Data privacy statement

Data protection is a particularly high priority for our company. In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to technological progress.

Controller / Contact details of DPO

  • Controller responsible for data processing: RATIONAL Aktiengesellschaft, Siegfried-Meister-Straße 1, 86899 Landsberg am Lech, E-Mail: info@rational-online.com
  • Data Protection Officer for the controller: RATIONAL Aktiengesellschaft, Datenschutzbeauftragter, Siegfried-Meister-Straße 1, 86899 Landsberg am Lech, Datenschutzbeauftragter@rational-online.com

Legal bases for data processing by us

There are various legal grounds for the processing of personal data. If we need your data to fulfil a contract with you or to respond to enquiries from you regarding a contract, the legal basis for this data processing is Art. 6(1)(b) GDPR. If we obtain your consent to process specific data, the legal basis is Art. 6(1) (a) GDPR. We process some data for the purposes of pursuing our legitimate interests, whereby a balancing of your interests requiring protection and our legitimate interests is always undertaken. The legal basis for this is Art. 6(1)(f) GDPR. If processing is necessary to fulfil a legal obligation to which we are subject, the legal basis is Art. 6(1)(c) GDPR. Your information in the context of application processes is used for the processing of your application and the decision on the establishment of an employment relationship. The legal basis in this case is § 26 para. 1 in conjunction with. Para. 8 S.2 BDSG (German Federal Data Protection Act).

Collection of personal data when visiting our website

When only using the website for information purposes, i.e. if you do not register or otherwise transmit information to us (e.g. via a contact form), we collect the following technical information (log file data):

  • Data / Purpose of processing / Storage duration
  • Operating system used / Analysis according to devices to ensure optimised presentation of the website / The data is deleted when the respective session has ended.
  • Information about the browser type and version used / Analysis of the browsers used in order to optimise our websites for this purpose / The data is deleted when the respective session has ended.
  • User's internet service provider / Analysis of the internet service provider / The data is deleted when the respective session has ended.
  • IP address / Display of the website on the respective device / The data is deleted when the respective session has ended.
  • Date and time of access / Ensuring the proper operation of the website. / The data is deleted when the respective session has ended.
  • If applicable, manufacturer and type designation of the smartphone, tablet or other end device / Analysis of device manufacturers and types of mobile devices for statistical purposes / The data is deleted when the respective session has ended.

The collection of this data is technically necessary to display our website to you and to ensure stability and security. We and our service provider SAP do not regularly know who is behind an IP address. We do not merge the data listed above with other data.

The legal basis is the legitimate interest pursuant to Art. 6(1)(f) GDPR. Within the framework of the balancing of interests pursuant to Art. 6(1)(f) GDPR, we have taken into account and weighed our interest in providing and your interest in processing your personal data in accordance with data protection guidelines. Since the data is technically necessary for the provision of our service in order to be able to offer you our website and also to ensure stability and security, in particular to provide protection against misuse, we have concluded that this data must be processed - with a guarantee of data security taking into account the state of the art - taking due consideration of your interest in data protection-compliant processing.

Cookies

Our website uses cookies. Cookies are files that are placed on your computer by a website you visit and allow your browser to be recognised. Cookies transmit information to the site that sets the cookie. Cookies can store various information, such as your language setting on our website or the entries you have made there. This prevents you, for example, from having to re-enter required form data each time you use the site. The information stored in cookies can also be used to recognise preferences and tailor content according to areas of interest.

There are different types of cookies: Session cookies are sets of data that are only temporarily held in the working memory and are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a predefined period of time, which may differ depending on the cookie. With this type of cookie, the information can also be stored in text files on your computer. However, you can also delete these cookies at any time via your browser settings.

First-party cookies are stored by the website you are currently visiting. Only that website is allowed to read information from these cookies. Third-party cookies are stored by organisations that do not operate the website you are visiting. These cookies are used by marketing companies, for example.

The legal basis for possible processing of personal data by means of cookies and their storage period may vary. If you have given us your consent, the legal basis is Article 6 (1(a) GDPR. For technically necessary cookies, for example those that are mandatory for the operation of our website and the provision of specific page functions, the legal basis is Art. 6(1)(f) GDPR.

We use cookies to ensure the proper operation of the website, to provide basic functionality, to measure reach and - with your consent - to tailor our services to preferred areas of interest.

The cookies used on this website are:

  • Name of cookie / Provider / Purpose of processing / Legal basis for processing / Storage duration
  • JSESSIONID / RATIONAL / Without this cookie, the user would not be able to log in to the career portal / Art. 6(1)(f) GDPR / When the browser session ends, the session cookie expires.
  • Route / SAP / This cookie is used for session stickiness function: for the same "X" user session, one same route will be used, and all the requests will be forwarded to the same Customer facing server. / Art. 6(1)(f) GDPR / When the browser session ends, the session cookie expires.
  • careerSiteCompany / SAP / Cookies for forwarding requests to the correct data centre / Art. 6(1)(f) GDPR / When the browser session ends, the session cookie expires.
  • cookie_j2w (Load Balancer Cookie) / SAP / Load Balancer Cookie; Stickiness cookie to prevent a user from jumping from one instance to another. This is usually stored when the career portal is called up again if there is no previous cookie. / Art. 6(1)(f) GDPR / When the browser session ends, the session cookie expires.

