Data protection

RTunlimited

1. Introduction – Data Protection

We are very pleased about your interest in our services.
The protection of your personal data when visiting our website is a matter of great importance to us.

We respect and protect your privacy and your personal data. We collect, process, and use your personal data in accordance with the content of this privacy policy and the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz), and the German Telemedia Act (Telemediengesetz).

This privacy policy governs which personal data we collect, process, and use about you. We therefore kindly ask you to read the following information carefully.

2. Data Controller

Contact details of the data controller
If you have any questions regarding data protection, you can find the contact details of the responsible person or entity below:

GER Gewerbeimmobilien Reutlingen GmbH & Co. KG
Marktplatz 22
72764 Reutlingen
Germany

Represented by:
Managing Director: Peter Wilke

Imprint: https://rtunlimited.de/impressum/

Contact details of the Data Protection Officer
We have appointed a Data Protection Officer. You can contact our Data Protection Officer at the above postal address, adding “Data Protection Officer”, or via email at datenschutz@rtunlimited.de, or by phone at +49 151 73044032.

3. Data collection on this website – summary

3.1 Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the section “Contact details of the data controller” in this privacy policy.

3.2 Anonymous data processing

In principle, it is possible for any visitor to use this website without revealing their identity. Automatically collected information includes only the name of the Internet service provider, the website from which you were referred to us, and your IP address. This information is collected and evaluated exclusively for the purpose of preventing misuse. An anonymized and shortened version of the IP address is evaluated for statistical purposes.

3.3 Collection and processing of personal data

Personal data are only collected if you voluntarily provide and transmit them to us. All personal data transmitted by you are treated confidentially and used solely for the purpose for which they were provided.

Data transmitted to us in the course of an inquiry, an order, or a business relationship are stored and processed exclusively for the purpose for which they were transmitted. We will not pass on any personal data you have provided to third parties unless you have expressly authorized this or such disclosure is absolutely necessary for the provision of the service.

Please note that data transmission over the Internet (e.g. communication by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.

The use of contact data published within the scope of the legal notice obligation by third parties for the transmission of unsolicited advertising or informational materials is hereby expressly prohibited. We expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

3.4 How do we collect your data?

On the one hand, your data are collected when you provide them to us. This may include, for example, data you enter into a contact form.

Other data are collected automatically or with your consent when you visit the website by our IT systems. These are primarily technical data (e.g. Internet browser, operating system, or time of page access). The collection of these data occurs automatically as soon as you enter this website.

3.5 What do we use your data for?

Some of the data are collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.

3.6 What rights do you have regarding your data?

You have the right at any time to obtain information free of charge about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of these data. If you have given consent to data processing, you may revoke this consent at any time with effect for the future.

Furthermore, under certain circumstances, you have the right to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority. You may contact us at any time regarding this or any other questions on the subject of data protection.

3.7 Analysis tools and third-party services

When visiting this website, your user behavior may be statistically evaluated. This is done primarily using so-called analysis programs. Detailed information about these analysis programs can be found in the following privacy policy.

4. General information and data subject rights

4.1 Introduction

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use these pages, various personal data are collected. Personal data are data that can be used to personally identify you. This privacy policy explains which data we collect and for what purpose we use them. It also explains how and for what purpose this is done.

Please note that data transmission over the Internet (e.g. communication by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.

4.2 Legal bases for data processing on this website

If you have given your consent to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR or Article 9(2)(a) GDPR if special categories of personal data pursuant to Article 9(1) GDPR are processed.

In the case of explicit consent to the transfer of personal data to third countries, data processing is additionally carried out on the basis of Article 49(1)(a) GDPR.

If you have consented to the storage of cookies or to access to information on your end device (e.g. via device fingerprinting), data processing is additionally carried out on the basis of Section 25(1) of the German Telecommunications and Telemedia Data Protection Act (TTDSG). Consent may be withdrawn at any time.

If your data are required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Article 6(1)(b) GDPR.

Furthermore, we process your data insofar as this is necessary for the fulfillment of a legal obligation on the basis of Article 6(1)(c) GDPR.

Data processing may also be carried out on the basis of our legitimate interest pursuant to Article 6(1)(f) GDPR. The relevant legal bases applicable in each individual case are explained in the following sections of this privacy policy.

4.3 Storage period

Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies.

If you assert a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law). In such cases, the data will be deleted after these reasons no longer apply.

4.4 Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent pursuant to Article 7 GDPR. You may withdraw consent that you have already given at any time in accordance with Article 7(3) GDPR. The lawfulness of data processing carried out before the withdrawal remains unaffected by the withdrawal.

4.5 Right to object to data collection in specific cases and to direct marketing pursuant to Article 21 GDPR

IF DATA PROCESSING IS BASED ON ARTICLE 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. The respective legal basis on which processing is based can be found in this privacy policy.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims (objection pursuant to Article 21(1) GDPR).

