the contact details of individual contacts within your organisation (such as their names, telephone numbers and email addresses) in order to contact you regarding our services and to ensure a smooth business relationship. We also store information about your online use of candidateprofiles and other materials published by ARTES. We use this to ensure that you receive the appropriate promotional communications from us at the right time. We may also store additional information that someone from your organisation has given us of their own accord. If we need further personal data from you for specific reasons, we will let you know.

PERSONS WHOSE DATA WE RECEIVE FROM CANDIDATES AND EMPLOYEES, E.G. CONTACT PERSONS FOR REFERENCES, EMERGENCY CONTACTS, ETC.: All we need from reference contacts is confirmation of the information about the candidate or prospective employee that you already have, so that they can get the job they want. To ask someone for a reference, we of course need the contact details of the reference contact (such as name, email address and telephone number). We will also need these details if our candidate or one of our employees has identified you as an emergency contact so that we can notify you in the event of an accident or emergency.

We collect your date of birth, contact details and, if applicable, certain information about your medical history if one of our employees has designated you as a dependent or otherwise eligible for a benefit in connection with their employment, or if one of our employees exercises certain employment rights. We may also receive limited information (through drawn conclusions) about your sexual orientation if one of our employees identifies you as a spouse or partner by identifying you as a dependent, relative or emergency contact.

HOW IS YOUR PERSONAL DATA COLLECTED?

CANDIDATE DATA: We collect personal data from our candidates in the following ways:

Personal data that you share with us as a candidate
Personal data we receive from other sources
Personal data that we collect automatically.

Personal data that you share with us

ARTES requires certain information about you in order to be able to provide you with a target-oriented service. In this way, we can offer you the best opportunities. In addition, you’ll probably save time by not having to sift through information about jobs and services that are not relevant to you.

You can share information with us in a variety of ways, depending on what suits you best. This may include:

Enter your data as part of the application process on the ARTES website or in an application form;
Hand in a printed CV at an ARTES recruitment event, a job fair or at a branch office;
Email your CV or other information to an ARTES consultant or arrange an interview;
Apply for jobs via a job search engine, which will then redirect you to the ARTES website;
Enter your personal data on an ARTES microsite; or
Enter a competition via a social network such as Facebook or Twitter (or similar).

Personal data we receive from other sources

We also receive personal data about candidates from other sources. Depending on the relevant circumstances, this may include personal data received in the following situations:

Your reference contact may disclose personal data about you;
Our clients and candidates may share personal data about you with us;
When you click ‘Like’ on our Facebook/Instagram page or ‘Follow’ us on Twitter, we receive personal data about you from these sites;

Personal data collected automatically by us

If you access our website or read or click on an email from us, we will also collect your data automatically or by you providing it to us.

POTENTIAL CANDIDATES DATA: We receive personal data about potential candidates from third parties when we:

Search for potential candidates through third-party sources such as LinkedIn, Xing, and other job posting sites from which we receive your personal data
Receive your personal data from Facebook, Instagram or Twitter when you ‘like’ our Facebook page or ‘follow’ us on Twitter (or engage in a similar interaction with us on social media); and

Personal data we receive from other sources

We also obtain personal data about you from other sources. Depending on the respective circumstances, this may include personal data received in the following situations:

If you are referred to us by recruitment agencies or other employment agencies who have passed on personal data about you to us
Your colleagues may share personal data about you with us

CLIENT DATA We collect personal data from our clients in the following ways:

Personal data we receive from you
Personal data we collect or receive from other sources
Personal data that we collect automatically.

Personal data we receive directly from you

We receive data directly from you in two ways:

If you contact us of your own accord, usually by telephone or email, and/or
If we contact you by telephone, email or more generally within the business development activities of one of our consultants.

Personal data we receive from other sources

We try to obtain information about you and your colleagues through other sources, usually using due diligence or market research, via:

Third-party market research and analysis of online and offline media (we will conduct this ourselves or commission other companies to do so)
Lists of participants at corresponding events
Other limited sources and third parties (e.g. from candidates when they share your information with us to provide you with a reference or when they provide us with feedback on a particular assignment).

Personal data we collect through our website or links in emails

If you access our website or read or click on an email from us, we will collect your data automatically or by you providing it to us.

