Processing of (personal) data by the entity in charge of the online application process
Data protection information for applicants within the Europ Assistance Group
Thank you for your interest in our company. The protection of your personal data is of particular importance to the Europ Assistance Group (“EA”).
1 General
In this data protection information, we inform you about the various aspects of the processing of your personal data within the framework of our career portal on our website and your application to a company of the Europ Assistance Group.
Please note that personal data is processed when you visit our website. For more information, please visit https://www.europ-assistance.at/datenschutz for Europ Assistance GmbH and https://www.europaeische.at/rechtliches/datenschutz for Europäische Reiseversicherung AG.
2 Data controllers and data protection officers
If you apply for a position at Europ Assistance GmbH, this company is the data controller responsible for data processing:
Europ Assistance Gesellschaft m.b.H.
Kratochwjlestraße 4, 1220 Vienna
Phone: +43 (0) 1 313 89 0
If you apply for a position at Europäische Reiseversicherung AG, a company of the Europ Assistance Group, this company is the responsible party:
Europäische Reiseversicherung AG
Kratochwjlestraße 4, 1220 Vienna
Phone: +43 1 317 25 00
You can contact the joint data protection officer and his team either by email (datenschutz@europaeische.at or by post (Kratochwjlestraße 4, 1220 Vienna, Austria, with the address suffix “Data Protection Officer”).
3 Scope of data processing
Below you will find an overview of the data processing carried out by Europ Assistance GmbH and Europäische Reiseversicherung AG within the scope of our career portal on our website and within the scope of your application, including additional information for you as the data subject.
3.1 Processing of the application and handling of the application process
What personal data is processed?
EA collects certain personal data from applicants in order to evaluate applications and process the application process. The personal data of applicants is processed in career portals to ensure that the application process is handled efficiently and correctly. The following personal data is processed:
This data is processed for the purpose of evaluating applications and contacting applicants, as well as for documenting and carrying out the application process.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is based on Art. 6 (1) lit. b GDPR (fulfillment of a contract or implementation of pre-contractual measures).
3.2 Reminder to complete your application in the online portal
What personal data is processed?
If you have started your online application but have not completed it, we will send you a reminder to complete it by email after two days. This requires the processing of your email address.
For what purposes is this personal data processed?
The data is processed for the complete execution of the application process and communication with applicants.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is based on Art. 6 (1) lit. f GDPR (protection of the legitimate interests of the controller). In this case, the legitimate interest of the controller lies in completing the applicant profile that has been started in order to successfully complete the application process and to ensure that the applicant data is accurate and complete. You have the right to object to this processing at any time.
3.3 Record keeping
What personal data is processed?
As part of record keeping, all data provided by you in connection with your application will be stored for 9 months after completion of the application process, provided you give us your consent. This enables us to offer you new or vacant positions that match your applicant profile during this period.
For what purposes is this personal data processed?
The data is processed for communication with applicants if a position matching the applicant's profile becomes available.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is based on Art. 6 (1) (a) GDPR (consent of the data subject). You can withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of data processing based on consent before its withdrawal.
3.4 Onboarding of applicants after acceptance
What personal data is processed?
Generali contacts applicants and informs them of their acceptance for a specific position. In addition, further personal data is collected from applicants so that their profiles can be created in the existing systems as future employees. The following personal data is processed:
The data is processed for the purpose of completing the application process and communicating with applicants, as well as for onboarding.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is generally based on Art. 6 (1) lit. b GDPR (performance of a contract or implementation of pre-contractual measures).
The processing of religious affiliation, if disclosed, or information on the degree of disability in accordance with the Disability Employment Act is based on Art. 9 (2) lit. b GDPR (necessity for the data subject to exercise their rights under labor law and social security and social protection law).
The processing of personal data for comparison with sanction lists, the submission of criminal records, and the answers to other compliance questions is based on Art. 6 (1) lit. f GDPR (protection of the legitimate interests of the controller). The legitimate interest of the controller is to comply with sanctions law and anti-money laundering provisions. The submission of the criminal record extract and the answers to other compliance questions serve to verify the trustworthiness of the applicant.
4 Recipients of your personal data
We use various processors to operate our career portal. We conclude agreements with these processors to ensure that they offer sufficient guarantees that appropriate technical and organizational measures are implemented so that processing is carried out in accordance with the requirements of the applicable data protection regulations.
The processors include:
5 Transfer of your personal data to a third country
Within the scope of the data processing described in this privacy policy, your personal data will not be transferred to a third country.
6 Storage period
The data processed in connection with your application, as specified in section 3 above, will generally be stored for up to 7 months after your application has been processed (e.g., acceptance, rejection, or withdrawal of your application, or if you do not make any changes during this period).
In the event of record retention (section 3.3), your application data will be stored for 9 months after you have given your consent.
7 Your rights
As a data subject, you have the following rights:
Right to information
You can request information about the data stored about you using the contact details provided above (Art. 15 GDPR).