You can delete cookies already stored on your end device at any time. If you want to prevent cookies from being stored, you can do this via the settings in your internet browser. You can find instructions for common browsers here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also install ad blockers. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

Applications

You can apply for job vacancies or send us a speculative application via the careers portal on our website. We use the SAP SuccessFactors applicant management tool for our website's career portal.

SAP SuccessFactors

For the operation of our career portal, we use the applicant management tool SAP SuccessFactors, a cloud-based software for human resources management from the company SAP SuccessFactors with SAP Deutschland SE & Co. KG

Headquarters: SAP Deutschland SE & Co. KG, Hasso-Plattner-Ring 7, 69190 Walldorf.
For the use of SAP SuccessFactors, we have concluded a data processing agreement with SAP in accordance with Art. 28 DSGVO.

Registering

If you would like to apply via our career portal, you must first register (user account). Personal data that must be provided is marked as mandatory in the respective registration form; any additional information is voluntary.

We use the one-time password procedure for registration. This means that after you have entered your e-mail address, we will send you an e-mail with a code to the specified e-mail address, which you must enter within a few minutes for the final submission of the application. If you do not do this within the specified time, your application will be automatically deleted from the database. Upon confirmation, we will store your data for the storage period indicated in the table. The data is stored for the use of our applicant portal. Once you have registered, you will receive personal, password-protected access and will be able to view and manage the data you have stored, as well as view information on the status of your application process.

As part of the registration process, we collect and store the following data concerning you:

  • Data / Purpose of processing / Legal basis for processing / Storage duration
  • First name / Direct contact; identification in the system / Art. 6(1)(f) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
  • Surname / Direct contact; identification in the system / Art. 6(1)(f) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
  • Password / Creation; protection of user account / Art. 6(1)(f) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
  • e-mail address / Identification in the system; contact option / Art. 6(1)(f) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
  • Country; region of residence / Implementation of profile visibility with regard to country selection / Art. 6(1)(f) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
  • Profile visibility information / Storage of consent to extended profile visibility in the RATIONAL Group / Art. 6(1)(a) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)

Your online application via our career portal (SAP SuccessFactors) will be forwarded directly to the HR department via an encrypted connection and will of course be treated confidentially.  Please note that unencrypted e-mails are not transmitted with access protection. In the case of a postal application, the collection and entry of data into the tool can be done by the HR department.

Online applications

You can apply online on our website via the application form. When you apply for a job offer or training position, this first requires you to assign a user name and password in order to log in to or create the user account.

Then, for the purpose of the application, you can enter certain personal data marked with mandatory fields in the respective online application form, e.g.

  • first name and surname, street, town/city, postcode, country, telephone number and e-mail address
  • as well as the transmission of further application documents with personal data (e.g. cover letter, CV, references).
  • Furthermore, special information may be required based on the position to be filled, e.g. police clearance certificate, Schufa credit score, results of the aptitude test, results of the medical fitness examination (suitable, not suitable, conditional/limited suitability).

Please note that in particular CVs, references or the other data you provide for the purposes of the application may also contain particularly sensitive data, such as information on racial or ethnic origin, political opinions, religious or philosophical beliefs, membership of a trade union or political party, physical or mental health or sex life. We therefore recommend that, where possible, you do not provide any information relating to such special category sensitive data.

Your online application will be forwarded directly to the HR department in the career portal via an encrypted connection and will of course be treated confidentially. Please note that unencrypted e-mails are not transmitted with access protection. In the case of a postal application, the collection and entry of data into the tool can be done by the HR department.

Your information is used for the processing of your application and the decision on the establishment of an employment relationship. The legal basis is § 26 para. 1 in conjunction with. Para. 8 S.2 BDSG (German Federal Data Protection Act). Furthermore, your personal data may be processed insofar as this should be necessary for the defence of asserted legal claims against us arising from the application process. The legal basis for this is Art. 6(1)(f) GDPR. The stated purposes also constitute the legitimate interest in the processing.

When you registered for the user account, the profile visibility settings "worldwide", "national" or "only for selected positions" you selected informed us which group companies within our RATIONAL AG group of companies may view your details. We will forward your application documents in accordance with the settings you selected. The legal basis is your consent given to us within the meaning of Art. 6(1)(a) GDPR through the information you provide when registering for our career portal.

Your application data will not be processed beyond the described use.

Your personal data will be deleted at the latest 6 months after completion of the application process, unless there are other legitimate interests on our part that prevent deletion or you have given us permission to store it for longer. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

If you wish to be included in our talent pool beyond a specific application procedure, we will store your application documents for future vacancies if you give us your consent to do so in accordance with Art. 6(1)(a) GDPR. The additional retention period is initially 6 months.

You can revoke your consent at any time with effect for the future without giving reasons and without fear of detriment. In the career portal, you can revoke your consent at any time under "Options", "Own profile", "Search options and data protection" by changing your settings.

