Fabasoft’s Privacy Statement for Applicants

Who is responsible for data processing? - The Group’s Structure

The Fabasoft company to whom you address your application is responsible for your privacy concerns.

Fabasoft International Services GmbH is responsible for the Fabasoft Talent Pool’s privacy concerns.

You will find all Fabasoft companies listed here:

Additional Information:

* Mindbreeze GmbH (www.mindbreeze.com) and its subsidiary company, the Mindbreeze Corporation, (as follows: “Mindbreeze“) belongs to the Fabasoft Group, but they have their own website, also for career at Mindbreeze. The current privacy statement for applicants includes Mindbreeze’s application process.

This privacy statement serves to elaborate on Fabasoft’s privacy statement and Mindbreeze’s privacy statement and to provide more information for applicants.

The current version of this privacy statement is available on Fabasoft’s website and is available to download as a free PDF. Download Fabasoft's Privacy statement for Applicants here (PDF 78 KB)

** Xpublisher GmbH ( www.xpublisher.com) and its subsidiary Xpublisher Inc. (hereinafter referred to jointly as “Xpublisher”) are a part of the Fabasoft Group but have their own separate website, including a Careers section. The data privacy statement presented here for applicants does not cover the application process for Xpublisher. Xpublisher’s general data privacy statement can be viewed here: www.xpublisher.com/privacy.

Which data are processed? Where does the data come from (the data sources)?

1. Processing in the context of the application process
   Fabasoft processes personal data that has been collected directly from the data subject. In order to take part in the application process, the following personal data will be processed: Personal data that you have willingly provided through your application, including: form of address, name, title, home address, date of birth, telephone number, email address, nationality, cover letter, motivation letter, CV, school and higher education details, employer references, proof of further study, professional history, photos and examples of work you have completed.

   In addition to the personal data you willingly provided, Fabasoft maintains the right to acquire data from business platforms like XING and LinkedIn for the purpose of assessing your application. Fabasoft has a legitimate interest in this assessment.
    

2. Data not collected from the data subject
   In addition to the personal data you provide voluntarily, Fabasoft reserves the right to make use of information from business platforms such as XING and LinkedIn for the purpose of assessing the information you provide. In this case the information in your application documents pertaining to your curriculum vitae, school and higher education qualifications, further education and professional history are compared with the information available on XING and LinkedIn and the resulting data stored. Fabasoft has a legitimate interest in this assessment.

   Fabasoft also uses recruiting agencies (“recruiters”) in its search for employees. In the event we receive your application documents via a recruiter, these will include: form of address, name, title, address, date of birth, telephone number, email address, nationality, cover letter, motivational letter, curriculum vitae, school and university qualifications, employers’ references, documentation pertaining to your further education, professional career, photos, work samples plus information provided by the recruiter as to why you are suitable for the position we have advertised.

Why is personal data processed and what is the legal basis for doing this?

1. Processing in the context of the application process
   In order to assess your application, it is necessary that staff in the recruitment team process your personal data. As well as the recruitment staff, who advertise new positions and to whom you will send your application, your data will be made available to a select number of Fabasoft’s human resource managers (line managers within the Group) so they can assess whether we can enter into an employment contract with you (cf. Art.6 Par. 1lit b GDPR).
    
2. Processing for alternative vacancies
   Employees, who have been entrusted with the task of recruitment, are the main point of contact during the application process. As the documents provided in the application are assessed, it may transpire that the qualifications listed are more suitable for a different position within Fabasoft other than the one for which you have applied. If this is the case, you will receive a message from the recruitment team, as well as information on the proposed position. Your personal data will only be transferred to the relevant recruitment manager with your consent. If permission is not granted for this, your personal data will be processed within the context of your original application. Any consent given can be revoked at any time. The lawfulness of the processing for which consent was granted remains unaffected until the consent is revoked.
    
3. Processing in the context of joining the talent poolYou will not be included in the talent pool unless you give your express consent for us to do so. The talent pool is a Fabasoft platform used for keeping in contact with applicants as well as people it has identified as having desirable skills and is managed by the recruitment team of Fabasoft International Services GmbH. Following your consent, data will be passed on to other Fabasoft companies within the Group. Persons from the talent pool will receive targeted information when a suitable position becomes vacant. Any consent given can be revoked at any time. The lawfulness of the processing for which consent was granted remains unaffected until the consent is revoked.
    
