We offer you the opportunity to apply to us online (e.g. by e-mail or via the application form). Below we inform you about the scope, purpose, and use of your personal data collected in the application process. We assure you that your data will be treated in strict confidence.

Scope and purpose of data collection:
If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during job interviews, etc.) by the applicable data protection regulations interviews, etc. insofar as this is necessary for the decision on the establishment of an employment relationship. The legal basis for this is § 26 BDSG under German law (initiation of an employment relationship) or Art. 6 para. 1 lit. b GDPR (general contract initiation) and - if you have given your consent for further processing - Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship.

Data retention period:
If we are unable to make you a job offer, we reserve the right to retain the data you have submitted based on our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection of the application). The data will then be deleted and the physical application documents destroyed. The retention serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending, pending, or announced legal dispute), the data will only be deleted when the purpose for this further storage no longer applies. Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention obligations prevent deletion. However, if you reject a job offer or withdraw your application, your data will be deleted immediately.

Inclusion in the applicant pool:
If we do not make you a job offer, you may have the opportunity to join our applicant pool. If you are accepted, all documents and information from your application will be transferred to the applicant pool to contact you in the event of suitable vacancies. The admission to the applicant pool takes place exclusively based on your express consent (Art. 6 para. 1 lit. a GDPR). Giving consent is voluntary and is not related to the current application process. The data subject can withdraw their consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, provided there are no legal grounds for retention. The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given unless you consent to longer processing.

 

Privacy Policy

Welcome to Craiss Generation Logistik GmbH & Co. KG, and thank you for your interest in our website and our company. We place great importance on the protection of your data and the safeguarding of your privacy. We collect personal data only to the extent necessary for:

• the provision of our services,
• the performance of contracts (including initiation, conclusion, fulfillment, and termination),
• processing and responding to inquiries (contact form),
• ensuring the security of customer accounts,
• maintaining the operation of our business,
• improving our services,
• preventing, detecting, and investigating potentially prohibited or illegal activities and enforcing our general terms and conditions.

To ensure you are fully informed about the collection and use of personal data on our website, we have compiled this information in a clear and comprehensive manner. We assure you that we take all necessary technical and organizational measures to protect your data. By using this website, you consent to the processing of the data collected about you in the manner described below. You may withdraw your consent to data collection and storage at any time with effect for the future. If you have further questions about data protection, please contact us. The contact details can be found in our Legal Notice (Impressum).

This Privacy Policy applies to:
• craiss.de
• craiss.com
• the social media platforms operated by Craiss Generation Logistik GmbH & Co. KG

Definitions
This Privacy Policy is based on the terminology used by the European legislator when adopting the General Data Protection Regulation (GDPR). It is intended to be easy to read and understand for both the public as well as our customers and business partners.
The following terms are used within this Privacy Policy:
• Personal data: any information relating to an identified or identifiable natural person.
• Data subject: any identified or identifiable natural person whose personal data is processed.
• Processing: any operation performed on personal data, such as collection, recording, organization, storage, adaptation, retrieval, use, disclosure, or erasure.
• Restriction of processing: the marking of stored personal data with the aim of limiting its future processing.
• Profiling: any automated processing of personal data to evaluate certain personal aspects of a natural person.
• Pseudonymization: the processing of personal data so that it can no longer be attributed to a specific individual without additional information.
• Controller: the person or entity that determines the purposes and means of processing personal data.
• Processor: a person or entity processing personal data on behalf of the controller.
• Recipient: a person or entity to whom personal data is disclosed.
• Third party: any person or entity other than the data subject, controller, or processor.
• Consent: any freely given, specific, informed, and unambiguous indication by the data subject agreeing to the processing of their personal data.

Anonymous Data Collection
You can visit our website without revealing your identity. For technical reasons, our server automatically collects and stores the following log data transmitted by your browser:
• Browser type/version
• Operating system
• Referrer URL (previously visited page)
• IP address (spam protection, unique identification)
• Time of access
These log data are not associated with specific individuals and are automatically deleted after statistical analysis. Please note that server log data are essential for the security and protection of this web presence.

