Delphi HR-ConsultingDelphi HR-Consulting
Our vacancies

Privacy Policy

Privacy Policy

Safety First

I. Name and Address of the Responsible Party

The party responsible within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:

Delphi HR-Consulting GmbH
Harvestehuder Weg 8a
20148 Hamburg
Germany
Phone: +49 (0)40 36 111 11-0
E-Mail: people(at)delphi-hr.de
Website: https://delphi-hr.de

II. Name and Address of the Data Protection Officer

The Data Protection Officer of the responsible party is:

Ms. Elisabeth Angenendt
Delphi HR-Consulting GmbH
Harvestehuder Weg 8a
20148 Hamburg
Germany
Phone: +49 (0)40 36 111 11-22
E-Mail: elisabeth.angenendt(at)delphi-hr.de
Website: https://delphi-hr.de

III. General Information on Data Processing

1. Scope of the Processing of Personal Data:
We process the personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The processing of personal data of our users regularly takes place only with the user’s consent. An exception applies in cases where obtaining prior consent is not possible for practical reasons and the processing of the data is permitted by legal regulations.

2. Legal Basis for Processing Personal Data:
When we obtain consent from the data subject for processing personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures. If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person make the processing of personal data necessary, Article 6(1)(d) GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6(1)(f) GDPR serves as the legal basis for the processing.

3. Datenlöschung und Speicherdauer:
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also occur if provided for by European or national legislators in EU regulations, laws, or other provisions to which the responsible party is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

IV. Provision of the Website and Creation of Log Files

1. Description and Scope of Data Processing:
Each time our website is accessed, our system automatically collects data and information from the accessing computer system. The following data is collected:

  • Information about the browser type and version used
  • The user’s operating system
  • The user’s Internet service provider
  • The user’s IP address (anonymized)
  • Date and time of access
  • Websites from which the user’s system accessed our website
  • Websites accessed by the user’s system via our website

This data is also stored in the log files of our system. The IP addresses of the user or other data that enables the assignment of the data to a user are not affected by this. This data is not stored together with other personal data of the user.

2. Legal Basis for Data Processing:
The legal basis for the temporary storage of data is Article 6(1)(f) GDPR.

3. Purpose of Data Processing:
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. This constitutes our legitimate interest in data processing according to Article 6(1)(f) GDPR.

4. Duration of Storage:
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of data collection for the provision of the website, this is when the respective session has ended. In the case of data stored in log files, this is no later than seven days. Further storage is possible. In this case, the IP addresses of the users are deleted or anonymized so that the calling client can no longer be assigned.

5. Objection and Removal Options:
Data collection for the provision of the website and the storage of data in log files is essential for the operation of the website. Therefore, the user has no right to object.

V. Use of Cookies

a) Description and Scope of Data Processing:
Our website uses cookies. Cookies are text files stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when the website is accessed again. We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.

b) Legal Basis for Data Processing:
The legal basis for the processing of personal data using cookies is Article 6(1)(f) GDPR.

c) Purpose of Data Processing:
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary that the browser is recognized even after a page change. We require cookies for the following applications:

  • Adoption of language settings
  • Remembering search terms

User data collected through technically necessary cookies is not used to create user profiles. The use of analysis cookies is for the purpose of improving the quality of our website and its content. Through analysis cookies, we learn how the website is used and can thus constantly optimize our offering. This also constitutes our legitimate interest in the processing of personal data according to Article 6(1)(f) GDPR.

e) Duration of Storage, Objection, and Removal Options:
Cookies are stored on the user’s computer and transmitted to our site. As a user, you have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to fully use all the functions of the website.

f) Use of Google Analytics:
We use Google Analytics to analyze website usage. The data obtained is used to optimize our website and advertising measures. Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the data on website usage on our behalf and is contractually obligated to take measures to ensure the security and confidentiality of the processed data.

During your visit to our website, the following data, among others, is recorded:

  • Pages viewed
  • Your behavior on the pages
  • Your approximate location (country and city)
  • Your IP address (in truncated form, so that no unique identification is possible)
  • Technical information such as browser, Internet provider, device, and screen resolution
  • The source of your visit (i.e., which website or advertising material brought you to us)

Personal data such as name, address, or contact details are never transmitted to Google Analytics. This data is transferred to Google’s servers in the USA. We point out that data protection laws in the USA do not guarantee the same level of protection as within the EU.

Google Analytics stores cookies in your web browser for a period of two years from your last visit. These cookies contain a randomly generated user ID that can recognize you on future visits to the website. The recorded data is stored along with the randomly generated user ID, allowing the evaluation of pseudonymous user profiles. These user-related data are automatically deleted. Other data remain stored in aggregated form indefinitely. If you do not agree with the collection, you can prevent it by installing the browser add-on to deactivate Google Analytics once.

