Privacy notice for the Project A application system

Last amended: May 2018

We have created this privacy notice to inform you about how personal data is collected, processed and used in the context of our online application process.

1. Contact person

The application system is provided by Project A Services GmbH & Co. KG, Julie-Wolfthorn-Straße 1, 10115 Berlin (hereinafter referred to as “Project A” or “we”). Project A is also the controller within the meaning of the EU General Data Protection Regulation (GDPR) for the collection, processing and use of personal data of applicants who participate in our online application process (hereinafter referred to as “you”). Should you have any questions or suggestions regarding data protection in the application process, please do not hesitate to contact us. You are welcome to direct your data protection concerns to our data protection officer by sending an email to datenschutz@project-a.com or alternatively contact our Talent Team (+49 30 340 606 340 / jobs@project-a.com). Our full contact details are available here.

2. Data processing in the context of the application process

2.1. Online application form. You can apply to us for advertised vacancies using our online form. The purpose of data collection here is the selection of applicants for potential employment at Project A or one of the ventures in our portfolio. In order to receive and process your application, we collect the following applicant data: first and last name, email address, telephone number and application documents (curriculum vitae and cover letter). You may also voluntarily provide us with additional information that you may want us to consider when you apply (e.g. your salary expectations, availability or additional documents).

We will check your application and contact you if necessary, in particular to make appointments or to clarify any questions.

If you apply for a position at Project A, in principle we will not pass on your applicant data to third parties. If you apply for a position at one of the ventures in our portfolio, we will check the application and forward it to the relevant contact person at the respective company. If you have any questions regarding data protection in the application process (e.g. with regard to your rights under data protection law), please contact us at jobs@project-a.com or get in touch with our data protection officer directly at here. This overview may change at any time but will always show the current portfolio companies whenever it is accessed.

The legal basis for the processing of your applicant data is Art. 6(1) Sentence 1(b) and Art. 88(1) GDPR in conjunction with Section 26(1) Sentence 1 of the German Federal Data Protection Act (BDSG). We store your applicant data upon receipt of your application. If we accept your application and subsequently employ you, we will store your applicant data for as long as the data is necessary for your employment and as far as we are legally required to retain it. If we reject your application, we will store your applicant data for a maximum of six months after rejection of your application, unless you give us your consent to longer storage (Project A talent pool). The data will be deleted automatically after this period. This also applies to applicant data stored by one of the ventures in our portfolio as part of the application process.

2.2. Project A talent pool. Through your application you consent to become part of our talent pool and that, once the application process is complete, we will store the data you submitted for your application in our Project A talent pool for a further 24 months. This will allow us to identify any further jobs at Project A or the ventures in our portfolio which may be of interest to you and, if necessary, to contact you again using the stored contact details. From time to time, but usually not more than once a week, we will then send you information about vacant positions at Project A and/or the ventures in our portfolio which may be suitable for you. After this period, the data will be deleted unless you have given a new consent separately. You can withdraw your consent at any time with future effect by emailing us at jobs@project-a.com.

2.3. Recommendations by friends. In certain cases, we pay a bonus for successful recommendations that result in someone being employed at Project A or one of the ventures in our portfolio. Please visit our careers page to find out which vacancies are currently offering a bonus. When someone recommends another person, this generates a recommendation code which can be used later on to identify whether the recommendation was successful. The purpose of this is to see who recommended you and to allow us to pay out the bonus. In the event of a recommendation, this recommendation code will therefore be stored together with your applicant data. The recommendation system and bonus payments are handled entirely by the Aklamio service (aklamio GmbH, Hagelberger Str. 11, 10965 Berlin). Please note its privacy notice.

We will, of course, not pass on any content from the application process to the person from whom the recommendation originates.

We store the recommendation code for a period of 12 months in order to be able to verify a successful recommendation during this period. The legal basis of the processing of data for our friend recommendation scheme is Art. 6(1) Sentence 1(b) GDPR. Where information about the payment of a bonus has to be retained for accounting reasons, it will be retained for a period of six years. The legal basis for this retention is Art. 6(1)(c) GDPR in conjunction with Section 257 of the German Commercial Code (HGB) and Section 147 of the Fiscal Code (AO).