Collection and Processing of Personal Data
The software on our website stores all information that you voluntarily provide via forms (e.g., registration, comments, contact requests). This includes links, email addresses, and any content you knowingly submit. It is up to you whether to provide real or fictional data. In cases of abuse, attacks, or illegal content, submitted data may be disclosed upon court order.

Contact Form
The data you enter in our contact form (subject, name, company, address, email, message content, etc.) are stored and used solely for individual communication with you. No personal data will be shared with third parties.

Job Portal
The data you submit via our job portal (title, name, address, email, phone number, uploaded documents such as CVs and certificates) are used exclusively to evaluate your application and communicate with you. All stored data are automatically deleted in accordance with applicable laws.

Newsletter
If you subscribe to our newsletter, we use your email address for our own marketing purposes. We employ the double opt-in procedure to ensure valid consent. Our newsletter is sent using Newsletter2Go (Sendinblue GmbH), a certified German provider compliant with the GDPR and the Federal Data Protection Act.
More details: de.sendinblue.com/legal/privacypolicy/
Each newsletter contains tracking pixels that help us evaluate open rates and link clicks for statistical and optimization purposes. These data are not shared with third parties. You may revoke your consent at any time via the unsubscribe link or by contacting us directly.

Customer, Employee, and Partner Logins
Access to customer, employee, or transport partner portals is only granted after prior approval. The personal data collected (name, address, email, phone number) are used exclusively for contractual purposes or to enable secure access to relevant systems and data.

Cookies
Our website uses cookies to improve usability and performance. Cookies can be deactivated in your browser settings, though this may limit functionality. For details, see our Cookie Policy.

Social Media Presence
We maintain corporate profiles on Facebook, YouTube, XING, LinkedIn, and Instagram. The operators of these platforms process user data under their own privacy policies and may transfer data outside the EU, including to the USA.
Further information is available at:
• YouTube: policies.google.com/privacy
• Facebook/Instagram: www.facebook.com/policy.php
• XING: privacy.xing.com/de/datenschutzerklaerung
• LinkedIn: www.linkedin.com/legal/privacy-policy

CRAISS Community (Newtron)
Through our CRAISS Community platform, partners can participate in load auctions. Registration data (name, company, contact information) are stored to enable collaboration. Privacy policy of Newtron: www.newtron.de/datenschutz/ You may request deletion of your account at any time by contacting lieferantenmanagement@craiss.com.

Use of External Services
We use the following third-party services:
• CDNJS / Cloudflare CDN: Content delivery optimization and website security (Art. 6 (1) lit. f GDPR). Privacy Policy: www.cloudflare.com/privacypolicy/
• Google DoubleClick: Advertising optimization (based on consent per Art. 6 (1) lit. a GDPR). Privacy Policy: policies.google.com/privacy
• Google Web Fonts: Uniform display of fonts. Privacy Policy: policies.google.com/privacy

Routine Deletion of Data
Personal data are processed and stored only for the period necessary to fulfill the purpose or as required by law. After the retention period, data are routinely deleted or blocked in compliance with statutory regulations.

Rights of the Data Subject
You have the following rights under the GDPR:
• Right to confirmation
• Right of access
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to data portability
• Right to object
• Right not to be subject to automated decision-making, including profiling
• Right to withdraw consent
To exercise these rights, please contact us at datenschutz@craiss.com.

Data Security
Your personal data transmitted through customer, partner, or employee logins are encrypted via SSL. We protect our systems with technical and organizational measures against loss, destruction, access, modification, or disclosure by unauthorized persons.

Legal Basis for Processing
The processing of personal data is based on:
• Art. 6 (1) (a) GDPR – Consent
• Art. 6 (1) (b) GDPR – Contract performance
• Art. 6 (1) (c) GDPR – Legal obligation
• Art. 6 (1) (d) GDPR – Vital interests
• Art. 6 (1) (f) GDPR – Legitimate interest
Our legitimate interest lies in conducting business operations for the benefit of our employees and stakeholders.

Data Protection Officer
In accordance with Art. 37 GDPR, the external Data Protection Officer is: TÜV Technische Überwachung Hessen GmbH

Contact
If you have any questions regarding data protection at CRAISS, please contact: datenschutz@craiss.com