HOW WILL YOUR PERSONAL DATA BE USED?

If we have information about you, we use it in a variety of ways.

CANDIDATE DATA: In general, we use data about our candidates in five ways:

Recruitment measures;
Advertising
Equal opportunities monitoring; and
Assertion, exercise or defence of legal claims.
In appropriate circumstances, we also use data from candidates to create a personality profile.

More details on each type:

Recruitment measures

Recruitment is the key area of our work. We have listed below selected ways in which we process your personal data for this purpose. Please note that this list is not exhaustive.

Collect your data from you and from other sources, e.g. LinkedIn, Xing
Store (and update if necessary) your data in our database so that we can contact you in connection with recruitment
Provide recruitment services and facilitate the recruitment process
Match data about you with vacancies that we consider suitable
Send your information to clients to apply for jobs or evaluate your suitability for jobs
Allow you to submit your CV, apply for jobs online, or receive notifications of jobs we think may interest you
Allow you, if desired, to use the interactive features of our services
Creation of an anonymous profile in our ARTES Talent Pool to draw our clients’ attention to your profile.
Conduct customer satisfaction surveys
Verify information you have provided or request information (e.g., references, qualifications, or possible criminal history, as appropriate and permitted by local law)
Comply with our legal obligations in connection with the detection of crime or the collection of taxes or duties
Process your data so that we can send you targeted, relevant promotional materials or other communications that we believe will be of interest to you
Conduct assessment and development activities (e.g. psychometric assessments or testing of skills)

We will use your personal data for the purposes described above if we consider it necessary for our legitimate interests. If you do not agree with this, you have the right to object in certain circumstances.

Advertising

We may periodically send you information that we believe will be of interest to you or ask for your help in referring other candidates. In particular, we may use your data for the purposes set out below if desired. Please note that this list is not exhaustive. To:

Develop and promote other products and services;
Promote our full range of recruitment services to you;
Send you details of reports, promotions, offers, networking and client events and more general information about industries that we think may be of interest to you;
Display extracts of your data for promotional purposes on the ARTES website as a success story (only if we have your explicit consent to do so); and
Inform you of certain offers to which you are entitled as a result of your business relationship with ARTES.

We require your consent for some aspects of these activities that are not covered by our legitimate interests (in particular, data collection using cookies and direct marketing of our services to you through our digital channels). Depending on the situation, we will ask you to explicitly ‘opt-in’ or implicitly ‘soft opt-in’ to this.

‘Soft opt-in’ consent is a specific type of consent that applies when we have received your contact details from previous dealings with us (for example, when you submit an application for a job or a CV, or report a vacancy) and we advertise other services online in connection with recruitment. In the case of ‘soft opt-in’ consent, we will consider your consent to have been given unless you object or withdraw it (and we will remind you of your right to do so in any e-marketing message we send you). For most people, this is helpful because it allows us to provide you with information we think you might be interested in, as well as suggest other jobs in addition to the one you have applied for. This greatly increases the likelihood that we will find a new job for you.

For other types of e-marketing, we are required to obtain your express consent. If you do not agree with our marketing approach, you may withdraw or revoke your consent at any time.

All of our advertising is based on things that we think will be particularly helpful to our clients andcandidates. However, we are aware that we cannot always do everything right for every individual. We will use your data to display ARTES advertisements and other content to you on other websites, such as Facebook. If you do not want us to use your data in this way, disable the ‘advertising cookies’ option (please consult our cookie policy). Even if you have deactivated advertising cookies, it is possible that you will be shown advertisements from ARTES. In this case, however, this is not targeted at you personally, but at an anonymous target group.

Equality monitoring and other sensitive personal data

We want to ensure that our recruitment processes are in line with our approach to equality. Some of the data we collect about you falls within the scope of ‘diversity information’. This may include information about your ethnic background, gender, disabilities, age, sexual orientation, religion or similar beliefs and/or socio-economic background. This diversity information is considered ‘sensitive’ or ‘specially categorised’ personal data and is subject to stricter data protection regulations.

Where appropriate, we use this information in anonymised form to monitor whether we are complying with our equality policy. We will also make this data (which may be appropriately anonymised) available to clients (including internal or external auditors) where contractually agreed or where the clientspecifically requests this information in order to comply with their own recruitment process.

