Privacy Policy

cosnova GmbH (hereinafter: "we") appreciates your interest in our company and our products. It is important to us that you feel secure when visiting the websites operated by us (hereinafter: "website"), also with regard to the protection of your personal data.

This privacy policy informs you about the type, scope and purpose of the personal data we process when you use our website and all sub-pages. If you wish to make use of certain services on our website, e.g. if you wish to apply for a job with us, it is necessary to process your personal data. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.

You can navigate directly to the relevant topics via the links below to find out how we process personal data relating to you. You can also read, save and print this privacy policy as a whole document.

 

Contents of the privacy policy

Please click on the links below to go directly to the relevant topics.

 

1. Information on the responsible person, data protection officer

2. Collection and processing of personal data when visiting our website

3. Cookies and similar technologies

4. Disclosure of personal data in general

5. Integration of third party content

6. Evaluation of usage data ("tracking") and usage-based information ("(re)targeting")

7. (Online) application

8. Our appearances in social media, Influencer

9. Your rights as a data subject

10. Updating the privacy policy

11. List of cookies used

1. Information on the controller, data protection officer

(a) Controller

The controller within the meaning of the General Data Protection Regulation ("GDPR") and other national data protection laws of the member states as well as other data protection provisions is:

cosnova GmbH

At the Limes Park 2

65843 Sulzbach

Phone: +49 6196 76156-0

Fax: +49 6196 76156-1298

E-mail: info@cosnova.com

You can find more information about us in the imprint https://www.cosnova.com/de/impressum

 

(b) The Data Protection Officer of the Controller is:

Moritz Görmann

CTM-COM GmbH

Wilhelm-Leuschner-Strasse 33

64380 Rossdorf

Phone: +49 6154 57605-0

Fax: +49 6154 57605-29

www.ctm-com.de

 

2. Collection and processing of personal data when visiting our website

When using the website for information purposes only, i.e. if you do not send us any other information, we only collect the personal data that your browser sends to our server. We collect the following data, which is technically necessary for us to display our website in the version and language that suits you and to ensure stability and security and to create general reports on the use of our website (legal basis is Art. 6 para. 1 s. 1 lit. f GDPR):

  • IP address
  • Date and time of the request
  • Content of the request (concrete page)
  • Website from which the request comes
  • Browser
  • Operating system

The above data will be deleted immediately when it is no longer needed for the aforementioned purposes, at the latest 30 days after we have collected it.

Insofar as you provide us with further personal data, e.g. within the scope of a registration, a contact form, we use this data for the purposes mentioned and for customer administration purposes, in each case to the extent necessary for this.

If you contact us by e-mail (e.g. to the address given above) or by other means (e.g. messenger), the personal data transmitted with your message will be stored and used for processing the conversation.

The legal basis for the processing of data transmitted in the course of sending a message is Art. 6 para. 1 s. 1 lit. b and lit. f GDPR. This data is used solely for processing the contact; this also constitutes the necessary legitimate interest in processing the data within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected, which is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

 

3. Cookies and similar technologies

In addition to the aforementioned data, cookies are stored on your computer when you use our website and comparable technologies are used. Cookies are small text files that are stored on your hard drive in relation to the browser you are using and which provide the party setting the cookie (in this case, us) with certain information. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website as a whole more user-friendly and effective.

The vast majority of cookies are only set with your consent (Art. 6 para. 1 s. 1 lit. a GDPR). For other cookies, the legal basis is our legitimate interests (Art. 6 para. 1 s. 1 lit. f GDPR). Our cookie banner informs you which cookies fall into which category.

(a) General

This website uses the following types of cookies, the scope and functionality of which are explained below:

  • Transient cookies. Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This means that your computer can be recognised when you return to our website. Session cookies are deleted when you log out or close your browser. Such a cookie can, for example, store the contents of a shopping basket in an online shop or a login status.
  • Persistent cookies. Persistent cookies are automatically deleted after a predefined period of time, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.

(b) Browser settings

You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Stored cookies can be deleted in the system settings of the browser. Please note that you may not be able to use all the functions of this website.

(c) List of cookies

A list of the cookies and similar technologies used can be found at the end of this privacy policy.

