Data Privacy Policy

How we respect and protect your personal data. Whether you are a visitor at our website, a customer or an applicant, we are invested in protecting your privacy.

interpersonal GmbH and its employees take the protection of your data very seriously! Please carefully read the following privacy policy, as it relates to your rights and responsibilities when using this website under European and German data protection law. Please note any possible changes. This data privacy policy explains the way, the scope and purpose of processing your personal data (subsequently referred to as 'data') within our online services, the connecting websites, functions and content as well as external online presence, for example our social media profile (subsequently referred to as 'online offer'. Concerning the terms used here, for example 'processing' or 'responsible person/entity', please refer to the definitions in article 4 of the European General Data Protection Regulation (DSGVO). This privacy policy was last updated on: 01-02-2022.

By using this website career.aero or eaqc.aero as well as by clicking the “I accept the privacy policy” checkbox during registration, or by sending an application for an employing company on whose behalf we are providing services, or by opening the web-based test system you explicitly consent without any limitation or qualification, to the collection, processing and transfer of the personal information and data provided by you, according to the manner described in this policy (see below 'data protection notice for applicants).

You may revoke this declaration of consent at any time with effect for the future. Where this is the case, please use the following e-mail address: datenschutz@career.aero


1. Responsible Entity

For interpersonal GmbH and as publisher of the websites career.aero, eaqc.aero, and interpersonal.aero:

interpersonal GmbH
Geschwister-Beschütz-Bogen 4
D-22335 Hamburg, Germany
Tel.: +49 (0) 40 / 48 40 49-0
Fax: +49 (0) 40 / 48 40 49-22
Mail: info@interpersonal.de
Please also read 19. Data prrivacy policy for on the application process

Data protection officer

RA Hendrik Sievers
Beck Service GmbH
Ericusspitze 4
D- 20457 Hamburg


2.Terminology

"Personal data" is all information relating to an identified or identifiable natural person (subsequently: data subject). An identifiable person is defined as a person who can directly or indirectly be identified, particularly by allocation to an ID like a name, an ID number, location data, to online data e.g. cookies, or to a particular trait which is an expression of psychological, psychic, physiological, genetic, economic, cultural or social identity of the natural person.

"Processing" is every procedure carried out with or without the help of automatized processes or every series of procedures within the context of personal data. The term is broadly defined and encompasses practically all data handling.

"Pseudonymisation" is the processing of personal data in a way whereby specific data subjects can no longer be allocated without the enlistment of additional information, so long as the additional information is maintained separately and is subject to technical and organisational measures which guarantee that the personal data cannot be allocated to an identified or identifiable natural person.

"Profiling" is every kind of automatized processing of personal data which consists of being able to use certain of personal aspects relating to a natural person to be able to evaluate these aspects to analyse or predict in particular the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location of the natural person.

"Responsible entity" is defined as the natural or legal person, authority, agency or any other body which makes decisions about the means and purpose of processing personal data, whether alone or together with others.

"Responsible entity" is defined as the natural or legal person, authority, agency or any other body which makes decisions about the means and purpose of processing personal data, whether alone or together with others.


3. Types of processed data

Particular categories of data according to article 9 (1) DSGVO are generally not processed via our online portal career.aero. Exempt are certain data concerning the health and/or conduct of users/applicants, as far as these data are either legally required or are necessary to exercise a particular career (e.g. Medical Certificate, Background Check/ZUP).

When providing qualification and/or selection services, we process special categories of data pursuant to Art. 9 (1) DSGVO, e.g. certain information on the physical and mental health or reliability of users/applicants, insofar as this is required in the course of selection services either by law or for the exercise of a specific profession (e.g. airworthiness certificate, ZUP) (see below).


4. Categories of Data Subjects

All data subjects will subsequently be referred to as "users".


5. Purpose of Processing


6. Relevant Legal Bases

Under stipulation of article 13 DSGVO we hereby inform you about the legal bases of our data processing. Insofar as the basis is not named in the data privacy policy, the following regulation applies: the legal basis for requesting consent is article 6 paragraph 1 lit. a and article 7 DSGVO. The legal basis for processing in order to fulfil our services and carry out contractual measures as well as responding to requests is article 6 paragraph 1 lit. b DSGVO. The legal basis for processing in order to fulfil our legal obligations is article 6 paragraph 1 lit. c DSGVO. The legal basis for processing and maintaining our legitimate interests is article 6 paragraph 1 lit. f DSGVO. In the case that the vital interests of data subjects or of other natural persons makes the processing of personal data necessary, then article 6 paragraph 1 lit. d DSGVO serves as the legal basis.


7. Security Measures

Under stipulation of article 32 DSGVO, taking into account technological progress, implementation costs and the kind, the scope the circumstances and the purpose of the processing, as well as the varying probability of occurrence and seriousness of the risk for the rights and liberties of natural persons, we take suitable technical and organisational measures in order to guarantee a level of protection appropriate for the risk at hand.

Included in these measures are in particular the securing of confidentiality, integrity and availability of data by controlling the physical access to the data as well as the respective access, entry, transmission, the securing of availability and its disconnection. Furthermore, we have established processes which guarantee the exercising of the data subjects and the deletion of data and reaction to endangerment of the data. In addition, we take into consideration the protection of personal data when developing or selecting hardware, software as well as processes according to the principle of data privacy by design and by data privacy-friendly settings (article 25 DSGVO). Among other things, our data are encrypted with the latest technology before transmission.


8. Cooperation with Third Parties

Generally, all data are handled with extreme confidentiality and not passed on to third parties except in the following specific cases.

Provided that a user, during the process of a specific application for a job description at a company explicitly agrees to the disclosure of his personal registration and application data to particular employing companies in a separate data release declaration, then only the legitimate authorities of that company receive access to their data for a specific purpose.

