Data Protection at RATIONAL

Data privacy statement

Data protection is a particularly high priority for our company. In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to technological progress.

Controller / Contact details of DPO

Controller responsible for data processing: RATIONAL Aktiengesellschaft, Siegfried-Meister-Straße 1, 86899 Landsberg am Lech, E-Mail: info@rational-online.com
Data Protection Officer for the controller: RATIONAL Aktiengesellschaft, Datenschutzbeauftragter, Siegfried-Meister-Straße 1, 86899 Landsberg am Lech, Datenschutzbeauftragter@rational-online.com

Legal bases for data processing

There are various legal grounds for the processing of personal data. If we need your data to fulfil a contract with you or to respond to enquiries from you regarding a contract, the legal basis for this data processing is Article 6(1)(b) GDPR. If we obtain your consent to process specific data, the legal basis is Article 6(1)(a) GDPR. We process some data for the purposes of pursuing our legitimate interests, whereby a balancing of your interests requiring protection and our legitimate interests is always undertaken. The legal basis for this is Article 6(1)(f) GDPR. If processing is necessary to fulfil a legal obligation to which we are subject, the legal basis is Article 6(1)(c) GDPR. Your information in the context of application processes is used for the processing of your application and the decision on the establishment of an employment relationship. In this case, the legal basis is Article 6(1)(b) GDPR (implementation of pre-contractual measures).

Collection of personal data when visiting our website

When only using the website for information purposes, i.e. if you do not register or otherwise transmit information to us (e.g. via a contact form), we collect the following technical information (log file data):

Data / Purpose of processing / Storage duration
Operating system used / Analysis according to devices to ensure optimised presentation of the website / The data is deleted when the respective session has ended.
Information about the browser type and version used / Analysis of the browsers used in order to optimise our websites for this purpose / The data is deleted when the respective session has ended.
User's internet service provider / Analysis of the internet service provider / The data is deleted when the respective session has ended.
IP address / Display of the website on the respective device / The data is deleted when the respective session has ended.
Date and time of access / Ensuring the proper operation of the website. / The data is deleted when the respective session has ended.
If applicable, manufacturer and type designation of the smartphone, tablet or other end device / Analysis of device manufacturers and types of mobile devices for statistical purposes / The data is deleted when the respective session has ended.
Log files / Ensuring the proper operation of the website / The data is deleted when the respective session has ended.

The collection of this data is technically necessary to display our website to you and to ensure stability and security. We and our service providers
tts CS GmbH, Schneidmühlstrasse 19, 69115 Heidelberg, Germany
ABS Team GmbH, Mühlenweg 65, 37120 Bovenden, Germany
SAP Deutschland SE & Co. KG, Hasso-Plattner-Ring 7, 69190 Walldorf, Germany,
generally do not know who is behind an IP address. We do not merge the data listed above with other data.

The legal basis for this can be found in Section 25 (2) number 2 TDDDG and Article 6(1)(f) GDPR. Within the framework of the balancing of interests pursuant to Article 6(1)(f) GDPR, we have taken into account and weighed our interest in providing and your interest in processing your personal data in accordance with data protection guidelines. Since the data is technically necessary for the provision of our service in order to be able to offer you our website and also to ensure stability and security, in particular to provide protection against misuse, we have concluded that this data must be processed - with a guarantee of data security taking into account the state of the art - taking due consideration of your interest in data protection-compliant processing.

Cookies

Our website uses cookies. Cookies are files that are placed on your computer by a website you visit and allow your browser to be recognised. Cookies transmit information to the site that sets the cookie. Cookies can store various information, such as your profile registration on our website or the entries you have made there. This prevents you, for example, from having to re-enter required form data each time you use the site. The information stored in cookies can also be used to recognise preferences and tailor content according to areas of interest.

There are different types of cookies: Session cookies are sets of data that are only temporarily held in the working memory and are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a predefined period of time, which may differ depending on the cookie. With this type of cookie, the information can also be stored in text files on your computer. However, you can also delete these cookies at any time via your browser settings.

First-party cookies are stored by the website you are currently visiting. Only that website is allowed to read information from these cookies. Third-party cookies are stored by organisations that do not operate the website you are visiting. These cookies are used by marketing companies, for example.

