Skip to content

INFORMATION FOR APPLICANTS ON DATA PROCESSING DURING APPLICATION PROCEDURE    

Data security and the protection of your personal information is very important to us. We adhere to the legal regulations on data protection and provide you with information on the processing of your personal data during our application procedure below. 

1. Contact information of the responsible party  

The responsible party for collecting your personal information during the application procedure is LILLYDOO GmbH, Hanauer Landstraße 147-149, D-60314 Frankfurt am Main, Telephone: +49 (0) 69 120 066 070, E-Mail: info@lillydoo.com.  

2. Purpose and legal basis for data processing  

Personal data may only be collected for legitimate, clearly defined reasons. The reason for collecting your personal data is your application procedure. Your applicant information will therefore only be used for the purpose of processing your application. The legal grounds for this data processing arise from Article 6 Paragraph 1 (b) GDPR.  

3. Duration of storage  

We store your personal data upon receiving your application. If we accept your application, we store your applicant data for up to three years after termination of the employment relationship. If we do not accept your application, we store your applicant data for up to six months after declining your application, unless you expressly grant us your permission for a longer storage period.  

4. Your rights as the party concerned  

You have the fundamental right to disclosure, amendment or deletion of your personal data as well as the right to data transferability. Furthermore, you can claim restriction of data processing and file an appeal against the processing of your personal data.  

5. Withdrawal of consent 

In so far as the collection or the processing of your personal data is based on your consent, you can revoke your consent at any time with effect for the future. The legality of the data processing conducted up until the retraction remains intact in case of retraction.  

6. Right to appeal to a regulatory authority  

You have the right to appeal to the responsible regulatory authority (The Hessian Data Security Commissioner, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Telephone +49 (0) 611 1408-0, E-Mail: poststelle@datenschutz.hessen.de).  

7. Basis for the provision of your data  

The provision of your data is necessary for the potential conclusion of a contract with us. You are neither contractually nor by law obligated to transfer your data to us. However, because we need information pertaining to your person for our application procedure, the potential consequence of an unwillingness to disclose this information is that we might not be able to take your application into proper consideration. 

8. Recipient or category of recipients, third parties  

In the context of processing your personal information, your personal data will not be transferred to recipients other than us. Data from third parties are not collected.



DATA PROCESSING IN VIDEO SURVEILLANCE 

I. Responsible and contact person

The contact person and the person responsible for the processing of your personal data within the meaning of the personal data in the sense of the General Data Protection Regulation (GDPR) is

Lillydoo Services GmbH

Ulmenweg 2

14974 Ludwigsfelde

Phone: +49 (0) 69 643 57 420

E-mail: service@lillydoo.de

If you have any questions about data protection, you can contact us at any time at the following e-mail address: privacy@lillydoo.com.

Please note that if you use this email address, the contents will not be read exclusively by our Data Protection Officer. Therefore, if you wish to exchange confidential information, we ask that you first contact us directly via this e-mail address.  

II. Purpose and legal basis of the data processing and the legitimate interests pursued

The video surveillance serves to secure our rights of domicile, including the prevention of theft and vandalism. This includes our legitimate interest in preventing and investigating unauthorised access to the premises and in preventing and investigating offences against property and assets to the detriment of Lillydoo Services GmbH. The legal basis for video surveillance is Art. 6 par. 1 lit. f) DSGVO. 

With regard to the video surveillance of particularly dangerous or accident-prone areas of our premises, the purpose of the video surveillance is the protection of vital interests and the protection of our employees working there (particularly with regard to accidents at work). The legal basis for the video surveillance is Art. 6 par. 1 lit. d) and f) DSGVO.

 

III. Retention period

The data collected through video surveillance will be stored for a period of 72 hours. After this period, the data is automatically deleted, unless it is required for an ongoing investigation or legal proceedings.