Provided that the user, in the process of a job application or the creation of his profile, explicitly and separately agrees to the disclosure of his personal data to a particular employing company, then only the legitimate authorities of that company receive access to his data for a specific purpose.

We provide data processing-, technology- and related services for applicant management (also termed as "hosted career sites") to leading employing companies, so as to support the recruitment on the websites of these companies and to provide services in applicant management. The data and information provided by users on this site are processed by interpersonal GmbH under stipulation of this data privacy policy and are handled with extreme confidentiality. Only with the explicit consent of the user are they made accessible to the concerned companies.

Provided that within the framework of our data processing we disclose, transmit or otherwise grant other persons and companies (processors or third parties) access to the data, then this only takes place on the basis of a legal permission (e.g. when a transmission of data to third parties, such as a payment provider, is necessary for contractual obligations according to article 6 paragraph 1 lit. b DSGVO, when you as a user have agreed when a legal obligation requires this (e.g. in justified exceptions regarding the aviation or criminal punishment authorities for the safety in aviation) or on the basis of our legitimate interests (e.g. during deployment of agents, webhosts etc.).

Provided that we contract third parties with the processing of data on the basis of a so-called "order management contract", this happens on the basis of article 28 DSGVO.

We, the employing companies and comissioned third parties process data in aggregated and completely anonymised form for internal company purposes (e.g. needs analysis), quality assurance or scientific purposes.


9. Transmission in Third Countries

If we process data in a third country (i.e. outside of the European Union (EU) or of the European Economic Area (EEA)) or disclose these in the context of the use of services of third parties, or if any data is passed on to third parties, this takes place only if it fulfils our (pre)contractual obligations, on the basis of the user’s explicit consent, or on the basis of legal obligations or our legitimate interests. Subject to legal or contractual permissions we process the data or have it processed in a third country only when the special legal requirement is provided as stipulated in article 44 ff. DSGVO. That means the processing takes place on the basis of particular guarantees, like the officially recognised declaration of a corresponding data privacy policy (e.g. for the USA the "privacy shield"), or on the basis of the observation of officially recognised contractual obligations (so called "standard contractual clauses").


10. Your Rights as a Data Subject

You have the right to demand a confirmation whether the affected data is being processed and to receive details about this data as well as further details and a copy of the data in accordance with article 15 DSGVO. In accordance with article 16 DSGVO you have the right to demand the completion of data relating to you or the correction of incorrect data relating to you.

Under stipulation of article 17 DSGVO you have the right to demand that data concerning you be immediately deleted, or alternatively under stipulation of article 18 DSGVO to demand a restriction of the data processing.

You have the right to demand to receive the concerned data which you have provided us according to article 20 DSGVO and to demand their transmission to other responsible entities. In addition, you have the right, according to article 77 DSGVO to submit an official complaint to the corresponding supervisory authorities.

In accordance with article 7 paragraph 3 DSGVO, you have the right to revoke any given consent with effect for the future.

In accordance with article 21 DSGVO, you can object to the future processing of the data concerning you at all times. The objection can be made in particular against the processing for purposes of direct advertising.

To exercise these rights please contact us directly using the e-mail address: service@career.aero

Furthermore, you have the right to object to the use of so-called "cookies" either generally or selectively. "Cookies" are small files that are stored on the end devices of the users. Within the cookies, different information can be stored. The primary purpose of a cookie is to store information about a user (or the end device) during or even after his or her visit within an online offer and thus to enable or facilitate the use of the functions offered. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example, the contents of the shopping cart in our store or a login status can be stored.

Cookies that remain stored even after the browser is closed are referred to as "permanent" or "persistent". For example, the login status can be stored if users visit them after several days. Likewise, the interests of users can be stored in such a cookie, which is used for range measurement or marketing purposes. Third-party cookies" are cookies that are offered by providers other than the person responsible for our website.

We may use temporary and permanent cookies and would like to inform you about this in an up-to-date and transparent manner. Therefore, we used the service "Cookiebot". "Cookiebot" constantly scans our website for cookies used, especially cookies used by other providers (e.g. Google, YouTube, etc.) and informs users in detail about each cookie, its purpose, storage period and the respective status of their consent. In addition, "Cookiebot" offers users the opportunity to object to the use of cookies at any time, either generally or selectively.

For this, please click below under: "Cookies / Cookiebot" the corresponding links. Furthermore, the storage of cookies can be disabled by deactivating them in the settings of the respective browser used. Please note that not all functions of our online offer can then be used.

A general rejection of the use of cookies for purposes of online marketing, especially in the case of tracking but also for many other services, is explained at the American site http://www.aboutads.info/choices/ or the European Union site http://www.youronlinechoices.com/ Furthermore you can manage to deactivate cookies being saved using your browser settings. Please note that this can lead to a limited or restricted functionality.


11. Your Obligations

If you provide us data with a personal point of reference, you are obliged to ensure that the affected person is notified and has agreed to the transmission of their personal data (e.g. e-mail address, telephone number). We cannot assume responsibility for compliance to these data protection regulations in this case. If you as a user transfer data via the online portal career.aero by starting a registration process, an application a job advert or any other creation, these data may not contain any details concerning racial or ethnic background, political opinions, philosophical or religious beliefs or sexual orientation. Details regarding committing of infringements, crimes, criminal trials or other relating penalties, fines, dependencies or physical and mental health are only permitted in a few select security-relevant professions (e.g. passenger airplane pilot).

In order to ensure a high level of data privacy, every user is obliged to keep their personal login credentials strictly confidential!


12. Alteration and Deletion of Data

The data we process are deleted or are subject to limited processing according to the stipulation in article 17 and 18 DSGVO. Unless otherwise specified in the following data privacy policy, the data will be deleted as soon as they are no longer required for their specific purpose provided that there is no legal obligation to the contrary.

