Privacy Policy

1. Privacy at a glance

General information

The following information provides a brief overview of what happens to your personal data when you visit this website. Personal data refers to any information that can be used to identify you personally. For detailed information on data protection, please refer to our privacy policy, which is set out below.

 

Data collection on this Website

Who is responsible for data collection on this Website?

Data processing on this website is carried out by the website operator. Their contact details can be found in the section ‘Information on the data controller’ in this privacy policy.

 

How do we collect your Data?

Your data is collected, firstly, when you provide it to us. This may include, for example, data that you enter into a contact form.

Other data is collected automatically or with your consent when you visit the website via our IT systems. This consists mainly of technical data (such as your web browser, operating system or the time you accessed the page). This data is collected automatically as soon as you enter this website.

 

What do we use your data for?

Some of the data is collected to ensure the website functions correctly. Other data may be used to analyse your user behaviour. Where contracts can be concluded or initiated via the website, the data provided will also be processed for the purposes of contractual offers, orders or other enquiries.

 

What rights do you have regarding your data?

You have the right at any time to obtain, free of charge, information regarding the source, recipients and purpose of your stored personal data. You also have the right to request the rectification or erasure of this data. If you have given your consent to the processing of your data, you may withdraw this consent at any time with effect for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the relevant supervisory authority. You may contact us at any time regarding this matter or any other questions you may have about data protection.

 

Analytic tools and third-party tools

When you visit this website, your browsing behaviour may be analysed for statistical purposes. This is primarily done using so-called analytics tools. You can find detailed information about these analytics tools in the following privacy policy.

 

2. Hosting and Content Delivery Networks (CDN)

Amazon CloudFront CDN

We use the Amazon CloudFront CDN content delivery network. The provider is Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxembourg (hereinafter ‘Amazon’).

Amazon CloudFront CDN is a globally distributed content delivery network. Technically, this means that the transfer of information between your browser and our website is routed via the content delivery network. This enables us to improve the global accessibility and performance of our website

The use of Amazon CloudFront CDN is based on our legitimate interest in ensuring that our website is delivered as error-free and securely as possible (Article 6(1)(f) of the GDPR).

Data transfers to the USA are based on the European Commission’s standard contractual clauses. Further details can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.

You can find further information about Amazon CloudFront CDN here:: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.

The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this is available from the provider via the following link:
https://www.dataprivacyframework.gov/participant/5776.

 

Order processing

We have entered into a data processing agreement (DPA) for the use of the aforementioned service. This is a contract required under data protection law, which ensures that the service provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

 

3. General information and ­mandatory details

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

When you use this website, various types of personal data are collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

Please note that data transmission over the internet (for example, when communicating by email) may be subject to security vulnerabilities. It is not possible to guarantee complete protection of data against access by third parties.

 

Information regarding the data controller

The data controller for this website is:

PAPSTAR GmbH
Daimlerstraße 4-8
53925 Kall
Deutschland

Phone: +49 2441 83-0
E-Mail: info@papstar.de

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (such as names, email addresses, etc.).

 

Retention period

Unless a more specific retention period is stated in this privacy policy, we will retain your personal data until the purpose for which it is processed no longer applies. If you submit a valid request for erasure or withdraw your consent to data processing, your data will be erased unless we have other legally permissible grounds for storing your personal data (for example, retention periods under tax or commercial law); in the latter case, erasure will take place once these grounds no longer apply.

 

General information on the legal basis for data processing on this website

Where you have consented to the processing of your data, we process your personal data on the basis of Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR, where special categories of data as defined in Article 9(1) of the GDPR are processed. In the event of explicit consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Article 49(1)(a) of the GDPR. Where you have consented to the storage of cookies or to access to information on your device (for example via device fingerprinting), data processing is additionally carried out on the basis of Section 25(1) of the German Telemedia Act (TDDG). Consent may be withdrawn at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Article 6(1)(b) of the GDPR. Furthermore, we process your data where this is necessary to comply with a legal obligation on the basis of Article 6(1)(c) of the GDPR. Data processing may also take place on the basis of our legitimate interest pursuant to Article 6(1)(f) of the GDPR. The relevant legal bases in each individual case are set out in the following sections of this privacy policy.

 

Data Protection Officer

We have appointed a data protection officer.