2.4. Data processing by our service provider Personio. We use the external service provider Personio (Personio GmbH, Buttermelcherstr. 16, 80469 Munich, “Personio”) for our application system. Applicant data is stored by Personio on our behalf. The data is transferred in encrypted form and stored exclusively on ISO 27001-certified servers in Germany. We have concluded a data processing agreement with Personio pursuant to Art. 28 GDPR, which ensures that Personio processes the data exclusively in accordance with our instructions and guarantees the European data protection principles.

3. Links to other websites and online content

Our website may contain links to websites and online content of other providers not affiliated with us. If you activate these links, we naturally no longer have any influence on which data is collected by the respective providers and which data they record. For more detailed information on data collection and use, please refer to the privacy policies of the respective providers. Since the collection and processing of data by third parties is beyond our control, we cannot assume any responsibility for this.

4. Disclosure of data

In principle, we will only pass on the data we collect if:

  • you have given your express consent to this pursuant to Art. 6(1) Sentence 1(a) GDPR (e.g. in connection with the Project A talent pool);
  • you have given your express consent to this pursuant to Art. 6(1) Sentence 1(a) GDPR (e.g. in connection with the Project A talent pool);
  • we are legally obliged to do so under Art. 6(1) Sentence 1(c) GDPR; or
  • this is permitted by law and is required under Art. 6(1) Sentence 1(b) GDPR for the processing of contractual relationships with you or for taking steps at your request prior to entering into a contract.

Part of the data processing described in this data protection notice may be carried out by our service providers. In addition to the service providers mentioned in this data protection notice, this may in particular include data centres that store our website and databases, IT service providers that maintain our systems, and consulting firms. If we pass data on to our service providers, they may use the data exclusively for the fulfilment of their tasks. We have carefully selected and commissioned the service providers. They are contractually bound by our instructions, have implemented appropriate technical and organisational measures to protect the rights of data subjects, guarantee an appropriate level of data protection and are carefully monitored by us.

In addition, data may be disclosed in connection with official requests, court orders and legal proceedings if this is necessary to pursue or enforce rights.

5. Your rights

You have the right to information about how we process your personal data at any time. When providing this information, we will explain the data processing to you and provide you with an overview of the data stored about you.

If data stored by us is incorrect or no longer up to date, you have the right to have this data corrected.

You may also demand that your data be erased. Should the erasure not be possible in exceptional cases due to other legal regulations, the data will be blocked so that it is only available for that legal purpose.

You are also entitled to have the processing of your data restricted, e.g. if you believe that the data we have stored is incorrect. You also have the right to data portability, which means that on request we will send you a digital copy of the personal data you have provided.
In order to assert your rights described here, you can contact us at any time using the contact details provided in Section 1 above. This also applies if you wish to receive copies of safeguards in order to prove an adequate level of data protection.

In addition, you have the right to object to data processing if it occurs based on Art. 6(1) Sentence 1(e) or (f) GDPR or for direct marketing purposes. Finally, you have the right to lodge a complaint with our competent data protection supervisory authority. You can assert this right by contacting a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement. The competent supervisory authority in Berlin is: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Right of withdrawal and objection.
Pursuant to Art. 7(3) GDPR, you have the right to withdraw the consent you gave us at any time. As a result of this, we will cease the data processing based on this consent with future effect. This withdrawal of your consent will not affect the lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.

If we process your data on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right under Art. 21 GDPR to object to the processing of your data, and to give us reasons which arise from your particular situation which, in your opinion, show that your legitimate interests override ours. If your objection is to data processing for direct marketing purposes, you have a general right of objection, which we will implement without requiring you to give reasons.

If you would like to make use of your right of withdrawal or objection, it is sufficient to simply notify us using the contact details provided above.

This site uses own cookies and third-party cookies to analyse the usage of our website, to personalise your surfing experience and to enable the delivery of interest-based advertisements. If you continue using the website, we will assume that you are accepting the use of cookies as described in our privacy policy, in which you may opt-out of receiving cookies at any time.

This site uses cookies. If you continue to use this website, we will assume that you have approved.