If you would like to change your profile data, you can also do so at any time by accessing your account and selecting the “Maintain applicant profile” option. Please note that doing so will not automatically change the data you possibly used to apply for a position with an employer at an earlier date.

By registering (creating a user account) on career.aero, the user expressly agrees that data provided by him in the course of registering with career.aero in order to use the functions, contents and information of the portal (registration data) will be stored until the user no longer wishes to use it, cancels his user account and arranges for it to be deleted.

If you would like to close your account (delete registration) and erase your data in the application system, please contact us at: service@career.aero. We will delete your personal registration data and send you a confirmation e-mail.

By submitting an application, the user expressly agrees that the data of a specific application process for an employing company (application data) may be stored in the career.aero application system for a period of 5 years after completion of the application in order to enable longer-term qualification procedures and, if necessary, the recognition of selection stages and/or reapplications after the deadlines determined by the employer.

If your data is or was used for the purpose of a specific application a legal obligation for us or the employers commissioning us requires to provide evidence for application processes. Application data required for this purpose will not be deleted but, to the extent required for the legal purpose, will be pseudonymized, i.e. the data will be blocked (made inaccessible) and processed only for the legally required purposes. This applies, for example, to data that is required to meet the legal obligation of the employing company to provide proof of compliance with the General Equal Treatment Act (AGG) (6 months) or that must be retained for reasons of commercial or fiscal law.

In accordance with legal requirements in Germany, storage of books, records, reviews of operations, booking receipts, trading books or documents relevant for taxation takes place for 10 years according to §§ 147 paragraph. 1 AO, 257 Paragraph. 1 Nr. 1 and 4, paragraph. 4 of the German Commercial Code. Moreover, it can take place for 6 years for trading documents and letters in accordance with § 257 paragraph. 1 Nr. 2 and 3, paragraph. 4 of the German Commercial Code.

According to legal requirements in Austria § 132 paragraph. 1 BAO (Federal Fiscal Code) bookkeeping documents, receipts and invoices, accounts, business papers, statements of revenue and expenditure etc., can be kept for up to 7 years, for 22 years within the context of property lots, and for 10 years with documents regarding electronically rendered services, telecommunications, radio and television services for non-entrepreneurs in EU member states and for whom the Mini-One-Stop-Shop (MOSS) is used.


13. Business related processing

In addition, we process data from our users, customers, interested parties and business partners in accordance with Art. 6 DSGVO for the purpose of providing contractually agreed services, enforcing our claims arising from these services and providing related services, marketing and market research based on the consent of the users concerned:

User data for services, training and events

We process personal data to enable you to participate in training courses, services (e.g. selection dates) or other events and on the basis of our legitimate interest in being able to offer them these products and services and to inform them about them. The processing is based on Art. 6 para. 1 p. 1 lit. b) and lit. f) DSGVO. In this context, a legally required transfer of personal data for the purpose of tracing chains of infection in connection with Covid-19 may be made by us to the competent health authority. If necessary, this is done in most federal states on the basis of Art. 6 para. 1 p. 1 lit. c) DSGVO, in some federal states also Art. 6 para. 1 p. 1 lit. a) DSGVO, if applicable.

Customer Account Online Shop

When you visit our website, you can create a customer account. Through this account you can book or buy services and trainings, get information about such services and, if you have agreed to it, you will be informed about available services or training dates. The registration and use of the customer account requires the provision of personal data. Mandatory fields are marked accordingly in the input mask.

We process this personal data to enable you to create and use your customer account and to purchase services and training places, and on the basis of our legitimate interest in informing you about our products and services, as well as for verification in the event of changes to personal data in the customer account. The processing is based on Art. 6 para. 1 p. 1 lit. b) and lit. f) DSGVO.

We keep the data of your customer account until the revocation of your consent or your request for deletion in order to facilitate the booking, ordering or information possibility for you on an ongoing basis. A deletion of your customer account is possible at any time and can be done by sending a deletion request to: service@career.aero. If no contractual agreement has come about, your data will be deleted at the request of the user.

If a commercial agreement has come about (e.g. booking/ordering a service or training), your data will be deleted after complete processing of a contract or deletion of your customer account in order to comply with the statutory retention periods from the German Commercial Code, the German Fiscal Code and the German Money Laundering Act (e.g. § 257 HGB; § 147 AO). will be blocked and deleted after expiry of these periods (max. 10 years), unless there are other legal grounds to the contrary.

E-mail notification service

If we offer or announce services or training courses on our website or in our online store, but temporarily do not have sufficient free places for them, or if for some other reason these services are not yet available, you can subscribe to our e-mail notification service for the availability of dates or training places and consent to us informing you by e-mail of the time of availability and that you consent to receiving such a message. We will then send them email messages about availability or changes in location or content of the particular product or service you have selected. When you register, we store your IP address as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data we collect when you register for our e-mail notification service will be used exclusively for the above-mentioned purposes. You can revoke your consent at any time by clicking on an appropriate link in the notifications and your data will be deleted.

Data processing for order processing Online Shop

We process personal data when you book or purchase services and trainings on our website in the online store or via our telephone consultation and provide the personal data required for this purpose. The processing is carried out for the purpose of executing and handling the contract with you on the basis of Art. 6 para. 1 p. 1 lit. b) DS-GVO. To process your order or booking of a service or training, we cooperate with the following service providers who support us in the execution of concluded contracts. Personal data necessary for the fulfillment of the contract will be transmitted to these service providers in accordance with the following information. The personal data collected by us will be forwarded to the commissioned credit institution within the framework of the contract and payment processing, insofar as this is necessary for the payment processing. If payment service providers are used, we will inform you explicitly about this below. The legal basis for the transfer of data is Art. 6 (1) lit. b DSGVO.

