PRIVACY NOTICE FOR CANDIDATES AND APPLICANTS (RECRUITMENT)

This Privacy Notice, also referred to as Data Privacy Policy explains how the Beiersdorf group of companies (each Beiersdorf entity being "we", "us", "our") process your personal data when you apply for a position advertised by us. It also describes your data protection rights, including the right to object to some of Beiersdorf’s processing operations. 

For more information on your rights and how you can exercise them, please refer to the section “Legal rights in relation to personal data and how to exercise them”.

Where applicable, this Privacy Notice supplements our existing General Privacy Notice, which gives you specific information on how we process personal data obtained from you when visiting our website and when we process your personal data in relation to non-application-specific topics. 

For certain regions, we provide supplementary information about our use and processing of your personal data in accordance with the laws of the respective jurisdictions. If you reside in or work from any of these regions, please also review the respective annexes (see also section 8. Supplementary information for certain regions).

LIST OF CONTENT

  1. Data controller and contact details
  2. Collection of personal data
  3. Purposes of and legal bases for processing
  4. Data Sharing
  5. Legal rights in relation to personal data and how to exercise them
    5.1. Right of access
    5.2. Right to rectification and erasure
    5.3. Right to restriction of processing
            5.4. Right to data portability
            5.5. Right to object
     5.6. Right to withdraw consent
  6. Data retention
  7. Objection or Withdrawal of your consent to the Processing of Personal Data
  8. Supplementary Information for Certain Regions

1. DATA CONTROLLER AND CONTACT DETAILS

Responsible for the processing of personal data within the meaning of Article 4 (7) of the General Data Protection Regulation ("GDPR") or the equivalent under applicable data protection laws is the company stated in the job application and with regard to global HR management and management of global HR systems, Beiersdorf AG, Beiersdorfstraße 1-9, 22529 Hamburg, Germany, Tel.: +49 40 4909-0, E-Mail: dataprotection[at]Beiersdorf.com.

You can find the contact details of the Data Protection Officer under the following link: https://www.beiersdorf.de/meta-pages/datenschutzerklaerung/beiersdorf-datenschutzbeauftragter-webseite.

2. COLLECTION OF PERSONAL DATA

Within the recruitment process, we collect and store the following categories of personal data about you:

  • Data which you have provided to us in your candidate profile, including first and last name, gender, nationality, address, country, e-mail, phone number ("Candidate Profile Data").
  • Data which you have entered on our candidate application form, including desired annual salary, your motivation, information about disabilities (if and to the extent that it is relevant for the job offered) ("Application Form Data").
  • Data which you have provided to us in your application documents (curriculum vitae CV, cover letter) including work experience, qualifications and language skills ("Application Documents Data").
  • Data from online assessments (e.g. personality tests, cognitive ability tests) and video interviews (if applicable) ("Online Assessment Data").
  • Data provided to us by your referees (if applicable). These are reference points that you have given us to contact ("Referee Data").

During the recruitment we may evaluate the results of cognitive ability tests using relevant reference groups considering your profession and level of experience.

We collect personal data directly from you or from our external partners, e.g. headhunters. We can also obtain information from professional social networks, such as LinkedIn, job boards and from other publicly accessible sources (only information relevant to your professional life) for the purposes of actively approaching you with job offers or for the purpose of confirming the accuracy of the information presented by you within the course of the application ("Public Professional Data").

Providing your personal data as part of the application process is voluntary. However, the provision of personal data that is marked as mandatory is necessary for the processing of your application or the conclusion of an employment contract with us.

If you provide personal data of another person (e.g. referees) to us, you should show them a copy of this Privacy Notice prior to providing us with their personal data.

3. PURPOSES OF AND LEGAL BASES FOR PROCESSING

We process your personal data to make our hiring decision, operate our business and comply with our legal obligations. More specifically, we process your personal data for the purposes and rely on the legal bases set forth in the table below, subject to applicable data protection laws. Where relevant, the legitimate interest is included in the table below as well.

