datenschutz-hr4you

Bielefeld University is the controller responsible for processing the data. It is a corporate body under public law governed by the State of North Rhine-Westphalia. It is represented by the Rector Prof. Dr. Angelika Epple.

1.1. Contact details for the controller

Universität Bielefeld
Universitätsstraße 25
D-33615 Bielefeld
Tel: +49 521 / 106 – 00
E-Mail: post@uni-bielefeld.de
Web: https://www.uni-bielefeld.de

1.2. Contact details for the recruiting department

E-Mail: angelina.cammarata@uni-bielefeld.de
Tel.: +49 521 106-12030
Web.: https://www.uni-bielefeld.de/verwaltung/dezernat-p-o/index.xml

1.3. Contact details for the data protection officer

You can contact the data protection officer by post at the controller’s address or as follows:
Tel.: +49 521 106-5225
E-Mail: datenschutzbeauftragte@uni-bielefeld.de

2.1
When applying for a position at Bielefeld University, you submit personal data in the form of your application documents, which are processed for the purpose of carrying out the application and staffing process itself and for the purpose of the necessary involvement of the committees (Staff Councils, Equal Opportunities Officer, Representative Body for Severely Disabled Persons) in this process.

• The personal data processed by you contains the following mandatory information: Title, full name, internal/external application, e-mail, documents (cover letter, CV), qualifications and experience.
• In addition, you can voluntarily provide further information (e.g. in your CV or cover letter): current position, marital status, number of children, date and place of birth, (academic) title, nationality, private address incl. telephone number, business address incl. e-mail and telephone number, (severe) disability, other educational and qualification-related data (school/university degree, professional career, etc.), other data relevant to your application (letters of recommendation, employment references, proof of charity work, proof of stays abroad, etc.)

Who will receive your application documents?
Your application documents will be passed on within the University for the purpose of selecting applicants. The Department of Personnel and Organization and the hiring department, institution or faculty will both be involved in the selection process. In addition, the above-mentioned committees will be given access to your documents according to the legal obligations of the University as a public employer.
 

2.2
Storage of application data/documents within the Talent Pool:

• You also have the option of saving your application documents in the University’s Talent Pool for a maximum of twelve months. If a position matching your profile is advertised at Bielefeld University during this period, you will be notified. The storage of your application documents in the Talent Pool is voluntary and can be revoked at any time with effect for the future. In this case, your application documents will be deleted immediately. You will not suffer any disadvantages from the revocation or failure to grant consent.

2.3
In order to ensure the proper operation of the application portal (correction of malfunctions and errors, processing of security incidents, etc.), the following system and log data will be processed:

• IP address of the visitor, date and time of the visit/request, requested file, status code of the request, size of the requested data in bytes, starting point of the request (if transferred by visitor), browser (if transferred by visitor), operating system and user interface of the visitor (if transferred by visitor), session and system cookies.

The processing listed under 2.1 is based on the following legal regulations:

For the application and staffing process:
Art. 88 (1) GDPR in conjunction with § 18 (1) of the State Data Protection Act of North Rhine-Westphalia (Landesdatenschutzgesetz (DSG) NRW) serves as the legal basis for employers to process data as far as this is necessary in order to fulfill the contractual obligations of the employment relationship. This also applies to data processing which is necessary in a pre-contractual context, i.e. during the application and staffing process.

The selection of suitable applicants in the recruitment process takes place prior to the conclusion of an employment contract (with the most suitable applicant) and thus in the pre-contractual context. As a public employer, the university is obliged to recruit the most suitable applicants in accordance with Art. 33 (2) of the German Constitution (Grundgesetz) within the framework of the principle of the so-called “Bestenauslese” (selection of the best). In order to verify this, the data transmitted with the application documents will be evaluated.

Art. 6 (1) (b) GDPR contains the corresponding general regulation that applies to all types of contractual relationships.
 

For the involvement of the internal committees:
Art. 88 (1) GDPR in conjunction with § 18 (1) of the State Data Protection Act of North Rhine-Westphalia (Landesdatenschutzgesetz (DSG) NRW) also serves as the legal basis for data processing insofar as the employer is legally obligated to involve the aforementioned committees:

The obligations to involve the different committees in application and selection procedures are based on § 72 (1) NRW State Personnel Representation Act (LPVG NRW), § 18 (1) NRW State Equal Opportunities Act (LGG NRW) and § 178 (1), (2) Social Security Code IX (SGB IX).

Art. 6 (1) (c) GDPR contains the corresponding general regulation that applies to legal obligations to which the controller is subject.
 

For the processing of application documents within the Talent Pool
Art. 6 (1) (a) GDPR in conjunction with Art. 9 (2) (a) GDPR (when uploading sensitive data such as e.g. certificates of severe disability) apply.
 

The processing of system and protocol data is based on
Art. 6 (1) (f) GDPR in conjunction with Art. 6 (1)(e) GDPR.
 

Further possible processing of data:
Under certain circumstances, data may also be transferred to third parties on the basis of a legal regulation requiring or permitting this, for example, data may be transferred to the prosecuting authorities for the investigation of criminal offences within the provisions of the Code of Criminal Procedure (StPO).
If technical service providers gain access to personal data, this happens on the basis of a contract in accordance with Art. 28 GDPR.

Your application documents will be kept for four months in accordance with the university's storage regulations before they are deleted. This storage period is, among other things, due to the periods of time stipulated by the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz (AGG) ), during which rejected applicants may assert claims. Based on § 18 (7) DSG NRW, the controller is authorized to store the necessary data for that period of time.

The application documents stored in the Talent Pool will be kept for a maximum period of twelve months and then deleted. Early deletion is possible at any time at the request of the person concerned.

The system and log data are deleted after 180 days.

As a data subject, you can assert the rights granted to you by the GDPR at any time:

• the right to be informed whether or not personal data is being processed and access to that data and certain information about it (Art. 15 GDPR),
• the right to request rectification or completion of inaccurate or incomplete data concerning you (Art. 16 GDPR),
• the right to have your personal data erased in accordance with Art. 17 GDPR,
• the right to demand a restriction of the processing of data in accordance with Art. 18 GDPR,
• the right to withdraw a given consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal (Art. 7 (3) GDPR),
• the right to object to future processing of data concerning you in accordance with Art. 21 GDPR.

In addition to the above-mentioned rights, you have the right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR), for example with the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia:     

Landesbeauftragten für Datenschutz und
Informationsfreiheit Nordrhein-Westfalen
Kavalleriestraße 2-4
40213 Düsseldorf