Payment by credit card

If we offer you a payment option by credit card and you decide to use it, personal data (browser data, credit card data, address data, e-mail address), as well as the invoice amount and currency unit are transmitted via the credit card organizations to the credit institution issuing the credit card due to legal requirements and to protect against fraudulent use of credit card data. This data is used by the card-issuing institution to determine the fraud risk of a transaction. Depending on the amount and the result of the check, additional approval of the credit card transaction, e.g. via TAN or app, may be required.

The so-called 3D-Secure 2.0 method is used for processing this data. 3DS 2.0 is the globally valid standard of the card networks (Visa, MasterCard, etc.), which is developed by the Association of Card Networks (EMVCo). This procedure is used to implement largely secure customer authentication in accordance with EU Directive 2015/2366 (Payment Services Directive 2, PSD 23). PSD 2 is regulated in Germany in the (ZAG) Payment Services Supervision Act.

The processing of the required data is carried out for the purpose of executing and processing the contract with the user on the basis of Art. 6 (1) p. 1 lit. b) DSGVO.

Payment with Paypal

If we offer you a payment option via Paypal, credit card via PayPal or direct debit via PayPal or "purchase on account" or "installment payment" via PayPal and you decide to do so, the payment processing will be carried out by PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The processing and forwarding of your data required for this purpose is carried out in accordance with Art. 6 Para. 1 lit. b DSGVO and only insofar as this is necessary for the payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check in terms of the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. For further information on data protection law, including information on the credit agencies used, please refer to PayPal's data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.

Payment by SEPA direct debit or purchase on account

If we offer them a payment option by SEPA direct debit or purchase on account and they decide to do so, the payment is carried out by the specified bank or credit institution. The processing and forwarding of the data necessary for this is carried out in accordance with Art. 6 Para. 1 lit. b DSGVO and only insofar as this is necessary for the payment processing.

When selecting the payment method SEPA direct debit, we and the commissioned bank reserve the right to obtain credit information from SCHUFA, Boniversum or infoscore within the scope of this contractual relationship. The assessment of the credit risk is based on mathematical-statistical procedures at the credit agency (SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden or Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss or infoscore Consumer Data GmbH, Rheinstraße 99, 76532 Baden-Baden), so-called scoring. For this purpose, your personal data (name, address and date of birth), which are required for the credit assessment, are transmitted to the credit agency. We process your personal data for the purpose of credit assessment in order to avoid a payment default. Based on the transmitted personal data, including address data, a statistical probability of a credit default and thus your ability to pay is calculated. The credit agency then transmits your score value to us. Furthermore, interpersonal reserves the right, in the event of continued non-payment of unsubstantiated disputed claims, to transmit data on non-contractual behavior or fraudulent behavior to SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden or Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss or infoscore Consumer Data GmbH, Rheinstraße 99, 76532 Baden-Baden. The exchange of data with SCHUFA or Boniversum or infoscore also serves to fulfill legal obligations to conduct creditworthiness checks of customers (§§ 505a and 506 BGB). SCHUFA or Boniversum or infoscore processes the data received and also uses it for the purpose of profiling (scoring) in order to provide its contractual partners in the European Economic Area and in Switzerland and, where applicable, other third countries (insofar as there is an adequacy decision on these by the European Commission) with information on, among other things, the assessment of the creditworthiness of natural persons. This personal data is processed for the performance of your contract with us on the basis of Art. 6 (1) p. 1 lit. b) DSGVO as well as on the basis of our legitimate interest to avoid a payment default on your part on the basis of Art. 6 (1) p. 1 lit. f) DSGVO.

In case of a negative credit check, we cannot offer you the payment method SEPA direct debit or purchase on account. Payment with another payment method is still possible.

More detailed information on SCHUFA data processing can be viewed online at https://www.schufa.de/de/datenschutz-dsgvo/.

Dunning, collection and enforcement and defense of legal claims

In the case of outstanding claims against us, we will send you a corresponding payment request by e-mail or post and, if necessary, send you a reminder. If you still fail to make a payment, we will initiate a collection procedure, which will be carried out by a collection service provider commissioned by us. The necessary data will be transmitted to the collection service provider. Insofar as it is necessary for the implementation of the collection procedure, the collection service provider carries out address investigations, accesses public registers for this purpose and, if necessary, collects further information on the person of the user for the implementation of the collection procedure.

We process your personal data for the purpose of executing and handling the contract with you on the basis of Art. 6 (1) p. 1 lit. b) DSGVO, as well as on the basis of our legitimate interests in preventing the misuse of our services and enforcing our legal claims, including debt collection, on the basis of Art. 6 (1) p. 1 lit. f) DSGVO.

In the event of a legal dispute, we process your personal data to enforce and / or defend our rights and transmit the necessary data to our, appointed legal representative, the competent court and, if you have hired a lawyer, to the lawyer to conduct the legal dispute. If and to the extent necessary for this purpose, we also make use of data from other sources (e.g. public registers). We process this personal data on the basis of a legal obligation based on Art. 6 (1) p. 1 lit. c) DSGVO and on the basis of our legitimate interest to protect, enforce and / or defend our legal interests based on Art. 6 (1) p. 1 lit. f) DSGVO


14. Agency Services

We process the data of our customers within the frame of our contractual services which include staffing and recruiting services, advisory services, concept and strategic consulting, campaign planning, software and design development and maintenance, execution of campaign and processes/handling, server administration, data analysis/consultation services and training services.

In this case we process inventory data (e.g. customer master data like name and address), contact data (e.g. e-mail address, telephone numbers), content data (e.g. text entries, images, videos), contract data (e.g. contract objects, duration), payment data (e.g. bank account number, payment history), usage and metadata (e.g. in the context of evaluation and success measuring of marketing measures).

There are particular categories of personal data that we generally do not process in this context, except when these are content-related constituents of a contracted processing. Included in the data subjects are our customers, interested parties as well as their customers, users, website visitors, employees as well as third parties. The purpose of processing such data is for the fulfilment of a contracted service, invoicing and after sale services.

