Privacy Policy

§ 1 Information about the collection of personal data
  • (1)  In the following we provide information about the collection of personal data when using our website. Personal data is all data that makes a personal reference to you e.g. name, address, e-mail addresses, user behaviour.
  • (2) The responsible data controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is Grützmacher & Engler GmbH & Co KG, Große Bleichen 21, 20354 Hamburg, Germany. mail@gruetzmacher-engler.de. You can reach our data protection officer, Mr. Jens Borchardt, LL.M., SCHLUTIUS Data Privacy & Compliance GmbH, at j.borchardt@schlutius-privacy.de or at our postal address with the addition “the Data Protection Officer”.
  • (3)  When contacting us by e-mail, the information you provide (your e-mail address, your name and your telephone number, if applicable) will be stored by us to answer your questions. We delete the data in this connection after the storage is no longer required, or the processing is restricted if legal storage obligations exist.
  • (4)  If we rely on commissioned service providers for individual functions of our offer or if we wish to use your data for advertising purposes, we will inform you in detail below about the respective processes. In doing so, we will also state the specified criteria for the storage duration.
§ 2 Collection of personal data when visiting our website
1.       Informative use of the website

In the merely informative use of the website, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to inform you about our website and to ensure its stability and security (legal basis: Art. 6 (1) (f) (1) GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access Status/HTTP status code
  • Amount of data transmitted
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.
2.       Cookies
  • (1)  Cookies are stored on your computer system whenever you use our website. Cookies are text files that are stored in the internet browser or by the internet browser in your computer system. A cookie can be stored in your operating system whenever you access a website. This cookie contains a characteristic string of characters that allow your browser to be identified when you visit the website again in the future.
  • (2)  There are different ways of distinguishing between cookies. Depending on their function and purpose, the use of certain cookies may, for example, require the consent of the user. In this respect, cookies can be differentiated according to whether the user’s consent is required for their use. For example, cookies that are technically necessary for the operation of a website do not require consent.
  • (3)  Only technically necessary cookies are used on our website, for which consent is not required. If cookies requiring consent are used on our website in the future, your consent would be obtained by means of a so-called “cookie banner”. The legal basis for the use of cookies requiring consent would be Art. 6 (1) (a) GDPR.
  • (4)  Cookies that are technically necessary for the function of our website cannot be deactivated via the cookie management function of the website. However, you can generally deactivate these cookies in your browser at any time. Different browsers offer different ways to configure the cookie settings in the browser. You can find more detailed information on this at www.allaboutcookies.org/ge/cookies-verwalten, for example. However, we would like to point out that some functions of the website may not work or may no longer work properly if you generally deactivate cookies in your browser.
§ 3 Data security

When you visit our website and receive and send e-mails, we use the SSL (Secure Socket Layer) method in conjunction with the highest encryption level supported by your browser. We point out however that there is currently no absolutely secure encryption technology. We also use technical and organisational security measures to protect your data from unauthorised access by third parties.

