Traitement des données (personnelles) par l’entité en charge du processus de candidature en ligne
Privacy Policy
The protection and confidentiality of your personal data is of particular importance for us. In order to ensure the protection of your personal data, we have taken technical and organizational measures to comply with the data protection regulations. With this data privacy policy, we inform about how we collect personal data as part of your application process and for what purpose the data is processed. Your data will be processed in accordance with this Privacy Policy and the applicable data protection laws.This privacy policy applies to the career portal and the applicant management system of Penta Hotels Worldwide GmbH
This Privacy Statement also applies to the following companies:
- pentahotels Russia
- pentahotels Deutschland
- pentahotels Belgium
- pentahotels Česká republika
- pentahotels UK
- pentahotels France
Name and contact details of the controller
The controler in accordance with Art. 4 No. 7 of the General Data Protection Regulation (hereinafter referred to as the GDPR) is:Penta Hotels Worldwide GmbH
Penta Hotels Worldwide GmbH
Mayfarthstraße 15-19
60314 Frankfurt am Main
Data protection officer
Penta Hotels Worldwide GmbHDatenschutzbeauftragter
Mayfarthstraße 15-19
60314 Frankfurt am Main
Germany
E-Mail: datenschutzbeauftragter@pentahotels.com
Data processor
For the efficient execution of application procedures, we use an applicant management system of softgarden e-Recruiting GmbH, Tauentzienstr.14, 10789 Berlin (contact: datenschutz@softgarden.de), which operates the applicant management as a processor in accordance with Art. 4 No. 8 GDPR. A contract for order processing in accordance with Article 28 GDPR has been concluded with the supplier, which ensures compliance with data protection regulations.We remain your first point of contact for the exercise of your affected rights as well as for the processing of the application process. You can contact us directly or, if specified, confidentially to the Data Protection Officer under the above-mentioned information of the controller.
Object of data protection
The object of data protection is the processing of personal data, in this case within the framework of applicant management. This includes, under Article 4 No. 1 GDPR, all information relating to an identified or identifiable natural person (“data subject”) which is necessary for the conduct of the application process and the initiation of an employment relationship, Section 26 of the German Data Protection Act or applicable national law.In addition, in the context of the use of applicant management, data related to the use, so-called usage data, are also collected. Usage data is such data that is necessary to operate our websites, such as information about the start, end and extent of use of our website, such as login data. These processing operations are in accordance with data protection and telemedia law.
In the context of the application process and/or the use of the system, processing activities may also take place, which take place either on the basis of justified interest in accordance with Art. 6 (1) lit. f) GDPR or on the basis of your consent in accordance with Art. 6 (1) lit. a) GDPR. Also eligible are processing activities which involve a legal obligation to process or a public interest, Article 6 (1) lit.c) and (e) GDPR, such as in the context of law enforcement or the investigation of public authorities. You can determine and control the scope of the processing yourself by means of individual settings in your web browser, the configuration of the corresponding cookie settings and their user behaviour.
Collection and use of your data
Visit to the website
For operational and maintenance purposes and in accordance with the provisions of telemedia law, interactions ("system logs") that are necessary for the operation of the Website or processed for system security purposes are recorded for example to analyse attack patterns or unlawful usage behaviour ("evidence function").Your Internet browser automatically transmits the following data as part of your access to the career portal:
- date and time of access,
- browser type and version,
- operating system used,
- Quantity of data sent.
- IP address of access
Session-Cookies
We store so-called "cookies" in order to offer you a comprehensive range of functions and to make the use of our websites more convenient. "Cookies" are small files that are stored on your computer with the help of your internet browser. If you do not wish to use "cookies", you can prevent the storage of "cookies" on your computer by adjusting the settings of your internet browser. Please note that the functionality and functionality of our offer may be limited as a result.We use the cookie JSESSIONID on the career page as a technically necessary session cookie. This saves a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. This session cookie is deleted when you log out or close the browser.
Data entered by the user
Application process
As part of the application process, you can set up and manage an account in the career portal after configuring your username and password. In addition to the individual application, you can use other options in the softgarden applicant management system and make your individual settings (e.g. admission to a talent pool).For the efficient and promising application, you can provide us with the following information as part of your application:
- Contact details (address, telephone number)
- CV data. B.
- school education
- vocational training
- professional experience
- language skills
- Social profiles (e.g. XING, LinkedIn, Facebook)
- Documents related to applications (application photos, cover letters, certificates, work certificates, work samples, etc.)
