Our privacy notices
Privacy Notice for the visit of this website
Contents
1 General information
1.1 Contact details of the controller
1.2 Data protection contacts
1.3 Purposes of the processing
1 General information
1.1 Contact details of the controller
1.2 Data protection contacts
1.3 Purposes of the processing
1.4 Legal bases of the processing
1.5 Transfer of data to third parties
1.6 Security
1.7 Your rights as a data subject
2 Data collection when visiting the website
2.1 Cookies
2.1.1 General information on cookies
2.1.2 Legal basis for the use of cookies
2.1.3 Cookie banner
2.2 Social media
2.2.1 Social media channels
2.2.2 Plugin: Vimeo
2.3 Web analysis - Google Analytics
2.4 Other services
2.4.1 Google Tag Manager
2.4.2 Adobe TypeKit
2.5 Revocation of consent under data protection law
2.6 Complaints to a supervisory authority
3 Duration of the storage of personal data
4 Up-to-dateness and amendment of the privacy policy
1. General information
This privacy policy provides you as a "data subject" with an overview of the processing of your personal data on the website www.beeline-group.com (hereinafter referred to as the "website") by beeline GmbH (hereinafter referred to as "we" or "us" or "beeline") and your rights under data protection laws. We are responsible for the processing of personal data on this website, unless otherwise stated in this data protection information.
Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This typically includes the name, e-mail address or telephone number. However, purely technical data that can be assigned to a person is also considered personal data.
1.1 Contact details of the data controller
beeline GmbH
Grünstraße 1 , 51063 Cologne, Germany
Phone: +49 221 96275 0
E-mail: info@beeline-group.com
1.2 Data protection contacts
We have an internal global data protection coordination.
You can reach them at DataProtectionOffice@beeline-group.com.
We have also appointed an external data protection officer for the German companies. You can reach him at datenschutz.beeline@two-towers.eu or by post at
Two Towers Consulting GmbH & Co. KG
Hohenzollernring 51, 50672 Cologne, Germany.
1.3 Purpose of data processing
We collect, process and use your personal data for the following purposes:
· Provision and optimization of our website and media content on this website
· Prevention of fraud and cyber attacks and troubleshooting
· Processing your request when contacting us and, if necessary, executing a contract
1.4 Legal bases of the data processing
Art. 6 para. 1 lit. a GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose.
If the processing of personal data is necessary for the performance of a contract to which you are a party, the processing is based on Art. 6 para. 1 lit. b GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.
If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 para. 1 lit. c GDPR.
Ultimately, processing operations could be based on Art. 6 para. 1 lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the aforementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
1.5 Transmission of data to third parties
Your personal data will not be transferred to third parties for purposes other than those listed below.
We only pass on your personal data to third parties if:
1. you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
2. the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is permissible to safeguard our legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
3. in the event that there is a legal obligation for disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, and
4. this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.
Data is not transferred to third countries that do not have an adequate level of data protection, unless otherwise stated under the services described below.
1.6 Security
This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as contact requests that you send to us as the operator. You can recognize an encrypted connection by the "https://" instead of "http://" in the address line of the browser and by the lock symbol in your browser line.
We use this technology to protect your transmitted data.
Furthermore, we at beeline have taken extensive technical and organizational measures to protect your data and to comply with the relevant data protection principles (e.g. purpose limitation and data minimization). We also oblige our service providers to take technical and organizational measures for data security within the framework of contractual agreements.
1.7 Your rights as a data subject
a) You have the right to request confirmation from us as to whether personal data concerning you is being processed.
b) Art. 15 GDPR: You have the right to receive free information from us at any time about the personal data stored about you and a copy of this data in accordance with the statutory provisions.
c) Art. 16 GDPR: You have the right to request the rectification of inaccurate personal data concerning you. You also have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.
d) Art. 17 GDPR: You have the right to obtain from us the erasure of personal data concerning you without undue delay where one of the grounds provided for by law applies and insofar as the processing or storage is not necessary.
e) Art. 18 GDPR: You have the right to demand that we restrict processing if one of the legal requirements is met.
f) Art. 20 GDPR: You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. You also have the right to request that we transmit the data directly to another controller.
g) Art. 21 GDPR: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6(1)(e) (data processing in the public interest) or (f) (data processing on the basis of a balancing of interests) GDPR.
h) If you have given your consent to the processing of your personal data, you can revoke this at any time.
Please send all requests for information, requests for information or objections to data processing to dataprotectionoffice@beeline-group.com.
2. Data collection when visiting this website
If you only use our website for information purposes, i.e. if you do not transmit information to us in any other way, we only collect the data that your browser transmits to our server (in so-called "server log files"). Our website collects a range of general data and information each time you or an automated system accesses a page. This general data and information is stored in the server log files. The following can be recorded
1. browser types and versions used,
2. the operating system used by the accessing system,
3. the website from which an accessing system reaches our website (so-called referrer),
4. the sub-websites which are accessed via an accessing system on our website,
5. the date and time of access to the website,
6. an Internet Protocol address (IP address),
7. the Internet service provider of the accessing system.