We may collect other sensitive/specially categorised personal data about you, such as information on your health or religious affiliation. In these circumstances, we will use this information to comply with employment rights and obligations, such as calculating entitlement to annual leave or making appropriate adjustments for candidates or part-time employees.

We can also collect details of any previous convictions. In these circumstances, we need your explicit consent to use them. We ask for this consent by offering you an ‘opt-in’. This means that you must explicitly and unambiguously tell us that you consent to us collecting and using this information.

Assertion, exercise or defence of legal claims

In exceptional cases, we may also use personal data about you to assert, exercise or defend legal claims.

Creation of a personality profile

The creation of a personality profile is a type of processing in which information we collect about you is used to create your ‘personality profile’. This allows us to better assess your personality and your interests, likes and dislikes, and then provide you with the best possible service.

This is how we use the personality profile:

Personalisation

We want to ensure that we communicate with you in the best possible way and optimise the information we provide to you about our services, our website and our online presence. To do this, we create a personality profile in which we analyse your personal data to better understand your personality and your interests, habits and preferences. (An example of this: when you click on an item on our website, we consider this as a possible sign of what you are looking for.) We create a personality profile to place you and your candidates in groups or segments with other candidates based on interests, habits, traits and/or preferences to:

Send you personalised emails (reflecting, for example, what we have identified as your possible preferences)
Provide recommendations for editorial content that we think may be of interest to you (e.g. reports on developments in your industry)
Send you more tailored or relevant advertisements (the content of which may, for example, reflect how you have responded to or interacted with our previous advertisements).

Shortlisting and ranking

We may create a personality profile where your personal data is analysed and/or you and your candidate profile are placed into groups or segments based on your interests, habits, traits and/or preferences to enable our consultants to make decisions. For example, we may run your personal data through our systems to find out as efficiently as possible how suitable you are for a vacancy. In this way, we optimise the match between candidate profiles and positions and improve the effectiveness and efficiency of the recruitment cycle.

More specifically, we can create a personality profile to:

Shortlist you and other suitable candidates for specific positions based on prescribed criteria to enable our consultants to identify the most suitable candidates for positions in a more efficient manner and to recommend positions to you based on how your interests, habits, traits and/or preferences rank relative to other candidates.
Recommend positions to you based on how your interests, habits, traits and/or preferences rank relative to other candidates.

We will create a personality profile in connection with your personal data where we consider it necessary for our legitimate interests. If you do not agree with this, you have the right to appeal under certain circumstances.

POTENTIAL CANDIDATES DATA: We use data about potential candidates to determine whether you are interested in or could benefit from our services and to assess whether and how we could help you. If we think we can help you, we will use your contact details to contact you about our services (usually by email).

In this respect, we can:

Collect your personal data
Store (and update if necessary) your information in our database in order to contact you regarding our services
Review your information to determine whether and how our services could help you; and
Contact you regarding our services.

CLIENT DATA: We use information about our clients for the following purposes:

Recruitment measures

Recruitment is the key area of our work. This is done through the referral of candidates. Below, we have listed the various ways in which we may use your information to do this:

Store (and update if necessary) your data in our database so that we can contact you in connection with recruitment measures
Conduct customer satisfaction surveys
Process your data in order to be able to send you suitable advertising campaigns for our services

If you do not agree with this, you have the right to object in certain circumstances.

Advertising

Provided that this is agreed, we will not necessarily ask for your consent to send promotional materials to you at a business postal address or email address.

If you do not agree, you have the right to opt out of receiving promotional materials from us.

Assertion, exercise or defence of legal claims

In exceptional cases, we may also use personal data about you to assert, exercise or defend legal claims.

