Data Privacy Statement

TFL Data Privacy Statement

for the information of applicants for employment
pursuant to art. 13 GDPR (European Data Protection Regulation)

We are delighted to receive your application for employment. In the following, we explain how we process your personal data in connection with the application process and provide further information that is relevant in this context.

1. Who is responsible for processing your personal data?

The data controller within the meaning of the European Data Protection Regulation ("GDPR") is

TFL Ledertechnik GmbH, Peter-Krauseneck-Strasse 16, 79618 Rheinfelden, Germany.

phone: +49 7621 9400

fax: +49 7621 940 10 00

e-mail: dataprotection@tfl.com

website: www.tfl.com

- Hereinafter referred to as "we" -

2. Data Protection Officer

You can contact our data protection officer at:

e-mail address: seitz@ernaehrung.net; By mail at: VdE Service GmbH, Eduard-Pfeiffer-Straße 48, 70192 Stuttgart, Germany, Tel.: +49 (711) 22 333 24; FAX: +49 (711) 22 333 99

3. For what purposes and on what legal basis do we process personal data?

We collect and process personal data concerning you for the purpose of managing your application for an employment relationship, insofar as this is necessary for our decision to establish an employment relationship with you. The legal basis for this is Art. 6 para. 1 b GDPR (§ 26 BDSG German Federal Data Protection Act of 30 June 2017).

Furthermore, we may process personal data concerning you insofar as this is necessary to defend ourselves against legal claims asserted against us deriving from the application process. The legal basis for this is Art. 6 para. 1 f GDPR, the legitimate interest is, for example, a burden of proof regarding equal treatment.

In case an employment relationship between you and us should be established, we may, based on Art. 6 para. 1 b GDPR (§ 26 BDSG), process the personal data already received from you for the purposes of the employment relationship if this is necessary for carrying out or terminating the employment contract or to exercise or satisfy rights and obligations of employees’ representation laid down by law or by collective agreements or other agreements between the employer and employee representation.

4. What categories of personal data do we process?

We process data in connection with your application for employment. This may include general information concerning you (such as your name, address and contact details), information about your professional qualifications and schooling or information about professional training or other information you provide us with in connection with your application.

5. What categories of recipients of data exist?

Your application and your submitted data will be received by the Human Resources Manager (HR Manager) of the country chosen by you and be accessible only for the persons involved in the Evaluation and Hiring Process who are under strict confidentiality obligation. We may transfer your personal data to the HR managers of companies affiliated with us, insofar as this is possible within the scope of the data protection measures described under section 3 for the purposes and legal bases set out above. In addition, personal data are collected on our behalf on the basis of contracts in compliance with Art. 28 GDPR, in particular by host providers with their seat in the European Union.

6. Is transfer of the data to a third country intended?

(1) Your data will be received and processed in the Europan Union and be subject to the rules of the European GDPR. The data may be transferred within the European Union. This also applies to Norway, Liechtenstein and Iceland.

(2) Your data may be transferred and/or processed in a country outside the European Union, but only in compliance with the rules of the European GDPR. This means that the transfer is permitted in compliance with a EU-decision on ”Adequacy of the protection of personal data in non-EU countries” or (in case of non-existence of such EU-decision) on binding contracts identical with EU Model Contracts granting data protection complying with European standard.

a. The European Commission has so far recognised Andorra, Argentina, Canada (commercial organisations), Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland, Uruguay and the United States of America (limited to the Privacy Shield framework) as providing adequate protection. For Japan the adoption procedure of the adequacy decision has been launched.

b. In case of compliancy based on a binbding contract, a copy of the applicable contract will be furnished to you upon request addressed to the data controller named in lit. 1 above, for instance also by e-mail to dataprotection@tfl.com.

7. How long will your data be stored?

We store your personal data for as long as it is necessary in order to make a decision about your application. If an employment relationship between you and us does not materialise, we may also further store data, insofar as this is necessary to defend against possible legal claims. The application documents will be deleted six months after notification of the rejection decision, unless longer storage is required due to legal disputes, or you expressly agree with longer storage.

8. What data protection rights can you assert as a data subject?

Using the above mentioned address you can request information about the data stored concerning your person. In addition, under certain circumstances you may request the correction or deletion of your data. You may also have a right to receive the information you have provided in a structured, commonly used, machine-readable and interoperable format.

If we process your data to protect legitimate interests, you may object to such processing for reasons arising from your particular situation. We will then no longer process your personal information, unless we can demonstrate compelling legitimate grounds for its processing that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

If the processing is based on consent, you have the right to revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation. You can contact us about this at any time using the above data.

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or where the infringement is suspected, if you believe that the processing of personal data that concerns you is in contravention of the GDPR.

9. Necessity of providing personal data

The provision of personal data is neither required by law nor by contract, nor are you obliged to provide your personal data. However, the provision of personal data is required for the application process or the conclusion of a contract of employment between you and us. This means that if you do not provide us with the required personal data in the application process, we will not enter into an employment relationship with you.

10. No automated decision making

There is no automated decision in individual cases within the meaning of Art. 22 GDPR, i.e. the decision on the outcome of your application is not based exclusively on automated processing.

TFL Online Data Protection Rules

TFL is delighted that you have visited our website and thanks you for your interest in our company.

At TFL, data protection has the highest priority. This document is designed to provide you with information on how we are following the rules for data protection at TFL, which information we gather while you are browsing our website, and how this information is used. First and foremost: your personal data is only used in the following cases and will not be used in other cases without your explicit approval.

Collecting data

When you visit the TFL website, general information is collected automatically (in other words, not by means of registration) which is not stored as personal related data. The web servers that are used store the following data by default:

  • The name of your internet service provider
  • The website from which you visited us
  • The websites which you visit when you are with us
  • Your IP address

This information is analysed in an anonymous form. It is used solely for the purpose of improving the attractiveness, content, and functionality of our website. Where data is passed on to external service providers, we have taken technical and organizational measures to ensure that the data protection regulations are observed.

Collecting and processing personal data

Personal data is only collected when you provide us with this in the course of, say, registration, by filling out forms or sending emails, and in the course of ordering products or services, inquiries or requests for material.

Your personal data remains with our company, our affiliates, and our provider and will not be made available to third parties in any form by us or by persons instructed by us. The personal data that we do collect will only be used in order to perform our duties to you and for any other purpose only when you have given specific consent. You can adjust your consent for the use of your personal data at any time with an email to the effect that you revoke your consent in the future to either the email address listed in the imprint or to the data protection representative (contact information listed below).

Data retention

We store personal data for as long as it is necessary to perform a service that you have requested or for which you have granted your permission, providing that no legal requirements exist to the contrary such as in the case of retention periods required by trade or tax regulations.

Security

TFL deploys technical and organizational security measures to protect the information you have made available from being manipulated unintentionally or intentionally, lost, destroyed or accessed by unauthorized persons. Where personal data is being collected and processed, the information will be transferred in encrypted form in order to prevent misuse of the data by a third party. Our security measures are continuously reviewed and revised in line with the latest technology.

Right to obtain and correct information

You have the right to obtain information on all of your stored personal data, to receive, to review, and if necessary to amend or erase. To do this, just send an email to the email address indicated in the imprint or to the person in charge of data protection (see have a look at the relevant contact details ). The deletion of your personal data will be completed unless we are legally obligated to store the information.