The protection of your personal data (hereinafter referred to as “Data”) is of paramount importance to Navius HR & Recruiting, a brand of Ronny Böttcher Beratung & Beteiligung UG (haftungsbeschränkt).
Below, we inform you about the nature, scope, and purpose of the processing of personal data.
The Controller within the meaning of the EU General Data Protection Regulation (GDPR) is Ronny Böttcher Beratung & Beteiligung UG (haftungsbeschränkt), operating under the brand Navius HR & Recruiting, Landrain 6, 04643 Geithain. It is represented by its Managing Director, Ronny Böttcher (AG Leipzig HRB 42269B). You can reach us for data protection inquiries via email at privacy@naviushr.de.
Note on the Data Protection Officer (DPO): The appointment of an external or internal Data Protection Officer is currently not required by law. However, the Managing Director, Mr. Ronny Böttcher, is available to you at the contact details provided above as the direct point of contact for all data protection queries.
Whenever you visit our website, our web server automatically processes data transmitted by your browser to our server (“Server Log Files”). This includes, in particular: IP address, date and time of the request, page or file accessed, amount of data transferred, referrer URL, and information about the browser and operating system.
The processing of this data serves the provision and assurance of technical stability and security of our website. The legal basis for this is Art. 6 (1) lit. f GDPR (Legitimate Interest). Our legitimate interest lies in guaranteeing the functionality and preventing security risks.
We use Google Analytics (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, USA) for the statistical analysis of website usage. Google Analytics uses cookies stored on your device. Your IP address is transmitted anonymously by default. The legal basis for this processing is Art. 6 (1) lit. a GDPR (Your Consent).
This processing only takes place with your active consent via our Cookie Consent Tool (CMP). You can revoke your consent at any time. We have concluded a Data Processing Agreement (DPA) with Google and have configured the services in compliance with the GDPR (especially IP anonymization). Insofar as data is transmitted to Google LLC in the USA, this is based on the EU-US Data Privacy Framework (DPF). Google LLC is certified under the DPF, thus offering an adequate guarantee for compliance with the European data protection level (Art. 45 GDPR).
If you contact us via email, contact form, or telephone, we process the transmitted data for the purpose of handling your inquiry and preparing contractual relationships. The legal basis is Art. 6 (1) lit. b GDPR (Performance of a Contract or execution of pre-contractual measures) and, if applicable, Art. 6 (1) lit. f GDPR (Legitimate Interest for general information inquiries). Data that does not lead to a contractual relationship will be deleted no later than six months after the final processing of your inquiry. Statutory retention periods remain unaffected.
If you subscribe to our newsletter, we use your email address for the regular dispatch of information about our services. Registration is exclusively carried out using the double opt-in procedure. The legal basis for this is Art. 6 (1) lit. a GDPR (Your Consent). We use MailChimp (The Rocket Science Group LLC, USA) as a processor for the dispatch. You can revoke your consent at any time, for example, via the unsubscribe link in every newsletter email. We note that the services may include tracking functions (e.g., measuring opening and click rates). This analysis is also based on your consent. The transfer of your data to MailChimp in the USA is based on the EU-US Data Privacy Framework (DPF). We have concluded a Data Processing Agreement (DPA) with MailChimp to ensure processing in accordance with our instructions, as required by Art. 28 GDPR.
As a personnel consultancy and recruiting agency, we process personal data of applicants transmitted to us directly or via third parties, for the purpose of placing them with potential employers (our clients).
Applicant Data for Placement: Processing serves the execution of the application and placement procedure (matching and introduction to the client). The legal basis is Art. 6 (1) lit. b GDPR in conjunction with Section 26 of the Federal Data Protection Act (BDSG) (establishment of an employment relationship). The data is transferred to the potential employer (our client/principal). It will be deleted 6 months after the position is filled, to protect us against possible legal claims under the General Equal Treatment Act (AGG).
Talent Pool: We store applicant data for future, suitable job offers only based on the applicant's separate consent (Legal Basis: Art. 6 (1) lit. a GDPR). Data is not transferred to third parties without prior separate agreement. The storage period is a maximum of 2 years, after which consent will be renewed or the data will be deleted.
We process data of business partners (e.g., suppliers, clients) for the execution and administration of contractual relationships. The legal basis is Art. 6 (1) lit. b GDPR (Performance of a Contract) and Art. 6 (1) lit. c GDPR (Compliance with a Legal Obligation, e.g., accounting). Contractual and accounting-relevant data are stored in accordance with statutory retention periods (generally 6 to 10 years).
You have the following rights at any time: the Right of Access (Art. 15 GDPR) regarding your stored data, the right to Rectification (Art. 16 GDPR) of inaccurate data, the right to Erasure (Art. 17 GDPR), provided there is no legal retention obligation, the right to Restriction of Processing (Art. 18 GDPR), and the right to Data Portability (Art. 20 GDPR).
Furthermore, you have the Right to Object (Art. 21 GDPR) to processing based on our legitimate interest. You can withdraw any consent given at any time with effect for the future (Art. 7 (3) GDPR).
You also have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for us is the Saxon Commissioner for Data Protection (Sächsischer Datenschutzbeauftragter), Devrientstraße 1, 01067 Dresden (Email: poststelle@slt.sachsen.de).