Skip to main content

Processing of (personal) data by the entity in charge of the online application process

1. Data Protection at a Glance

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the applicable data protection regulations as well as this privacy policy.

When visiting this website, various personal data are collected. Personal data are data that can be used to personally identify you. This privacy policy explains which data we collect, how and for what purpose we use them. We would like to point out that data transmission over the Internet (e.g., communication by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.

2. Controller Responsible for Data Processing

Smart Labs AI GmbH
Nordport Towers, Südportal 3
22848 Norderstedt, Germany
Email: [kontakt@smart-labs.ai]

Represented by the Managing Directors:
Benjamin Gnahm, Tobias P. Metz, Stefan A. Fenn, Fabian D. Bühler

2.1 Data Protection Officer

Dr. Uwe Nolte
Email: [dsb@smart-labs.ai]

3. Data Collection on This Website

Your data are collected in part when you provide them to us. This may include, for example, data you enter into a contact form or provide in a chat. Other data are collected automatically by our IT systems when you visit the website.

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:

  • Browser type and version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of the server request

  • IP address

These data are generally not merged with other data sources.

The collection of these data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website — for this purpose, server log files must be recorded.

3.1 Contacting Us

If you contact us (e.g., by post, email, contact form, chat, telephone, personal contact, etc.), the personal data you provide will be stored by us. We process these data to handle your request. We will not share these data without your consent.

The processing of the above personal data is based on your consent (Art. 6 (1) (a) GDPR). You may revoke your consent at any time. An informal email notification to us is sufficient. The legality of data processing carried out before the revocation remains unaffected.

The data you provide when contacting us will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been fully processed). Mandatory statutory provisions — especially retention periods — remain unaffected.

3.2 Analytics Tools and Third-Party Tools

When visiting our website, your browsing behavior may be statistically evaluated. This is mainly done using cookies and so-called analytics programs. The analysis of your browsing behavior is generally anonymous; it cannot be traced back to you.

You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in this privacy policy.

You may object to this analysis. We will inform you about the available objection options below in this privacy policy.

4. Hosting & Data Processing Agreement

This website is hosted by an external service provider (host). The personal data collected on this website are stored on the host’s servers. These include in particular:

  • IP address

  • Address of the previously visited website (referrer request header)

  • Date and time of the request

  • Content of the request

  • HTTPS status code

  • Amount of data transferred

  • Website from which the request originates

  • Information about browser and operating system

The host is used for the purpose of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR).

Our host will process your data only to the extent necessary to fulfill its service obligations and will follow our instructions regarding these data. We have concluded a data processing agreement with our host to ensure GDPR-compliant processing.

5. SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as personal data, this website uses SSL or TLS encryption.

You can recognize an encrypted connection by the change in the browser address line from “http://” to “https://” and by the lock symbol in your browser bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

6. Cookies

Our website uses so-called cookies. Cookies are text files that a website provider stores on the user’s computer and retrieves upon subsequent visits to facilitate navigation, transactions, or obtain information about user behavior.

Cookies do not cause any damage to your device and do not contain viruses. They serve to make our offering more user-friendly, effective, and secure.

Most of the cookies we use are “session cookies,” which are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser on your next visit.

You can configure your browser to inform you about the setting of cookies, allow cookies only in individual cases, exclude acceptance of cookies for certain cases or in general, and activate automatic deletion of cookies when closing the browser.

The legal basis for this is your consent under Art. 6 (1) (a) GDPR. If cookies are deactivated, the functionality of this website may be limited.

Cookies that are required for electronic communication or for providing certain functions requested by you (e.g., shopping cart function) are stored on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in storing cookies for technically error-free and optimized provision of its services.

Other cookies (e.g., those analyzing browsing behavior) are addressed separately in this privacy policy.

Processing of (personal) data by the operator of the recruitment website

General information

This recruitment website is operated by Personio SE & Co. KG, which offers a human resource and candidate management software solution (https://www.personio.com/legal-notice/). Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The sole controller of this data within the meaning of article 24 of the GDPR is the enterprise carrying out this online application process. Personio’s role is limited to operating the software and this recruitment website and, in this context, being a processor under article 28 of the GDPR. In this case, the processing by Personio is based on an agreement for the processing of orders between the controller and Personio. In addition, Personio SE & Co. KG processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website. We will refer to this in more detail below.

The controller

The controller under data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 München
Tel.: +49 (89) 1250 1004
Entry in the commercial register
Commercial register entry number: HRA 115934
Registration Court: Amtsgericht München
Data Protection Officer contact: privacy@personio.com

Access logs (“server logs”)

Each access to this recruitment website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web. These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected. These error logs are stored for a period of up to 7 days. There is no right to object to this.

Use of cookies

So-called cookies are used on parts of this recruitment website. They are small text files which are stored on the device with which you access this recruitment website. As a general rule, cookies serve the purpose of ensuring secure access to a website (“absolutely necessary”), implementing certain functionalities such as standard-language settings (“functional”), improving the user experience or the performance of the website (“performance”), or placing targeted advertisements (“marketing”). On this recruitment website, we generally use only cookies that are absolutely necessary, functional or performance-related, in particular for implementing certain default settings such as language, for identifying the job advertising channel, or for analyzing the performance of a job advert via which a user accessed this recruitment website. The use of cookies is absolutely necessary for providing our services and thus for the performance of the contract (article 6 (1) b) of the GDPR). Period of storage: up to 1 month or until the end of the browser session Right to object: You can determine via your browser settings whether you allow or object to the use of cookies. Please note that deactivating cookies may result in limited or completely blocked functionalities of this recruitment website.

Rights of data subjects

If Personio SE & Co. KG as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Personio SE & Co. KG’s Data Protection Officer (see item B).

Concluding provisions

Personio reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.