Data Protection Notice

The following notice provides you with an overview of which personal data Formel D GmbH (hereinafter referred to as Formel D GmbH, or “we”) collects during your visit to our website, for what purpose and how this data is used.

  1. Responsible Person

Formel D GmbH (“Formel D”) located at Schanzenstr. 6-20, Gebäude 2.08, 51063 Cologne, Germany is responsible for the content included on this website. You can contact our general team here or our internal data privacy team at DPS@formeld.com.

For certain processing, the relevant Formel D entity is specifically responsible, for example, when you put in a job application or you are contacted for marketing purposes. To view a list of our entities and their contact information, please click here.

  1. Contact details of the Data Privacy Officer

We have appointed a Data Protection Officer in Germany, who can be contacted below:

Claus Wissing
Sachverständigenbüro Muelot GmbH
Grüner Weg 80
48268 Greven
data-privacy@formeld.com
Telefon: 02571-5402-0

For all other entities, please either contact our general team, the local entity or our data privacy team using the information provided in Section 1.

  1. What personal data is collected from you?

Everytime you access our webpage, retrieve a file, or include information on any of our specific webpages we record specific data about you and data from your device (e.g. computer, mobile phone, tablet, etc), such as:

  • Information about the type of browser and the version used;
  • The operating system of the accessing device;
  • The host name of the accessing computer;
  • The IP address of the accessing device;
  • The date and time of access;
  • Websites and resources (images, files, other page content) that were accessed on our website by you;
  • Websites from which the user’s system accessed our website (referrer tracking);
  • Message as to whether the retrieval was successful;
  • Volume of data transferred.

if you complete our “Contact Us” form.

  • First and last name
  • Email address
  • Company
  • Country of location, so we can assign you to the appropriate contact.
  1. Why do we process your data?

The processing of your personal data through the use of our website is based on the following legal basis:

  • Legitimate interests – in order to ensure the effective delivery of our website and to combat any potential misuse and eliminate malfunctions. In addition, we use the data to optimise the website and to generally ensure the security of our information technology systems.
  • Consent – if you subscribe to our newsletter or use our contact us form, we will use the personal data you provide to us to send you communications.

The purpose of the processing of your data is necessary during the course of a website visit in order to enable efficient delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and eliminate malfunctions. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimise the website and to generally ensure the security of our information technology systems.

In respect of the personal data you provide us when you utilize certain services on our website (i.e., contact us form and newsletter subscription) we process this information in order to process your request. If you wish to unsubscribe to our newsletter, you can do so by clicking the “Unsubscribe” button in the emails or by contacting the Data Privacy Officer above. The newsletter is sent by Cleverreach, who acts as a sub-processor for Formel D.

  1. Recipients and Transfers to Third Parties

While processing your Personal Data for the purposes indicated above, we utilise a number of third party vendors/suppliers:

  • Hosting of the website

In order to provide the content of our site, we work together with a service provider who supports us in providing the server capacities and storage options required for this purpose. Insofar as server access is required within the website, the data collected through this is stored for this purpose on servers of the company:

Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany

  • Support and maintenance of the website

With regard to the maintenance of the website and the functions available on the website and the maintenance of the website, we work together with the following processor:

INCREON GmbH, Robert-Bürkle-Straße 3, 85737 Ismaning, Germany

For technical reasons, the above-mentioned processor receives in particular insight into the log files of the website within the framework of the interface management of the technical services operated by you.

  • Customer Relationship Management

If you complete our Contact Us form, we use a customer relationship management tool from the company

Zoho Corporation GMBH,  Trinkausstr. 7, 40213 Dusseldorf, Germany

  • Use of web trackers

We collect, process and store the following data when this website or individual files on the website are accessed: IP address, website from which the file was accessed, name of the file, date and time of the access, amount of data transferred and report on the success of the access (so-called web log). We use this access data exclusively in a non-personalised form for the continuous improvement of our website and for statistical purposes. We also use the following web trackers to evaluate visits to this website:

Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland, e-mail: support-deutschland@google.com – we use Google in order to be able to load further services from Google on the website, such as the data processing required for the provision of streams and fonts and relevant Google search content.

Google Tag Manager service of Google Ireland Ltd., Gordon House, Barrow Street, 4 Dublin, Ireland – Google Tag Manager provides a technical platform for executing and bundling other web tools and web tracking programmes by means of so-called “tags”. For the analysis your surfing behaviour (so-called “tracking”), insofar as web tracking tools are executed using Google Tag Manager. The data generated by the “tags” are compiled, stored and processed by Google Tag Manager under a uniform user interface. All integrated “tags” are listed separately again in this data protection declaration.