Right to correction/completion, deletion, or restriction of processing
Under certain conditions, you may request the correction or completion of incomplete personal data (Art. 16 GDPR).
Right to erasure
You have the right to request that the controller erase your personal data (Art. 17 GDPR).
The controller is obliged to delete personal data concerning you without delay if the legal requirements are met (Art. 17 (1) GDPR) or if no legal exceptions apply (Art. 17 (3) GDPR).
Right to restriction of data processing
You may also request the restriction of the processing of your data (Art. 18 GDPR).
Right to data portability
You have the right to receive the data you have provided in a structured, commonly used and machine-readable format (Art. 20 GDPR).
Right to object
You have the right to object to the processing of your data if it is based on the legitimate interest of the controller (Art. 6 (1) lit. f GDPR) (Art. 21 GDPR). We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. The same applies if the processing serves to assert, exercise or defend legal claims.
Right to revoke consent
If we have received and process your data on the basis of your consent (Art. 6 (1) (a) GDPR), you may revoke this consent at any time with the consequence that we will no longer process your data for the purposes specified in the consent after receipt of the revocation of consent. The revocation does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Right to lodge a complaint
You also have the option of lodging a complaint with the Austrian Data Protection Authority, 1030 Vienna, Barichgasse 40-42, telephone: +43 1 52 152-0, email: dsb@dsb.gv.at.
8 Necessity of processing your data
If you do not provide the aforementioned data, it will not be possible to process your application or conclude a service contract.
9 No automated decision-making
No automated decision-making, including profiling, pursuant to Art. 22 GDPR takes place within the scope of the data processing described in this privacy policy.
Thank you for your interest in our company. The protection of your personal data is of particular importance to the Europ Assistance Group (“EA”).
1 General
In this data protection information, we inform you about the various aspects of the processing of your personal data within the framework of our career portal on our website and your application to a company of the Europ Assistance Group.
Please note that personal data is processed when you visit our website. For more information, please visit https://www.europ-assistance.at/datenschutz for Europ Assistance GmbH and https://www.europaeische.at/rechtliches/datenschutz for Europäische Reiseversicherung AG.
2 Data controllers and data protection officers
If you apply for a position at Europ Assistance GmbH, this company is the data controller responsible for data processing:
Europ Assistance Gesellschaft m.b.H.
Kratochwjlestraße 4, 1220 Vienna
Phone: +43 (0) 1 313 89 0
If you apply for a position at Europäische Reiseversicherung AG, a company of the Europ Assistance Group, this company is the responsible party:
Europäische Reiseversicherung AG
Kratochwjlestraße 4, 1220 Vienna
Phone: +43 1 317 25 00
You can contact the joint data protection officer and his team either by email (datenschutz@europaeische.at or by post (Kratochwjlestraße 4, 1220 Vienna, Austria, with the address suffix “Data Protection Officer”).
3 Scope of data processing
Below you will find an overview of the data processing carried out by Europ Assistance GmbH and Europäische Reiseversicherung AG within the scope of our career portal on our website and within the scope of your application, including additional information for you as the data subject.
3.1 Processing of the application and handling of the application process
What personal data is processed?
EA collects certain personal data from applicants in order to evaluate applications and process the application process. The personal data of applicants is processed in career portals to ensure that the application process is handled efficiently and correctly. The following personal data is processed:
- Data related to your application and your access to our career portal (such as your name, email address, address, date of birth, resume, application photo, cover letter, application video recorded by you and sent to us, documents provided by you, correspondence with us, access data for the career portal);
- If we conduct an interview with you via an online video connection: Date of the interview appointment, start and end of the interview, link to the calendar event, content discussed during the interview. Neither we nor our service providers make a recording of the video or store the chat messages sent during the interview (these are deleted immediately after the interview has ended);
- Professional data (such as contact details, data on education, professional experience, skills, qualifications).
This data is processed for the purpose of evaluating applications and contacting applicants, as well as for documenting and carrying out the application process.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is based on Art. 6 (1) lit. b GDPR (fulfillment of a contract or implementation of pre-contractual measures).
3.2 Reminder to complete your application in the online portal
What personal data is processed?
If you have started your online application but have not completed it, we will send you a reminder to complete it by email after two days. This requires the processing of your email address.
For what purposes is this personal data processed?
The data is processed for the complete execution of the application process and communication with applicants.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is based on Art. 6 (1) lit. f GDPR (protection of the legitimate interests of the controller). In this case, the legitimate interest of the controller lies in completing the applicant profile that has been started in order to successfully complete the application process and to ensure that the applicant data is accurate and complete. You have the right to object to this processing at any time.
3.3 Record keeping
What personal data is processed?
As part of record keeping, all data provided by you in connection with your application will be stored for 9 months after completion of the application process, provided you give us your consent. This enables us to offer you new or vacant positions that match your applicant profile during this period.
For what purposes is this personal data processed?