VI. Newsletter

1. Description and Scope of Data Processing:
Newsletter distribution (if offered) occurs based on the user’s registration on the website. On our website, there is the possibility to subscribe to a free newsletter (planned). During the registration for the newsletter, the data from the input mask is transmitted to us. This includes the data provided by the user during newsletter registration:

  • E-Mail address
  • First name and last name
  • Salutation

Additionally, the following data is collected during registration:

  • IP address of the accessing computer
  • Date and time of registration

During the registration process, your consent for data processing is obtained and reference is made to this privacy policy. In connection with data processing for the distribution of newsletters, no data is passed on to third parties. The data is used exclusively for sending the newsletter.

2. Legal Basis for Data Processing:
The legal basis for processing data after the user registers for the newsletter is the user’s consent according to Article 6(1)(a) GDPR.

3. Purpose of Data Processing:
The user’s email address is collected to deliver the newsletter. Other personal data collected during the registration process is used to prevent misuse of the services or the email address used.

4. Duration of Storage:
The data is deleted as soon as it is no longer needed for the purpose for which it was collected. The user’s email address is stored as long as the newsletter subscription is active. Other personal data collected during the registration process is typically deleted after seven days.

5. Objection and Removal Options:
The newsletter subscription can be canceled by the user at any time. An appropriate link can be found in every newsletter for this purpose. This also allows the user to revoke consent to the storage of personal data collected during the registration process.

VII. Registration

1. Description and Scope of Data Processing:
We offer users the opportunity to register on our website by providing personal data for application purposes. The data is entered into an input mask, transmitted to us, and stored. Data is not shared with third parties without your explicit consent. The following data is mandatory and collected during the registration process:

  • Salutation
  • First name, last name
  • E-Mail address
  • Mobile phone number

At the time of registration, the following data is also stored:

  • The user’s IP address (anonymized)
  • Date and time of registration

During the registration process, the user’s consent to process this data is obtained.

2. Legal Basis for Data Processing:
The legal basis for processing data is the user’s consent according to Article 6(1)(a) GDPR. If registration serves the fulfillment of a contract to which the user is a party or the implementation of pre-contractual measures, an additional legal basis for data processing is Article 6(1)(b) GDPR.

3. Purpose of Data Processing:
User registration is necessary for providing certain content and services on our website.

4. Duration of Storage:
The data is deleted as soon as it is no longer needed for the purpose for which it was collected.

5. Objection and Removal Options:
As a user, you have the option to cancel your registration at any time. You can also have the data stored about you changed at any time. Please contact your personal advisor or our data protection officer for this purpose.

VIII. Contact Form and Email Contact

1. Description and Scope of Data Processing:
Our website contains a contact form that can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. This data includes:

  • Name
  • Street, house number
  • Postal code
  • City
  • E-Mail address
  • Phone number

At the time the message is sent, the following data is also stored:

  • The user’s IP address (anonymized)
  • Date and time of registration

During the sending process, your consent is obtained for the processing of the data, and reference is made to this privacy policy. Alternatively, contact is possible via the provided email address. In this case, the user’s personal data transmitted with the email will be stored. No data will be passed on to third parties in this context. The data is used exclusively for processing the conversation.

2. Legal Basis for Data Processing:
The legal basis for processing the data is the user’s consent according to Article 6(1)(a) GDPR. The legal basis for processing data transmitted while sending an email is Article 6(1)(f) GDPR. If the email contact aims at the conclusion of a contract, an additional legal basis for processing is Article 6(1)(b) GDPR.

3. Purpose of Data Processing:
The processing of personal data from the input mask is solely for handling the contact. In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data. The additional personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of Storage:
The data is deleted as soon as it is no longer needed for the purpose for which it was collected. For personal data from the contact form input mask and data sent by email, this occurs when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the relevant issue has been fully resolved. Personal data collected during the sending process will be deleted no later than seven days after collection.

5. Objection and Removal Options:
The user can revoke their consent to the processing of personal data at any time. If the user contacts us via email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. Please contact our data protection officer to request the deletion of your data. All personal data stored during the contact will be deleted in this case.