The legal basis for possible processing of personal data by means of cookies and their storage period may vary. If you have given us your consent, the legal basis is Article 6(1)(a) GDPR. For technically necessary cookies, for example those that are mandatory for the operation of our website and the provision of specific page functions, the legal basis is Article 6(1)(f) GDPR and Section 25 (2) number 2 TDDDG.

We use cookies to ensure the proper operation of the website, to provide basic functionality, to measure reach and - with your consent - to tailor our services to preferred areas of interest.

The cookies used on this website are:

Name of cookie / Provider / Purpose of processing / Legal basis for processing / Storage duration
JSESSIONID / RATIONAL / Without this cookie, the user would not be able to log in to the career portal / Article 6(1)(f) GDPR / When the browser session ends, the session cookie expires.
Rmk12 / SAP / Cookie banner control. Number indicating whether the user has provided an explanation in the cookie banner. If the cookie is set, the cookie banner will be suppressed. / Article 6(1)(f) GDPR / When the browser session ends, the session cookie expires.
Route / SAP / This cookie is used for session stickiness function: for the same "X" user session, one same route will be used, and all the requests will be forwarded to the same Customer facing server. The Route cookie is required for the SuccessFactors Suite technical platform. / Article 6(1)(f) GDPR / When the browser session ends, the session cookie expires.
careerSiteCompany / SAP / Cookies for forwarding requests to the correct data centre / Article 6(1)(f) GDPR / When the browser session ends, the session cookie expires.
cookie_j2w (Load Balancer Cookie) / SAP / Load Balancer Cookie; Stickiness cookie to prevent a user from jumping from one instance to another. This is usually stored when the career portal is called up again if there is no previous cookie. / Article 6(1)(f) GDPR / When the browser session ends, the session cookie expires.

You can delete cookies already stored on your end device at any time. If you want to prevent cookies from being stored, you can do this via the settings in your internet browser. You can find instructions for common browsers here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also install ad blockers. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

When accessing our website, all users of our website are also informed by an information banner about our use of cookies and referred to this data protection notice. Users will also be asked for their consent to the use of certain cookies or other tracking technologies, in particular those relevant for the personalisation of services and for marketing measures. You can withdraw your consent at any time with effect for the future by sending a message to people-systems@rational-online.com.

YouTube (enhanced data protection mode)

We use services from YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a company of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA, on our website. For users who are habitually resident in the European Economic Area or Switzerland, the data controller is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

If you access a page in which a YouTube video is embedded, a connection to the YouTube servers is normally established and the content transmitted to your browser and displayed on the website.

Our consent management system will prevent this if you have not consented to data processing with regard to YouTube. Due to the integration of YouTube, no data is transferred without your consent.

In this context, we also use the extended data protection option provided by YouTube to protect your personal data. According to YouTube, however, data is only transmitted to the YouTube server in "extended data protection mode" if you actively start the video. If you are logged in to YouTube at this time, the information about the videos you have viewed will be assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website. Further information on YouTube's privacy policy is provided by Google at the following link: Google: Data Privacy Statement & Terms of Use

By activating this in the tracking settings, you agree that YouTube receives data through your use, which may also be used to analyse your usage behaviour for market research and marketing purposes. The legal basis for access to the information is your consent pursuant to Section 25 (1) TDDDG. The legal basis for the described data processing is your consent, Article 6(1)(a) GDPR.

You can withdraw this consent at any time with future effect by changing your selection in the tracking settings (see above, under Cookies). Alternatively, you can delete your cookies (all or only from this website). The banner with a link to the selections is then displayed again. If you do not consent or withdraw your consent, your use of the service will be restricted.

Applications

You can apply for job vacancies or send us a speculative application via the careers portal on our website. We use the SAP SuccessFactors applicant management tool for our website's career portal.

SAP SuccessFactors

For the operation of our career portal, we use the applicant management tool SAP SuccessFactors, a cloud-based software for human resources management from the company SAP SuccessFactors with SAP Deutschland SE & Co. KG

Headquarters: SAP Deutschland SE & Co. KG, Hasso-Plattner-Ring 7, 69190 Walldorf.
For the use of SAP SuccessFactors, we have concluded a data processing agreement with SAP in accordance with Article 28 GDPR.

Registering

If you would like to apply via our career portal, you must first register (user account). Personal data that must be provided is marked as mandatory in the respective registration form; any additional information is voluntary.

