Data protection at haystax

1. Introduction

As a recruitment company, haystax works with personal data every day. For this reason, we have always prioritised the protection and confidentiality of data. We feel this way about all types of data, regardless of whether it concerns applicants, customers, contract partners, employees or service providers. Our company and all haystax sites collect personal data only to the extent necessary to do our job. Under no circumstances do we sell to (or for any reason share with) third parties your personal data that you entrust to us.

Our guidelines comply with the latest data protection legislation, especially the German Data Protection Act, the German Telemedia Act and, effective 25 May 2018, the EU General Data Protection Regulation (GDPR).

In this document, we describe how we ensure the protection of data and define for which purposes we collect which types of data. If you have any questions on the storage and use of your personal data, please see our website for ways to contact us directly.

2. Purpose

haystax, with its five independently operating offices, is a leading headhunting company for hotels, the catering business and related sectors. There are no standardised guidelines in our work with customers and applicants, as each haystax managing director and every haystax site customises its own solutions. At every haystax office, the entire recruitment process – from placement of an order to the exit interview – is tailored to the unique needs of applicants and customers.

If you register with us and send us your application documents, then we will enter your personal data into our database of candidates. Our database allows us to match applicants with potential employers and, to the best of our ability, place a qualified candidate with the ideal company. Our database is independent of, i.e. not connected to, our website.

3. Collection and processing of personal data

3.1 Registration

By registering in our database of candidates, you consent to haystax entering your personal data and further information into our database. To ensure that you can use our service without restrictions and to help our workforce best handle your application, we ask that you provide important CV information on our registration form. By registering, you consent to haystax entering your personal data into our applicant database and storing your data unless and until you revoke your consent.

In addition to your application documents (CV, cover letter, educational certificate[s], employer letter[s] of reference), we store the following pieces of personal data in connection with your job search: full name, address, phone number, smartphone number, email address, photo, sex, nationality, date of birth, marital status, education, further qualifications and language skills. Once you yourself and we have entered your data into our system, one of our managing directors or employees will ask you for additional information on your professional background. This can include, but is not limited to, information regarding your salary, training, career and further skills.

With the exception of your address, contact details, date of birth, marital status and education as well as the latest version of your CV, any additional information you provide is naturally on an entirely voluntary basis. However, haystax cannot guarantee that you will be able to benefit from the full range of our services if you choose not to provide all the above-mentioned pieces of personal data in connection with your job search.

We will treat your personal data with the strictest confidence and not make it available to any third party without your consent. Only haystax managing directors and authorised haystax employees are able to access and process your data.

3.2 Revocation of consent

haystax would like to accompany you throughout your career planning. For this reason, your data will remain stored after an application procedure ends so that we can contact you in the future about new job offers. If you want us to delete your data, you can revoke your consent at any time by sending us a short, informal request.

3.3 Website

We do not use our website to collect or process data. This is why our website does not have an online reply form. You can instead contact us by email, phone or fax. In addition, we do not use any web analytics services (e.g. Google Analytics) on our website. We consequently do not use cookies.

4. Disclosure of personal data

haystax processes an applicant’s personal data in accordance with the provisions in data protection regulations. Afterwards, haystax collects, processes and uses personal data only within the scope necessary to establish and maintain the application framework as well as to place applicants with customer companies.

haystax will transfer an applicant’s personal data to a customer only with the applicant’s express consent and only if doing so is necessary to place the candidate with the customer.

Whether or not this is deemed necessary will depend on the job profile and the skill set that you have specified in cooperation with haystax – provided it seems probable that haystax can place you with one of its customers. All our contractors are contractually obligated to treat all data that we transfer to them with the strictest confidence. In addition, we inform all haystax customers that the respective contractor must return a rejected applicant’s documents to haystax or delete said documents.

We hereby emphasize that haystax has customers in countries that do not have adequate data protection measures in place that meet the requirements of EU data protection legislation. If you register in our database, it is possible that we will provide your data to interested customers outside the European Union. Please notify us by email if you want us to refrain from providing your data to customers in certain countries.

5. Processing and deletion of your data

You have the right to request deletion of all your personal data from our database. We would like to stress, however, that we will be unable to consider you for any future job openings if we delete your data.

You furthermore have the right to information about your personal data stored on drives or servers. You also have the right to information about the source of stored data as well as the reason for storing your personal data and the recipients or categories of recipients to whom your data has been disclosed. In addition, you may exercise your right to rectification if any incorrect data has been stored.

6. Notes on links to other websites

In its “liability for links” ruling (312 O 85/98) on 12 May 1998, Germany’s Hamburg Regional Court stated that a website operator could be held partially responsible for the content on an external website to which the operator provides a link. The operator can absolve itself from this liability only by expressly distancing itself from the content on external websites. We hereby expressly distance ourselves from all content on all websites to which we provide links on our website. We also expressly assume no responsibility for content on linked websites. These statements in Section 6 are valid for all links that appear on this website.

7. Data security

haystax has taken the technological and organisational measures necessary for protecting personal data in order to ensure compliance with the provisions in the German Data Protection Act. haystax pays particular attention to the monitoring objectives specified in the appendix to Section 9 of the German Data Protection Act. These objectives are meant to protect against inadvertent loss and against unauthorised access, use, alteration or disclosure.

All systems and operations are checked continuously to ensure that the above-mentioned data protection measures are implemented and updated consistently. In this context, each haystax managing director is responsible for training their employees on how to use IT systems and software as well as how to handle personal data. The use of checklists and progress reports ensures that the monitoring of data protection remains transparent and easy to understand at all times. Each managing director must also regularly check their data protection strategy and update it as necessary to ensure compliance with the latest legislation.

In addition, our customers and our applicants alike can view their data at any time and request information on the current use of their data.

8. Notes on data protection and contacting haystax

If you send us an email, then we will electronically store the personal contact details in your email and use this data to communicate with you. As a rule, we will not sell or rent out your data to third parties. Only if you consent to us doing so will we transfer data to third parties – especially if this is necessary to provide services for you or if we are permitted by law to transfer data to third parties.