(d) Revoke cookies

On our website you will find a small cookie symbol at the bottom right, which you can use to change your cookie settings at any time.

 

4. Disclosure of personal data in general

(a) Transfer to service providers

In some cases, we use service providers bound by instructions for certain data processing activities, who process the data on our behalf and according to our instructions (commissioned processing).

(b) Disclosure to public authorities, injured parties and for legal proceedings

If it is necessary to clarify illegal or abusive use of our website or for legal prosecution, personal data will be forwarded to the law enforcement authorities and, if necessary, to injured third parties. However, this only happens if there are indications of illegal or abusive behaviour.

Disclosure may also occur if it serves to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public authorities upon request. These are law enforcement agencies, authorities that prosecute administrative offences subject to fines and the tax authorities.

The legal basis for this is Art. 6 para. 1 s. 1 lit. b, Art. 6 para. 1 s. 1 lit. c, Art. 6 para. 1 s. 1 lit. d and Art. 6 para. 1 s. 1 lit. f GDPR.

(c) Disclosure in the context of corporate transactions

As our business evolves, we may change the structure of our business by changing its legal form, establishing, buying or selling subsidiaries, divisions or components. In such transactions, customer information may be passed on to the acquirer or legal successor together with the part of the company to be transferred.

Whenever we disclose personal data to the extent described above, we will ensure that this is done in accordance with this Privacy Policy and applicable data protection law.

(d) Transfer to recipients outside the EU

We may transfer personal data to countries outside the EU ("third countries"). Any transfer of data to a recipient in a third country is carried out in compliance with the applicable data protection law. If the European Commission has not established the existence of an adequate level of protection for a third country, we provide appropriate safeguards to ensure adequate protection of the personal data relating to you. This can be done in particular by entering into data processing contracts that contain EU standard data protection clauses and provide adequate safeguards as decided by the European Commission (available at: http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm). Please contact us for further details, such as the text of the EU standard data protection clauses.

 

5. Integration of third-party content

(a)  General

Our website may also contain offers from third parties. If you click on such an offer, data will be transmitted to the respective provider to the extent necessary (e.g. the information that you found this offer on our website and, if applicable, further information that you have already provided for this purpose on our website).

(b) Vimeo videos

The videos on our website are partially embedded from the Vimeo platform (Vimeo LLC, based in New York City, USA). This means that the video is played directly on vimeo.com but displayed on our site. In the process, Vimeo cookies are set, via which personal data relating to you is transmitted to Vimeo if you are logged in to Vimeo via your end device. This is necessary to enable you to save the videos in your "Watch later" playlist in order to view them at a later time. You can prevent such data transfer by logging out of Vimeo beforehand. The cookies are used on the basis of your consent (Art. 6 para. 1 s. 1 lit. a GDPR).

For more information about Vimeo's processing of personal data, please see Vimeo's privacy policy at Privacy Policy on Vimeo.

 

6. Evaluation of usage data ("tracking") and usage-based information ("(re-)targeting")

(a)  General

We want to tailor the content of our website as precisely as possible to your interests and in this way improve our offer for you. In order to recognise user preferences and particularly popular areas of the website, we use so-called tracking technologies.

In order to be able to tailor our online marketing (e.g. banner advertising) more specifically to your usage-based interests, we use so-called (re-)targeting technologies. These are read when you visit other websites that cooperate with the providers of these (re-)targeting technologies and are used to provide you with the most interest-related information possible.

When the above technologies are used, cookies on our website and (in the case of retargeting) on third-party websites are used to record your interest in our products and services. This involves the use of random identifiers (cookie IDs) and similar technologies that we do not associate with your name, address or similar details, even if we know these details (e.g. from an existing contractual relationship), unless you have consented to this.

(b) Web analytics through Fathom Analytics

This website uses the analysis service Fathom. Fathom is not based on "cookies". No personal information about you is stored.

The use of Fathom is based on Art. 6 para. 1 s. 1 lit. f GDPR. cosnova has a legitimate interest in the anonymised analysis of user behaviour in order to optimise both the web offer and marketing campaigns. The Fathom privacy policy can be found here: https://usefathom.com/privacy.