§ 4 Processing of personal data of customers, prospective customers and suppliers
  • (1)  We only collect your personal data as a customer, prospective customer or supplier if you provide it to us by e-mail, post, telephone or by personal delivery (e.g. handing over a business card). We then collect the data that arises when you enter in-to contact with us. This includes in particular names and submitted contact details, the date and reason for contacting. On the other hand, we also collect the personal data provided to us by you in the context of carrying out pre-contractual measures or a contractual relationship (e.g. contracts for personnel consulting, coaching, training and workshops). In addition, in this case we may also collect further personal data from publicly accessible sources, in particular the social networks XING and LinkedIn. The personal data collected about you will only be used for the purpose of providing you with the products or services you request (legal basis: Art. 6 (1) (b) GDPR), or for other purposes for which you have given your consent (legal basis: Art. 6 (1) (a) GDPR) and which are described in this privacy policy. Special categories of personal data within the meaning of Art. 9 GDPR are only processed with your consent You have the opportunity to revoke your consent to the processing of personal data at any time.
  • (2)  You are not required to provide the aforementioned personal data. The communicated data may be required for a contract. Without the provision of the data, the communication, conclusion of a contract or the execution of a contract may not be possible.
  • (3)  Transmission of the data relevant in the respective individual case takes place, on the basis of legal regulations or a contractual agreement, to public authorities, if legal regulations apply with priority, to external service providers or other contractors and to other external bodies, if you have given your consent (legal basis: Art. 6 (1) (a) GDPR), or transmission is required to protect our legitimate interests and your interests, which require the protection of personal data, do not prevail (Art. 6 (1) (f) GDPR). Insofar as your data is transferred to clients located outside the European Economic Area, i.e. in so-called third countries, the transfer takes place exclusively for the fulfilment of contractual or business obligations (legal basis: Art. 6 (1) (b) or (f) GDPR in each case in conjunction with Art. 44 et seqq. GDPR). If there may not be a consistently high level of data protection in the third countries, we ensure that data protection is sufficiently guaranteed.
  • (4)  The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data provided in the course of establishing contact, this is the case when the respective conversation with you is ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified. The personal data provided to us by you in the context of carrying out pre-contractual measures or a contractual relationship (e.g. contracts for personnel consulting, coaching, training and workshops) or, if applicable, additionally collected by us from publicly accessible sources will also be deleted as soon as the data is no longer required for the provision of the desired products or services. Insofar as the disclosed data is subject to the tax and commercial storage requirements, it is stored for the duration of the retention obligations of ten years and then deleted, unless you have consented to an additional storage or the further processing of data is required for assertion, exercise or defence of legal claims. The legal basis for the processing of personal data for the purpose of fulfilling the statutory archiving and reten-tion obligations is Art. 6 (1) (c) GDPR.
§ 5 Processing of personal applicant data
  1. Application for a specific job advertisement or unsolicited applications; Participation in outplacement or newplacement measures
  • (1)  We recruit specialists and executives on behalf of our clients or on our own initiative without a specific order and, if necessary, also carry out parts of the application process for the respective client (e.g. examination of the application documents, holding of interviews, selection of the candidates proposed to the client or other companies). In addition, we also offer outplacement and newplacement services for employers and their employees or for employees.
  • (2)  We collect your personal data as an applicant or participant in outplacement or newplacement measures if you provide it to us by post, e-mail, telephone or by personal delivery for job advertisements and unsolicited applications or for applications within the course of outplacement or newplacement measures (hereinafter “application” or “application documents”). In this case, we process the information provided in the application. This includes, in particular, name, date of birth, contact details, interests, qualification data as well as educational and professional history. In addition, in this case, we also collect other personal data from publicly available sources, in particular the social networks XING and LinkedIn. The personal data collected about you will only be used for the purpose of carrying out the application process or the outplacement or newplacement measures (legal basis: Art. 6 (1) (b) or (f) GDPR, § 26 BDSG).
  • (3)  You are not required to provide the aforementioned personal data. The data provided may be required for future contract conclusion after completion of the application process or the outplacement or newplacement measures. Without the provision of the data, the communication, the application process or the conclusion of a contract may not be possible.