If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for such advertising purposes; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection pursuant to Article 21(2) GDPR).

4.6 Right to lodge a complaint with the competent supervisory authority pursuant to Article 57(1)(f) GDPR

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged infringement. This right exists without prejudice to any other administrative or judicial remedies.

4.7 Right to data portability pursuant to Article 20 GDPR

You have the right to receive data that we process automatically on the basis of your consent or in fulfillment of a contract, in a commonly used, machine-readable format, and to have those data transmitted to you or to a third party. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

4.8 SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator.

You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4.9 Information, deletion, and correction

Within the framework of the applicable legal provisions, you have the right at any time pursuant to Article 15 GDPR to obtain free information about your stored personal data, their origin and recipients, and the purpose of the data processing. You also have the right pursuant to Article 16 GDPR to request the rectification or, pursuant to Article 17 GDPR, the erasure of these data.

You may contact us at any time regarding this or any other questions relating to personal data.

4.10 Right to restriction of processing

You have the right pursuant to Article 18 GDPR to request the restriction of the processing of your personal data. You may contact us at any time to exercise this right. The right to restriction of processing applies in the following cases:

If you contest the accuracy of your personal data stored by us, we generally require time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you require them for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
If you have lodged an objection pursuant to Article 21(1) GDPR, a balancing of your interests and ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If the processing of your personal data has been restricted, such data — apart from their storage — may only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of a Member State.

4.11 Objection to advertising emails

The use of contact data published within the scope of this privacy policy for the transmission of advertising and informational materials not expressly requested is hereby expressly prohibited. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information.

5. Provision of online content and applications (apps)

In this section, we describe the provision of online content (hosting) pursuant to Article 6(1)(f) GDPR. In simple terms, a website is transmitted from a server at a specific location to the user.

In order to counter certain attacks and to accelerate and optimize access, so-called Content Delivery Networks (CDNs) are used. These serve the efficient and secure worldwide delivery of a website by routing your page request to the country and server that can process it most efficiently.

When using a CDN, it is therefore necessary that your data are also processed in so-called insecure third countries, such as the United States. If we offer applications (apps) for smartphones, these generally also access this online content; please refer in this context to the section on our own services.

5.1 External hosting – STRATO

We host our website with Strato. The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany (hereinafter “Strato”).

When you visit our website, Strato collects various log files, including your IP address. Further information can be found in Strato’s privacy policy:
https://www.strato.de/datenschutz/

The use of Strato is based on Article 6(1)(f) GDPR. We have a legitimate interest in the most reliable possible presentation of our website.

If corresponding consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent may be withdrawn at any time.

5.2 Elementor

We use the plugin “Elementor Website Builder for WordPress” provided by Elementor, 8 The Green, Suite A, Dover, DE 19901, USA.

This plugin does not process any personal data.

Further information on Elementor’s privacy policy can be found here:
https://elementor.com/about/privacy/

6. Data collection on this website in detail

6.1 Server log files

The provider (host) of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us with each request. These include:

Browser type, language, and browser version
Operating system used and its interface
Referrer URL (the page from which the request originates)
Host name of the accessing device
Date and time of the request, including time zone difference to Coordinated Universal Time (UTC)
IP address
Request content (specific page)
Access status / HTTP status code
Amount of data transferred in each case

These data are not merged with other data sources.

The collection of these data is carried out on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website — for this purpose, server log files must be collected.

6.2 Cookies in the browser

Our websites use so-called “cookies”. Cookies are small text files and do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device.

Session cookies are automatically deleted after the end of your visit. Persistent cookies remain stored on your device until you delete them yourself or automatic deletion occurs through your browser.

In some cases, cookies from third-party companies may also be stored on your device when you visit our site (third-party cookies). These enable us or you to use certain services provided by third parties (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. shopping cart functionality or video display). Other cookies are used to analyze user behavior or display advertising.

Cookies that are required to provide certain functions desired by you (e.g. shopping cart functionality) or to optimize the website (e.g. cookies for measuring and assigning page views) (necessary cookies) are stored on the basis of Article 6(1)(f) GDPR, unless another legal basis is specified.

The website operator has a legitimate interest in storing necessary cookies to ensure the technically error-free and optimized provision of its services.

If consent for the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent pursuant to Article 6(1)(a) GDPR and Section 25(1) TTDSG. Consent may be withdrawn at any time.

You can configure your browser settings so that you are informed about the setting of cookies, allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within this privacy policy and, if necessary, request your consent.

6.3 Consent management with Real Cookie Banner

Our website uses the consent technology of Real Cookie Banner to obtain your consent for the storage of certain cookies on your device or for the use of certain technologies and to document this consent in compliance with data protection regulations.