The legal basis for this processing is Article. 6 paragraph. 1 lit. b DSGVO (contractual services), Article. 6 paragraph. 1 lit. f DSGVO (analysis, statistics, optimisation, security measures). we process data which are required for justification and fulfilment of contractual services and draw your attention to the necessity of their disclosure. A disclosure to external parties will only happen if it is required within the framework of a contract. When processing the data within the framework of a contractual agreement, we only act according to the instructions of the contractor as well as the legal requirements for job processing in accordance with article 28 DSGVO. We process the data only for the contractual purpose and for no other purpose.

We delete these data upon expiry of legal warranty and comparable obligations. The necessity of keeping the data will be controlled every three years. In the case of a legal archiving obligation, the deletion will take place after its expiry (6 years, in accordance with. § 257 paragraph. 1 German Commercial Code, 10 years, in accordance with. § 147 paragraph. 1 Federal Code. In the case of data which have been disclosed to us within the framework of a contract given by a contractor, we delete the data according to the regulations stated in the contract, generally upon completion of the contract.


15. Consultency, Recruiting & Selection Services

We provide employing companies and training providers with consulting and recruiting services for the selection of appropriate applicants for their business. We process the data of these contractors or contracting parties as well as the applicant's data in accordance with article 6 paragraph 1 lit. b DSGVO, in order to fulfil our (pre) contractual services. The data we process in this case, the kind, scope and purpose of the processing are determined by the underlying contractual relationship as well as the legal regulations. The following data are included in the processing: customer master data, name and address, contact data and the contract data (e.g. e-mail address, telephone, the contracted services, remuneration, bank account number, payment history etc.). of the contracting companies and their legitimate parts (e.g. consultants and surveyors).

Provided it is legally required or to fulfil a contract, we disclose these data of the client companies within the contact of communication with other experts (e.g. consultants), third parties who are required to fulfil the contract or typically involved third parties (e.g. accounting offices or comparable service providers), provided this takes place in order to fulfil our contractual requirements in accordance with article 6 paragraph 1 lit. b DSGVO, is legally prescribed or happens within a prior agreement in accordance with article 6 paragraph 1 lit. a, article 7 DSGVO.

The deletion of these data takes places when the data is no longer necessary for the contractual or legal obligations as well as for the possible warrant of any other obligations. However, the necessity of keeping the data is checked every three years and otherwise the usual legal retention laws apply here.

Within the context of these services, relevant applicant data are also processed which applicants provide when applying or being consulted during the selection process. Insofar as this is required we can process psychometric data and particular data categories according to Article. 9 paragraph. 1 DSGVO, in particular data regarding health, personality and the committing of infringements, crimes or criminal cases, other connected criminal cases, penalties and fines, dependencies or psychological or mental health of applicants. This is only permitted in a few select security-relevant professions (e.g. passenger airplane pilot). In this case we will request the permission of the applicant if this should be necessary (according to Article 6 paragraph 1 lit. a, article 7, article 9 paragraph 2 lit. a DSGVO. In all other cases we process the data according to Article 9 paragraph 2 lit. h DSGVO, § 22 paragraph. 1 Nr. 1 b. Federal Data Privacy Act.

The deletion of these data takes place subject to any legally necessary burden of proof at the point in time agreed at the time of permission, (see above "Deletion of Data"


16. Contractual Services

We process the data of our client companies, interested parties, other contractors, customers, mandates, clients (subsequently referred to as "client companies", in accordance with article 6 paragraph 1 lit. b DSGVO to be able to fulfil our (pre) contractual services. The processed data, the type, scope, purpose and necessity is determined by the underlying contract. The following data are included in the processing: customer master data, name and address, contact data and the contract data (e.g. e-mail address, telephone, the contracted services, remuneration, bank account number, payment history etc.). of the contracting companies and their legitimate parts (e.g. consultants and surveyors).

There are particular categories of personal data that we generally do not process in this context, except when these are content-related constituents of a contracted processing. Included in the data subjects are our customers, interested parties as well as their customers, users, website visitors, employees as well as third parties. The purpose of processing such data is for the fulfilment of a contracted service, invoicing and after sale services.

The legal basis for this processing is Article. 6 paragraph. 1 lit. b DSGVO (contractual services), Article. 6 paragraph. 1 lit. f DSGVO (analysis, statistics, optimisation, security measures). we process data which are required for justification and fulfilment of contractual services and draw your attention to the necessity of their disclosure. A disclosure to external parties will only happen if it is required within the framework of a contract. When processing the data within the framework of a contractual agreement, we only act according to the instructions of the contractor as well as the legal requirements for job processing in accordance with article 28 DSGVO. We process the data only for the contractual purpose and for no other purpose.

Within the framework of our online services being contracted, we may store IP addresses and the point of time of the user action. The storage is based on our legitimate interests as well as the interests of our users to protect against misuse and other improper use. Transmission to third parties generally does not take place, unless it is necessary for the pursuit of our requirements in accordance with article 6 paragraph 1 lit. f. DSGVO or if any legal obligations are present according to article 6 paragraph 1 lit. c. DSGVO.

We delete these data upon expiry of legal warranty and comparable obligations. The necessity of keeping the data will be controlled every three years. In the case of a legal archiving obligation, the deletion will take place after its expiry (6 years, in accordance with. § 257 paragraph. 1 German Commercial Code)


17. Administration, Accounting, Office Organisation, Contact Administration

We process data as a part of our administrative tasks as well as the operation of our business, accounting and fulfilment of legal obligations, for example archiving. In this case we are processing the same data that we process in order to fulfil our contractual services. The legal basis for this is article 6 paragraph 1 lit. c. DSGVO, article 6 paragraph 1 lit. f. DSGVO. The data subjects in this case are customers, interested parties, business partners and the visitors to the website. Our interest in processing these data serves purposes in the administration, accounting, office organisation, archiving of data, etc., in other words, tasks which are necessary for the upkeep of our business operations, the fulfilment of our offered services. The deletion of the data regarding contractual services and contractual communication corresponds with the above named processing operations.