When using this general data and information, we do not draw any conclusions about your person. Rather, this information is required in order to
1. to deliver the content of our website correctly,
2. to optimize the content of our website,
3. to ensure the permanent functionality of our IT systems and the technology of our website, and
4. to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber-attack.
This collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The data of the server log files are stored separately from all personal data provided by a data subject.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above.
2.1 Cookies
2.1.1 General information about cookies
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your IT system (laptop, tablet, smartphone, etc.) when you visit our website.
Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity.
On the one hand, the use of cookies serves to make the use of our website more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website. These cookies enable us to automatically recognize that you have already visited our site when you return. These cookies are automatically deleted after a defined period of time.
To deactivate the use of cookies on your IT system, you can set your Internet browser so that cookies can no longer be stored on your IT system in the future or cookies that have already been stored are deleted. This is possible in all common browsers. You can configure your browser settings according to your wishes and, for example, refuse to accept certain cookies. You can also deactivate the use of cookies by third-party providers such as Facebook on the following Digital Advertising Alliance website: https://www.aboutads.info/choices/
You can also prevent the storage and transmission of personal data by deactivating Java Script in your web browser or installing a Java Script blocker (e.g. https://noscript.net or https://www.ghostery.com).
We would like to point out that these measures may mean that not all functions of our website are available.
2.1.2 Legal basis for the use of cookies
The data processed by cookies, which are required for the proper functioning of the website, are therefore necessary to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. This concerns cookies that are technically necessary to establish the connection on the one hand and cookies that are absolutely necessary for the content service you have expressly requested, i.e. the operation of the website, on the other.
For all other cookies, you may have given your consent to this via our opt-in cookie banner within the meaning of Art. 6 para. 1 lit. a GDPR.
You also have the right and the option to withdraw your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions, which we describe below for the respective service providers. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser, see above.
2.1.3 Cookie banner
We use the consent management service Cookiebot from Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark (Usercentrics). This enables us to obtain and manage the consent of the users of our website for data processing. The processing is necessary for compliance with a legal obligation (Art. 7 para. 1 GDPR) to which we are subject (Art. 6 para. 1 sentence 1 lit. c GDPR).
The following data is processed with the help of cookies:
- Your IP address (the last three digits are set to '0').
- Date and time of consent.
- Browser information URL from which the consent was sent.
- An anonymous, random and encrypted key for the consent status of the end user, as proof of consent
The key and consent status are stored in the browser for 12 months using the "CookieConsent" cookie. This means that your cookie preference is retained for subsequent page requests. With the help of the key, your consent can be verified and tracked.
Usercentrics is the recipient of your personal data and acts for us as processor .
The processing takes place in the European Union. Further information on objection and removal options vis-à-vis Usercentrics can be found at: https://www.cookiebot.com/de/privacy-policy/
Your personal data will be deleted on an ongoing basis after 12 months or immediately after termination of the contract between us and Usercentrics.
Please refer to our general information on deleting and deactivating cookies above.
2.2 Social media
2.2.1 Forwarding to social media channels
On our website you will find links to the social media services of YouTube, LinkedIn and Instagram. You can recognize links to the websites of the social media services by the respective company logo. If you follow these links, you will reach beeline's corporate presence on the respective social media service.
When you click on a link to a social media service, a connection is established to the servers of the social media service. This tells the servers of the social media service that you have visited our website. In addition, further data is transmitted to the provider of the social media service. These are, for example
· Address of the website on which the activated link is located
· Date and time the website was accessed or the link was activated
· Information about the browser and operating system used
· IP address
If you are already logged in to the relevant social media service when you activate the link, the provider of the social media service may be able to determine your user name and possibly even your real name from the transmitted data and assign this information to your personal user account with the social media service. You can exclude this possibility of assignment to your personal user account if you log out of your user account beforehand.
Some of the servers of the social media services are located in the USA and other countries outside the European Union. The data may therefore also be processed by the provider of the social media service in countries outside the European Union. Please note that companies in these countries are subject to data protection laws that do not generally protect personal data to the same extent as is the case in the member states of the European Union.
Please note that we have no influence on the scope, type and purpose of data processing by the provider of the social media service. You can find more information on the use of your data by the social media services integrated on our website in the privacy policy of the respective social media service.
2.2.2 Plugin: Vimeo
We have integrated a plug-in from Vimeo on this website. Vimeo is an Internet video portal that allows you to post and view video clips free of charge. We use Vimeo to show you interesting video material directly on our website and to make it easier for you to access our content in this way. Our use of Vimeo is based on your express consent in accordance with Art. 6 para. 1 lit. a GDPR.
