The controlling legal entity is:
Vorwerk SE & Co. KG
Mühlenweg 17 – 37, 42270 Wuppertal
Tel: +49 (0) 202 / 564-0
The data protection officer of the controller is:
c/o Vorwerk SE & Co. KG
Mühlenweg 17 – 37, 42270 Wuppertal
Your data is protected within the scope of statutory provisions. Below you will find information on the collection of personal data on these websites, available on the Internet at www.vorwerk-group.com (hereinafter also referred to as the website).
1.2.1 PURPOSE AND SCOPE OF PROCESSING
Protection of your personal data on our website is important to us. As a rule we only process the personal data of our users to the extent required in order to provide a functional website as well as our contents and services.
1.2.2 LEGAL BASIS
Processing of the personal data of our users is carried out with your consent or on the basis of a legal permit.
Article 6 Clause 1 lit. a) of the EU General Data Protection Regulation [GDPR] provides the legal basis of such processing insofar as we obtain consent for the processing of personal data. In the processing of personal data required for the performance of a contract to which the data subject is a party, the legal basis is provided by Article 6 Clause 1 lit. b) GDPR. This also applies to processing operations required in order to carry out pre-contractual measures.
Article 6 Clause 1 lit. c) of the EU General Data Protection Regulation [GDPR] provides the legal basis insofar as the processing of personal data is required in order for us to comply with a legal obligation. In the event that the vital interests of the data subject or another natural person require the processing of personal data, then Article 6 Clause 1 lit. d) of the EU General Data Protection Regulation [GDPR] serves as the legal basis.
If processing is necessary to safeguard a legitimate interest on the part of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh this interest, then Article 6 Clause 1 lit. f) of the EU General Data Protection Regulation [GDPR] shall provide the legal basis for such processing.
1.2.3 DATA ERASURE AND STORAGE PERIOD
Regardless of possible revocation of your consent, we process and store your personal data as long as and to the extent required in order to satisfy the respective purposes. If your data are no longer required for the specified purposes, then they will be erased on a regular basis. This is done while taking existing statutory retention periods and, among others, obligations in accordance with Section 89b of the German Commercial Code [HGB] into consideration.
1.2.4 RECIPIENTS OR CATEGORIES OF RECIPIENTS
If this is necessary in order to provide the website or the processing activities outlined under Clause 2, then we transfer your data to the following categories of recipients: customer advisors; postal service providers; call centers; IT providers.
Unless you have objected, we may also transfer your address data to affiliated companies for the purposes of postal advertising and market research. A transfer to a third country does not take place.
If we collect or process personal data on this website, then you are the data subject within the meaning of the EU General Data Protection Regulation [GDPR]. In this case you have the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR) and erasure (Art. 17 GDPR) of your data, the right to restriction of processing (Art. 18 GDPR), a right of objection to processing (Art. 21 DS-GVO) and the right to data portability (Art. 20 GDPR). You also have the right to lodge a complaint with a supervisory authority in accordance with Article 77 of the EU General Data Protection Regulation [GDPR].
In the case of automated decision-making (including profiling), you also have the right to express your position on automated decision-making and to have this decision manually reviewed by us for accuracy.
In order to exercise your rights, please contact the aforementioned data controller, as your rights are also to be implemented there. However, you may also contact the data protection officer, in particular if your request requires a higher level of confidentiality.
If you have given us your consent to process your personal data, then you may revoke such consent at any time – also via e-mail to: email@example.com. A revocation shall not affect the legality of the processing carried out up to that point.
Each time our website is accessed data and information are automatically processed by the computer system of the invoking computer. The following data is collected: Name of your Internet service provider; the browser type/version; the website from which you visit us and the websites you visit on our site as well as the time of the server query.
Such log files do not contain complete IP addresses or any other data that could be assigned to you. This information is evaluated for statistical purposes and subsequently erased. The individual user remains anonymous.
2.2 CONTACT FORM AND E-MAIL CONTACT
On our website we provide you with a contact form which can be used to contact us electronically. Any processing of personal data from the input mask is only used to handle your request. In the event that you are contacted via e-mail, then this is also due to a legitimate interest in processing the data.
If you use this option to contact us, then the data entered in the input mask will be transferred to us and stored. This data includes: Form of address; name, first name; postal address; e-mail address; telephone number; information about your interest(s).