The data is processed for communication with applicants if a position matching the applicant's profile becomes available.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is based on Art. 6 (1) (a) GDPR (consent of the data subject). You can withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of data processing based on consent before its withdrawal.
3.4 Onboarding of applicants after acceptance
What personal data is processed?
Generali contacts applicants and informs them of their acceptance for a specific position. In addition, further personal data is collected from applicants so that their profiles can be created in the existing systems as future employees. The following personal data is processed:
- Personal information (e.g., title, name, nationality, gender, academic title, marital status);
- Contact information (address, email address, telephone number(s), details of relatives);
- Information on employment (start date, retirement date, etc.);
- Bank details (IBAN, bank, etc.);
- Social security and details of personal documents (document type, ID number, expiry date, etc.);
- Documents (passport, (employment) references, registration form, insurance data extract, work permit if applicable, residence permit if applicable, etc.);
- Answers to compliance questions (e.g., do you have a close relationship/business relationship with a legal entity/natural person employed by or affiliated with the Generali Group (worldwide)? Are you subject to wage garnishment/insolvency proceedings? Do you have a disability as defined by the German Disability Employment Act (BEinstG)? 50% or more);
- Answer to the question about your Protestant religious affiliation, if you have provided this, for the purpose of determining relevant public holidays or reasons for absence from work;
- Information on whether you are listed on a sanctions list used to prevent money laundering and terrorist financing, and a criminal record extract.
The data is processed for the purpose of completing the application process and communicating with applicants, as well as for onboarding.
On what legal basis is this personal data processed?
The processing of personal data for these purposes is generally based on Art. 6 (1) lit. b GDPR (performance of a contract or implementation of pre-contractual measures).
The processing of religious affiliation, if disclosed, or information on the degree of disability in accordance with the Disability Employment Act is based on Art. 9 (2) lit. b GDPR (necessity for the data subject to exercise their rights under labor law and social security and social protection law).
The processing of personal data for comparison with sanction lists, the submission of criminal records, and the answers to other compliance questions is based on Art. 6 (1) lit. f GDPR (protection of the legitimate interests of the controller). The legitimate interest of the controller is to comply with sanctions law and anti-money laundering provisions. The submission of the criminal record extract and the answers to other compliance questions serve to verify the trustworthiness of the applicant.
4 Recipients of your personal data
We use various processors to operate our career portal. We conclude agreements with these processors to ensure that they offer sufficient guarantees that appropriate technical and organizational measures are implemented so that processing is carried out in accordance with the requirements of the applicable data protection regulations.
The processors include:
- Software and service providers that provide IT applications and software for communication (e.g., email), administrative activities, and the use of recruiting platforms;
- IT service providers and operators of data centers for hosting data;
- Scanning and printing service providers.
- Personio SE & Co. KG Seidlstraße 3 80335 Munich, Germany
5 Transfer of your personal data to a third country
Within the scope of the data processing described in this privacy policy, your personal data will not be transferred to a third country.
6 Storage period
The data processed in connection with your application, as specified in section 3 above, will generally be stored for up to 7 months after your application has been processed (e.g., acceptance, rejection, or withdrawal of your application, or if you do not make any changes during this period).
In the event of record retention (section 3.3), your application data will be stored for 9 months after you have given your consent.
7 Your rights
As a data subject, you have the following rights:
Right to information
You can request information about the data stored about you using the contact details provided above (Art. 15 GDPR).
Right to correction/completion, deletion, or restriction of processing
Under certain conditions, you may request the correction or completion of incomplete personal data (Art. 16 GDPR).
Right to erasure
You have the right to request that the controller erase your personal data (Art. 17 GDPR).
The controller is obliged to delete personal data concerning you without delay if the legal requirements are met (Art. 17 (1) GDPR) or if no legal exceptions apply (Art. 17 (3) GDPR).
Right to restriction of data processing
You may also request the restriction of the processing of your data (Art. 18 GDPR).
Right to data portability
You have the right to receive the data you have provided in a structured, commonly used and machine-readable format (Art. 20 GDPR).
Right to object
You have the right to object to the processing of your data if it is based on the legitimate interest of the controller (Art. 6 (1) lit. f GDPR) (Art. 21 GDPR). We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. The same applies if the processing serves to assert, exercise or defend legal claims.
Right to revoke consent
If we have received and process your data on the basis of your consent (Art. 6 (1) (a) GDPR), you may revoke this consent at any time with the consequence that we will no longer process your data for the purposes specified in the consent after receipt of the revocation of consent. The revocation does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Right to lodge a complaint
You also have the option of lodging a complaint with the Austrian Data Protection Authority, 1030 Vienna, Barichgasse 40-42, telephone: +43 1 52 152-0, email: dsb@dsb.gv.at.
8 Necessity of processing your data
If you do not provide the aforementioned data, it will not be possible to process your application or conclude a service contract.
9 No automated decision-making
No automated decision-making, including profiling, pursuant to Art. 22 GDPR takes place within the scope of the data processing described in this privacy policy.