During this process we disclose or transmit your data to the financial authorities, consultants e.g. tax advisors or auditors, as well as other points of payment and payment providers.

Furthermore, based on our business interests we save data concerning service providers, event managers, and other business partners in order to relieve future contacting. In general, we save these data, the majority of which are business-related data, permanently.


18. Business Analysis and Market Research

In order to operate our business economically, to be able to recognise market trends and the preferences of our customers and users, we analyse the data provided to us from business procedures, contracts, requests etc. We analyse customer master data, communication data, contract data, payment data, user data, metadata in accordance with article 6 paragraph 1 lit. f. DSGVO. Included in the data subjects are contract partners, interested partners, customers, visitors and users of our site.

The analyses take place for reasons of economic evaluation, marketing and market research. For this we take into account the profiles of the registered users with data, e.g. the services they make use of. The analyses help us to improve our user experience, optimise our online offers and our economic efficiency. The analyses serve only our interests and are not disclosed to third parties, provided we are not dealing with anonymous analyses and summarised values.

Provided the analyses or profiles are personal, they will be deleted or made anonymous when users terminate their contracts, otherwise two years after conclusion of contract. In all other cases, business and economic analyses will be compiled anonymously.


19. Data Privacy Notice for the Application Process

We process the applicant data exclusively within all legal boundaries and only for purposes and in the framework of the application process in order to initiate an employment relationship.

The processing of applicant data takes place in accordance with article 6 paragraph 1 lit. b. DSGVO and article 6 paragraph 1 lit. f. DSGVO in order to fulfil our (pre) contractual obligations within the framework of the application process, provided that the data processing is legally necessary (In Germany § 26 BDSG Federal Data Protection Act applies additionally).

If a user submits a explicit application (or expression of interest) for a job posting (or a training offer) for which the employer or provider uses the application process via career.aero as a service, the necessary user data will be transmitted to and processed by the respective employer (provider). In this case, the employer (provider) is the responsible entity within acc. Art. 4 DSGVO and interpersonal GmbH processes such user data on behalf of the employer, respectively provider.

This transfer to and processing by the respective employer (provider) of such data is based on the legitimate interest pursuant to Art. 67 (1) DSGVO and the consent given for this purpose by the user acc. Art. 7 DSGVO, without which an application would not be technically possible.

The application process requires applicants to provide applicant data. The necessary data are marked accordingly and result from the job specifications or the requirements of the employing company. In general, these data include details to the person, postal address and all documents and evidence required for the application e.g. letter of motivation, curriculum vitae, references, as well as proof of aviation experience, such as licence data, certificate of air worthiness, background checks. In addition, applicants may give other details.

By submitting an application the applicant consents to the processing of his/her data in the way and scope described in this data privacy policy for the purpose of the application process expressly agrees that the data of a specific application process for an employing company (application data) may be stored in the career.aero application system for a period of 5 years after the application has been completed or latest changed in order to facilitate longer-term qualification processes and, if necessary, to enable the recognition of selection levels and / or reapplications according to certain terms or periods set by the employer.

As far as any sensitive personal information is disclosed within the framework of the application process in terms of article 9 paragraph 1 DSGVO, the processing of these data happens in accordance with article 9 paragraph 2 lit. b. DSGVO (e.g. health records such as a severe disability). Provided any sensitive personal data are required within the framework of the application process, the processing takes place in accordance with article 9 paragraph 2 lit. a. DSGVO (e.g. biometric data, health records), if these data are required for aeronautical regulations.

If an applicant requests the deletion of his application data in accordance with Art. 17 DSGVO, revokes his consent stipulating Art. 7 paragraph 3 DSGVO or objects to the future processing of his personal data stipulating Art. 21 DSGVO, then his data will be deleted or archived in accordance with the aforementioned regulation. If a deletion of partial data is requested, e.g. an individual application, then generally all application data and registration data will be deleted, as complete deletion of all application and applicant data is required in accordance with Art. 17 and Art.18 and every application uses registration data (e.g. name, address etc.)

The processing of all data via the internet portal career.aero is all encrypted using the latest cutting-edge technology. If applicants transmit data to us it shall be noted that e-mails are generally not encrypted and applicants must take responsibility for encryption themselves. Therefore, we cannot take on any responsibility for the applicant's transmission route between sender and receiver on our server and recommend using the upload function on the online portal.

If an applicant makes use of the option of uploading an application photo or video to his/her application documents, he/she hereby consents agrees to the collection, storage and use of theses image data solely for the purpose of possible employment with the employer. Image and video data are only shared with the employer's authorized bodies. The upload of application photos and videos is completely voluntary.


20. Talent Pool

In the course of the application we offer applicants the option of being affiliated in our "talent pool" for a time period of five years based on consent in terms of article 6 paragraph 1 lit. b. and article 7 DSGVO. The application documents in the talent pool are processed only within the confines of future job advertisements and recruitment and will be deleted on conclusion of the deadline at the latest. Applicants are instructed that consent for being recorded in the talent pool is voluntary and can be revoked or objected to at all times with effect for the future in accordance with article 21 DSGVO.

The disclosure of applicant data from the talent pool to interested parties, employing companies shall only take place with the previous expressed consent of the applicant.


21. Registration Function

Users can set up an account. The registration is free of charge. In the scope of the registration, the users are informed about mandatory data, and these data are processed in accordance with article 6 paragraph 1 lit. b. DSGVO for purposes of creating the user account. Included in the processed data in particular are the log-in data (name, address, password, e-mail address and basic profile data). The data which are processed in the course of registering are only used for purposes of the user account and its purposes and can be used by the applicant to easily and repeatedly create applications for numerous companies.