4. Data processing and consent
   It could be possible that Fabasoft requires consent for certain forms of processing, irrespective of the above-mentioned legal bases and processing cases, and that it will request such consent from you. If you consent to Fabasoft processing your personal data, the processing will be carried out exclusively in accordance with the purposes indicated in the consent, for example, to sign up for a careers newsletter or for invitations to career events. Any consent given can be revoked at any time. The lawfulness of the processing for which consent was granted remains unaffected until the consent is revoked.

Who receives the personal data?

As the processor, Fabasoft International Services GmbH provides the recruitment team for Fabasoft, as well as (human resources) marketing and communication services. The individual employees, departments and companies within Fabasoft, which require it for the above-mentioned purposes, will receive personal data. Furthermore, in exceptional circumstances, and only insofar as necessary, data may be transferred to certain officials (such as lawyers). In individual cases, we also forward your data to our data protection officer in Austria or Germany in order to obtain advice on the implementation of data protection regulations, e.g. if you assert claims against us.

For how long is data stored?

Fabasoft stores your personal data, which was collected during the application process, for a period of 7 months after the application process has ended.

If we receive your data from a recruiter, we will store it for a period of 7 months after completion of the application process irrespective of whether we contact you or not.

By consenting to join the talent pool, you are granting permission for your personal data to be stored for 3 years after joining Fabasoft’s talent pool.

Personal information, which was transferred to Fabasoft upon permission being granted (e.g. to receive the careers newsletter or invitations to career events) will be stored for a maximum of three years after the last activity, provided that it is not re-used before then.

Where is the data stored?

Fabasoft stores data on its own hardware in highly secure, external data centres in Germany, Austria and Switzerland.

What are the data subject’s data protection rights?

You have the right to disclosure, correction, removal or restriction in the processing of the stored information. You have the right to object to the use of your personal information as well as the right to data portability in accordance with the requirements of the data protection law.

In the event that you withdraw consent to use your personal information, Fabasoft will immediately stop using this data, provided that the use of this data is solely based on your consent. Exceptions arise as a result of legal belongings, which render storing data necessary, but this is only in the event of the aforementioned obligations. The legitimacy of the processing, for which consent was granted, remains intact until the consent is withdrawn.

All Fabasoft companies may demand any of the rights outlined above through the following channels.

• By E-mail: privacy@fabasoft.com
• Per post: Fabasoft AG, c/o Privacy, Honauerstrasse 4, 4020 Linz, Austria

All queries about rights should be addressed to Fabasoft in writing. In order to prevent any unauthorized persons from abusing these rights, you must prove your identity to Fabasoft in an appropriate manner. Everyone has the right to information.

Fabasoft may make further use of relevant personal information, provided that it is anonymized in advance and that it is not possible to relate this information to a particular or identifiable individual.

Complaints should be directed to the Austrian Data Protection Authority or to another data protection authority within the European Union or Switzerland, preferably where you live or work.

There are different interfaces and data processing steps within the Fabasoft Group, in which the different individual personal data processing services are carried out among the companies within the group. The regulations defined in the “Framework agreement for internal data processing within the Fabasoft group” reflect the respective roles of the companies of the Fabasoft Group as joint controllers in a transparent manner pursuant to Art. 26 GDPR or as controller and processor pursuant to Art. 28 GDPR as well as the lawful form of this legal relationship, in particular in compliance with the regulations of the GDPR or the respective national data protection regulations. In the case of a breach of the framework agreement and/or applicable data protection provisions, Fabasoft International Services GmbH, FN 271303a, Honauerstraße 4, 4020 Linz, has undertaken to assume liability for claims by a data subject. Thus, a place of jurisdiction within the EU is available to the data subjects for the assertion of their rights.

The Framework Agreement is available for download on the Fabasoft Website: https://www.fabasoft.com/en/about-us/transparency

Contact with Data Protection Officers

Fabasoft has a data security team at its disposal that is dedicated to data protection issues (“Privacy Team”) The contact details for this privacy team are available at: https://www.fabasoft.com/privacy. The privacy team can be contacted at: privacy@fabasoft.com

As far as the GDPR, or rather national regulations, require, Fabasoft will appoint a data protection officer. The contact details of this data protection officer are available at: https://www.fabasoft.com/privacy

Compulsory provision of personal information

With regard to your application, personal data that is required for its processing must be made available. If this data is not provided, your application will not be considered or processed.