IX. Rights of the Data Subject

If your personal data is processed, you are a data subject within the meaning of the GDPR, and you have the following rights with respect to the data controller:

1. Right to Information:
You can request confirmation from the data controller whether personal data concerning you is being processed. If such processing exists, you can request information from the data controller about the following:

(1) The purposes for which the personal data is processed;

(2) The categories of personal data that are processed;

(3) The recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;

(4) The planned duration of storage of the personal data concerning you, or if specific information is not available, criteria for determining the storage duration;

(5) The existence of a right to rectification or deletion of personal data concerning you, a right to restriction of processing by the data controller, or a right to object to such processing;

(6) The existence of a right to lodge a complaint with a supervisory authority;

(7) All available information about the origin of the data if the personal data is not collected from the data subject;

(8) The existence of automated decision-making, including profiling, according to Art. 22 (1) and (4) GDPR and – at least in these cases – meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information on whether your personal data is transferred to a third country or an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR relating to the transfer.

2. Right to Rectification:
You have the right to obtain from the controller the rectification and/or completion of inaccurate or incomplete personal data concerning you. The controller must make the correction without undue delay.

3. Right to Restriction of Processing:
You can request the restriction of the processing of your personal data under the following conditions:

(1) If you contest the accuracy of your personal data for a period that allows the controller to verify its accuracy;

(2) If the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;

(3) If the controller no longer needs the personal data for processing purposes, but you need it for the establishment, exercise, or defense of legal claims; or

(4) If you have objected to processing pursuant to Art. 21 (1) GDPR and it has not yet been determined whether the legitimate grounds of the controller override your grounds.

When the processing of your personal data has been restricted, such data – except for storage – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If the restriction of processing is lifted under the aforementioned conditions, you will be informed by the controller before the restriction is lifted.

4. Right to Erasure:
a) Obligation to Erase
You have the right to request that the data controller erase your personal data without delay, and the data controller is obligated to erase this data immediately if any of the following reasons apply:

(1) The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You withdraw your consent on which the processing is based according to Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal ground for the processing.

(3) You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR.

(4) The personal data has been unlawfully processed.

(5) The deletion of personal data is necessary to fulfill a legal obligation under Union or Member State law to which the data controller is subject.

(6) The personal data was collected in relation to the offer of information society services according to Art. 8(1) GDPR.

b) Informing Third Parties
If the data controller has made the personal data public and is obliged pursuant to Art. 17(1) GDPR to erase the data, they must take reasonable steps, including technical measures, considering available technology and the cost of implementation, to inform other data controllers processing the personal data that you, as the data subject, have requested the erasure of any links to, or copies or replications of, this personal data.

c) Exceptions
The right to erasure does not apply to the extent that processing is necessary

(1) For exercising the right of freedom of expression and information;

(2) For compliance with a legal obligation that requires processing by Union or Member State law to which the data controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller;

(3) For reasons of public interest in the area of public health according to Art. 9(2)(h) and (i) and Art. 9(3) GDPR.

(4) For archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes according to Art. 89(1) GDPR, to the extent that the right referred to in section (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing.

(5) For the establishment, exercise, or defense of legal claims.

5. Right to Notification:
If you have asserted the right to rectification, erasure, or restriction of processing against the data controller, the controller is obligated to communicate this rectification or erasure of data or restriction of processing to all recipients to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed by the data controller about these recipients.

6. Right to Data Portability:
You have the right to receive the personal data concerning you, which you have provided to the data controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another data controller without hindrance from the data controller to whom the personal data was provided, provided that:

(1) The processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR, and

(2) The processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data transmitted directly from one data controller to another, where technically feasible. The freedoms and rights of others must not be adversely affected by this. The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.

7. Right to Object:
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR, including profiling based on these provisions. The data controller will no longer process the personal data unless they can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.

You have the possibility to exercise your right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by automated means using technical specifications.

8. Right to Withdraw Data Protection Consent:
You have the right to withdraw your data protection consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

9. Automated Individual Decision-Making, Including Profiling:
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

(1) Is necessary for entering into, or the performance of, a contract between you and the data controller,

(2) Is authorized by Union or Member State law to which the data controller is subject, and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests or

(3) Is based on your explicit consent.

However, such decisions must not be based on special categories of personal data as referred to in Art. 9(1) GDPR unless Art. 9(2)(a) or (g) GDPR applies, and suitable measures to safeguard your rights, freedoms, and legitimate interests are in place. In the cases referred to in (1) and (3), the data controller will implement suitable measures to safeguard your rights, freedoms, and legitimate interests, which at least includes the right to obtain human intervention on the part of the controller, to express your point of view, and to contest the decision.

10. Right to Lodge a Complaint with a Supervisory Authority:
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged will inform the complainant about the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Effective as of: January 2024

Still Searching?

people@delphi-hr.de

We will respond within 24 hours and address your staffing needs promptly and sustainably.

Diese Website verwendet Cookies, um die Benutzererfahrung zu verbessern. Privacy Policy