The users can be informed about information relevant to their account via e-mail, for example technical data. Once users have terminated their account, the data in respect to their account will be deleted with the exception of any legally required data. We are entitled to reject registration data or delete it if it violates legal regulations, is being used inappropriately or because of other serious reasons.

In the course of the use of our registration and sign-in functions and the user account, e store the IP address and the point of time of the user's action. This storage takes place bases on our legitimate interests and also the interests of the user to avoid improper use. These data are generally not transmitted to third parties, unless there is a legal obligation to do so as described in article 6 paragraph 1 lit. c DSGVO.


22. Making contact

When contact is established to us, (e.g. via e-mail, telephone or social media) the user's data are processed in order to handle and settle the communication in accordance with article 6 paragraph 1 lit. b. DSGVO. The user's data may be stored in a customer Relationship Management System or similar system.

We delete requests insofar as these are no longer required. We check this necessity every two years, otherwise legal storing obligations apply.


23. Newsletter

In the following notes, we shall inform you about the content of our newsletter as well as the sign-in, sending and statistical evaluation procedure including your rights of objection. By subscribing to our newsletter you consent to receiving our mail and to the procedure described below.

Content: we send newsletters, e-mails and further electronic notifications with employment and training offers and other advertising information (subsequently termed "newsletter") only with the consent of the receiver or a legal permission.

Double opt-in and logging: signing up for our newsletter happens in a so-called double opt-in process. This means you receive an email after registering in which you are requested to confirm your sign-up. This confirmation is necessary so that no one can sign up using someone else's email address. The sign-up for the newsletter is logged to be able to prove this for legal demands. This includes the storing of sign-up, the point of time of the confirmation as well as the IP address. Additionally, we save any changes in data at the messaging provider.

Login-data: in order to sign up for the newsletter it is sufficient to provide your email address. Optionally we may ask you for your name in order to enable direct communication.

The sending of the newsletter and the connected success measurement take place based on consent of the recipient in accordance with article 6 paragraph 1 lit. a. and article 7 DSGVO in connection with article 7 paragraph 2 nr. 3 UWG, or in the case that consent is not necessary, this is based on our legitimate interest in direct marketing in accordance with article 6 paragraph 1 lit. f. DSGVO in connection with article 7 paragraph 3 UWG.

The logging of the sign-up procedure takes place based on our legitimate interests in accordance with article 6 paragraph 1 lit. f. DSGVO. Our interest is directed at a user-friendly and secure newsletter system, which serves our business interests as well as the expectations of the user and further permits the proof of consents.

After consenting via the double opt-in method, our newsletter subscribers receive a newsletter that provides them information about current job offers available on career.aero. You can unsubscribe from this newsletter at any time, your email may be stored for up to three years based on our legitimate interests before being deleted, in order to be able to prove previous consent. you can unsubscribe by a) clicking on the respective link at the bottom of the newsletter b) calling up the link below and completing the deregistration process: http://seu1.cleverreach.com/f/60118-123165/wwu/ or c) sending an e-mail to press-inbox@career.aero.
Our newsletter is sent via the Germany-based provider CleverReach (Cleverreach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany). To this end, your e-mail address and your stated interests are transferred to CleverReach and stored there in such a manner that third parties have no access to this data. You can find more information about this on the CleverReach website. CleverReach is a certified member of the Certified Senders Alliance. In our html newsletters, we measure clicks and openings. Learn more about this at CleverReach. This messaging service is used based on our legitimate interests and in accordance with article 6 paragraph 1 lit. f DSGVO. 


24. Newsletter - Success Evaluation

o this we and or our hosting providers process master customer data, content data, contract data, user data, meta and communication data of customers, interested parties, and visitors to our sites, based on our legitimate interest in an efficient and secure offer in accordance with article 6 paragraph lit. f. DSGVO in connection with article 28. DSGVO (contract for processing of data)


25. Hosting and Dispatch of E-mails

The hosting services we use serve purposes of making available the following services: infrastructure and platform services, computing performance, storage capacity and databank services, e-mail dispatching, security services as well as technical maintenance which we use to operate our online services.

In doing this we and or our hosting providers process customer master data, contact data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to our sites. This is bases on our legitimate interest in an efficient and secure providing of our online services in accordance with article 6 paragraph 1 lit. f. DSGVO in connection with article 28 DSGVO (agreement contract for processing of data).


26. Lifting of Login Data and Log Files

On the basis of our legitimate interests in terms of article 6 paragraph 1 lit. f. DSGVO, we and or our hosting providers lift data about every access to the server, on which our services take place (so called server log files). Included in the access data are the name of the fetched website, file, time and date of retrieval, transferred data volume, confirmation of successful retrieval of data, browser type and version, operating system of the user, referrer URL (last visited site), IP address and the requesting provider.

Log file information are saved for a maximum of seven days and thereafter deleted due to security reasons, e.g. clarification of improper use or fraud. Further storage may happen in the exceptions where proof is necessary in case of such as incident.


27. MS Teams

Data protection information in accordance with Art. 13, 14 GDPR for employees, business partners and applicants

We use Microsoft Teams to conduct conference calls, online meetings and / or video conferences and video interviews. Microsoft Teams is a service from Microsoft Ireland Operations, Ltd. For this we have concluded a contractual agreement with the provider. Various types of data are processed when using Microsoft Teams. The scope of the data also depends on the information you provide before or when participating in an online meeting.

The following personal data are processed:

In order to enable the display of video and the playback of audio, the data from the microphone of your end device and a video camera of the end device are processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the "Microsoft Teams" applications.

The online meetings are not recorded. If a recording is made in special cases, the consent of the interlocutor will be obtained in advance.

