1. Identity and contact details of the controller
Global Energy Interconnection Research Institute Europe GmbH
10623 Berlin, Germany
e-mail: dataprotection [at] geiri.eu
2. Collection and storage of personal data and the type and purpose of their use
2.1 When you visit the website
When you visit our website www.geiri.eu, information is automatically sent by the browser used on your end device to our website servers. This information is stored temporarily in what is called a log file. The following information is collected during this process without any action on your part and stored until it is automatically deleted in accordance with applicable data protection regulations:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the requested file,
- Website from which access is obtained (Referrer URL),
- Browser used and, where applicable, your computer’s operating system and the identity of your access provider.
The specified data are processed by us for the following purposes:
- Ensuring that the website can establish a connection smoothly,
- ensuring that our website is easy to use,
- analysis of system security and stability, as well as
- for additional administrative purposes.
The specified data is stored in a form that enables identification of the persons concerned for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack). In the event of a security-relevant event, server log files are stored until the security-relevant event is eliminated and fully resolved.
2.3 Job Application Platform
We also offer you the possibility on the website to apply for a job with us by using an online application platform (“Job Application Platform”). We process personal data in this respect for technical operation of the Job Applicant Platform and conduct the application and, if applicable, hiring process.
2.3.1 Collection of Data
As part of our online recruitment process, we collect the information required for recruitment processes at GEIRI which you insert and submit to us via the platform. We therefore collect and process the following application data in connection with your online application ("Application Data"):
- First name
- Last name
- Gender (optional)
- E-mail address
- Telephone number
- Information of availability
- Cover Letter
- Curriculum Vitae, in particular with statements about: School education, Professional education / higher education, Degrees, Practical experience and previous employer-employee relationships
- Employment references (optional)
Only the provision of your name and e-mail address, phone number and the attachment of a cover letter together with a curriculum vitae and related certificates are mandatory. The inclusion of other application data listed above is voluntary. The legal basis for the data processing is Section 26 para. 1 BDSG as the processing is necessary for taking steps prior to entering into a contract.
We will confirm the receipt of your online application by email.
By submitting your application you represent and warrant that the information provided by you is true. Please note that any incorrect information or deliberate omission may constitute grounds for a rejection or for dismissal at a later stage.
In particular, we ask you not to send any information that cannot be used under the German General Equal Treatment Act (Gleichbehandlungsgesetz). This includes in particular direct or indirect information on race, ethnic origin, gender, religion or ideology, age or sexual identity. Similarly, you should not send any information on illnesses, pregnancy, political views, philosophical or religious convictions, membership of a union, physical or mental health or sex life. Furthermore, we ask you to refrain from sending information that may possibly infringe the rights of third parties (in particular their copyrights and personal rights). In the event that you nevertheless send us such data, you hereby explicitly consent to us using them.
We welcome applications from severely disabled candidates. If they are equally suitable, we will give them preferential consideration in our application process.
You may withdraw your application at any time.
2.3.2 Collection, Processing, Use and Forwarding of your Application Data
The Application Data provided by you will only be collected, saved, processed or used by GEIRI for purposes in connection with your interest in employment with GEIRI at the present time or in the future – in particular the processing of your specific application or a future application. Your online application will be exclusively processed and taken note of by the relevant contacts at GEIRI. Upon registration of your online application, you agree that you can be contacted and informed in writing, in text form (in particular email) and/or by telephone in connection with the application process. All employees at GEIRI who are in charge of processing your Application Data are bound to keep your Application Data confidential.
The legal basis for the data processing is Section 26 para. 1 BDSG as the processing is necessary for taking steps prior to entering into a contract.
Please note that our online recruitment site is operated on behalf of and as a data processor for GEIRI by Personio SE & Co. KG, Seidlstraße 3, 80335 München.Furthermore we use join.com recruiting software by JOIN Solutions AG, Landsgemeindeplatz 6, 9043 Trogen, Switzerland. These entities will in their position as data processor and data sub-processor collect, process and use your Application Data for GEIRI in line with this privacy statement. If your application is successful, the Application Data sent by you may also be used by GEIRI for administrative matters associated with your employment that you will be informed about separately in your employment contract.
2.3.3 Storage duration
Should your specific application not be successful, you consent that GEIRI will keep the Application Data sent by you for six more months after the end of the application process and for the purpose of answering questions in connection with your application and its rejection.