The operating company of Vimeo is Vimeo.com, Inc, 330 West 34th Street, 5th Floor, New York, New York 10001, USA.
When you access a page on our website in which a Vimeo video is embedded, your browser connects to the Vimeo servers and data is transferred to the Vimeo servers. Regardless of whether you have a Vimeo account or not, Vimeo collects, processes and stores data about you, including your IP address, technical information about your browser, operating system or device, the website from which you view the Vimeo video and other data about the use of this website, such as session duration or bounce rate. In most cases, Vimeo collects and processes further data about you if you are registered there yourself and are logged in to Vimeo at the same time as visiting our website. This data is linked by Vimeo to your Vimeo account.
If you are logged in to Vimeo at the same time, Vimeo recognizes which specific subpage of our website you are visiting when you access a subpage that contains a Vimeo plugin. This information is collected by Vimeo and assigned to your Vimeo account.
If you do not want this information to be transmitted to Vimeo, you can prevent it from being transmitted by logging out of your Vimeo account before accessing our website.
For more information on the processing of personal data by Vimeo, please see Vimeo's privacy policy below: https://vimeo.com/privacy.
2.3 Web analysis - Google Analytics
On our websites, we use Google Analytics Version 4 (GA4), a web analytics service provided by Google Ireland Limited (https://www.google.de/intl/de/about/) (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter "Google") to regularly check the functionality and popularity of the website. Google Analytics collects data on your behavior on our website (data traffic analysis). In this context, cookies (see "Cookies") are used and we create aggregated usage profiles (e.g. on behavior and time spent on our website, or what is happening on the website at that moment).
beeline does not currently use all of the possible functions of Google Analytics, e.g. there is no target group analysis, no conversion tracking and no cross-platform analysis.
The listed processing operations are only carried out if express consent is given in accordance with Art. 6 para. 1 lit. a GDPR. Only then will the Google Analytics cookie be activated and the data processing processes described above initiated.
The information generated by the cookie about your use of this website, such as session duration, bounce rate, technical information, including your browser type or screen resolution, location and source of origin, is transmitted to a Google server in the USA and stored there. (This list is not exhaustive and serves only as a general guide to data storage by Google Analytics).
We have set the shortest storage period for Google Analytics, namely 2 months. Analysis report results are based on aggregated data without personal reference and are also stored for longer regardless of user data.
Data may be transferred to third parties if this is required by law or if third parties process this data on our behalf. According to Google, under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking).
Google has servers all over the world. You can check where here: https://www.google.com/about/datacenters/locations/? hl=en. Google is a participant in the EU-US Data Privacy Framework, which regulates the proper and secure transfer of data from EU citizens to the USA. In addition, Google uses standard contractual clauses, i.e. templates for data protection contracts provided by the EU Commission, which are intended to ensure European data protection standards.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website, see also "Cookies" above.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on the following link: Deactivate Google Analytics. An opt-out cookie will be set to prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found in the Google Analytics help section (https://support.google.com/analytics/answer/6004245?hl=de).
2.4 Other services
2.4.1 Google Tag Manager
This website uses Google Tag Manager, a cookie-free domain that - apart from IP addresses - does not store any personal data.
The Google Tag Manager is a tool for websites to load additional tools; it therefore acts as a central "manager" of other tools. This is done with the help of so-called tags. A tag is nothing more than program logic, i.e. a snippet of code that ensures that something happens. This is used to load tools that require consent, such as Google Analytics, from the Tag Manager. With the help of the tags, loading is possible depending on conditions. For example, you can define that the Google Tag Manager only loads a tool after 10 seconds.
The Google Tag Manager processes IP addresses and transmits them to Google (see explanations above under Google Analytics).
The tool also triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If you have deactivated at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
T hese processing operations are only carried out if express consent is given in accordance with Art. 6 para. 1 lit. a GDPR.
2.4.2 Adobe TypeKit
Our website uses so-called web fonts provided by Adobe Systems Software Ireland, Limited 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Adobe's servers. This gives Adobe knowledge that our website has been accessed via your IP address. The use of Adobe Typekit Web Fonts is in the interest of a uniform and appealing presentation of our website.
These processing operations are only carried out if express consent is given in accordance with Art. 6 para. 1 lit. a GDPR.
Further information on Adobe Typekit Web Fonts can be found at https://fonts.adobe.com/home and in Adobe's privacy policy: https://www.adobe.com/de/privacy/policies/adobe-fonts.html.
2.5 Revocation of consent under data protection law
You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.
In this privacy policy, we have listed revocation options for the individual services to which you have consented.
You can also call up the cookie banner again here and change your settings.
2.6 Complaint to a supervisory authority
You have the right to complain to a supervisory authority responsible for data protection about our processing of personal data.
3. Duration of storage of personal data
The criterion for the duration of the storage of personal data, especially in connection with the performance of contracts, is the respective statutory retention period. Otherwise, the individual storage periods specified in the individual subsections apply.