Alternatively, it is also possible to contact us via the e-mail address provided. In this case any personal data transferred with the e-mail will be stored. The legal basis for processing is Article 6 Clause 1 lit. a) of the EU General Data Protection Regulation [GDPR].
For the processing of your data you give us your consent within the scope of the sending operation along with the following text:
"By sending this message I agree to be contacted once for the stated purpose using my contact information. I can revoke this consent at any time with effect for the future – also via e-mail to: firstname.lastname@example.org."
2.3.1 INFORMATION WITHIN THE SCOPE OF THE APPLICATION PROCESS
The applicant portal is jointly operated by Vorwerk SE & Co. KG and Vorwerk Facility Management Holding KG and their subsidiaries, designated here as Group companies.
2.3.2 PURPOSE OF THE PROCESSING
Your application data, which you communicate to us via the applicant portal, will be stored and used exclusively for purposes connected with the registration and processing of your interest in employment or training with a Group company, including the necessary contact to this end.
2.3.3 COLLECTION AND PROCESSING OF APPLICATION DATA
If you would like to apply online, then this requires that certain personal data indicated with mandatory fields in the respective online application forms be provided; such as first and last name and contact information. Furthermore, you have the option of sending us further application documents. Please note that these documents may also contain particularly sensitive data. These include, for example, data on political opinions, religious beliefs, ethnic origin or physical or mental health. If you provide us with the relevant information, then by clicking on the corresponding checkbox you agree to the collection, storage and use of the data in accordance with this data protection declaration.
As part of the application process your application data will be accessible to the HR managers of the respective Group companies involved in the selection process and will be made available to the managers of the respective specialized departments in search of applicants.
The current legal situation with regard to data protection does not include any group privilege, which means that any transfer of data from one Group company to another Group company is a transfer to a third party. We therefore require your consent if your application is also to be forwarded to another Group company. Your application data will only be forwarded to third parties outside the Group companies if an official order exists or with your consent.
Once your enter your application data and click on the “Send” button, they will be transferred via an encrypted connection and collected on a server in Germany; the server is hosted and administered as part of order processing by a service provider commissioned on our behalf.
You may revise the application data you have entered or add information at any time.
Your application data will be stored for at least six months following completion of the application process.
If you would like your personal data to be retained for a maximum of 24 months in order to be included in the selection for possible future vacancies, then we ask for your corresponding consent.
You have the right at any time to inspect your application data stored with us free of charge upon request, to object to the processing of your application data or to have incorrect application data corrected. To do so, please send us an e-mail to: email@example.com
2.3.4 ERASURE OF DATA AND REDUCTION TO BASIC DATA
If your application does not result in employment, then your data shall automatically be reduced to basic data (e.g. postal code, city, form of address, type of receipt) after 6 or 24 months. This abbreviated data is used exclusively for internal, statistical purposes. This abbreviated data is not processed on a personal basis and is completely erased after a further 12 months.
2.4 WHISTLEBLOWER SYSTEM
On our website, we offer colleagues, business partners and self-employed sales advisors the opportunity to report suspected compliance violations anonymously. For this purpose, we use the system “SpeakUp” of the service provider People InTouch. You can access the system via the links communicated on our website. By means of these, you have the possibility to leave a message in writing or by telephone. The purpose of the data processing is to inform, check and deal with indications of potential compliance violations of our principles of conduct, our guidelines or applicable laws and regulations.
As a rule, data on the content of the reported violation and contact details (if the issue is not reported anonymously) are collected and processed.
The data subject by the data processing may be the whistleblower and the accused. All information is treated as strictly confidential. However, in the course of clarifying the information, we also take into account the interests worthy of protection of the person affected by a report. Recipients of the data may be external lawyers or authorities in addition to the external service provider (People InTouch).
The legal basis of the processing (Art. 6(1)(1)(f) GDPR) results from the legitimate interest of the controller to identify individuals within their organization who may not act in compliance with applicable laws or regulations (internal and external).
All personal data received as a result of a bad faith report or with allegations found to be unfounded will be deleted immediately. All data related to a substantiated case will be deleted within 2 months after the investigation has been completed or the case has been fully resolved.
Through technical and organizational measures we protect your data against unauthorized access, loss and destruction. Our security measures are constantly improved in accordance with technological developments.