  • (4)  The application documents (including the personal data contained therein) of the applicants selected by us as suitable will be forwarded to our respective client or companies that have or could have a need for specialists and managers with your job profile. (legal basis: Art. 6 (1) (b) or (f) GDPR, § 26 BDSG). Before submitting the application documents, we will inform you about which company your personal data will be transmitted to, so that you may object to this (see § 7 of this privacy policy). This does not apply if you have applied for a specific job advertisement in which the name of the company to which the data is transmitted is already explicitly stated. The respective company uses your data for the further implementation of the application process or the outplacement or newplacement measures. You have the option at any time to withdraw an application for a specific position or unsolicited application, i.e. to exercise your right of revocation (see § 7 of this privacy policy).
  • (5)  In the case of an application for a specific job advertisement, we retain your personal data in the event of rejection for a period of three months after notification of the rejection decision to you. In the case of a speculative application, we will retain your personal data for a period of three months after receipt of the application documents in order to check whether there are any vacancies suitable for your professional profile. If this is the case and your application documents are forwarded to the respective company, the deadlines specified for an application for a specific job advertisement apply.
  • (6)  After the expiry of the respective deadlines for an application to a specific job advertisement or a speculative application or after the termination of the outplacement or newplacement services, we will delete your personal data, unless you have consented to a continued processing of your data (legal basis: Art. 6 (1) (a) GDPR, § 26 BDSG) or the continued processing of your data is required
  • for the fulfilment of legal obligations to which we or our client are subject – in par-ticular for proof of compliance with legal obligations in the context of hiring (e.g. according to the General Equal Treatment Act) or tax or commercial storage re-quirements (legal basis: Art. 6 (1) (c) GDPR), or
  • to protect our legitimate interests or the legitimate interests of our client (legal basis: Art. 6 (1) (f) GDPR).
  • In the latter case, your personal data will be stored for a longer period of time only insofar as your interests or fundamental rights and fundamental freedoms, which require the protection of personal data, do not prevail. If the continued processing of your data is based on a purpose other than the one for which the personal data was collected, we will comply with Art. 6 (4) GDPR and inform you of this change in purpose pursuant to Art. 13 (3) GDPR.
  2. Inclusion in our database (applicant pool)
  • Subject to your consent, we will include your application documents (including the personal data contained therein) in our database and notify you of job advertisements from our clients, which may be of interest to you on the basis of your application profile (legal basis: Art. 6 (1) (a) GDPR, § 26 BDSG).
  • If you have consented to your inclusion in the database, the storage period of your personal data is two years. Afterwards we will either delete your data or ask for your consent again. You have the option at any time to revoke your consent to inclusion in our database (see § 7 of this privacy policy). In this event, we will delete your personal data within 1 week after notification of the revocation of consent.
§ 6 Integration of Google Fonts
  • (1)  Our website uses Google Fonts, which are provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: “Google”), for the uniform display of fonts. Google Fonts are used in the interest of a uniform and appealing presentation of our website. If your browser does not support Google Fonts, a standard font of your computer will be used. We have stored Google Fonts on our servers in Germany. Therefore, your IP address is not transmitted to Google in the USA in order to reload fonts.
  • (2)  The legal basis for the use of Google Fonts is our overriding legitimate interest pursuant to Art. 6 (1) (f) GDPR. Within the framework of the necessary balancing of interests, we have weighed up our interests in the use of Google Fonts without a third country transfer, namely the interest of a uniform and appealing presentation of our website, and your confidentiality interests. As a result, your confidentiality interests take a back seat in each case, as we would otherwise not be able to use Google Fonts.
  • (3)  Further information on the processing of data in the context of the use of Google Fonts can be found here: https://fonts.google.com/knowledge, https://policies.google.com/privacy?hl=en.
§ 7 Revocation or objection to the processing of your data
  • (1)  If you have given your consent to the processing of your data, you can revoke this consent at any time. Such revocation will affect the admissibility of the processing of your personal data af-ter your revocation.
  • (2)  Insofar as we base the processing of your personal data on a balance of interests, you may object to the processing. This is the case if, in particular, the processing is not required to fulfil a contract with you, which we describe in each case in the following description of functions. In the event of such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event that you have justified objection, we will ex-amine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on the basis of which we may continue the processing.
  • (3)  You can inform us under the following contact details of your revocation and/or opposition: Grützmacher & Engler GmbH & Co KG, Große Bleichen 21, 20354 Hamburg, mail@gruetzmacher-engler.de.
§ 8 Your rights
  • (1)  You have the following rights with respect to us regarding your personal data:
  • Right to information,
  • Right to correction or deletion,
  • Right to restriction of processing,
  • Right to object to processing,
  • Right to data portability.
  • (2)  You also have the right to appeal to a data protection authority about our processing of your data.
§ 9 Status of the privacy policy

This privacy policy is valid as of November 2022. We will review and adjust our privacy policy periodically and when required by technical or regulatory changes.