The Ebenbuild GmbH (hereinafter "Ebenbuild” or “we"), is pleased that you are visiting our website. Data protection and data security are very important to us. Therefore, we would like to inform you about the personal data we collect during your visit to our website and about the intended purposes.
As changes to the law or changes to our corporate processes may require an adaptation of this privacy statement, we ask you to read this privacy policy regularly. The privacy policy can be accessed any time under “Privacy Policy”, saved and printed out.
The controller according to the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection acts of the Member States, as well as other data protection regulations, is:
Ebenbuild GmbH
Address: Holzstraße 28, 80469 München, Germany
Phone: +49 (0)89 289 15265
Email: info@ebenbuild.com
This privacy policy applies to the online presence of Ebenbuild, which is available at www.ebenbuild.com and the various subdomains (hereinafter referred to as "our website").
You can contact our data protection officer here:
Name: Marie Brei
Email: dataprotection@ebenbuild.com
You can also send a letter to our address, please write „z. Hd. des Datenschutzbeauftragten“ on the envelope.
Personal data are all information relating to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behavior. Information that cannot (or only with a disproportionate effort) be referred to your person, e.g. by anonymizing the information, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis or your consent.
Processed personal data will be deleted as soon as the purpose of the processing has been fulfilled and no legally prescribed retention obligations are to be observed.
In case we process your personal data for the provision of certain offers, please find below information about the specific processes, the scope and purpose of data processing, the legal basis for processing and the respective storage period.
When you access and use our website, we only collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file.
The following personal data is recorded to the extent necessary for the provi¬sion of a functional website and our contents and services:
Art. 6 para. 1 lit. f GDPR serves as the legal basis for the data processing. The processing of the mentioned data is necessary for the provision of our services and thus serves the protection of a legitimate interest of our company. Erasure and Storage Time
The data subject’s personal data are deleted or blocked as soon as the purpose of the storage is fulfilled. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection for the user. Further storage may take place in individual cases if this is required by law.
You have the opportunity to contact us using a form provided on our website. In the course of sending your inquiry via the contact form, reference is made to this data protection declaration in order to obtain your consent. If you use the contact form, the following personal data will be processed:
The purpose of entering your e-mail address and other personal data is to assign your request and to be able to reply to you. When using the contact form, your personal data will not be forwarded to third parties.
The data processing described above (cf. § 4 2. a.) for the purpose of establishing contact is carried out voluntarily in accordance with Art. 6 para. 1 lit. f GDPR as we have a legitimate interest in responding to your request. You have the right to object. If you exercise this right, we will no longer be able to process your request.
As soon as the request you have made has been dealt with and the relevant facts have been finally clarified, your personal data processed by the contact form will be deleted. Further storage may take place in individual cases if this is required by law.
Applicants may apply to job vacancies published on this website or on job boards via an email address or post. In addition, applicants have the option to apply via an applicant portal on our website. Within the applicant portal, the uploaded personal data entered by the applicants is transferred using TLS encryption. All applications are stored in a database operated by Personio GmbH, which offers a human resource and applicant management software solution (https://www.personio.com/legal-notice/). In this context, Personio is our processor under article 28 of the GDPR. In this case, the processing is based on an agreement for the processing of orders between us as the controller and Personio. Further information on the storage of personal data by Personio can be found at https://ebenbuild.jobs.personio.com/privacy-policy.
Furthermore, the applicant can choose to upload expressive documents such as a cover letter, CV and reference letters. These may contain additional personal data such as
No personal data will be passed on to third parties in this context. The personal data will only be used to carry out the application procedure and will only be made available to the persons who are involved in the application procedure in question (e.g. responsible manager, responsible employee of the Human Resources department).
The legal basis for the processing of personal data in the context of the application procedure is Section 26 of the Federal Data Protection Act (BDSG), as the processing is necessary to establish an employment relationship.
The personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected, there are no statutory retention periods to the contrary and they are not required in connection with the protection and defense of possible legal claims.
Applicants have the option of withdrawing their application at any time. Their application documents will then no longer be considered in the application process and will be deleted, provided that there are no statutory retention periods to the contrary and they are not required in connection with the protection and defense of possible legal claims.
The purpose of the processing in the context of the applicant pool is that we may contact you even after the application procedure has ended in order to inform you about interesting positions in our company. The following personal data will be used for this purpose:
The data will be stored in a database operated by Personio GmbH, which offers a human resource and applicant management software solution (https://www.personio.com/legal-notice/). For more information about the processing of personal data by Personio see §4 3(a) and https://ebenbuild.jobs.personio.com/privacy-policy.