The relevant legal bases include:

  • Processing necessary to take steps at your request prior to entering into a contract (i.e. processing necessary to make a hiring decision and enter into an employment contract with you) (Article 6 (1) b) GDPR or the equivalent basis under applicable data protection laws).
  • Compliance with legal obligations (Article 6 (1) c) GDPR or the equivalent basis under applicable data protection laws).
  • Legitimate interests (Article 6 (1) f) GDPR or the equivalent basis under applicable data protection laws).
  • Consent (Article 6 (1) a) GDPR or the equivalent basis under applicable data protection laws).

Where we process special categories of personal data (e.g. data concerning health) it will be justified by one of the abovementioned legal bases and one of the following additional conditions:

  • The processing is necessary for the purposes of carrying out the obligations and exercising the rights of you or us in the field of employment law, social security, social protection law, as well as any other applicable law (Article 9 (2) b) GDPR or the equivalent basis under applicable data protection laws).
  • The processing is necessary for the establishment, exercise or defense of legal claims (Article 9 (2) f) GDPR or the equivalent basis under applicable data protection laws).
  • In exceptional circumstances the processing may be carried out subject to your explicit consent (Article 9 (2) a) GDPR or the equivalent basis under applicable data protection laws).
  • The processing relates to personal data which are manifestly made public by you (Article 9 (2) e) GDPR or the equivalent basis under applicable data protection laws).
Purpose of processing Legal basis Legitimate interest
(where relevant)		 Categories of personal data
To communicate with you within the recruitment process. Taking steps at your request prior to entering into a contract. Not applicable ("N/A") Candidate Profile Data
To assess your application for the job you applied for, to make a decision whether to offer you employment and to provide the employment contract if an offer is accepted. (i) Compliance with legal obligations (e.g., ensuring that we do not unlawfully discriminate in our hiring decisions) or (ii) taking steps at your request prior to entering into a contract where (i) does not apply. N/A Candidate Profile Data, Application Form Data, Application Documents, Referee Data
To consider adjustments or accommodations for the recruitment process if you have a disability.

Consent

In case you voluntarily provide us with the information that you have a disability we process this information only to the extent this is necessary for the purposes of carrying out the obligations and exercising the rights of you or us in the field of employment law, social security and social protection law.

 N/A Application Form Data, Application Documents

To verify your qualifications and suitability for the job you applied for (as permitted under applicable law and necessary for the specific position). We may use software (including Artificial Intelligence) that assists us to extract skills from your CV and to evaluate whether they match with the job requirements.

In exceptional cases we may also rely on professional information available about you on professional social networks, job boards, and other publicly accessible sources for his purpose.

Legitimate interests.

Should any special categories of personal data on professional social networks, job boards, and other publicly accessible sources be processed in this context, this will be limited to such data which was manifestly made public by you.

 We have a legitimate interest to find suitable candidates for our vacancies. Candidate Profile Data, Application Form Data, Application Documents, Referee Data, Public Professional Data

To carry out tests in order to assess your suitability for a role

Note: Participating in a personality test is voluntary.

Otherwise, tests are generally only carried out for specific roles (such as cognitive ability test).

(i) consent or (ii) taking steps at your request prior to entering into a contract

We process special categories of personal data in this context only to the extent (i) we received your explicit consent and/or (ii) that is necessary for the purposes of carrying out the obligations and exercising the rights of you or us in the field of employment law, social security and social protection law.

 N/A Candidate Profile Data, Online Assessment Data

To contact you in case there are (alternative) career opportunities with us and/or at the Beiersdorf group of companies.

Note: you can restrict the visibility of your candidate profile to the team involved in your current application or grant it to Beiersdorf’s recruiters worldwide.

Consent

In respect to the processing of professional information about you on professional social networks, job boards, and other publicly accessible sources: Should such processing include processing of special categories of personal data, the processing is limited to such data which was manifestly made public by you.

 N/A Candidate Profile Data, Application Form Data, Application Documents, Public Professional Data
We may proactively approach you based on professional information available about you on professional social networks, job boards, and other publicly accessible sources.

(i) Legitimate interests or (ii) consent where we obtained consent for this purpose.