DAWOCON GmbH
Lina Woelk
An der Müllerwiese 10
51069 Köln

Phone: +49 221 68 00 37 67
E-Mail: dsb@papstar.de

 

Recipients of personal data

As part of our business operations, we work with various external parties. In some cases, this requires us to transfer personal data to these external parties. We only disclose personal data to external parties where this is necessary for the performance of a contract, where we are legally obliged to do so (for example, disclosure of data to tax authorities), where we have a legitimate interest in the disclosure pursuant to Article 6(1)(f) of the GDPR, or where another legal basis permits the disclosure of data. When using data processors, we only disclose our customers’ personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.

 

Withdrawal of your consent to data processing

Many data processing operations are only possible with your explicit consent. You may withdraw any consent you have already given at any time. The lawfulness of the data processing carried out prior to the withdrawal remains unaffected by the withdrawal.

 

Right to object to data collection in specific cases and to direct marketing (Article 21 of the GDPR)

IF DATA PROCESSING IS BASED ON ARTICLE 6(1)( E OR F OF THE GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. YOU CAN FIND THE RELEVANT LEGAL BASIS ON WHICH PROCESSING IS BASED IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (objection under Article 21(1) of the GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

 

Right to lodge a complaint with the relevant supervisory authority

In the event of infringements of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place where the alleged infringement occurred. This right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

 

Right to data portability

You have the right to receive data that we process automatically on the basis of your consent or in fulfilment of a contract, either for yourself or for a third party, in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place to the extent that it is technically feasible.

 

Access, rectification and erasure

In accordance with the applicable legal provisions, you have the right at any time to obtain, free of charge, information about your stored personal data, its source and recipients, and the purpose of the data processing, and, where applicable, the right to have this data corrected or erased. You may contact us at any time regarding this matter or any other questions you may have about personal data.

 

Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You may contact us at any time to do so. The right to restriction of processing applies in the following cases:

  • If you dispute the accuracy of your personal data held by us, we will generally need time to verify this. For the duration of this verification, you have the right to request that the processing of your personal data be restricted.
  • If your personal data has been or is being processed unlawfully, you may request that the processing of your data be restricted instead of it being erased.
  • If we no longer require your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted rather than deleted.
  • If you have lodged an objection under Article 21(1) of the GDPR, a balancing of interests between yours and ours must be carried out. Until it has been determined whose interests prevail, you have the right to request that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, such data may – apart from storage – only be processed with your consent, or for the purpose of establishing, exercising or defending legal claims, or for the protection of the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.

 

SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential information, such as orders or enquiries that you send to us as the website operator. You can recognise an encrypted connection by the fact that the address bar of your browser changes from ‘http://’ to ‘https://’ and by the padlock symbol in your browser bar. When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

 

4. Data collection on this website

Cookies

Our website uses so-called ‘cookies’. Cookies are small data packets and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies may be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable certain third-party services to be integrated into websites (for example, cookies used to process payment services).

Cookies serve various purposes. Many cookies are technically necessary, as certain website functions would not work without them (for example, the shopping basket function or the display of videos). Other cookies may be used to analyse user behaviour or for advertising purposes.

Cookies that are necessary for the execution of the electronic communication process, for the provision of specific functions you have requested (for example, the shopping basket function) or for the optimisation of the website (for example, cookies used to measure website traffic) (necessary cookies) are stored on the basis of Article 6(1)(f) of the GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure the technically flawless and optimised provision of its services. Where consent has been sought for the storage of cookies and similar recognition technologies, processing takes place exclusively on the basis of this consent (Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG); consent may be withdrawn at any time.

You can configure your browser to notify you when cookies are set and to allow cookies only on a case-by-case basis, to block cookies in specific cases or generally, and to enable the automatic deletion of cookies when you close your browser. If you disable cookies, the functionality of this website may be limited.

If any other cookies or services are used on this website, you can find details in this privacy policy.

 

Contact form

If you send us enquiries via the contact form, the details you provide in the form, including the contact details you have entered there, will be stored by us for the purpose of processing your enquiry and in case of any follow-up questions. We will not pass on this data without your consent.

The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your enquiry relates to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) where this has been requested; consent may be withdrawn at any time.

The data you enter in the contact form will be retained by us until you request its deletion, withdraw your consent to its storage, or the purpose for storing the data no longer applies (for example, once your enquiry has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

 

Enquiries by email, telephone or fax

If you contact us by email, telephone or fax, your enquiry, including all personal data contained therein (name, enquiry), will be stored and processed by us for the purpose of dealing with your request. We will not disclose this data without your consent.

The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your enquiry relates to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) where this has been requested; consent may be withdrawn at any time.