The processing of your applicant data after the end of the application procedure is based on your voluntary declaration of consent in accordance with Art. 6 para.1 lit. a GDPR. You can withdraw your declaration of consent at any time by sending an e-mail to dataprotection@ebenbuild.com.
The personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected or you have revoked your consent and there are no statutory retention periods to the contrary.
We use the hCaptcha security service (hereinafter "hCaptcha") on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation ("IMI"). hCaptcha is used to check whether user actions on our online service (such as submitting a login or contact form) meet our security requirements. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the "invisible mode" may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge.
Data processing is based on Art. 6(1)(b) of the GDPR: the processing of personal data is necessary for the performance of a contract to which the website visitor is party (for example, the website terms) or in order to take steps at the request of the website visitor prior to entering into a contract. Our online service (including our website, mobile apps, and any other apps or other forms of access offered by us) needs to ensure that it is interacting with a human, not a bot, and that activities performed by the user are not related to fraud or abuse. In addition, processing may also be based on Art. 6(1)(f) of the GDPR: our online service has a legitimate interest in protecting the service from abusive automated crawling, spam, and other forms of abuse that can harm our service or other users of our service. IMI acts as a "data processor" acting on behalf of its customers as defined under the GDPR, and a "service provider" for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha’s privacy policy and terms of use, please visit the following links: https://www.hcaptcha.com/privacy and https://www.hcaptcha.com/terms
hCaptcha does not retain personal data longer than necessary for security purposes. Temporary logs are minimized and deleted or anonymized after a short period. For details, see the hCaptcha Privacy Policy: https://www.hcaptcha.com/privacy and https://www.hcaptcha.com/terms
Insofar as you assert data subject rights in accordance with Art. 12 et seqq. GDPR with regard to the use of the website, the personal data provided to us by you will be processed in order to respond to the respective request.:
Art. 6 para. 1 lit c GDPR serves as the legal basis for the processing of your personal data with regard to responding to the data subject request, as the controller thereby fulfils a legal obligation.
Your personal data will be stored for as long as it is necessary to achieve the purpose or until the purpose has ceased to exist. In addition, further storage may take place insofar as legal retention periods prevent deletion.
We only share your personal information with third parties if:
On our recruiting site https://ebenbuild.jobs.personio.com operated by Personio GmbH, and on other parts of our website where the hCaptcha service is embedded, cookies may be used.
Personio offers a human resource and applicant management software solution and is our processor under article 28 of the GDPR. In this context only cookies that are absolutely necessary, functional or performance-related, in particular for implementing certain default settings such as language, for identifying the job advertising channel, or for analyzing the performance of a job advert via which a user accessed this recruitment website are used. The use of cookies is absolutely necessary for providing the services provided by Personio and thus for the performance of the contract (article 6 (1) b) of the GDPR). Period of storage: up to 1 month or until the end of the browser session Right to object: You can determine via your browser settings whether you allow or object to the use of cookies. Please note that deactivating cookies may result in limited or completely blocked functionalities of the recruitment website.
hCaptcha, which we use for bot protection, may set cookies, but only such cookies that are strictly necessary for the functioning of the service (e.g. session or load balancing cookies) or statistical cookies managed directly by hCaptcha, which are not used for profiling. The legal basis for this processing is Art. 6(1)(b) GDPR (provision of the requested service) and Art. 6(1)(f) GDPR (our legitimate interest in ensuring security and preventing fraud or abuse).
We do not use any tools for tracking and analysis.
Our website contains hyperlinks to websites of other providers. When you activate these hyperlinks, you will be directed directly to the other providers' website. You will recognize this when the URL is changed. Please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
If your personal data are processed, you are a data subject within the meaning of the General Data Protection Regulation (GDPR) and the following rights apply to you:
You can exercise these rights by contacting dataprotection@ebenbuild.com.
In case the processing of your personal data is based on legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR insofar as there are reasons which arise from your particular situation or if the objection refers to direct marketing. In the case of direct marketing, you have a general right of objection which will be considered without mentioning any particular situation.
We are committed to protecting your privacy and treating your personal information confidentially. In order to avoid any manipulation, loss or misuse of your data stored by us, we take extensive technical and organisational security measures that are regularly reviewed and adapted to technological progress. This includes, among other things, the use of recognized encryption methods (SSL or TLS).
However, we would like to point out that due to the structure of the internet, it is possible that the rules of data protection and the above mentioned security measures may not be observed by other persons or institutions for which we are not responsible.
In particular, unencrypted data - e.g. if this is done by e-mail - can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him against misuse by encryption or in any other way.