In respect to the processing of professional information about you on professional social networks, job boards, and other publicly accessible sources: Should such processing include processing of special categories of personal data, the processing is limited to such data which was manifestly made public by you.

 We have a legitimate interest in finding suitable candidates for our vacancies and other entities of the Beiersdorf group. Public Professional Data
To ask you for feedback about your experience with the recruitment process. Consent N/A Candidate Profile Data
To safeguard our rights.

(i) Legitimate interests or (ii) where processing is necessary for our regular exercise of rights in judicial, administrative or arbitration procedures.

We process special categories of personal data in this context only to the extend necessary for the purpose of establishment, exercise and defense of legal claims.

 We have a legitimate interest in the establishment, exercise and defense of legal claims. Candidate Profile Data, Application Form Data, Application Documents, Referee Data, Online Assessment Data, Public Professional Data
To comply with legal obligations to which we are subject (e.g. deriving from tax law, foreign trade law or sanctions regulations).

(i) Compliance with legal obligations or (ii) legitimate interests where the compliance with legal obligations legal basis does not apply.

We process special categories of personal data in this context only to the extent that is necessary for the purposes of carrying out the obligations and exercising the rights of you or us in the field of employment law, social security and social protection law.

 We have a legitimate interest in complying with legal obligations to which we are subject, i.a. to avoid sanctions that may result from non-compliance. Candidate Profile Data, Application Form Data, Application Documents, Referee Data, Online Assessment Data, Public Professional Data
For any of the above listed purposes it might be necessary to transfer data to other entities of the Beiersdorf group of companies. (i) Consent where the relevant processing activity listed above relies on consent or (ii) taking steps at your request prior to entering into a contract where (i) and (iii) do not apply or (iii) legitimate interests where (i) and (ii) do not apply. We, as part of the Beiersdorf group of companies, have a legitimate interest in transferring your personal data within the group for internal administrative purposes where this is necessary for the purposes of effective recruitment. Candidate Profile Data, Application Form Data, Application Documents, Referee Data, Online Assessment Data, Public Professional Data

 

4. DATA SHARING

We may transfer your personal data to companies affiliated with us provided this is permissible within the scope of the purposes and legal bases outlined above. For the processing activities in our online recruiting system Beiersdorf Group companies are jointly responsible. The essence of the arrangement of this joint determination is that Beiersdorf AG, Germany, is predominantly responsible to fulfill information duties according to data protection law and provide information on the joint processing. We might share your candidate profile with other recruiting teams in the Beiersdorf Group if you chose this option in the application form. You can manage the visibility options of your profile by selecting whether your profile should be visible to the recruiting team involved in your current application or recruiting teams within the Beiersdorf Group worldwide. If you do not wish to be further considered for relevant job offerings, you can request the deletion of your candidate profile or use the self-service function.”).

Furthermore, personal data may be processed on our behalf on the basis of data processing agreements pursuant to Article 28 GDPR, or other applicable laws, especially by providers of systems for candidate management and selection procedures. We do not share data with third parties that have no reference to our application management and application procedures or other use cases we describe in this privacy notice. 

Where applicable such transfers may involve the transfer of personal data to recipients outside the European Union / European Economic Area. Standard contractual clauses (from the implementing decision (EU) 2021/914 of 4 June 2021) have been concluded with these recipients, unless they are based in countries with an adequacy decision pursuant to Article 45 GDPR (a list of these countries is available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) or GDPR provides for an exception under Article 49 GDPR. Where the transfer in this context is made to a recipient acting as a processor for us (i.e., processing personal data on our behalf), Module Two (transfer from controller to processor) of the standard contractual clauses is relevant; where the transfer is made to third party controllers, Module One (transfer from controller to controller) is relevant. In case the transfers are carried out by a service provider, which we have engaged as a processor, to a sub-processor, Module Three (transfer from processor to processor) may be implemented to govern such transfers.

To request a copy of standard contractual clauses (to the extent we rely on such) you may contact us (see section "Data controller and contact details"). Please note that such copy may be redacted to the extent necessary to protect business secrets or other confidential information.