After expiry of the respective period, the corresponding data is routinely deleted, provided that it is no longer required for contract fulfillment or contract initiation or other purposes.
Furthermore, your data will be deleted if you withdraw your consent to the processing or object to the processing, provided that this does not conflict with any statutory retention periods.
4. Up-to-dateness and amendment of the privacy policy
This privacy policy is currently valid and is dated December 2023.
It may become necessary to amend this privacy policy as a result of the further development of our website and services or due to changes in legal or official requirements. You can access and print out the current privacy policy at any time on the website at "https://www.beeline-group.com/de/datenschutz/".
Privacy Notice of beeline GmbH for applicants
Contents
1 General information
2 Who is responsible for the processing of your personal data?
3 For what purpose do we process your personal data?
4 What personal data do we process?
5 On what legal basis do we process your personal data?
6 To whom do we transfer your personal data?
7 How long do we store your personal data?
8 Your rights as a data subject
8 Concluding provisions
1. General information
We respect your privacy and are committed to protecting your data. In particular, we would like to inform you with this privacy policy about the purposes for which we process the personal data you provide with your application documents, how this data is collected and processed and to what extent it is passed on to third parties. We also explain what rights you have in relation to this data and provide you with useful contact details if you have any questions or concerns.
You can apply for vacancies or send us an unsolicited application in two ways:
1) By e-mail to our recruitment team.
The exact address of your contact person from our recruitment team can be found in the respective job advertisement.
2) Via our career portal on the website https://career5.successfactors.eu/careers, (hereinafter referred to as "career portal") is provided by beeline GmbH (hereinafter referred to as "we", "our" or "us").
In the case of telephone applications, applicants are requested to use one of the methods described above.
2. Who is responsible for the processing of your personal data?
Your information provided by e-mail or in the career portal is initially received and processed by beeline GmbH, Grünstraße 1, 51063 Cologne, irrespective of which beeline company has published the job advertisement. This is where the central recruitment team works for all affiliated companies worldwide.
beeline GmbH is jointly responsible for data processing with the specific beeline company (see attachment) for whose position you have applied, whereby the tasks are distributed as follows:
beeline GmbH
- Participation in the recruitment strategy and objectives of the beeline companies
- Receipt and storage of applications in SuccessFactors
- Pre-selection and, if necessary, forwarding of applications to responsible persons
- Selection, operation and maintenance of the career portal and, if applicable, other tools, including the conclusion of corresponding (order processing) contracts, also for the beeline companies
- Fulfillment of information obligations
- Implementation of the extinguishing concept
beeline group
- Processing of forwarded applications in accordance with the respective requirements
- Fulfillment of information obligations
- Conducting job interviews
- Decision on hiring/rejection
- In the event of recruitment: forwarding the data to the HR department
Both
- Determination of the purpose of data processing
- Determination of the categories of personal data
- Guaranteeing the rights of data subjects
- Documentation and implementation of technical and organizational measures (TOM)
- Risk assessment and (if necessary) implementation of data protection impact assessments (DPIA), as well as coordination with the supervisory authorities,
- Documentation of the record of processing activities
- Assessment and communication in the event of data breaches.
3. For what purpose do we process your personal data?
The purpose of data processing in recruiting is to fill vacancies at all responsible parties through coordinated application management.
The personal data that you provide in the career portal or otherwise during an application process will generally only be processed for the purpose of assessing your suitability, expertise and profile in relation to the job advertisement in question or - in the case of unsolicited applications or talent pool eligibility - in relation to unspecified and/or future job advertisements and to involve you in application procedures, including e.g. job interviews.
If an application procedure leads to recruitment, the company responsible will process your data for the purpose of drawing up the contract and include it in your personnel file.
If you have consented to this, we will use your e-mail address to inform you about new vacancies or news about career opportunities. We also use your contact details to invite you to take part in a voluntary, anonymous online experience survey once your application process is complete, with the aim of understanding areas for improvement in the application process and enhancing the quality of the experience for future applicants.
Your application as a process (but not your documents) is also included anonymously in statistics and evaluations that enable us to determine the use of the portal, the popularity of job descriptions, etc.
4. What personal data do we process?
If you choose the route via our career profile, it is necessary to provide at least your first and last name, your e-mail address and your country of residence in order to create an applicant profile. You can also voluntarily provide further job-related information to complete your applicant profile in the career portal.
Regardless of whether you apply via the career portal or by other means: To enable us to involve you in application procedures, you will need to submit standard and informative application documents to tell us about your personality profile and qualifications. This regularly includes your contact details as well as, for example, information about yourself, your skills and your career in your cover letter, CV, references and in job interviews.
In the course of the application process, further personal data may be collected from you personally, from generally accessible sources or from former employers and trainers for information purposes.