PERSONS WHOSE DATA WE RECEIVE FROM CANDIDATES AND EMPLOYEES, E.G. CONTACT PERSONS FOR REFERENCES, EMERGENCY CONTACTS AND DEPENDANTS: We will only use the information that our candidates or employees provide to us about you for the following purposes:

If candidates or employees have listed you as an emergency contact on our form, we will contact you if they are involved in an accident or emergency; or
If you have been designated by an employee as a relative, dependent or other beneficiary, we will store your personal data to ensure that employee’s personnel records are accurate and will use your personal data where necessary to provide employee benefits and pay compensation, and will make your information available to the appropriate benefit providers.
If a candidate or prospective employee has indicated you as a contact for a reference, we will contact you to obtain a reference or give your information to a third party to do so on our behalf. If you are asked to provide a reference based on a candidate’s professional experience and we think you may be interested in becoming our client, we may also use your information to contact you about this alternative opportunity.

We will use your personal data for these purposes if it is in our legitimate interests or in accordance with applicable employment law.

If you do not agree with this, you have the right to object.

WHO WILL YOUR PERSONAL DATA BE SHARED WITH?

We may disclose your personal data in numerous ways and for numerous purposes to the following categories of people:

All group companies
Suitable colleagues at ARTES
Individuals and organisations who, in order to work with us, have information associated with the reference or application, such as current, previous or prospective colleagues, trainers and exam boards, and employment and recruitment agencies
Tax, audit or other authorities if we believe in good faith that we are required by law or other regulation to disclose such information (for example, because of a request from a tax authority or in connection with an anticipated legal dispute)
Service providers (whether third parties or our group companies) who provide services on our behalf (including external consultants, business partners and professional consultants such as lawyers, accountants and auditors, administrative functions, technical support functions and IT consultants who carry out development and testing work on our company’s technology systems)
Providers of externally contracted IT services and storage providers, if a corresponding order processing agreement (or comparable protection) is in place
Marketing technology platforms and suppliers
In the case of candidates: potential employers and other recruitment agencies/organisations to improve your chances of finding employment
In the case of candidates: external partners, job portals, job platforms, job search engines, software developers and cloud-based databases, if we believe this will increase the chance of finding the right job for you or improve the recruitment process in general
In the case of candidates and candidate reference contacts and prospective employees: third parties we have engaged to provide services such as reference, qualification and criminal record checks, where such checks are appropriate and permitted by local law
In the case of candidates and candidate reference contacts: internal and external auditors of our clients, where we need to share this data with them on request in order to comply with our contractual or regulatory obligations
In the case of candidates: third parties who help us by developing services and procedures to optimise the candidate selection process and thus improve the quality and efficiency of recruitment services
In the event that ARTES merges with or is acquired by another company or corporation in the future (or if there were meaningful discussions about such a possibility), then we may share your personal data with the (future) new owners of the company or corporation.

HOW IS YOUR PERSONAL DATA PROTECTED?

We will take all reasonable and appropriate steps to protect the personal data we hold from misuse, loss or unauthorised access. To this end, we have taken a number of technical and organisational measures. This includes measures to deal with any suspected data breaches.

If you suspect that your personal data has been misused, lost or accessed without authorisation, please let us know as soon as possible. Please contact us via .

HOW LONG WILL YOUR PERSONAL DATA BE STORED?

If you are a client, we store your personal data in order to provide you with services or to receive services from you or in order to send you information about our services which we consider to be of interest to you. If you have explicitly indicated that you do not wish us to process your personal data, we will deleteit from our systems unless we believe in good faith that we are required by law or other regulation to retain it (for example, because of a request from a tax authority or a connection with an anticipated legal dispute).

If you are a prospective candidate or a candidate, we will delete your personal data from our systems if we have had no relevant contact with you (or, where applicable, with the company you work for or with) for a period of two years (or for a longer period if we believe in good faith that we are required by law or other regulation to retain your data). After this time, your data is probably no longer relevant for the purpose for which it was collected.

As with clients, if you as a potential candidate or a candidate have explicitly indicated that you are not interested in our services, we will delete your personal data from our systems unless we believe in good faith that we are required by law or other regulation to retain it (for example, because of a request from a tax authority or a connection with an anticipated legal dispute).

If you are a potential candidate, we will assume that there is relevant contact when we first contact you in relation to our services. If you are a candidate, we will assume that there is relevant contact if you upload your updated CV to our website. Furthermore, if you contact us regarding potential jobs, this is considered relevant contact. This may be in the form of verbal or written communication or by clicking on one of our promotional messages. If you receive, open or read an email or other digital message from us, this will not be considered as relevant contact. This is only the case if you click on something in it or reply directly.