Insofar as an employment relationship is established between you and us, we may further process the personal data already received from you for the purposes of the employment relationship in accordance with section 26(1) BDSG if this is necessary for the performance or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of the employee representation resulting from a law or a collective agreement, a works agreement or a service agreement (collective agreement).

Contact us by e-mail or contact form

When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions and process your requests. The legal basis in this respect is Art. 6(1)(f) GDPR. Where we ask for information in our contact form that is not required for making contact with you, we have always marked this as optional. This information is used to specify your request and to improve the processing of your request. Any communication of this information is expressly on a voluntary basis and with your consent, Art. 6(1)(a) GDPR. Insofar as this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request. Of course, you can revoke this consent at any time for the future.

Your data, which we have received in the course of contacting you, will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.

As the controller, our company has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, internet-based data transmissions can always have security gaps. Absolute protection cannot be guaranteed; in any case, sending unencrypted e-mails is not secure. We therefore ask you not to send sensitive data by unencrypted e-mail, but to use either encrypted communication channels (e.g. our contact form) or the postal service.

Data transfer

As a matter of principle, your personal data will not be transferred to third parties unless,

You have given us your express consent to do so,

the disclosure is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest requiring protection in the non-disclosure of your data,

there is a legal obligation for the disclosure or

this is legally permissible and necessary for the processing of contractual relationships with you.

We make a point of processing your data within the EU/EEA. In certain cases, data may be transferred to RATIONAL Group companies based outside the EU/EEA or we may use service providers based outside the EU/EEA who process data there. In these cases, we will ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient before transferring your personal data. This can be achieved, for example, through EU standard contractual clauses or binding corporate rules or special agreements to whose provisions the company can be subject.

According to your selection when creating the user account in relation to profile visibility ("worldwide", "national" or "only for selected positions"), we will forward your application documents to the following recipients within our group of companies for the purpose of carrying out the application process:

  • RATIONAL AG, Iglinger Straße 62, 86899 Landsberg am Lech
  • RATIONAL UK  Limited
  • RATIONAL Austria GmbH
  • RATIONAL Russ O.o.o
  • RATIONAL Scandinavia AB
  • RATIONAL International AG
  • RATIONAL Schweiz AG
  • RATIONAL Sp. z o.o.
  • RATIONAL UK Ltd.
  • RATIONAL Endüstriyel Mutfak Ekipmanlar Tic. Ltd. ti.
  • RATIONAL France SAS
  • RATIONAL Wittenheim SAS
  • RATIONAL Ibérica S.L.
  • RATIONAL Italia S.r.l.
  • RATIONAL Canada Inc.
  • RATIONAL USA Inc.
  • RATIONAL México
  • RATIONAL BRASIL LTDA.
  • RATIONAL Colombia
  • RATIONAL JAPAN KK
  • RATIONAL Cooking Systems Pte Ltd
  • RATIONAL India
  • RATIONAL China
  • LechMetall Landsberg GmbH
  • RATIONAL Technischer Service GmbH
  • RATIONAL Komponenten GmbH
  • RATIONAL Dienstleistungsgesellschaft mbH
  • RATIONAL Montage GmbH
  • RATIONAL F&E GmbH
  • RATIONAL Kitchen & Catering Equipment Trading FZCO

External service providers such as internal IT service providers or SAP only receive your data to the extent that this is necessary in the context of using the career portal and your application process. In these cases, however, the scope of the transmitted data is limited to the necessary minimum. If our service providers come in contact with your personal data, we shall ensure within the scope of contract processing as defined by Article 28 GDPR that the provisions of data protection laws are observed accordingly. Please also note the respective data protection information of the providers. The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with the legal requirements within a reasonable scope.

Data security

We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to technological progress.

Your rights

You have the following rights in relation to personal data concerning you:

General rights

You have the right of access, rectification, erasure, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this with effect for the future.

To exercise your rights, please contact us by e-mail at

Datenschutzbeauftragter@rational-online.com or by post to RATIONAL Aktiengesellschaft, Data Protection Officer, Siegfried-Meister-Straße 1, 86899 Landsberg am Lech, Germany. The exercise of your rights described under this point is free of charge for you.

Rights in data processing according to legitimate interest

Pursuant to Article 21(1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) GDPR (data processing in the public interest) or on the basis of Article 6(1)(f) GDPR (data processing for the purposes of safeguarding a legitimate interest); this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes data protection rules (Article 77 GDPR).

The supervisory authority responsible for us is:

Bavaria DPA (Bayerisches Landesamt für Datenschutzaufsicht)

Promenade 27 (Schloss)

D-91522 Ansbach

Germany

Links to other websites

Our websites may contain links to websites of other providers. We would like to point out that this data protection declaration applies exclusively to the websites of our company. We have no influence on and do not check whether other providers comply with the applicable data protection regulations.

Modifications to the data privacy statement

We reserve the right to change or adapt this data privacy statement at any time in compliance with the applicable data protection regulations.

As at March 2021