Gstatic service of Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland – Gstatic is a background service used by Google to in particular, ensure the service loads background data for Google Fonts and Google Maps.

YouTube service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland – Videos from the YouTube platform are integrated on our website via the YouTube service. Through the integration, we can display videos directly on our website. If YouTube is activated on our website and a video is played, our website establishes a connection to the servers of Google Ireland Limited and transmits the data required to display the stream or video.

The processing of the personal data collected by the web trackers is based on your consent, which can be withdrawn by updating your settings.

  • Use of external web services Github service of the company GitHub BV, Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands – Github is a cloud service that allows us to upload content such as software / source code etc. to our site.

Google Cloud APIs in order to be able to load additional services from Google on the website, in particular to display the Google Fonts fonts and to provide the Google Maps map.

Google Fonts to be able to integrate attractive fonts on our website in order to be able to show you our website in a visually better version. The service may also be used on our website if other Google services are reloaded on our website that require Google Fonts fonts to run.

As some of the above suppliers/vendors process data outside of the EEA; Formel D will ensure appropriate guarantees are in place for any data transfers in accordance with Chapter 5 of the EU’s General Data Protection Regulation 2016/679, such as, but not limited to, an approved certification mechanism (i.e., EU-US Data Privacy Framework etc) or the European Commissions standard contractal clauses.

  1. Retention

Your Personal Data will be stored for as long as necessary for the purpose for which it was collected. Any retention of personal data shall be made in accordance with the applicable laws. For sole website access, the data is deleted no less than 3 months after the end of the respective session.

  1. Cookies

We use cookies to personalise your user experience and continuously improve our website. Details on the use of cookies on our website, as well as options for changing your cookie settings can be found in the section below.

  1. Purpose of Processing

We process your data in order to upsell our products and services and to improve our commercial relationship.

  1. We collect the following personal data from you:
    1. When you reach out to us using our “Contact Us” form:
      1. First and last name
      2. Company
      3. Country of location
      4. E-mail address (can be business or personal depending on the information you provide)
      5. Any other personal data you provide us in the “Message” textbox.
    2. When you contact us directly for a proposal or quote:
      1. Full name
      2. Job title and department
      3. Business contact details (email, telephone and extension)
      4. Company
      5. Country of location
    3. When you provide us feedback using our Satisfaction Survey:
      1. First and last name
      2. E-mail address (can be business or personal depending on the information you provide)
      3. Job title and Department
      4. Contents of your answers

We may also obtain your data using public sources, such as LinkedIn. In the event we do, we process the following data
about you:

  1. Full name (as written on your LinkedIn profile).
  2. Job title
  3. Company
  1. Legal Grounds for Processing

Your personal data may also be processed based on our legitimate interests. Our legitimate interest is to promote the services and offers provided by us and for improving our relationship. When relying on legitimate interests as a reason for processing data, Formel D ensures that those interests will not override your rights and freedoms.

We also process your personal data if you consent for us to do so. For example, by ticking the consent box for sales related emails on our Contact Us page.

  1. International Data Transfers

As Formel D operates on a global scale, our business processes may go beyond the borders of your home country. International transfers of data shall be made in accordance with applicable laws and regulations, including, without limitation, the GDPR. When transferring data outside of your home country, adequate safeguards will be used, such as including standard contractual clauses issued by the European Commission, where applicable.

  1. Retention

Your personal data for 5 years from when you first made contact or after the completion of the project or as long as required by applicable statutory requirements for retention which Formel D is subject to.

  1. What personal data is collected from you?

The categories of personal data to be processed include in particular:

  • Your contact data (first name, last name, country of residence, phone number, e-mail address)
  • Career and background data (curriculum vitae, qualifications and degrees, professional experience and certificates)
  • Other personal data you provide (e.g. cover letter, career interests). This may also include special categories of personal data (e.g. health status).
  • Information regarding your professional instincts (e.g. if you complete our development assessment for the role).

Your personal data are usually collected from you directly when you upload your data on an online platform or send us a paper or email application.

In addition to the data provided by you in context of your application, we process personal data that we

permissibly acquired from publicly accessible sources (e.g. professional networks).

Additional personal data may be collected depending on any local requirements.

  1. What is the purpose of processing my personal data?

Your personal data is collected for the purpose of applying for a job at Formel D and for the purpose of establishing an employment relationship with Formel D.