In determining the appropriate retention period for different types of personal data, we consider the amount, nature and sensitivity of the personal data involved, the potential risk of harm from unauthorised use or disclosure of that personal data, the purposes for which we need to process it and whether we can fulfil those purposes in other ways (while of course ensuring that we comply with our legal, regulatory and risk management obligations as described above).

HOW CAN YOU ACCESS, CHANGE OR WITHDRAW PERSONAL DATA THAT YOU HAVE GIVEN US?

One of the main objectives of the GDPR is to protect and clarify the data protection rights of EU citizens as well as individuals within the EU. This means that you will continue to have various rights with regard to your data, even if you have already provided it to us. These rights are described in more detail below.

If you wish to discuss these rights with us, please contact us. We will endeavour to respond to your request as soon as possible, and in any case within one month (extensions may be applied which we are entitled to by law).

Right to object: Based on this right, you may object to us processing your personal data if we do so for one of the following four reasons: (i) our legitimate interests; (ii) so that we can carry out a task in the public interest or exercise public authority; (iii) so that we can send you direct marketing materials; and (iv) for scientific, historical, statistical or research purposes.

The ‘legitimate interests’ and ‘direct marketing’ categories above are those most likely to apply to ourwebsite visitors, candidates and clients. If you object to us processing your personal data because we consider it necessary for your legitimate interests, we must stop the respective activities as a result of your objection unless:

We can demonstrate that we have overriding legitimate grounds for processing which override your interests, or
We process your data in order to assert, exercise or defend a legal claim.
If you object in connection with direct marketing, we must stop this activity.

Right to withdraw consent: If you have given us your consent to process your personal data for certain activities (for example, to use cookies in certain jurisdictions), you may withdraw that consent at any time. We will cease the activity to which you had previously consented unless, in our opinion, there is an alternative reason which justifies our continuing to process your data for that purpose. Should this be the case, we will inform you.

Data Subject Access Request (DSAR): You may request confirmation from us at any time with regards to what information we hold about you and ask us to amend, update or delete such information. We may ask you to confirm your identity or ask you for more information about your request. If we provide you with access to the information we hold about you, we will not charge for this unless your request is ‘manifestly unfounded or excessive’. If you request further copies of this information from us, we may charge you reasonable administration costs where permitted by law. We may refuse your request where permitted by law. If we refuse your request, we will give reasons for this in each case.

Right to erasure: In certain circumstances, you may request that we delete your personal data. In general, the information must meet one of the following criteria:

The data is no longer needed for the purpose for which we originally collected and/or processed it;
You have withdrawn your previously given consent for us to process your data and there is no other valid reason to continue the processing;
The data has been processed unlawfully (i.e. in a way that is in breach of the GDPR);
The data must be deleted in order for us to comply with our obligations as data controller; or
You object to the processing and we cannot demonstrate overriding legitimate grounds for us to continue processing in the event that we process the data because we consider it necessary for our legitimate interests.

We may only refuse your request for one of the following reasons:

To exercise the right to freedom of expression and information;
To comply with legal obligations, to perform a task in the public interest or to exercise official authority;
If this is in the public interest for reasons of public health;
For archiving, research and statistical purposes; or
To exercise or defend a legal right.
If we comply with a valid request to delete data, we will delete the data in question.

Right to restrict processing: In certain circumstances, you may request that we restrict the processing of your personal data. This means that we will only store your data in the future and cannot carry out any further processing activities until: (i) one of the conditions listed below has been removed, (ii) you give your consent, or (iii) further processing is necessary to assert, exercise or defend legal claims, to protect the rights of other persons or if it is necessary due to legitimate public interest of the EU or a member state.

In the following circumstances, you may request that we restrict the processing of your personal data:

If you dispute the accuracy of the personal data we process about you. In this case, our processing of your personal data will be restricted until the accuracy of the data has been verified.
If you object to us processing your personal data in terms of our legitimate interests. In this case, you may request that the data be restricted while we review our reasons for processing your personal data.
If our processing of your data is unlawful but you would prefer to restrict our processing rather than have the data deleted.
If there is no longer a need for us to process your personal data, but you need the data to assert, exercise or defend legal claims.

