Skip to main content

Processing of (personal) data by the entity in charge of the online application process

  1. WHAT IS THIS PRIVACY POLICY ABOUT?
    Supertext AG, Hardturmstrasse 253, CH-8005 Zurich (hereinafter “Supertext AG”), and Supertext Deutschland GmbH, Mehringdamm 32/34, DE-10961 Berlin (hereinafter “Supertext GmbH”) (together “Supertext”), collect and process personal data concerning you or other persons (so-called “third parties”).

We use the term “data” here synonymously with “personal data” or “personally identifiable data”. “Personal data” means data relating to identified or identifiable persons, and “processing” means any handling of personal data, e.g. collecting, storing, using, modifying, disclosing, and deleting.

In this Privacy Policy, we describe what we do with your data when you use supertext.com, our other websites or our apps (hereinafter collectively the “Website”), purchase or use our services, communicate with us in connection with the execution of contracts, or otherwise deal with us. In addition, we may inform you separately about the processing of your data (e.g. in forms, contractual terms, or additional privacy policies).

If you disclose data to us about other persons (e.g. family members, work colleagues), we assume that you are authorized to do so and that this data is correct. By transmitting data about third parties, you confirm this. Please also ensure that these third parties have been informed about this Privacy Policy.

This Privacy Policy is designed in accordance with the Swiss Data Protection Act (“DPA”) together with the related ordinances and the requirements of the EU General Data Protection Regulation (“GDPR”). However, whether and to what extent these laws are applicable depends on the individual case.

  1. WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?
    Depending on with whom you conclude the contract, communicate, or otherwise deal, and unless otherwise communicated in the individual case, Supertext AG or Supertext GmbH is responsible under data protection law for the data processing described in this Privacy Policy. In connection with data processing on the Website and always in cases of doubt, Supertext AG shall be considered the controller.

Regardless of which company is the controller in the individual case, you may contact us regarding data protection matters and to exercise your rights as follows:

Supertext AG
Hardturmstrasse 253
CH-8005 Zurich
Telephone +41 43 500 33 80
privacy@supertext.com

Supertext AG has voluntarily appointed the following additional bodies:

EU representative pursuant to Art. 27 GDPR:
Supertext Deutschland GmbH
Mehringdamm 32/34
DE-10961 Berlin
privacy@supertext.com

Supertext Deutschland GmbH has voluntarily appointed the following additional bodies:

Swiss representative pursuant to Art. 14 DPA:
Supertext AG
Hardturmstrasse 253
CH-8005 Zurich
privacy@supertext.com

You may also contact these bodies regarding data protection matters.

  1. WHAT DATA DO WE PROCESS?
    We process various categories of your personal data. The most important categories are the following:

Master data: These are basic data (e.g. name, contact details), further information about you (e.g. roles and functions), and your relationship with us (e.g. customer, supplier, partner, or employee of such, etc.), bank details, gender, photos, customer history, any powers of attorney, signing authorizations and declarations of consent, information about third parties (e.g. contact persons, representatives).

Registration data: These are data arising in connection with a registration (especially on our customer portal) or provided by you to us (e.g. username, email, password).

Contract data: These are data arising in connection with a contract concluded with us or in the course of providing our services, such as information on the type of contract, date of conclusion, contract duration, contractual services, data from the period prior to conclusion of the contract, information required or used for processing (including in particular the documents you provide to us for processing and translation), information on reactions (e.g. complaints or satisfaction information), financial data (e.g. payment behavior, creditworthiness, reminders and debt collection).

Communication data: These are data arising in connection with communication between us and third parties (e.g. via contact form, email, telephone, post, or other means of communication), such as content of emails or letters, your contact details, and metadata of the communication, if applicable copies of identification documents.

Technical data: These are data arising in connection with the use of our electronic services (especially the Website), such as IP address, information about the operating system of your device, region, and time of use. Technical data alone generally do not permit conclusions about your identity. However, they may be linked with other categories of data (e.g. registration data) and therefore possibly with your person.

Behavioral and preference data: These are data about your behavior and preferences, such as reactions to electronic communications, navigation on the Website, interactions with our social media profiles, possibly supplemented with information from third parties (including publicly accessible sources). Regarding tracking, see section 12.

Applicant data: These are data that we process in connection with an application and that are contained, among other things, in your application documents (e.g. professional background, education and training, references). We may also collect data from public sources, such as professional social networks, the internet, or the media.

Other data: These may include, among other things, the following information and data: data arising in connection with official or court proceedings (e.g. files, evidence, etc.), photos, videos or audio recordings that we produce or receive from third parties and in which you are identifiable (e.g. at events), access data or rights (e.g. according to visitor lists, when you enter certain buildings or which access rights you have), participation in events, and when you use our infrastructure and systems.

Processing of (personal) data by the operator of the recruitment website

General information

This recruitment website is operated by Personio SE & Co. KG, which offers a human resource and candidate management software solution (https://www.personio.com/legal-notice/). Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The sole controller of this data within the meaning of article 24 of the GDPR is the enterprise carrying out this online application process. Personio’s role is limited to operating the software and this recruitment website and, in this context, being a processor under article 28 of the GDPR. In this case, the processing by Personio is based on an agreement for the processing of orders between the controller and Personio. In addition, Personio SE & Co. KG processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website. We will refer to this in more detail below.

The controller

The controller under data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 München
Tel.: +49 (89) 1250 1004
Entry in the commercial register
Commercial register entry number: HRA 115934
Registration Court: Amtsgericht München
Data Protection Officer contact: privacy@personio.com

Access logs (“server logs”)

Each access to this recruitment website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web. These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected. These error logs are stored for a period of up to 7 days. There is no right to object to this.

Use of cookies

So-called cookies are used on parts of this recruitment website. They are small text files which are stored on the device with which you access this recruitment website. As a general rule, cookies serve the purpose of ensuring secure access to a website (“absolutely necessary”), implementing certain functionalities such as standard-language settings (“functional”), improving the user experience or the performance of the website (“performance”), or placing targeted advertisements (“marketing”). On this recruitment website, we generally use only cookies that are absolutely necessary, functional or performance-related, in particular for implementing certain default settings such as language, for identifying the job advertising channel, or for analyzing the performance of a job advert via which a user accessed this recruitment website. The use of cookies is absolutely necessary for providing our services and thus for the performance of the contract (article 6 (1) b) of the GDPR). Period of storage: up to 1 month or until the end of the browser session Right to object: You can determine via your browser settings whether you allow or object to the use of cookies. Please note that deactivating cookies may result in limited or completely blocked functionalities of this recruitment website.

Rights of data subjects

If Personio SE & Co. KG as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Personio SE & Co. KG’s Data Protection Officer (see item B).

Concluding provisions

Personio reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.