If necessary, your information from the application process may also contain so-called special categories of personal data within the meaning of Art. 9 GDPR, such as information about your health, marital status, which may provide information about your sex life or sexual orientation, or your ethnic background. We would ask you to only transmit such data if it is absolutely necessary.
We also use your e-mail address to inform you about new vacancies or news about career opportunities if and as long as you have activated the corresponding notification functions in the career portal and thus consented to receiving them.
We also use your name and e-mail address to invite you to take part in a one-off voluntary and anonymously processed online experience survey following your application.
5. On what legal basis do we process your personal data?
In principle, the processing of your application data is necessary in order to be able to decide on the establishment of an employment relationship. The legal basis for this is Art. 6 para. 1 lit. b) GDPR.
The processing of your personal data as part of the application via the application portal is based on Art. 6 (1) lit. a GDPR. This legal basis enables the processing of personal data if the data subject has given their consent to the processing of their personal data for one or more specific purposes.
As part of the application via the application portal, you will be asked to submit a corresponding declaration of consent that you agree to the processing of your personal data in accordance with the descriptions in this privacy policy.
You can revoke your declaration of consent at any time with effect for the future. However, further processing of your application is no longer possible in this case.
If you activate the application modes Consideration for all open positions worldwide or Consideration for all open positions worldwide by selection, we assume that you thereby consent to the transfer of your personal data to other companies of the beeline Group, including those in third countries. You can deactivate these application modes at any time.
If you have activated the job notification or career news functions, we assume that you consent to the sending of job notifications or news about career opportunities to the e-mail address you provided when creating the applicant profile. You can deactivate these notifications at any time.
If an application procedure leads to employment, we will include your application documents in your personnel file on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR.
The processing of your name and e-mail for the purpose of inviting you to participate in a voluntary, anonymous experience survey after completion of your application process is based on our legitimate interest (Art. 6 para. 2 lit. f GDPR) in using the technology and usability of a market-leading platform to obtain aggregated information for business development. You can object to the processing of your contact data for the purposes of surveys at any time by sending an email to learninganddevelopment@beeline-group.com.
6. To whom do we transfer your personal data?
The application documents you provide will be evaluated by the responsible departments in the company or by other companies in the beeline Group, as described above.
Depending on which application mode you choose, different employees of the beeline group of companies will have access to your data:
- If you apply by e-mail to the e-mail address of your contact person from the job advertisement: Your data will be used to fill the positions for which you have applied. In this case, only the beeline employees involved in the selection process for these positions will have access to your data. If necessary, further consideration for positions worldwide will be coordinated with you.
- Request indicated in the career portal for "consideration for all vacancies worldwide": Your data will be passed on within the beeline group of companies worldwide to fill vacancies. All employees of the beeline group of companies who are generally entrusted with the task of filling vacancies or would like to fill a vacancy will have access to your data.
- Request indicated in the career portal for "consideration for all vacancies within the country of my place of residence": Your data will be passed on to fill vacancies at beeline companies within your country of residence. All beeline employees in the respective country who are generally entrusted with the task of filling vacancies or would like to fill a vacancy will be given access to your data.
- Request indicated in the career portal for "consideration for positions for which I have expressly applied": Your data will only be used to fill the positions for which you have applied. In this case, only the beeline employees involved in the selection process for these positions will have access to your data.
Your personal data is also processed by our own service providers (such as IT service providers, e.g. SAP, SuccessFactors for applicant management, and the Qualtrics survey tool or Microsoft for our email service). We have contractually obligated these service providers as so-called processors to process data strictly in accordance with our specifications and instructions and to provide comprehensive technical and organizational protection for this data.
Third country transfers:
While your data will be stored on servers located in the European Union, please note that your personal data may be transferred to employees located in a country with a lower level of data protection, namely if your application concerns a beeline company that is not located in the European Union ("EU") or the European Economic Area ("EEA"). In addition, our service providers may transfer selected data to affiliated companies or service providers in third countries.
In these cases, beeline ensures that an adequate level of protection for your data is guaranteed, e.g. by concluding specific agreements with these parties. beeline applies the EU standard contractual clauses to such transfers as far as possible.
7. How long do we store your personal data?
If the application was made via the career portal, we will delete your data (if you do not register or update your applicant profile) 6 months after the last update or submission of an application. Something else only applies if you have specifically and voluntarily consented to a longer storage period.
If the application procedure does not lead to your recruitment, we will delete and destroy all your applicant data as soon as a period of six months has elapsed after the final rejection by you or by our company.
We will also delete your personal data that we process as part of the invitation to experience surveys as well as the individual survey results after 6 months at the latest.
If you revoke your consent to the processing of your personal data or object to it with regard to experience surveys, your data will be deleted immediately; an anonymized data set (without your application documents or your survey result), which does not allow any conclusions to be drawn about you, will remain for statistical purposes.