If we have passed your personal data to third parties, we will inform them about the restricted processing, provided that this is possible and does not require a disproportionate effort. We will of course inform you before we lift any restrictions on the processing of your personal data.

Right to rectification: You may also request that we correct any inaccurate or incomplete personal data we hold about you. If we have passed this personal data to third parties, we will inform them about the rectification, provided that this is possible and does not require a disproportionate effort. Where appropriate, we will inform you of the third parties to whom we have disclosed the inaccurate or incomplete personal data. If we consider it inappropriate to comply with your request, we will explain the reasons for this decision.

Right to complain to a supervisory authority: You have the right to lodge a complaint with the competent local supervisory authority.

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit [The Hessian Commissioner for Data Protection and Freedom of Information]
Postfach 3163
65021 Wiesbaden

Phone: +49 611 1408 – 0

Fax: +49 611 1408 – 900 / 901

If you wish to exercise any of these rights or withdraw your consent to the processing of your personal data, please contact us at .

You can unsubscribe from notifications of vacancies or our other promotional communications at any time.

It is important that the personal data we hold about you is accurate and up to date. Please inform us if your personal data changes during the period in which we store data.

GLOSSARY

Candidates:This term describes applicants for all positions advertised or promoted by ARTES or persons whom ARTES reasonably considers to be interested in positions, including permanent, temporary and part-time positions as well as persons who have submitted a speculative application to ARTES without applying for a specific position. Individual contractors, freelancers or other third parties are also considered candidates for the purposes of this privacy policy.
Clients:This category, as the term suggests, includes our customers, clients and other parties to whom ARTES provides services in the course of its business activities or whom ARTES reasonably considers to be persons who may be interested in our services.
Delete:In this day and age, it is nearly impossible to ensure the permanent and irretrievable deletion of electronic data. In addition, as set forth in this privacy policy, we are required by law or regulation, or for risk management reasons, to maintain the ability to access certain elements of personal data. However, we commit to you that at the end of the nominal retention period of your personal data, or when we are reasonably requested by you to delete it, we will implement specific operational and system measures to ensure that your data is rendered unusable. This means that while the data technically still exists in an archive system, we ensure that neither our operating systems, processes, nor employees can easily access it. Only an extremely (i.e. extraordinarily) small number of senior staff will, in extremely (i.e. again, extraordinarily) limited and carefully defined situations, be able to recover your personal data so that it can be accessed for such lawful purposes. Once we are satisfied that all relevant legal retention periods have expired (which we currently anticipate will be after a period of seven years), we will proceed to the next and final step and carry out a so-called ‘hard’, i.e. final, deletion, after which even this extremely small number of senior staff will not be able to recover your personal data.
General Data Protection Regulation (GDPR):A legal regulation of the European Union harmonising European data protection law. This came into force on 25 May 2018 and any references to it should be interpreted to take account of related national data protection laws.
Potential candidates:Persons with whom ARTES has not previously had contact, but whom ARTES reasonably considers to be interested in its services and, in particular, to be applicants for positions advertised or promoted by ARTES, including permanent, temporary and part-time positions.
Employees:This term describes current and former staff members and interns who are directly involved (or who have accepted an offer to be involved) in the business of ARTES, as well as certain other workers who are or have been involved in the business by providing services to ARTES (even if they are not classified as staff members).
Systems:This term describes telephone, computer, internet and WiFi systems, software and portals, accounts and/or networks owned, managed or used by ARTES to transmit, create and/or receive communications or otherwise used in the course of ARTES’ business, including candidate portal software and CRM systems.

Notice: In order to simplify the flow of reading, we have deliberately chosen specific terms such as ‘employment’, ‘employer’, ‘job’, etc. and have refrained from mentioning the equivalent for project assignments of our specialists at the same time.

Exklusive Einblicke und bewährte Strategien direkt in Ihr Postfach

Sichern Sie sich Ihren Wissensvorsprung zum Thema Mitarbeiter-Motivation, Kultur und Employer Branding

Exklusive Einblicke und bewährte Strategien
direkt in Ihr Postfach

Sichern Sie sich Ihren Wissensvorsprung zum Thema
Mitarbeiter-Motivation, Kultur und Employer Branding