The data you send to us via contact enquiries will remain with us until you request its deletion, withdraw your consent to its storage, or the purpose for storing the data no longer applies (for example, once your enquiry has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

 

5. Social media

Facebook

This website incorporates features from the social network Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

You can find an overview of the Facebook social media elements here: https://developers.facebook.com/docs/plugins/?locale=en_US

When the social media element is active, a direct connection is established between your device and the Facebook server. This means that Facebook receives the information that you have visited this website using your IP address. If you click the Facebook ‘Like’ button whilst logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. Please note that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it is used by Facebook. Further information on this can be found in Facebook’s privacy policy at: https://de-de.facebook.com/privacy/explanation.

Use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG. You may withdraw your consent at any time.

Where personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland, are jointly responsible for this data processing (Article 26 of the GDPR). This joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook following the transfer is not part of the joint responsibility. The obligations incumbent upon us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum.  Under this agreement, we are responsible for providing privacy information regarding the use of the Facebook tool and for ensuring that the tool is implemented on our website in a manner that complies with data protection laws. Facebook is responsible for the data security of Facebook products. You may exercise your data subject rights (such as requests for information) regarding the data processed by Facebook directly with Facebook. If you exercise your data subject rights with us, we are obliged to forward these to Facebook.

Data transfers to the USA are based on the European Commission’s standard contractual clauses. Further details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 und https://www.facebook.com/policy.php.

The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this is available from the provider via the following link:: https://www.dataprivacyframework.gov/participant/4452.

 

Instagram

This website incorporates features from the Instagram service. These features are provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

When the social media feature is active, a direct connection is established between your device and the Instagram server. This means that Instagram receives information about your visit to this website.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this website with your user account. Please note that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it is used by Instagram.

Use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG. You may withdraw your consent at any time.

Where personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland, are jointly responsible for this data processing (Article 26 of the GDPR). This joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook or Instagram. The processing carried out by Facebook or Instagram following the transfer is not part of the joint responsibility. The obligations incumbent upon us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. Under this agreement, we are responsible for providing privacy information when using the Facebook or Instagram tools and for ensuring that these tools are implemented on our website in a manner that complies with data protection regulations. Facebook is responsible for the data security of the Facebook and Instagram products. You may exercise your data subject rights (such as requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you exercise your data subject rights with us, we are obliged to forward these to Facebook.

Data transfers to the USA are based on the European Commission’s standard contractual clauses. Further details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ und https://de-de.facebook.com/help/566994660333381.

Further information on this can be found in Instagram’s privacy policy: https://privacycenter.instagram.com/policy/.

The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this is available from the provider via the following link: https://www.dataprivacyframework.gov/participant/4452.

 

LinkedIn

This website uses elements from the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Each time a page on this website containing LinkedIn elements is accessed, a connection is established with LinkedIn’s servers. LinkedIn is informed that you have visited this website using your IP address. If you click the LinkedIn ‘Recommend’ button whilst logged into your LinkedIn account, LinkedIn is able to associate your visit to this website with you and your user account. Please note that, as the provider of these pages, we have no knowledge of the content of the data transmitted or its use by LinkedIn.

The use of this service is based on your consent in accordance with Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG. You may withdraw your consent at any time.

Data transfers to the USA are based on the European Commission’s standard contractual clauses. Further details can be found here: https://www.linkedin.com/help/linkedin/answer/a1343190/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=de

Further information on this can be found in LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this is available from the provider via the following link: https://www.dataprivacyframework.gov/participant/5448.

 

6. Plugins and Tools

YouTube with enhanced privacy settings

This website embeds videos from YouTube. The website is operated by Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of these websites that incorporates YouTube, a connection is established with YouTube’s servers. In doing so, the YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to link your browsing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account

We use YouTube in enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used to personalise the user’s browsing experience on YouTube. Advertisements displayed in enhanced privacy mode are also not personalised. No cookies are set in enhanced privacy mode. Instead, however, so-called local storage elements are stored in the user’s browser; these contain personal data in a similar way to cookies and can be used for recognition purposes. You can find details on enhanced privacy mode here: https://support.google.com/youtube/answer/171780.

Where applicable, further data processing operations may be triggered after a YouTube video has been played, over which we have no control.

The use of YouTube is in the interest of presenting our online services in an appealing manner. This constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. Where consent has been sought, processing takes place exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent may be withdrawn at any time.

For further information on data protection on YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this is available from the provider via the following link: https://www.dataprivacyframework.gov/participant/5780.