If your application is successful, we will also store your data in our systems for the purposes of the employment relationship.
8. Your rights as a data subject?
Insofar as we process your personal data, you are entitled to various data protection claims against us. You have the right to
- to request information about the personal data stored about you and its origin, the purpose of processing and the recipients or categories of recipients of the data (Art. 15 GDPR, Section 34 BDSG),
- under certain conditions, to demand that we rectify, block or erase your personal data (Art. 16 - 18 GDPR, Section 35 BDSG),
- to request the transfer of your data to another controller (Art. 20 GDPR) and
- to lodge a complaint with us or the competent data protection authority about the data processing (Art. 77 GDPR). In our case, this is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia.
- You also have the right to object to the further processing of your data if we process your data on the basis of a legitimate interest (Art. 6 para. 1 sentence 1 f) GDPR). As we do not process your data for advertising purposes, this requires a reason arising from your particular situation. In the event of an objection, we will no longer process your personal data to which the objection relates from receipt during the subsequent review and will delete it after completion of the review - if the objection is justified (Section 36 BDSG, Art. 21 GDPR).
We will fulfill all rights to which you are entitled free of charge and without delay.
The controllers may designate a contact point to which data subjects can turn to assert their rights under the GDPR. To exercise your rights, simply send an email to DataProtectionOffice@beeline-group.com or, if you are based in Germany, to our external data protection officer at datenschutz.beeline@two-towers.eu or by post to
Two Towers Consulting GmbH & Co. KG
Hohenzollernring 51
50672 Cologne
Germany
Irrespective of this agreement, you can always assert your rights against any of the controllers.
The responsible parties shall inform each other immediately of any claims asserted by data subjects and provide each other with all information necessary for processing.
- You can revoke your consent to data processing (Art. 6 para. 1 sentence 1 lit. a GDPR) at any time; we will then no longer process your personal data unless we are legally permitted to do so. Please send your revocation to jobs@beeline-group.com.
A justified objection and revocation have no influence on data processing operations that have already taken place.
9. Concluding provisions
We reserve the right to amend this privacy policy at any time so that it always complies with current legal requirements or to reflect changes to the application process or similar. The new privacy policy will then apply when you visit the applicant portal again or submit a new application.
Status: February 2024
Privacy Notice for partners (business customers and suppliers)
Contents
1 General information
2 Who can you contact if you have questions about data protection and the processing of your personal data?
3 What data do we process and where does it come from?
4 For what purpose and on what legal basis do we process your personal data?
5 To whom do we transfer personal data?
6 How long do we process and store the data?
7 Your rights as a data subject?
8 Concluding provisions
1. General information
In this Privacy Policy, "beeline", "we", "us" and "our" means any legal entity with which you have a relationship.
This privacy policy applies to the following companies:
beeline GmbH
beeline Concessions GmbH
beeline Concessions B.V.
beeline Czech Republic s.r.o.
beeline Concessions S.A.R.L.
beeline Concessions GmbH
beeline Log. Ltd.
beeline Log. Immob. Ltd.
UB Holding GmbH
UB Real Estate GmbH
beeline Hungary Kft.
beeline Ireland Accessories Limited
beeline Italy S.r.l.
beeline Concessions B.V.
beeline Poland Sp.zo.o.
Direkte Linie Concessions - Sociedade Unipessoal Lda.
beeline Slovakia s.r.o.
beeline Concessions SLU
beeline Concessions Switzerland GmbH
beeline UK Accessories Ltd.
beeline Canada Accessories Inc.
US Holding
beeline USA Inc.
beeline Import and Services LLC
beeline Logistics LLC
China
beeline Services Qingdao Co. Ltd.
Our business customers and suppliers include existing or potential suppliers, service providers or consultants as well as existing or potential partner customers, cooperation partners or other partner companies.
With the following information, we would like to give you an overview of the processing of your personal data by us and your rights under the General Data Protection Regulation (Regulation (EU) 2016/679 - "GDPR") as well as the Federal Data Protection Act ("BDSG") and any local data protection laws.
This Privacy Policy applies to personal data of persons with whom we enter into contractual or business relationships, as well as of contact persons, managing directors, key account managers or other employees of our contractual or business partners, which we process in the context of existing or prospective contractual and business relationships. Personal data of ostensibly uninvolved parties, such as shareholders or beneficial owners of our business partners or employees of our business partners named in the context of whistleblowing, may also be affected by data processing by us.
The processing of purely company-related data (e.g. beeline GmbH, Grünstraße 1, Cologne) is not subject to the GDPR and is therefore not covered by this privacy policy.
2. Who can you contact if you have questions about data protection and the processing of your personal data?
You can reach our central data protection team at:
Address: beeline GmbH, Data Protection - Legal/Compliance, Grünstraße 1, 51063 Cologne, Germany
E-Mail: DataProtectionOffice@beeline-group.com.