The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, Germany (hereinafter “Real Cookie Banner”).

Real Cookie Banner is installed locally on our servers, so that no connection to the servers of the Real Cookie Banner provider is established.

Real Cookie Banner stores a cookie in your browser in order to assign the consents you have given or withdrawn. The data collected in this way are stored until you request deletion, delete the Real Cookie Banner cookie yourself, or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

The use of Real Cookie Banner is intended to obtain the legally required consents for the use of cookies. The legal basis for this is Article 6(1)(c) GDPR.

6.4 Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on these data without your consent.

The processing of these data is carried out on the basis of Article 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us pursuant to Article 6(1)(f) GDPR or on your consent pursuant to Article 6(1)(a) GDPR, if such consent has been requested.

The data you enter in the contact form will remain with us until you request deletion, withdraw your consent to storage, or the purpose for storing the data no longer applies (e.g. after your inquiry has been processed). Mandatory statutory provisions — in particular retention periods — remain unaffected.

6.5 Inquiries by email, telephone, or fax

If you contact us by email, telephone, or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of handling your request. We do not pass on these data without your consent.

The processing of these data is carried out on the basis of Article 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if such consent has been requested.

The data you send to us via contact inquiries will remain with us until you request deletion, withdraw your consent to storage, or the purpose for data storage no longer applies (e.g. after your request has been fully processed). Mandatory statutory provisions — in particular statutory retention periods — remain unaffected.

6.6 Registration (application)

You may register on this website in order to use additional functions on the site. The data entered for this purpose are used only for the purpose of using the respective offer or service for which you have registered.

The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.

For important changes, such as changes in the scope of services or technically necessary changes, we use the email address provided during registration to inform you accordingly.

The processing of the data entered during registration is carried out for the purpose of performing the user relationship established by the registration and, if applicable, for the initiation of further contracts (Article 6(1)(b) GDPR).

The data collected during registration are stored by us for as long as you are registered on this website and are then deleted. Statutory retention periods remain unaffected.

7 “Social Media” – Collaborative Media

7.1 General

We maintain publicly accessible profiles on so-called “social” networks. The specific networks we use are listed below.

Networks such as Facebook, Twitter, etc., can usually analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g., like buttons or advertising banners). Visiting our social media profiles triggers numerous data processing operations. Specifically, if you are logged into your social media account and visit our social media presence, the operator of the social media platform can assign this visit to your user account. Your personal data may also be collected even if you are not logged in or do not have an account with the respective social media platform. In such cases, data collection occurs, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the operators of social media platforms can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you both on and outside the respective social media presence. If you have an account with the respective social network, interest-based advertising may be displayed on all devices on which you are or have been logged in.

Please also note that we cannot fully track all processing activities on the social media platforms. Depending on the provider, further processing operations may be carried out by the operators of the social media platforms. For details, please refer to the terms of service and privacy policies of the respective social media platforms.

Legal basis

Our social media profiles are intended to ensure the most comprehensive possible presence on the internet. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. The analysis processes initiated by social networks may be based on different legal grounds, which must be specified by the operators of the social networks (e.g., consent pursuant to Article 6(1)(a) GDPR).

Controller and exercising your rights

If you visit one of our social media profiles (e.g., Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can generally assert your rights (access, rectification, deletion, restriction of processing, data portability, and complaint) both with us and with the operator of the respective social media platform (e.g., Facebook).

Please note that despite the joint responsibility with the social media platform operators, we do not have full control over the data processing operations of the social media platforms. Our options are primarily determined by the corporate policies of the respective provider.

Storage duration

The data collected directly by us via the social media presence are deleted from our systems as soon as you request deletion, withdraw your consent to storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory provisions, in particular retention periods, remain unaffected.

We have no influence on the storage duration of your data that is stored by the operators of social networks for their own purposes. For details, please refer directly to the operators of the social networks (e.g., their privacy policies, see below).

7.2 Integration of “Social Media” via Advertising Partners

7.2.1 Meta Services – Facebook

To the extent consent has been obtained, the use of the above-mentioned services is based on Article 6(1)(a) GDPR and Section 25 TTDSG. Consent may be withdrawn at any time. If no consent has been obtained, the use of the service is based on Article 6(1) sentence 1(f) GDPR, on the basis of our legitimate interest in achieving maximum visibility in social media.