Further recipients can be found in the general recipients section 1.4 of the General Data Privacy Policy. In the event of a legal obligation, we reserve the right to disclose information about you if we are required to surrender it to competent authorities or law enforcement bodies to comply with legal obligations or this is necessary to safeguard our rights.

5. LEGAL RIGHTS IN RELATION TO PERSONAL DATA AND HOW TO EXERCISE THEM

Depending on where you are located or the location of the entity to which you are applying, you may have the following rights in relation to your personal data. If the entity is located in the European Economic Area, you have these rights provided that the relevant legal requirements under GDPR are met.

5.1. Right of access

You can request information about your personal data (commonly known as data subject access request). You can exercise this right by contacting us under the above mentioned contact details of the controller.

5.2. Right to rectification and erasure

If you wish to update the personal data provided to us, you can you modify the data yourself in the relevant application within your candidate profile. Under certain conditions, you can ask us to erase your personal data by contacting us NOE_Careers[at]Beiersdorf.com

5.3. Right to restriction of processing

Under certain conditions you have the right to restrict the processing of your personal data, e.g. when you want us to verify the accuracy of your personal data. You can adjust the visibility of your profile at any time or opt out of notifications.

5.4. Right to data portability

Under certain conditions you have the right to receive the personal data concerning you which you provided to us in a structured, commonly used and machine-readable format.

5.6. Right to withdraw consent

You have the right to withdraw consent we have obtained from you at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. For more information see section “Objection or Withdrawal of your consent to the Processing of Personal Data”.

To exercise your rights, you may contact us (see section "Data controller and contact details") or log in to your Candidate Profile and use the self service function for rectification, erasure and access to your account data.

6. DATA RETENTION

Your personal data will generally only be stored until the personal data are no longer necessary in relation to the purposes for which they were collected (or otherwise processed).

We retain your Candidate Profile Data for as long as your candidate profile is active. We delete such profile and related Candidate Profile Data after 12 months of inactivity. Application Form Data, Application Documents Data, Online Assessment Data, Referee Data and Public Professional Data regarding a specific application will be retained for 12 months after finalizing the recruitment process related to a specific application and deleted afterwards. 

We further retain your personal data in that period in case there is a relevant job offering for which you will be a fitting candidate and you set the visibility of your candidate profile as described in 4 Data sharing. In addition, you can request the deletion of your candidate profile or the withdrawal of your application by contacting our recruitment experts at NOE_Careers[at]Beiersdorf.com

As an exception, personal data may be stored longer where their processing is necessary for compliance with a legal obligation – including compliance with statutory retention periods – to which we are subject or for the establishment, exercise or defense of legal claims.

You can access your Candidate Profile and the information stored there via the link you received in our Mails. You can also unsubscribe from the Beiersdorf Job Agent and stop receiving information on current job postings in the menu of your candidate profile.

In case your application is successful we may store your personal data within the subsequent employment in compliance with the applicable legal regulations. More information can be found in the Privacy Notice for employees that we will provide to you on acceptance of the job or during your onboarding.

7. OBJECTION OR WITHDRAWAL OF YOUR CONSENT TO THE PROCESSING OF PERSONAL DATA

If you have given your consent (Article 6 (1) a) GDPR or the equivalent basis under applicable laws) to the processing of your data, you can withdraw your consent at any time. Such a withdrawal influences the permissibility of processing your personal data after you have given it to us.

If we base the processing of your personal data on legitimate interests (Article 6 (1) f) GDPR or the equivalent basis under applicable laws), you may object to the processing. This is the case if processing is not necessary in particular to fulfil a contract with you, which is described by us in the Section Purposes of and Legal Bases for Processing. When exercising such objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust data processing or point out to you our compelling reasons worthy of protection, on the basis of which we will continue processing.

8. SUPPLEMENTARY INFORMATION FOR CERTAIN REGIONS

If you are located or are applying to work outside of the European Union/EEA, please also review the Privacy Notice applicable to your region. An overview is available here: https://www.beiersdorf.com/career/local/en/privacy-statement-recruitment/overview.

In the event of conflict between the content of this Privacy Notice and the applicable regional version, the latter shall prevail.