We have also appointed an external data protection officer for beeline GmbH and beeline Concessions GmbH.
For concerns regarding beeline GmbH and beeline Concessions GmbH, please contact us at datenschutz.beeline@two-towers.eu.
3. What data do we process and where does it come from?
We primarily process personal data that the data subjects provide to us themselves in the context of contractual and business relationships or that we receive from the respective contractual and business partners (e.g. from your colleagues with whom we are already in contact), for example in the context of processing an inquiry or an order.
We also process personal data that we collect from publicly accessible sources (e.g. commercial register, press, internet) or receive from third parties (e.g. auditors). We will make separate reference to the collection of personal data from third-party sources.
Relevant personal data are in particular
Personal details, e.g. surname, first name, address,
Personal data, e.g. profession, position, tasks and powers, nationality;
business contact details, e.g. address, telephone number, e-mail address;
Contract initiation data, including product, performance and quality assessments
Contract or order data, e.g. sales data, time sheets,
Billing data, including bank details, tax number/USt ID;
Data from the fulfillment of our and your contractual obligations;
Data in connection with the prevention of criminal offenses, such as fraud, cybercrime or money laundering, and whistleblowing, including behavioral data, if applicable
Information about your financial situation (e.g. creditworthiness data);
If applicable, log-in data for tools used by you in cooperation with beeline;
other data comparable with the above categories.
The scope of the data processed for a person varies depending on the role in which the person appears to us (e.g. the person is a supplier or an employed contact person or a beneficial owner of a contractual partner).
4. For what purpose and on what legal basis do we process the data?
We process personal data for the following purposes on the basis of the following legal bases:
In individual cases, we process data because you have expressly consented to this (Art. 6 para. 1 lit. a GDPR), for example to receive advertising by electronic mail and/or telephone;
Data processing is generally carried out for the performance of contracts concluded with you or your employment company or for the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR); this includes in particular:
Purchase and supply contracts, e.g. processing of purchase and sales inquiries, authentication of contractual partners, preparation and signing of contractual documents, execution of purchases and sales, integration into internal operational management, e.g. through access to our intranet or other platforms used by beeline, communication, also in the context of video conferences using appropriate tools, invoicing and processing of purchase price payments;
Service and work contracts as well as other contractual relationships, e.g. processing and viewing of corresponding offers and inquiries; authentication of contractual partners, preparation and signing of contractual documents, processing of payments; integration into internal operational management, e.g. device management or through access to our intranet or other platforms used by beeline, communication, also in the context of video conferences using appropriate tools, sending of information letters
Further data processing is carried out on the basis of legal requirements (Art. 6 para. 1 lit. c GDPR), in particular to fulfill and comply with
tax and other statutory control and reporting obligations, as well as for audits by tax or other authorities;
statutory retention periods;
legal obligations with regard to product quality and risk management, including the obligation to inspect and audit;
legal obligations with regard to delivery and storage, e.g. customs regulations and maintaining an inventory management system;
Residence matters;
legal obligations in connection with various compliance areas, e.g. data protection, combating fraud and money laundering, whistleblowing, supply chain diligence;
COVID measures and other statutory health protection requirements;
We also process your data to protect our legitimate interests (Art. 6 para. 1 lit. f GDPR), namely for the following purposes:
optimal contact support/relationship, also with regard to the employees of our business partners;
Optimization of our business processes, e.g. through internal reporting, keeping lists of suppliers or interested parties, also as part of customer relationship management;
Internal Group controlling processes;
Centralization or outsourcing of corporate functions;
Reducing the risk of criminal offences as part of visitor management or through other organizational or technical measures suitable for this purpose;
Reduction of default risks in our business processes by consulting credit agencies (such as Creditreform, Bürgel) and determining score values (profiling), which help us to assess the probability of contractual partners meeting their payment obligations in accordance with the contract on the basis of a recognized mathematical-statistical procedure;
Assertion and defense of legal claims;
Market research purposes.
5. To whom do we transfer personal data?
Under certain circumstances (in addition to the cases already mentioned above), your personal data may be passed on for the above-mentioned purposes; in detail:
Personal data is transmitted to other companies in our group of companies. The exchange between different companies of the beeline Group takes place on the basis of corresponding contracts and, if necessary, additional technical or organizational security precautions. Essential internal procedures take place centrally at beeline in Germany and are located at beeline GmbH.
Information required for the processing of existing contracts is passed on to customers and suppliers.
Information is passed on to contractually affiliated external service providers, e.g. logistics companies, IT service providers and providers of digital tools that we use as part of the execution of the contract, economic, tax and other consultants, financial institutions, or transmitted directly by you to enable them to continue processing.
If it is necessary to investigate or prosecute unlawful or abusive incidents or to enforce contractual provisions between us and our contractual and business partners, personal data will be forwarded to our legal advisors, the law enforcement authorities and, if necessary, to injured third parties.