If video interviews are used in the course of selection services, these will only be carried out after prior agreement with the interlocutors. Such consent is only given voluntarily. Refusing to consent to the video interview has no effect on the outcome of the application process.

If there is no contractual relationship with you, the legal basis for the processing of your personal data is Article 6 (1) (f) GDPR, our legitimate interest in the effective implementation of online meetings.

Further information on how Microsoft processes data can be found here: https://docs.microsoft.com/de-de/microsoftteams/teams-privacy


28. Google Analytics

On the basis of our legitimate interests, for optimisation and economic running of our website, this website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files saved on your computer, to help the website analyze how you use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. If this website anonymizes IP addresses, your IP address will be truncated by Google within a EU member state or other EEA state before being transmitted to the US. Only in exceptional situations will your full IP address be transmitted to Google servers in the United States and truncated there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can also prevent Google from collecting information (including your IP address) via cookies and processing this information by downloading this browser plugin and installing it: https://tools.google.com/dlpage/gaoptout

You can prevent data collection via Google Analytics by clicking here. An "Opt-out Cookie" shall then be applied to your website which shall prevent any future collection of your data when visiting this website.

Further information concerning the terms and conditions of use and data privacy can be found at the Google Analytics Terms of Service or at the Google Analytics Privacy Overview. Please note that on this website, Google Analytics is supplemented by "gat._anonymizeIp();" to ensure anonymized collection of IP addresses (IP masking). The user data will be deleted or anonymised after 14 months.


29. Google AdWords and Conversion Measurement

On the basis of our legitimate interest in the analysis, optimisation, and economic running of our web services in terms of article 6 paragraph 1 lit. f. DSGVO, we use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, („Google“). We use Google AdWords to advertise our website in Google search results and on third-party websites. For this purpose, when you visit our website, the so-called remarketing cookie of Google is set on your browser, which allows the automatic displaying of interest-based advertising using a pseudonymous cookie ID and information about your website visits. This serves the protection of our legitimate interests in the optimal marketing of our website according to art. 6 (1) 1 lit f GDPR that are overriding in the process of balancing of interests.

Any data processing that goes beyond that scope takes place only if you have allowed Google to associate your web and app browsing history with your Google account and to use information from your Google account to personalise ads that you see across the web. If, in such a case, you visit our website while being signed in to Google, Google will use your data together with Google Analytics data to build and define audience lists for cross-device remarketing. For this purpose, Google will temporarily join your data with Google Analytics data to build audiences.

Google AdWords remarketing is offered by Google LLC (www.google.com). Google LLC is headquartered in the USA und and is certified to the EU-US-Privacy Shield. You will see the up-to-date certificate here. Based on this agreement between the USA and the European Commission, the latter has recognised entities certified to the Privacy Shield as those ensuring an adequate level of data protection.

You can disable the remarketing cookie via this link. In addition, you can obtain information about the setting of cookies from the Digital Advertising Alliance and accordingly adapt the settings of your browser.


30. Online Presence in Social Media

We maintain online presences in social networks such as Facebook, Instagram and LinkedIn in order to inform users active there about job offers and our services, to communicate with them or to place advertisements, so-called social media ads, in these networks.  When calling up the respective networks, the terms and conditions and privacy policies of the respective operators apply.

If users communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages, we process this user data. If you have an account on these social networks and agree to the display of advertising via your account settings on the social network, you may be provided with corresponding recommendations on our products and services when using the social network. The recommendations and social media ads are generated based on your interests (e.g. "likes") in your public profile in the respective network.

In order to measure the success of the ads, the networks and we process personal data based on your consent within the meaning of Art. 6 (1) p. 1 lit. a) DSGVO:

This involves a transfer of personal data to the USA. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data. For further details on data processing in social networks, we refer you to the data protection information of the operator facebook:

https://www.facebook.com/privacy/explanation
Instagram: https://help.instagram.com/155833707900388
LinkedIn: https://www.linkedin.com/legal/privacy-policy-summary


31. Integration of Services and Content provided by Third Parties

In our online services we use content or service offers of third-party providers. This happens bases on our legitimate interests (this means interest in the analysis, optimisation and economic running of our online services in terms of article 6 paragraph 1 lit. f. DSGVO. We use these services and content in order to integrate them into our site e.g. videos or fonts (subsequently termed "content")

This requires that third party providers of this content recognise the IP address of the user as they can otherwise not send the content to the user’s browser. The IP address is therefore necessary in order to display the content. We go to efforts to only use content of which the respective providers only use your IP address for displaying the content. Third party providers may use so called pixel-tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. Using the pixel tags, data such as user traffic on the pages of the website can be analysed. Furthermore, the pseudonym data can be stored in cookies and contain other technical details such as browser and operating system, linking websites, duration on the site, as well as other usage data and information connected with other sources.


YouTube

We incorporate videos of the "YouTube" platform of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Google Fonts

We incorporate ("Google Fonts") from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Google Maps

We incorporate Maps services by “Google Maps” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Included in the processed data are in particular IP addresses and location data of the user, which are however not lifted without the consent of the user (usually done in the context of the device settings). The data may be processed in the USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.


Google Tag Manager

Google Tag Manager is a solution with which we can administrate so-called website-tags via a user interface (and therefore integrate Google Analytics as well as other Google marketing services in our web services). The tag manager itself (which implements the tags) does not process any user data. Concerning the processing of personal user data, we refer you to the Google Services Usage Guidelines https://www.google.com/intl/de/tagmanager/use-policy.html.

For all further questions about our Privacy Policy, please feel free to contact us at the e-mail address: service@career.aero

Contact

  • Geschwister-Beschütz-Bogen 4
    22335 Hamburg, Germany, 22335 Hamburg, Deutschland
  • certificate@interpersonal.de
  • +49 (0) 40 48 40 49 0
© 2022 - 2024 interpersonal III GmbH