(c)  Web analysis through Matomo on the careers page

On the careers website, data is collected and stored for marketing and optimisation purposes using the Matomo web analytics service software (www.matomo.org). This data is used to create user profiles under a pseudonym, and cookies are used for this purpose (see section 3 of this data protection policy). The cookies enable the recognition of the internet browser. The data collected using Matomo technology (including your anonymised IP address) is transmitted to our server and stored for usage analysis purposes, which serves to optimise our website. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

The legal basis for the processing of the users' personal data is Art. 6 para. 1 s. 1 a) GDPR.

The processing of users' personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of the website. This helps us to continuously improve the website and its user-friendliness. The collection and storage of data only takes place after explicit consent according to Art. 6 para. 1 s. 1 lit. a) GDPR.

This session cookie is deleted again when the browser is closed.

Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, you have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent. You can find more information about the privacy settings of the Matomo software under the following link: https://matomo.org/docs/privacy/.

 

7. (Online) application

(a) The purpose and legal basis of the processing operation

We process your personal data for the purpose of establishing an employment relationship in compliance with Article 6 (1) s. 1 b) GDPR in conjunction with Article 88 GDPR and Section 26 BDSG. The data is processed solely for the purpose of assessing your suitability, ability and professional performance with regard to the position for which you are applying.

We also process your personal data for certain purposes (e.g. for longer storage) if you have given us your consent to data processing within the meaning of Art. 6 para. 1 s. 1 a) GDPR in conjunction with Art. 7 GDPR.

If applicable, we are obliged to process your personal data pursuant to Art. 6 para. 1 s. 1 c) GDPR. Various legal obligations may exist in this regard (e.g. obligations under the German Commercial Code; the German Fiscal Code; to store tax-relevant data; under the German Social Security Code; under the General Equal Treatment Act; or other relevant regulations).

(b) The nature of the categories of data processed

We process personal data that we receive from you as part of the application process, e.g. through letters of application, CVs, certificates, correspondence, telephone or verbal information.

The following data categories, among others, may be affected:

  • Personal details (surname, first name, date of birth)
  • Address data (address, place of residence)
  • Contact details (telephone no., e-mail address)Application data (cover letter, references, CV)
  • Special personal data (health data such as diseases and disabilities)

(c) Recipients or categories of recipients of the data

Our HR department has access to your data, but also the specialist department of the position for which you have applied. Our administrators and the order processor rexx Systems GmbH have the technically necessary possibility to access data processed by IT. They are strictly bound by our instructions and may not process the data for their own purposes. In certain cases, we have to disclose your personal data to third parties, such as our bank if you receive a reimbursement or the post office if we communicate with you by letter. Furthermore, third parties may receive data for certain purposes if this is required by law in the context of your application (e.g. notification to the Federal Employment Agency).

(d) Duration of data storage

Your personal data will be stored for as long as is necessary to fulfil our contractual and legal obligations in the application process. In the event of a successful application, your personal data will be placed in your personnel file and used for the implementation and termination of the employment relationship.

If we are currently unable to offer you employment, we will continue to process your data on the basis of our legitimate interests pursuant to Art. 6 para. 1 s. 1 f) GDPR for up to 6 (six) months after sending the rejection in order to be able to defend ourselves against any legal claims.

In the event of your consent to the storage of your data beyond the prescribed duration, the duration may be correspondingly longer.

If the data is no longer required for the fulfilment of contractual or legal obligations, it will be deleted, unless storage is required due to legal retention periods (e.g. for the fulfilment of commercial and tax retention periods of ten years).

 

8. Our appearances in social media, Influencer

We also maintain corporate presences on social networks, such as Facebook and LinkedIn, which we link to on our website. When calling up the respective networks and platforms, the terms and conditions and data processing policies of the respective operators apply, over which we have no influence. In the process, data may also be processed outside the European Union. For certain processing at Facebook and LinkedIn, Meta Platforms Ireland Limited and Linkedin Ireland Limited and we are so-called "joint controllers". Our data protection notices on the respective social networks provide you with more detailed information on this.

The data protection notices in the respective networks apply to the activities of cosnova's corporate influencers.