We are also legally obliged to provide reports, notifications or information to certain public authorities. These are primarily tax authorities, customs and law enforcement authorities, authorities that prosecute administrative offenses subject to fines.
In the event of reorganizations or business restructurings, including financial restructurings, bankruptcies, M&A transactions, mergers, acquisitions, spin-offs, joint ventures, assignments, sale or disposal of companies or parts of companies, etc., personal data may be disclosed to the buyer, the seller, law firms and other consulting firms, liquidators, banks and other financial institutions, rating agencies and similar organizations. We will always carefully consider the necessity of such transfers and take measures (e.g. anonymization, pseudonymization or aggregation procedures) to reduce the amount of personal data in such cases to what is strictly necessary.
In order to enable the digital signing of documents, such as contract documents, and to simplify processes within the organization, beeline uses the online application "DocuSign" (DocuSign, Inc. 221 Main Street, Suite 1550San Francisco, CA 94105) where the legal formal requirements permit, i.e. where no "wet ink" signature is required.
For the digital signing process via "DocuSign", your e-mail address and your (qualified) digital signature are required and processed via "DocuSign". The e-mail address is used to send the form and to make it easier to obtain the necessary documents.
If a document is to be signed via DocuSign, it is uploaded to the platform by the initiator. If the initiator specifies a person as the signatory, this person receives a notification email with further instructions from DocuSign.
Additional recipients can be specified who are to receive the signed documents by e-mail and in digital form after the signature process has been completed.
If you use DocuSign's Qualified Electronic Signature (QES) procedure, you will be asked to identify yourself so that your individual Qualified Electronic Signature can be generated by DocuSign. For this purpose, you will be asked to prove your identity by holding your identification documents (this can be a passport or ID card) up to the camera. Please note that DocuSign is responsible for processing your data for this part of the entire process. Please also note that, depending on the location, DocuSign may involve other partners who support DocuSign in the identification process.
DocuSign may process your personal data within the framework of an intra-group agreement or an agreement with a third party and in third countries. DocuSign uses so-called Binding Corporate Rules to ensure the security of such transfers.
For further details and if subcontractors of DocuSign are involved, please refer to DocuSign's Privacy Notice: https://www.docusign.co.uk/en-gb/privacy/
In cooperation with service providers and other organizations, legal instruments are used to ensure that your personal data is processed lawfully and only stored for as long as necessary. These are, for example, order processing contracts in accordance with Art. 28 GDPR or agreements between joint controllers in accordance with Art. 26 GDPR.
As a rule, the servers on which your personal data is stored by us or one of our service providers are located in the EU. In the course of some processing activities, your personal data may be stored outside the EU or persons who carry out their activities in countries outside the EU may have access to your personal data. These countries may offer a lower level of data protection. If there is no adequacy decision for these countries pursuant to Art. 45 GDPR for these countries, legal instruments are used that also guarantee the confidentiality, integrity and availability of (your) personal data. This includes in particular the signing of the so-called EU standard data protection clauses in accordance with Art. 46 (2) c GDPR.
6. How long do we process and store the data?
We will retain and process your personal data for as long as we have a legitimate interest, valid consent from you or a legal obligation to do so for a certain period of time as determined or specified by applicable law and our company's IT security and data protection policies.
7. Your rights as a data subject
If the respective requirements are met, you are entitled to the following rights:
Right to information: You have the right to receive information about the personal data stored about you at any time.
Right to rectification: You have the right to have incorrect personal data concerning you rectified.
Right to erasure: You can also request the erasure of your personal data, for example if your data is no longer required for the purposes for which it was collected or otherwise processed.
Right to restriction of processing: You also have the right to request the restriction of the processing of your personal data; in such a case, the data will be blocked for any processing. This right exists in particular if the accuracy of the personal data is disputed between you and us.
Right to data portability: If we process your personal data to fulfill a contract with you or on the basis of your consent, you also have the right to receive your personal data in a structured, commonly used and machine-readable format, if and to the extent that you have provided us with the data.
Right to withdraw consent: If you have given us your consent to process your personal data, you can withdraw this at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Right to object: You can object to data processing on grounds relating to your particular situation. However, this only applies in cases where we process data to fulfill a legitimate interest. If you can present such a reason and we cannot assert a compelling interest worthy of protection in further processing, we will no longer process this data for the respective purpose.
You also have the right to lodge a complaint with a supervisory authority at any time, in particular with a supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes data protection regulations.
If you would like information about the personal data stored about you, wish to assert your other rights or have questions about data protection with us, you can contact us using the above-mentioned contact details.
8. Concluding provisions
Status and amendment of this privacy policy is February 2024.
The further development of our company may also affect the handling of personal data. We therefore reserve the right to amend this privacy policy in the future within the framework of the applicable data protection laws and, if necessary, to adapt it to changed data processing realities.