 

IV. Categories of recipients of your personal data and transfers to third countries

In certain instances, we may need to share CCTV footage, which may include you, with departments and individuals within our business for the purposes of viewing and analysis, for example, in the event of a criminal offence. This includes not only the viewing of the material at our premises by the relevant employees, but also, in certain circumstances, the forwarding of the material to the security, compliance and legal departments.

Data will only be transferred to recipients outside of our company if the legal requirements for doing so are met. In particular, this will be the case if the transfer is necessary for the prosecution of a criminal offence or for the exercise, assertion or defence of civil claims (e.g. to law enforcement authorities or external lawyers advising us) and the interests of the data subject in not having the data transferred prevail.  In exceptional cases, personal data may be processed outside the EU or the European Economic Area. In such cases, we will ensure that adequate data protection safeguards are in place to protect your data (e.g. EU standard contractual clauses).

The legal basis for the transfer in such a case is Art. 6 (1) (f) GDPR in conjunction with § 24 (1) nos. 1 and 2 BDSG and, where applicable, in conjunction with Art. 28 (3) GDPR.

 

V. Right to complain to a supervisory authority

If you consider that the processing of your personal data is in breach of the General Data Protection Regulation (GDPR), you have the right to lodge a complaint with a data protection supervisory authority.

This right is without prejudice to any other administrative or judicial remedy.

The competent data protection authority in Ludwigsfelde is the State Commissioner for Data Protection and the Right to Inspect Records

Brandenburg

Stahnsdorfer Damm 77

14532 Kleinmachnow

Telephone: +49 33203 356-0

E-mail: poststelle@lda.brandenburg.de

Website: https://www.lda.brandenburg.de

The supervisory authority will inform you of the status and outcome of your complaint, including the possibility of a judicial remedy.

 

VI. Rights of data subjects pursuant to Art. 15 ff. GDPR

1. Right of access (Art. 15 GDPR)

You have the right to request confirmation as to whether personal data relating to you is being is being processed. If this is the case, you have the right to be informed of the existence of such data and of the purposes of the processing:

the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or will be disclosed; 

the intended length of time for which the personal data will be stored or, if not possible, the criteria for determining such length; the existence of a right to rectify or delete the personal data concerning you or to restrict the processing by the controller or a right to object to such processing; the existence of a right to appeal to a supervisory authority; all available information about the origin of the data, where the personal data have not been obtained from the data subject; the existence of automated decision making, including profiling in accordance with Art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

2. Right of rectification (Art. 16 GDPR)

You have the right to request the immediate correction of inaccurate personal data. personal data. You also have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.

3. Right to erasure (Article 17 GDPR)

You have the right to request the erasure of your personal data for one of the following reasons:

·       The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

·       You withdraw the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR and there is no other legal basis for the processing.

·       You object to the processing in accordance with Article 21(1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Article 21(2) GDPR.

·       The personal data was processed unlawfully.

·       The personal data must be erased in order to comply with a legal obligation under Union or national law to which the controller is subject.

·       The personal data have been collected in connection with the provision of information society services in accordance with Article 8(1) of the GDPR.

4. Right to restrict processing (Art. 18 GDPR)

You have the right to request that the processing of your personal data be restricted in any of the following circumstances:

·       You dispute the accuracy of the personal data for a period of time that allows the controller to verify the accuracy of the personal data.

·       The processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted.

·       The controller no longer needs the personal data for the purposes of the processing, but you need them for the establishment, exercise or defence of legal claims.

·       You have objected to the processing in accordance with Article 21(1) of the GDPR, as long as it is not yet certain whether the controller's legitimate grounds override your grounds.

5. Right to data portability (Article 20 GDPR)

You have the right to receive the personal data relating to you that you have provided to a controller in a structured, commonly used and machine-readable format. You also have the right to transmit that data to another controller without hindrance from the controller to whom the personal data have been provided, where:

·       the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR; and

·       the processing is carried out by automated means.

 

6. Right to object (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on point (e) or (f) of Art. 6 (1) GDPR, including profiling based on these provisions. The controller will no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.







Privacy policy