Disclosure of data
Your data will not be passed on to unauthorized third parties as part of the applicant management and will be processed for the purposes specified in this data privacy policy. Thus, the inspection by internal authorities and experts of the controller is in the legitimate interest, insofar as the knowledge of the information from the application process is necessary and permissible for the selection of candidates or internal administrative purposes of the company. For this purpose, your information can be forwarded to third parties in the company by e-mail or within the management system. The legal basis may be Section 26 (1) of the German Social Protection Act (BDSG)/th applicable national law, Art. 6 (1) lit. f) and (a) GDPR.The transfer to third parties also takes place in the context of order processing in accordance with Article 28 GDPR, i.e. in the context of processing activities in which the controller has a legitimate interest in outsourcing processing activities which he is otherwise entitled to carry out himself. To this end, the controller shall take the measures to ensure compliance with data protection regulations.
Disclosure to external third parties may also be made in the defence of legal claims based on legitimate interest or in the context of the investigation of or disclosure to public authorities, insofar as a law requires this or there is an obligation to disclose. The information obligations to data subjects in the terms of Art. 13, 14 GDPR are guaranteed in advance of the relevant disclosure, insofar as these are to be fulfilled separately.
CV-Parsing with Textkernel
We process and analyze documents uploaded by you using AI in order to extract CV data and convert them into a structured form (so-called "CV-Parsing").In order to ensure affected parties' rights and security standards, a contract for order processing has been concluded with the providing service provider. Processor is the ISO27001-certified provider Textkernel B.V. Nieuwendammerkade 26 A 5, (1022AB) Amsterdam, The Netherlands. The data processing takes place on a server in Germany in a secure environment.
The legal basis for processing is Section 26 (1) of the German Data Protection Act (BDSG) (or applicable national law) and Article 6 (1) lit. f) GDPR in order to initiate an employment relationship and to make the application process efficient for you. Personal data will not be transferred to unsafe third countries. Your data is routinely deleted from the cache once a week.
Feedback Module
In addition to your application, we can ask you to provide your feedback after an interview and 3 months after your appointment. We will send you an invitation link that will guide you into the rating system to provide feedback. The purpose of the processing is the further development and optimization of our recruiting and application processes as well as the company image.For this purpose, the following data is processed automatically:
- Contact details (name, e-mail)
- Position title of the job you applied for
- Location of the position
- Jobkategorie
- Applicant ID
Participation is purely voluntary and only with your consent, without which the feedback is not possible. The legal basis is Art. 6 (1) lit. a) GDPR.
Job subscription "Job-Abo"
In order to be informed about new job vacancies, you can subscribe to the job newsletter or have suitable jobs displayed on our career board (RSS feed). You can define the subscription by specifying the desired activity and the location.Your e-mail address is also required for the subscription. The legal basis for this is your consent to the receipt of the newsletter in accordance with Art. 6 (1) lit. a GDPR. You can revoke your consent to receive the newsletter at any time via the unsubscribe link in the newsletter(Opt-Out).
The RSS feed itself does not process any personal data for information on new job advertisements.
Referral Manager
Through the Referral Manager tool, recruiters and employees have the opportunity to share vacancies in our company on social networks or by email to acquaintances and friends in order to reach potential applicants or make direct recommendations.If you decide to apply for a position directly or indirectly, your personal information will be processed in accordance with a regular application process. Your data is regularly displayed to responsible users and processed in applicant management. However, before submitting your application, you will be given the opportunity to view your application anonymously in the Referral Manager. The recommender can therefore only understand that a person has applied for a recommendation. Otherwise, the name, job and application photo can also be viewed by the recommended person in the Referral Manager.
The legal basis for the processing of your data for the purposes of recommendation and application is Art. 6 (1) lit. a) and f) GDPR as well as Section 26 (1) BDSG or the applicable national law. The data will be processed and deleted in the same way as the regular application procedure.
Salary Statistics
softgarden will give you the opportunity to provide feedback on your salary expectations and salaries offered to you in various steps of the application process.The information transmitted will be anonymised and processed without linking to your name and contact details. softgarden processes this data anonymously for its own purposes (statistics, analysis, studies) and is responsible for this processing in the form of Art. 4 No. 7 GDPR.
The processing takes place only with your consent by participation and on a purely voluntary basis. The legal basis is Art. 6 (1) lit. a) GDPR.
