Zum Inhalt springen

Data protection information for applicants and employees

1. detailed data protection information in accordance with Art. 13 and 21 GDPR

Compliance with data protection regulations is a high priority for our company. We would like to inform you below about the collection of your personal data by us:

1.1. Responsible body

Responsible for data collection and processing is Sembach GmbH & Co.KG, Oskar-Sembach-Straße 15, 91207 Lauf an der Pegnitz, Germany, is responsible for data collection and processing.

1.2. Required data

When you apply, we process the data that we need from you as part of the application process. This may include contact details, all data related to the application (CV, certificates, qualifications, answers to questions, etc.) and, if applicable, bank details (to reimburse travel expenses). The legal basis for this arises from Art. 88 para. 1 GDPR in conjunction with. § SECTION 26 BDSG.

We need data from you for recruitment. These questions are necessary for the performance of the employment relationship pursuant to Art. 6 para. 1 lit. b or f GDPR in conjunction with Art. 88 para. 1 GDPR, § 26 BDSG required:

  • In addition to master data required for the performance of the employment relationship (e.g. sick leave, vacation, special leave, other absences or working hours), this includes information about your employment with us and your application data.
  • In addition, we process data relevant to tax and social security law, such as your tax identification number, tax class, any child allowances, marital status and information on religious denomination (if relevant under tax law) in accordance with Section 39 e of the German Income Tax Act (Einkommenssteuergesetz) – if necessary also directly with the responsible tax authorities.
  • We also collect information on your health insurance and, if applicable, on other employment-related supplementary insurances such as pension funds, direct insurances, etc. in order to be able to meet any payment obligations and reporting obligations.
  • In the case of company health insurance, we transmit your data (personnel number, gender, surname, first name, date of birth, postal address) to the insurer AXA so that you can make use of these additional benefits. The declaration of release from the duty of confidentiality issued by you in favor of the insurer is administered directly by the insurer AXA. The transfer of this declaration of release from the duty of confidentiality therefore takes place directly between you and the insurer AXA. In addition, the information on the use of your data by the insurer applies: www.axa.de/datenschutz
  • As part of the calculation of social security contributions, we ask about your parental status. We need this information to determine whether a supplementary contribution to long-term care insurance is payable in accordance with Section 55 (3) of the German Social Security Code XI. We may ask you to provide evidence of your parental status in the form of appropriate documents. These documents are filed in the personnel file.
  • If you are under the age of majority at the time of recruitment, we may ask you to submit an initial medical examination certificate. We are legally obliged to do this in accordance with § 32 of the Youth Employment Protection Act. In certain cases, we will ask you to present a work permit or residence permit. This will only be done if it is absolutely necessary for checking the legality of your employment.
  • In connection with compliance with customs regulations on export control, we compare your surname, first name and, if applicable, date of birth with so-called sanctions lists on a monthly basis, starting with your employment. This comparison is carried out by a precisely defined group of responsible persons from the HR department, supported by an external service provider on the basis of an order processing contract. The resulting documentation is stored with access protection until the next regular inspection – max. 2 months.
  • In connection with data protection awareness-raising measures, your business contact details are processed by an external service provider on behalf of your employer for the following purposes: sending review emails, providing feedback to users in the context of learning pages in the browser, providing an e-learning platform, providing an evaluation (reporting dashboard).

The provision of your data is necessary for the conclusion of the contract. Failure to provide the data may have legal disadvantages for you, such as the loss of legal positions (e.g. no employment contract can be concluded with you without the provision of data).

1.3. Data deletion

If there is no statutory retention period, the data will be deleted as soon as storage is no longer necessary or the legitimate interest in storage has expired. In individual cases, individual data may be stored for longer periods (e.g. travel expense reports). The duration of storage then depends on the statutory retention obligations, e.g. from the German Fiscal Code (6 years) or the German Commercial Code (10 years).

1.4. Data processing on the basis of consent

If you give your consent, data processing is carried out on the basis of Art. 6 para. 1 p. 1 lit. a GDPR. Your consent can be withdrawn at any time without affecting the lawfulness of processing based on consent before its withdrawal. If consent is withdrawn, we will cease the corresponding data processing.

When hiring, we ask whether you have a severe disability. This question is asked in order to protect your rights under the German Social Code IX and to calculate any compensation levy in accordance with Section 77 of the German Social Code IX. You only have to answer this question after six months of employment. Before that, answering is voluntary.

If we ask you for photos as part of the recruitment process, this is done on the basis of a separate declaration of consent. The submission is voluntary and can be revoked by you in writing at any time.

1.5. Confidential treatment of your data

We will of course treat your data confidentially. This means that only the persons and departments that are responsible for the specific case will have access to your data. When you are hired, we keep a personnel file in which we store all key information required for your employment relationship. If you would like to view the contents of your personnel file, please contact the HR department.

We only transfer data to third parties if this is absolutely necessary and there is a legal basis, e.g. to

• Banks for the payment of wages and salaries,
• social security institutions and tax offices to comply with our legal obligations.
• If insurance policies have been taken out, to insurance companies for the purpose of premium payment / account reconciliation / registration and deregistration.
• As part of the training to the IHK for registration of the vocational training contract.

If necessary, we use service providers who are strictly bound by our instructions and who support us, for example, in the areas of IT or the archiving and destruction of documents and with whom separate contracts for order processing have been concluded.

In addition, there may be further legal obligations to transfer data in individual cases, but these may only arise in specific individual cases and not in general.

1.6. Automated decision-making and profiling

No automated decision-making, including profiling, takes place with your data in accordance with Art. 22 (1) and (4) GDPR.

1.7. Your data protection rights

As a data subject, you have the right to information about the personal data concerning you (Art. 15 GDPR) and to rectification of incorrect data (Art. 16 GDPR) or to erasure if one of the reasons stated in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued. There is also the right to restriction of processing if one of the conditions set out in Art. 18 GDPR applies and, in the cases set out in Art. 20 GDPR, the right to data portability.

You can assert your data protection rights here:

Sembach GmbH & Co. KG
Andrea Doms
Oskar-Sembach-Str. 15
91207 Lauf a. d. Pegnitz

As a data subject, you also have the right to lodge a complaint with a supervisory authority if you believe that the processing of data concerning you is in breach of data protection regulations. The supervisory authority responsible for you is the Bavarian State Office for Data Protection Supervision (BayLDA), Postfach 1349, 91504 Ansbach, phone: +49 (0) 981 180093-0, fax: +49 (0) 981 180093-800, poststelle@lda.bayern.de.

1.8. Our data protection officer

We are supported by our data protection officer in the fulfillment of our data protection obligations.

The contact details of our data protection officer are

datenschutz süd GmbH
Wörthstr. 15
97082 Würzburg