 

9. Your rights as a data subject

(a) Right to information

You have the right to request information from us at any time about the personal data we process about you within the scope of Art. 15 GDPR. For this purpose, you can submit a request, e.g. by post or by e-mail to the contact address provided.

(b) Right to rectify inaccurate data

You have the right to demand that we immediately correct the personal data concerning you in accordance with Art. 16 GDPR if it is incorrect. To do so, please contact us at the address provided.

(c) Right to erasure

You have the right to request that we delete the personal data concerning you under the conditions described in Article 17 of the GDPR. These conditions provide in particular for the right to erasure if the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of an erasure obligation under Union law or the law of the Member State to which we are subject. To exercise your right to erasure, please contact us at the address provided.

(d) Right to restrict processing

You have the right to demand that we restrict processing in accordance with Article 18 of the GDPR. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the duration that the verification of the accuracy requires, as well as in the event that the user requests limited processing instead of erasure in the case of an existing right to erasure; furthermore, in the event that the data are no longer necessary for the purposes pursued by us, but the user requires them for the assertion, exercise or defence of legal claims, as well as if the successful exercise of an objection is still disputed between us and the user. To exercise your right to restrict processing, please contact us at the contact address provided.

(e) Right to data portability

You have the right to receive from us the personal data concerning you that you have provided to us in a structured, common, machine-readable format in accordance with Art. 20 GDPR. To exercise your right to data portability, please contact us at the address provided.

(f) Right of objection

You have the right to object at any time to the processing of your personal data on the basis of Art. 6 (1) sentence 1 lit. e or lit. f GDPR for reasons arising from your particular situation in accordance with Art. 21 GDPR. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

(g) Right of withdrawal (in case of consent given)

You have the right to revoke your consent in accordance with Art. 7 (3) GDPR with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

(h) Right of appeal

You also have the right to contact a supervisory authority for data protection in the event of complaints. The supervisory authority responsible for us is:

The Hessian Data Protection Commissioner

Gustav-Stresemann-Ring 1, 65189 Wiesbaden

PO Box 31 63, 65021 Wiesbaden

Phone: +49 611 14080

Fax: +49 611 1408 - 900

E-mail: poststelle@datenschutz.hessen.de

Internet: http://www.datenschutz.hessen.de

 

10. Updating the privacy policy

This privacy policy is valid as of June 2022. Changes to our offer may make it necessary to also change this privacy policy. Therefore, please inform yourself regularly about the content of our data protection declaration. We will also inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

 

11. List of cookies used

 

Cookie Name

Sample Value

Expire

Type

Domain

Vendor

cosnova_session

 

eyJpdiI6InNVdG1GakUxNGp5SzlYVE00OFhFbGc9PSIsInZhbHVlIjoidWVYSG9pUUJhaDVRK29UNzJablJlU1VzQ0g1SGZIdHIraVN5dDlWWUtzano5N090ZFNSRGoya2pCeC9JeHFHdlcyK2NEWktJS3BhU3NKVE1IZnk2UGZwMCtta0o1cWdrUUFrbU53MEapd1o0WkpDZkl5WTF6MWJOSG9FSUp6T2YiLCJtYWMiOiIzZTczZmVhMTA2M2UxZjE0YmU4MDNmNWFkNjU0YTczYjBkMzIzNGVjZmFiNmJkZGNkMWI5Y2ZiMmU5YmJkYjA1IiwidGFnIjoiIn0%3D

 

2 hours

 

Session ID

 

www.cosnova.com

 

[unknown]

sid

 

1 hour

 

jobs.cosnova.com

 

cookieconsent_status

 

30 days

 

jobs.cosnova.com

 

_pk_id*

 

13 months

 

jobs.cosnova.com

 

_pk_ref*

 

6 months

 

jobs.cosnova.com

 

_pk_ses*

 

30 minutes

 

jobs.cosnova.com

 

MATOMO_SESSID

 

This session cookie is deleted again when you close the browser.

 

jobs.cosnova.com

 

 

Cookies on cosnova.com

cosnova.com works with cookies. Some are technically necessary, others help us to provide you with an optimal user experience. Not necessary cookies are only set with your consent, which can be revoked at any time. Our privacy policy informs you about details and potential third country risks.

Vimeo