The parent company of Facebook and Instagram, Meta Platforms, Inc., 1601 Willow Rd, Menlo Park, California 94025-1453, United States, is located in an unsafe third country. Data processing with this company is therefore secured via standard contractual clauses. Additionally, the USA is considered safe as long as the EU Commission’s adequacy decision applies and Meta participates in the Trans-Atlantic Data Privacy Framework (TADPF). Currently, Meta participates: https://www.dataprivacyframework.gov

7.2.1.1 Facebook Profile

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The collected data may also be transferred to the USA and other third countries, according to Facebook. We have entered into a joint processing agreement (Controller Addendum) with Facebook. This agreement specifies for which data processing operations we or Facebook are responsible when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum

You can independently adjust your advertising settings in your user account. To do this, click the following link and log in: https://www.facebook.com/settings?tab=ads

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381

For more information, see Facebook’s privacy policy: https://www.facebook.com/about/privacy/

8 Audio and Video Conferences

8.1 General

For communication with our customers or business partners, we use, among other things, digital conferencing services. The specific services we use are listed below. When you communicate with us via video or audio conference over the Internet, your personal data is collected and processed by us and by the provider of the respective conferencing service.

The conferencing services record all data you disclose for usage (email address or phone number, image, text, audio). Furthermore, the conferencing services process the duration of the conference, start and end times of your participation, the number of participants, and other “contextual information” related to the communication process (metadata).

Additionally, the service provider processes all technical data required to manage online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speakers, as well as the type of connection.

If content is exchanged, uploaded, or otherwise provided within the service, it may be temporarily stored on the servers of the service providers. Such content includes, in particular, cloud recordings, chat or instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.

Please note that we do not have full control over the data processing operations of the services used. Our options are primarily determined by the corporate policies of the respective provider. Further information on data processing by the conferencing services can be found in the individual descriptions listed below.

The conferencing services are used to communicate with prospective or existing contractual partners or to provide certain services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of the services serves to simplify and accelerate communication with us or our company (legitimate interest within the meaning of Art. 6(1)(f) GDPR). If consent has been obtained, the use of the respective applications is based on this consent; consent may be withdrawn at any time with effect for the future, after which the application can no longer be used.

The data collected directly by us through the video and conferencing tools is deleted from our systems as soon as you request deletion, withdraw your consent to storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage duration of your data that is stored by the operators of the conferencing tools for their own purposes. For details, please refer directly to the operators of the conferencing services.

We use the following conferencing applications:

8.2 Microsoft Teams Ireland

We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, The Atrium Building, Block B, Carmanhall Road, Sandyford Business Estate, Dublin 18, registered office: 70 Sir Rogerson’s Quay, Dublin 2, Ireland. In rare support cases, the parent company, Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, as a sub-processor, has access to your data. The USA is an unsafe third country. This access is secured via standard contractual clauses. The USA is currently considered a safe third country because there is a valid adequacy decision, and Microsoft fulfills the condition of participating in the Trans-Atlantic Data Privacy Framework (TADPF).

For details on data processing, please refer to the Microsoft Teams privacy statement: https://privacy.microsoft.com/de-de/privacystatement

9 Proprietary Services

9.1 Handling of Applicant Data

We offer you the possibility to apply to us (e.g., via email or post). Below, we inform you about the scope, purpose, and use of the personal data collected in the context of the application process. We assure you that the collection, processing, and use of your data is carried out in accordance with applicable data protection law and all other statutory provisions, and that your data is treated with strict confidentiality.

If you submit an application to us, we process the associated personal data (e.g., contact and communication details, application documents, notes from interviews, etc.) insofar as it is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG under German law (initiation of an employment relationship), Art. 6(1)(b) GDPR (general contract initiation), and – if you have given consent – Art. 6(1)(a) GDPR. Consent can be withdrawn at any time. Your personal data will only be shared within our company with individuals involved in processing your application. If the application is successful, the data you submitted will be stored in our data processing systems for the purpose of carrying out the employment relationship based on § 26 BDSG and Art. 6(1)(b) GDPR.

If we are unable to make you a job offer, you decline an offer, or withdraw your application, we reserve the right to retain the data you submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal). Subsequently, the data will be deleted and any physical application documents will be destroyed. Retention serves, in particular, as evidence in case of legal disputes. If it becomes apparent that the data will be required after the 6-month period (e.g., due to a pending or threatened legal dispute), deletion will only occur once the purpose for further retention no longer exists.

Longer retention may also occur if you have provided consent (Art. 6(1)(a) GDPR) or if statutory retention obligations prevent deletion. If we are unable to make you a job offer, it may be possible to include you in our applicant pool. In the case of inclusion, all documents and information from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies. Inclusion in the applicant pool occurs solely on the basis of your explicit consent (Art. 6(1)(a) GDPR). Providing consent is voluntary and is not related to the ongoing application process. You may withdraw your consent at any time. In this case, the data in the applicant pool will be irreversibly deleted, provided no legal retention obligations exist. Data in the applicant pool will be irreversibly deleted no later than two years after consent is given.

Version: December 18, 2025