If we intend to process your data for any other purposes other than the ones described above, we will inform you in advance.

  1. What are the legal grounds for processing my personal data?

Any consent your provide to the processing of your personal data. You shall be entitled to revoke this consent with effect from the date of revocation.

Personal Data may also be used based on the legitimate interests pursued by Formel D except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of Personal Data.

  1. Who gets access to your personal data?

Your data will be passed on to the following categories of recipients, insofar as this is necessary for the fulfilment of the purpose.

These recipients are:

  • The individuals responsible for the recruitment process.
  • Subsidiaries and affiliates of Formel D, as and when required.
  • Suppliers / service providers (e.g. application platforms).
  • In the event you permit future storage of your CV for other job postings, other internal individuals whose field of responsibility the advertised position is assigned.
  1. How long will your personal data be stored?

Your personal data will be deleted or blocked as soon as the purpose for which it was stored no longer applies. In addition, storage may take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations. For more information, please consult your recruiter or the notice provided under the application.

  1. Will my data be transferred internationally?

International transfers of data shall be made in accordance with applicable laws and regulations, including, without limitation, the GDPR. When transferring data we will ensure adequate safeguards are in place, such as including standard contractual clauses issued by the European Commission, where applicable.

  1. Types of Personal Data Processed

When you login into this website, we process the following data, which is required for access to the site.

  • IP address of the user
  • Date and time of the request
  • Access Status/HTTP Status Code
  • Operating system of the user
  • How often you log in

In addition to the above data processed, during the use of this website, we also process the following:

  • Email address you provide us
  • Full name
  • Username
  • Telephone number (if applicable)
  • Stamp number (if applicable)
  • Daily and weekly working hours (if applicable)
  • Allowed vacation days (if applicable)
  • Audit log of things modified, clicked and deleted.
  1. Legal Grounds for Processing

By executing a contract for a project or for entering into an employment relationship, Formel D shall have the right to process your Personal Data. Formel D will collect and process your Personal Data provided to us by yourself to enable use to fulfill our contractual obligations.

Your personal data may also be processed based on  our legitimate interests. Our legitimate interest is to ensure the security and stability of the website and to provide you with our services. When relying on legitimate interests as a reason for processing data, Formel D ensures that those interests will not override your rights and freedoms.

In addition, you may also request access to the services on the website.

  1. Purpose of Processing

Formel D may process your Personal Data for the following purposes:

  • To ensure the efficient delivery of the website.
  • To provide access to data pertaining to your project.
  1. Recipients and Transfers of Personal Data to Third Parties

While processing your Personal Data for the purposes indicated above, all data is stored on Formel D’s Microsoft Azure Cloud in the EU. The data may be transferred to other internal systems for the processing of invoices and payroll.

  1. International Data Transfers

International transfers of data shall be made in accordance with applicable laws and regulations, including, without limitation, the GDPR. When transferring data outside of your home country, adequate safeguards will be used, such as including standard contractual clauses issued by the European Commission, where applicable.

  1. Retention

Your Personal Data will be stored for the duration of the provision of services and no longer than necessary considering the purposes of the processing activities in line with any local statutory requirements for retention to which Formel D is subject.

As a Data Subject, you have a number of rights, subject to certain conditions and exceptions contained in applicable laws.

You may have the right to:

  • Access and obtain a copy of your data on request;
  • Require Formel D to change incorrect or incomplete data;
  • Require Formel D to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
  • Object to the processing of your data where Formel D is relying on its legitimate interests as the legal ground for processing;
  • Ask Formel D to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override Formel D’s legitimate grounds for processing data;
  • Receive your Personal Data and have the right to transmit that data to another company;
  • Withdraw your consent to the processing of your data, where data processing is based on consent.

Some of the abovementioned rights may be limited depending on the legal basis used for processing and the applicable laws. If you would like to exercise any of these rights, please contact the Data Protection Officer or the Data Privacy Staff listed above.

You have the right to raise a complaint to any Supervisory Authority of your choosing if you believe that Formel D has not complied with your data protection rights. A list of European Union Supervisory Authorities can be found here.

Formel D GmbH’s relevant Supervisory Authority is the following:

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
Kavalleriestr. 2-4
40213 Düsseldorf
Phone: 0211/38424-0
Fax: 0211/38424-999
E-mail: poststelle@ldi.nrw.de

Formel D reserves the right to update this Privacy Notice at any time. If substantial updates are made, then an updated notice will be provided to you. We may also notify you in other ways from time to time about the processing of your Personal Data.