 

Vimeo without Tracking (Do-Not-Track)

This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages featuring Vimeo videos, a connection is established with Vimeo’s servers. In doing so, the Vimeo server is informed which of our pages you have visited. Vimeo also obtains your IP address. However, we have configured Vimeo in such a way that it will not track your user activity or set any cookies.

The use of Vimeo is in the interest of presenting our online services in an appealing manner. This constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. Where consent has been sought, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR; consent may be withdrawn at any time.

Data transfers to the US are based on the European Commission’s standard contractual clauses and, according to Vimeo, on “legitimate business interests”. Further details can be found here: https://vimeo.com/privacy.

Further information on how user data is handled can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy.

The company is certified under the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when data is processed in the United States. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this is available from the provider via the following link: https://www.dataprivacyframework.gov/participant/5711.

 

Google Fonts (locally hosted)

This site uses Google Fonts, provided by Google, to ensure consistent font display. The Google Fonts are installed locally. No connection is made to Google’s servers. For further information on Google Fonts, please visit https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

 

7. Our own services

Handling of applicant data

We offer you the opportunity to apply for a position with us (for example, by email, post or via our online application form). Below, we provide information on the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other legal provisions, and that your data will be treated as strictly confidential.

 

Scope and purpose of data collection

If you submit an application to us, we will process the associated personal data (for example, contact and communication details, application documents, notes taken during interviews, etc.) to the extent necessary to decide whether to enter into an employment relationship. The legal basis for this is Section 26 of the German Federal Data Protection Act (BDSG) (initiation of an employment relationship), Article 6(1)(b) of the GDPR (general pre-contractual processing) and – provided you have given your consent – Article 6(1)(a) of the GDPR. Consent may be withdrawn at any time. Your personal data will be passed on within our company exclusively to those persons involved in processing your application.

If the application is successful, the data you have submitted will be stored in our data processing systems on the basis of Section 26 of the BDSG and Article 6(1)(b) of the GDPR for the purpose of carrying out the employment relationship.

As part of the application process, we may also carry out an online search regarding you. This primarily involves searches on Google, LinkedIn and Xing. The legal basis for this type of processing is our legitimate interest in forming an overall impression of you based on publicly available information, in accordance with Article 6(1)(f) of the GDPR.

 

Data retention period

If we are unable to offer you a position, if you decline a job offer, or if you withdraw your application, we reserve the right to retain the data you have provided for up to six months from the end of the application process (rejection or withdrawal of the application) on the basis of our legitimate interests (Article 6(1)(f) of the GDPR). The data will then be deleted and the physical application documents destroyed. The retention serves, in particular, as evidence in the event of a legal dispute. If it is apparent that the data will be required after the expiry of the 6-month period (for example, due to an impending or pending legal dispute), deletion will only take place once the purpose for continued retention no longer applies.

Data may also be retained for a longer period if you have given your consent (Art. 6(1)(a) GDPR) or if statutory retention obligations prevent deletion.

 

Inclusion in the candidate pool

If we do not make you a job offer, there may be the option of adding you to our candidate pool. If you are added to the pool, all documents and details from your application will be transferred to the candidate pool so that we can contact you should suitable vacancies arise.

Inclusion in the applicant pool is based solely on your explicit consent (Art. 6(1)(a) GDPR). Consent is voluntary and is not linked to the current application process. The data subject may withdraw their consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal grounds for retention.

The data from the applicant pool will be irrevocably deleted no later than two years after consent is given.

© Copyright 2026 by PAPSTAR GmbH
Impressum Datenschutz Compliance AGB

+49 2441 83-0

info@papstar.de

Kontakt

Standorte

Karriere

Ausbildung

en

Sprache wählen

German English

Hit enter to search or ESC to close

Settings saved
Datenschutzeinstellungen

Wir verwenden Cookies und ähnliche Technologien, um unsere Website bereitzustellen und zu verbessern. Einige Cookies sind technisch erforderlich, andere dienen Statistik oder externen Medien. Weitere Informationen finden Sie in unserer Datenschutzerklärung.

Technically required cookies are always loaded.
Datenschutz Impressum Cookie-Details

Details zu Zweck, Speicherdauer und Widerruf finden Sie in unserer Datenschutzerklärung.

Close
Shift+Alt+A ESC to Close
Bedienungshilfen
Shortcuts
English
Shift + Alt + E
You are using an outdated browser. The website may not be displayed correctly.