Privacy Policy: recruiting

EnglishDeutsch

Data protection information for applicants

We are delighted that you are interested in our company and have applied or are applying for a position with us. Below, we would like to provide you with information about how your personal data is processed in connection with your application.

Who is responsible for data processing?

The controller within the meaning of data protection law is

Brainlab SE, Olof-Palme-Straße 9, 81829 Munich, Germany,

Brainlab Corporate Services GmbH, Olof-Palme-Straße 9, 81829 Munich, Germany,

Brainlab Sales GmbH, Olof-Palme-Straße 9, 81829 Munich, Germany,

Brainlab Marketing Services GmbH, Olof-Palme-Straße 9, 81829 Munich, Germany,

Brainlab IT & Digital Services GmbH, Olof-Palme-Straße 9, 81829 Munich, Germany,

Brainlab Financial Services GmbH, Olof-Palme-Straße 9, 81829 Munich, Germany,

Digital-OR Solutions GmbH, Olof-Palme-Straße 9, 81829 Munich, Germany,

Brainlab Ltd., Regus House, 1010 Cambourne Business Park, Cambourne, Cambridge, CB3 6DP, England,

Brainlab Italia s.r.l., Via Gabriele Rossetti 9, 20145 Milan, Italy,

Brainlab Robotics GmbH, Olof-Palme-Straße 9, 81829 Munich, Germany,

medPhoton GmbH, Karolingerstraße 16, 5020 Salzburg, Austria,

Dr. Langer Medical GmbH, Am Bruckwald 26, 79183 Waldkirch, Germany

You can find further information about our company, details of authorized representatives, and additional contact options in the legal notice on our website: https://www.brainlab.com/corporate-information/

What data do we process about you? And for what purposes?

We process the data you have sent us in connection with your application in order to assess your suitability for the position (or other open positions in our company, if applicable) and to carry out the application process. No exclusively automated decision-making takes place.

What is the legal basis for this?

We process your personal data in compliance with the provisions of the General Data Protection Regulation (GDPR) and, where applicable, national data protection regulations. The legal basis for processing your personal data in this application process is primarily the establishment of an employment relationship. Personal data of applicants may be processed for the purposes of the application process if this is necessary for the decision on the establishment of an employment relationship. The legal basis is Article 6(1)(b) GDPR.

If your application relates to a position in the IT field that involves handling security-critical systems and information, we will process further data from you that is required for a security check on the basis of your consent in accordance with Article  6(1)(a) GDPR.

We also process personal data on the basis of a legitimate interest pursuant to Article 6(1)(f) GDPR. This may be necessary, for example, if the data is retained after the application process has been completed in order to defend against legal claims or to ensure that job advertisements are forwarded to us. Our interest then lies in asserting or defending claims and in forwarding interested parties.

There is no legal or contractual obligation to provide personal data. However, you cannot be considered in the selection process if you do not wish to provide personal data.

How long is the data stored?

Your personal data will be stored for as long as it is necessary for the decision in the application process. If no employment relationship is established, your data may continue to be stored if this is necessary for the defense against possible legal claims. As a rule, your data will be deleted 6 months after completion of the application process. If you have consented to the further storage of your personal data, we will transfer your data to our applicant pool. The data will be deleted after two years.

If you are offered a position as part of the application process, the data will be transferred from the applicant data system to our personnel information system.

If you have submitted a copy of your ID as part of the security check due to your application in the IT area (with access to security-critical systems and information), this will be deleted immediately after completion of the security check.

To whom is the data passed on?

Your data will mainly be processed by our human resources department and the respective department managers involved in filling the advertised position. In addition, depending on the respective open position, other internal and external departments may be involved in the processing of your data. Within the company, only those persons who need your data for the proper execution of our application process have access to it.

External service providers:

  • IT service providers (e.g., providers of applicant management software, maintenance or hosting service providers)

  • Providers of aptitude or programming tests, if applicable

  • Job portals for submitting your application

If necessary, a data processing agreement has been concluded with all external service providers in accordance with Article 28 GDPR.

Will my data be transferred to countries outside the European Union?

Countries outside the European Union (and the European Economic Area "EEA") handle the protection of personal data differently than countries within the European Union. We also use service providers in third countries outside the European Union to process your data. There is currently no decision by the EU Commission that these third countries generally offer an adequate level of protection.

We have therefore taken special measures to ensure that your data is processed in third countries just as securely as within the European Union. We conclude the standard contractual clauses provided by the European Commission with service providers in third countries. These clauses offer adequate guarantees for the protection of your data with service providers in third countries.

Your rights as a "data subject"

You have the right to obtain information about the personal data we process about you.

If you submit a request for information that is not in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be.

In addition, you have the right to correction or deletion or to restriction of processing, insofar as you are legally entitled to do so. You also have the right to object to processing within the framework of the legal requirements and the right to data portability.

Finally, with regard to data processing based on your consent, you have the right to revoke your consent at any time with effect for the future.

Notwithstanding these rights and the possibility of asserting other administrative or judicial remedies, you have the option at any time to exercise your right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection regulations (Article 77 GDPR).

Our data protection officer:

We have appointed the following data protection officer for our companies.

Intersoft Consulting Services AG
Katharina Ruhenstroth
Beim Strohhause 17
200097 Hamburg
Tel: +49 (0) 40 790 235 0
Email: dsb-brainlab@intersoft-consulting.de

If you have any questions or comments regarding data protection, please send an email to the following address: