Minimax GmbH (“MINIMAX”) is committed to protecting personal data. Pursuant to the online application you initiated using MINIMAX’s online application tool or by email, MINIMAX processes the personal data you provide to MINIMAX electronically for the purposes of the application. We treat the data you provide to us with strict confidentiality and in compliance with the pertinent provisions of German and European data privacy law.
Personal data are usually collected and used only with your consent or if processing of such data is permitted by law. The following provisions provide information about the type, scope and purpose of the collection and processing of your personal data.
The controller with responsibility for data privacy within the meaning of the EU General Data Protection Regulation (“GDPR”) and all other applicable EU data protection provisions is MINIMAX (“controller”). If you have any questions, suggestions or criticisms relating to data protection in connection with your application, please contact.
23843 Bad Oldesloe, Germany
b) Name and address of the Data Privacy Officer
Any data subject can also contact our Data Privacy Officer directly at any time with any questions or suggestions he/she has. The Data Privacy Officer can be contacted at:
Minimax Viking GmbH
Data Privacy Officer
23843 Bad Oldesloe, Germany
Our processing of your personal data is lawful if you have given your consent as stipulated in Article 6(1) sentence 1 (a) GDPR.
Under Article 6(1) sentence 1 (b) GDPR, processing of your personal data is lawful if such processing is necessary for the performance of a contract with you or your company. This also applies to processing activities required to take steps prior to entering into a contract.
Under Article 6(1) sentence 1 (c) GDPR, processing of your personal data is lawful if such processing is necessary for compliance with one of our legal obligations.
Under Article 6(1) sentence 1 (d) GDPR, processing of your personal data is lawful if such processing is necessary in order to protect your vital interests or those of another natural person.
Under Article 6(1) sentence 1 (f) GDPR, processing of your personal data is lawful if such processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.
b) Period of storage and erasure of data
In principle, the personal data we collect, process and store are stored by us only for as long as required for the specific purpose for which they are stored. Your data will be erased or their processing will be restricted as soon as the specific purpose for which they were stored no longer applies.
However, there may also be European regulations, applicable national legislation or other provisions that require the data we process to be stored longer. We will erase or restrict processing of your data when these periods of storage expire.
For the purposes of the GDPR, you are the “data subject” of any of your personal data which we process. As a data subject, you have the following rights with regard to MINIMAX:
a) Right of access by the data subject
You have the right under data protection law to obtain information from us concerning whether your personal data are being processed by us. If this is the case, you have the right to request information about the extent of such data processing.
b) Right to rectification
You have a right to obtain from MINIMAX the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed.
c) Right to restriction of processing
You have the right to have the processing of your personal data restricted where the necessary preconditions apply.
d) Right to erasure (‘right to be forgotten’)
In certain circumstances, you have the right to demand that MINIMAX erase personal data concerning you without undue delay. The right to erasure does not apply if data must be processed.
e) Right to notification
If you have asserted your right to rectification, erasure or restriction to MINIMAX, MINIMAX must communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
f) Right to data portability
You have the right to receive the personal data concerning you which you have provided to MINIMAX, in a structured, commonly used and machine-readable format. You also have the right to transmit the data you have provided to MINIMAX to another company without hindrance from MINIMAX provided that the preconditions for such transfer are met.
g) Right to object
You have the right under Article 6(1) sentence 1 (f) GDPR to object at any time to the processing of personal data concerning you on grounds relating to your particular situation. MINIMAX may then no longer process the personal data relating to you unless MINIMAX demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or data are processed for the establishment, exercise or defence of legal claims. You can inform us of your objection by contacting us at:
Minimax Viking GmbH
h) Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
You use our online application tool for submitting an application to MINIMAX. We process the data you enter in the input screen during the application process. They are primarily:
The date and time when you contacted us are also processed.
b) Data processing as part of email applications
If you apply for a job with us by email, we process the data you send us with your email. Please note the general risks connected with emails that are not sent with end-to-end encryption.
By applying, you pledge that the information you have provided is truthful. We explicitly point out that false representations or deliberate omissions may constitute grounds for rejecting your application or for later dismissal.
We do not require information from you that cannot be used pursuant to the German General Act on Equal Treatment (AGG) (race, ethnic origin, gender, religion, ideology, disability, age or sexual identity). We also ask you not to disclose details about illnesses, whether you are pregnant, your ethnic origin, political views, religious or philosophical beliefs, whether you are a member of a trade union, your physical or mental health, or your sex life. The same applies to content that may infringe third-party rights (such as copyrights, press rights, or general rights of third parties).
d) Purposes and legal basis for data processing
Personal data are collected, stored, processed and used only for purposes related to your interest in current or future employment at MINIMAX and processing of your application. If your application for a post at MINIMAX is successful, MINIMAX has the right to continue using the data you have disclosed for the purpose of performing the employment relationship with you. Your online application will be processed and examined only by contact persons at MINIMAX entrusted with handling the application process. All employees tasked with processing data are obligated to keep your data confidential. Under no circumstances will third parties gain knowledge of your details. The legal basis for processing your data is Section 26(1) of the German Federal Data Protection Act (BDSG), since processing of them is required for deciding whether to establish an employment relationship, or for performing or terminating the employment relationship after it has been established, or for the exercise of rights or discharge of duties by employee representative bodies under the law or under a collective bargaining, company or works agreement (collective agreement).
If you use our online application form, the following data are also processed:
These other personal data are processed when an application is sent and help prevent misuse of the contact form and ensure the security of our IT systems. The personal data additionally collected when an application is sent are erased after no later than seven days. The legal basis for processing the data is Article 6(1) (f) GDPR.
In the application tool, we also provide a feature for transferring profile information from your own XING or finest jobs profile to the online application. This is intended to make the application process even easier and more convenient for you. So as to be able to use the feature, you must be registered as a user with the services in question.
If you use this option, you are requested to log on to the XING (New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany) or finest jobs (rexx systems GmbH, Süderstrasse 75-79, 20097 Hamburg, Germany) platform and allow us to access some information (master data) from your platform profile.
If we are not able to offer you employment at MINIMAX, we erase the data we have collected in our systems no later than six months after the end of the application process, unless you give us your consent to store them for longer.
However, if your application documents are in principle interesting to MINIMAX and we merely do not have any suitable employment for you at the time, you can give MINIMAX your consent to retain your data. Your data are stored after you have given your consent by checking the relevant checkbox. By doing so, you enable MINIMAX to contact you as soon as there are suitable job offers in the future. In such a case, we store your data for one year.
The legal basis for using your data is Article 6(1) (a) GDPR if you have given your separate consent to this. You can withdraw the consent you have given to MINIMAX at any time with effect for the future.
Your data may also be passed on to other companies in the Minimax Viking Group for the purpose of your application. This is the case, for example, if you apply in response to a vacancy at a group company or you have submitted an unsolicited application that is not confined to a specific company. You can find an overview of the companies that are part of the Minimax Viking Group under this link.
MINIMAX may also forward your data to countries outside the European Economic Area. However, MINIMAX’s affiliated companies will take the steps necessary to ensure an adequate level of data protection. If MINIMAX transfers your data to the United States, for example, additional measures are taken where necessary, such as conclusion of EU-compliant standard clauses on data protection with the data importer.
Your data are transferred after you have given your consent to this by checking the relevant checkbox. The legal basis for using your data is Article 6(1) (a) GDPR if you have given your separate consent to this. Your application is forwarded only if its content – in terms of subject matter and particular region – is of relevance to the affiliated company in question. You can withdraw the consent you have given to MINIMAX at any time with effect for the future. Your data are erased as soon as they are no longer required for the purpose for which they have been collected.
MINIMAX uses the services of rexx systems GmbH (rexx), Süderstrasse 75-79, 20097 Hamburg, and DATAGROUP Hamburg GmbH (Datagroup), Brandshofer Deich 68, 20539 Hamburg, to operate the portal.
The data transferred as part of the application process are stored on the systems of the service provider. rexx is subject to instructions issued by us and to strict contractual restrictions with regard to the processing of personal data. Accordingly, data may only be processed if this is necessary for the performance of services in our name or in order to comply with legal requirements. The rights and obligations of rexx in relation to personal data have been stipulated by us precisely and in advance. rexx also adopts stringent technical measures to protect your personal data. rexx does not pass on your personal data to third parties unless this is necessary in order to perform the agreed services or if rexx is required to do so by law or to comply with a valid and mandatory instruction issued by a government or regulatory authority. The data transferred as part of this are confined to the absolute minimum.
The legal basis for processing your data is Article 6(1) sentence 1 (f) GDPR. The purpose for which the data are processed is the operation of our career portal. We only store your data for as long as is necessary to achieve the purposes for which they have been collected.
You can find more information on data protection at rexx at https://www.rexx-systems.com/data-protection.php.
A contract for services has been concluded with the service provider Datagroup. Support services may be necessary within the framework of Datagroup so that the data transmitted in the application process can be accessed. Datagroup is subject to our restrictions and is subject to strict contractual restrictions with regard to the processing of personal data. Accordingly, processing is only permitted to the extent necessary for the performance of the services on our behalf or to comply with legal requirements. Datagroup also takes strict technical measures to protect your personal data. Datagroup will not disclose your personal data to third parties unless such disclosure is necessary for the performance of the agreed service or Datagroup is required to do so in order to comply with the law or a valid and enforceable order of a governmental or regulatory body. The data transmitted for this purpose shall be limited to the necessary minimum.
The legal basis for the processing of your data is Article 6 paragraph 1 sentence 1 lit. f DSGVO. The purpose of the data processing is to support our corporate portal. Your data will only be accessed for as long as is necessary for the processing of a support transaction.
Further information on data protection at Datagroup can be found at https://www.datagroup.de/.
MINIMAX has implemented appropriate physical, technical and administrative security standards to prevent personal data being lost, misused, changed or destroyed. Our service providers are contractually obligated to ensure that personal data are kept confidential. In addition, they are not allowed to use the data for purposes for which we have not given our approval.