Social Share Buttons
It is possible to share the job ads on different social networks. Different buttons are offered per network. After clicking on one of these buttons, you will be directed to the respective networks and will be taken to their login pages. These buttons do not represent plug-ins and do not transmit personal data directly to the operators of the social networks.Currently, job ads can be shared on the following social networks:
- Facebook ( https://de-de.facebook.com/privacy/explanation )
- Twitter ( https://twitter.com/de/privacy )
- LinkedIn ( https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-join-privacy-policy )
- Xing ( https://privacy.xing.com/de/datenschutzerklaerung )
You can also find out how the aforementioned social networks process your personal data by using the links provided. We have no influence on the processing of your personal data by the social networks.
Online Surveys "easyfeedback"
At the end of the application process, softgarden can send you an invitation to a survey via a link. The survey takes place via a service of easyfeedback GmbH in order to check the application experience. softgarden conducts this survey as controller, Article 4 No. 7 GDPR and processes the collected data anonymously for its own purposes (statistics, analysis, studies) as well as for the further development of softgarden products.The collection of the survey data is secured by default via the SSL encryption method and softgarden does not establish a personal reference within the scope of processing. The survey can be cancelled at any time. The data processed up to the time of termination can be used for these purposes.
Your participation in the survey is purely voluntary and you agree to participate, without which your participation is not possible, Art. 6 (1) lit. a) GDPR. The processing of the data is carried out anonymously. Anonymised data is not subsequently subject to the substantive scope of the GDPR.
Further information on the data protection of easyfeedback can be found in the following notes: https://easy-feedback.de/privacy/datenschutzerklaerung.
Talentpool
As part of your application or via the "Stay in touch" button, you have the opportunity to recommend yourself for our talent pool. Processing is necessary in order to be automatically considered for further vacancies, i.e. for similar or otherwise suitable positions.When you register for the talent pool using the Get In Contact button, the following information is queried:
- Salutation, academic title (optional)
- First, last name, e-mail address
- Job fields in interest
- Current career level
- Preferred location(s)
- XING profile or CV
Scheduling "Cronofy"
We use an integrated service of Cronofy Limited, 9a Beck Street, Nottingham, NG1 1EQ, UK for scheduling and invitation.If we invite you to a conversation via this function, you will receive an appointment invitation created via Cronofy via e-mail. This will send your e-mail address as well as the title of the appointment, a description and a location where the appointment will take place. In addition, no other personal data will be transferred from you to Cronofy.
The legal basis for processing is Art. 6 (1) lit. f GDPR in order to integrate scheduling into our applicant management system as well as to plan and manage job interviews and other appointments more efficiently.
Data processing takes place encrypted in an isolated environment on a server in Germany. Adequate security standards for data processing have been agreed with the provider and proven by the provider. Further information can also be found at the following link: Scheduling Platform for Business | Cronofy the scheduling experts
If you do not wish to receive any data processing by Cronofy or any further information, please provide this in advance of the appointment coordination.
Deletion and use of data
Your data will be stored for the duration of the application process and in accordance with legitimate retention periods after completion of the application process. In case of a cancellation, the data will be kept for 6 months. After the retention period has expired, the data is completely anonymized. The processing of anonymized data records is not subject to the material scope of data protection regulations, so that anonymized data may be processed for statistical and analytical purposes, for the preparation of market studies or for product development.Your rights as a data subject
Rights of data subjects
Data subjects are entitled at any time to know whether their personal data have been stored and can assert a right of access to stored data (right of access), check their accuracy (right to rectification), request their addition and updating, request their deletion (right to be forgotten), request the restriction of processing (right to restriction) as well as have the data ported/ported in a common, machine-readable format (data portability). These rights shall apply insofar as there are no compelling and/or justified reasons on the part of the controller. Please contact datenschutzbeauftragter@pentahotels.com or by post at the address above.In cases where we process data on the basis of your consent (Art. 6 sec. 1 lit. a) GDPR), you have the right at any time to revoke your consent without giving reasons and with effect for the future. The corresponding data processing will no longer take place in the future, but does not affect the legality of the processing carried out up to the time of revocation. In addition, you have the right to object to processing, for example if the data are or have been processed incorrectly, or if other reasons in the interest of the data subject preclude (further) processing. Affected parties also have the right to complain to the data controller.
Please note that in the event of an objection and/or revocation, certain services/processing activities cannot be performed or can be used, insofar as the processing is necessary for these purposes.
Automated decision-making
Automated decision-making does not take place. Should this be or become necessary, we will obtain a transparent consent in advance of processing.Changes to this Privacy Policy
We reserve the right to change or supplement this data protection declaration at any time with regard to the constantly changing legal, technical and organisational requirements of the processing of personal data. This also applies to possible translation errors and differences with regard to national requirements of data protection law.Version
Document ID: D404enValid from: 15.09.2023
Rev. 3.2