2.3.4 Data Security
The security of the Application Data you send to us is very important to us. Your Application Data will therefore be transmitted in encrypted form and then saved in a data base which is protected from access by third parties and is only accessible to a particular group of people. Only people who need access to your Application Data in connection with a specific or future application process will have access to them, as further specified in this Data privacy statement.
2.4 When you contact us via our contact form
We offer you the opportunity to contact us via a contact form provided on our website. A valid e-mail address and a name are required for this so that we know who the inquiry is coming from and can respond to it. Additional information can be provided on a voluntary basis.
The processing is carried out for the purpose of establishing contact on the basis of our legitimate interest in responding to your inquiry, according to Art. 6 (1) (f) GDPR. The personal data collected by us when you contact us are deleted in accordance with statutory requirements once your inquiry has been dealt with.
2.5 When you visit our Profile on LinkedIn
When you visit our company profile on LinkedIn, LinkedIn processes and stores data (e.g. job function, country, industry, seniority, and employment status data) that you provided. We do not have control over the processing of such personal data but only receive anonymous aggregated information about visits on our profile. This processing is governed by a Joint Controller arrangement according to Art. 26 GDPR (the Page Insights Joint Controller Addendum, available here: https://legal.linkedin.com/pages-joint-controller-addendum). Further information about the processing of your personal data by LinkedIn is available here: www.linkedin.com/legal/privacy-policy
2.6 When you visit our Profile on Xing
When you visit our company profile on Xing, the data you provide to Xing is stored and processed. We do not have control over the processing of such personal data but only receive anonymous aggregated information about visits on our profile. Further information about the processing of your personal data by Xing is available here: https://privacy.xing.com/en/privacy-policy
3. Disclosure of data
With the exception of the service providers who act on our behalf to provide our website, we do not generally disclosure your personal data to third parties. Exceptions only apply in the following cases if:
- You have given your express consent to this in accordance with Article 6 (1) (a) GDPR,
- disclosure in accordance with Article 6 (1) (f) GDPR is necessary for the purposes of pursuing our legitimate interests or the legitimate interests of third party and there is no reason to assume that you have any overriding interest in your data not being disclosed which is worthy of protection,
- disclosure in accordance with Article 6 (1) (c) GDPR as required by law, and
- this is permitted by law and required by Article 6 (1) (b) GDPR for the performance of contractual relationships with you.
We have taken technical and organizational security measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees and any service providers who work for us are obliged to comply with all applicable data protection legislation. Are security measures are subject to a continuous improvement process and our privacy policies are constantly revised. Please ensure that you have the most up-to-date version.
5. Rights of data subjects
You have the right:
- in accordance with Article 15 GDPR to obtain information about the personal data processed by us;
- in accordance with Article 16 GDPR to obtain without undue delay the rectification or completion of your personal data stored by us;
- in accordance with Article 17 GDPR to obtain the erasure of the personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression or information, for compliance with a legal obligation, for reasons of public interest or for the establishment exercise or defense of legal claims. If we have made your personal data public, we are obliged, taking account of available technology and the technical possibilities, to inform controllers which are processing the personal data that the you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data;
- in accordance with Article 18 GDPR to obtain the restriction of the processing of your personal data if you contest the accuracy of the personal data, the processing is unlawful, but you oppose their erasure and we no longer require the data, but you require these for the establishment, exercise or defense of legal claims or you have objected to their processing in accordance with Article 21 GDPR;
- in accordance with Article 20 GDPR to receive your personal data in a structure, commonly used and machine-readable format or have such transmitted to another controller;
- in accordance with Article 7 (3) GDPR to withdraw your consent given to us at any time. This means that we may no longer continue the data processing based on this consent in future, and
- in accordance with Article 77 GDPR to complain to a supervisory authority. You can usually contact the supervisory authority at your normal place of residence or your workplace or where we are headquartered for this.
6. Right to object and withdrawal of consent
If your personal data are processed on the basis of legitimate interests in accordance with Article 6 (1) (f) GDPR, you have the right in accordance with Article 21 GDPR to object to the processing of your personal data if grounds for this relating to your particular situation exist or the objection is to direct marketing. In the latter case you have a general right to object, which is implemented by us without any particular situation being specified. Sending an appropriate e-mail to dataprotection [at] geiri.eu is sufficient if you wish to exercise your right to withdraw consent or your right to object.