We use the double opt-in procedure for registration. This means that after you have entered your e-mail address, we will send you an e-mail with a code to the specified e-mail address, which you must enter for the final submission of the application. It is not possible to apply without entering this code. The data is stored for the use of our applicant portal. In addition, we store your IP address and the time of registration. The purpose of the procedure is to be able to prove your registration as part of our accountability obligations and, if necessary, to clarify any possible misuse of your personal data. Due to the fulfilment of accountability, we have a legitimate interest in accordance with Article 6(1)(f) GDPR in processing the data of the double opt-in procedure.

As part of the registration process, we collect and store the following data concerning you:

Data / Purpose of processing / Legal basis for processing / Storage duration
IP address upon registration / Proof of double opt-in (DOI) / Legitimate interest Article 6(1)(f) GDPR / up to 3 years after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
Time of registration / Proof of double opt-in / Legitimate interest Article 6(1)(f) GDPR / up to 3 years after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
IP address upon DOI / Proof of double opt-in / Legitimate interest Article 6(1)(f) GDPR / up to 3 years after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
Time of DOI verification / Proof of double opt-in / Legitimate interest Article 6(1)(f) GDPR / up to 3 years after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
Form of address / Direct contact / identification in the system / Implementation of the application procedure pursuant to Article 6(1)(b) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
First name / Direct contact / identification in the system / Implementation of the application procedure pursuant to Article 6(1)(b) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
Surname / Direct contact / identification in the system / Implementation of the application procedure pursuant to Article 6(1)(b) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
e-mail address / Identification in the system / contact option / Implementation of the application procedure pursuant to Article 6(1)(b) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)
Country/region of residence / Define the relevant retention periods for application data in accordance with country regulations in the system / Implementation/completion of the application procedure pursuant to Article 6(1)(b) GDPR / 6 months after termination of the application process/or account deletion (in the case of unsolicited applications or voluntary participation in our talent pool)

Online applications

You can apply online on our website via the application form. When you apply for a job offer or training position, this first requires you to assign a user name and password in order to log in to or create the user account.

Then, for the purpose of the application, you can enter certain personal data marked with mandatory fields in the respective online application form, e.g.

first name and surname, street, town/city, postcode, country, telephone number and e-mail address
as well as the transmission of further application documents with personal data (e.g. cover letter, CV, references).
Furthermore, special information may be required based on the position to be filled, e.g. police clearance certificate, Schufa credit score, results of the aptitude test, results of the medical fitness examination (suitable, not suitable, conditional/limited suitability).

Please note that in particular CVs, references or the other data you provide for the purposes of the application may also contain particularly sensitive data, such as information on racial or ethnic origin, political opinions, religious or philosophical beliefs, membership of a trade union or political party, physical or mental health or sex life. We therefore recommend that, where possible, you do not provide any information relating to such special category sensitive data.

Your online application will be forwarded directly to the HR department in the career portal via an encrypted connection and will of course be treated confidentially. Please note that unencrypted e-mails are not transmitted with access protection. In the case of a postal application, the collection and entry of data into the tool can be done by the HR department.

Your information is used for the processing of your application and the decision on the establishment of an employment relationship. The legal basis is Article 6(1)(b) GDPR (implementation of pre-contractual measures). Furthermore, your personal data may be processed insofar as this should be necessary for the defence of asserted legal claims against us arising from the application process. The legal basis for this is Article 6(1)(f) GDPR. The stated purposes also constitute the legitimate interest in the processing.

When you registered for the user account, the profile visibility settings "worldwide", "national - i.e. only in the country to which my home address relates" or "only for the positions I apply for" you selected informed us which group companies within our RATIONAL AG group of companies may view your details. We will forward your application documents in accordance with the settings you selected. The legal basis is your consent given to us within the meaning of Article 6(1)(a) GDPR through the information you provide when registering for our career portal.

Your application data will not be processed beyond the described use.

Your personal data will be deleted at the latest 6 months after completion of the application process, unless there are other legitimate interests on our part that prevent deletion or you have given us permission to store it for longer. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

If you wish to be included in our talent pool beyond a specific application procedure, we will store your application documents for future vacancies if you give us your consent to do so in accordance with Article 6(1)(a) GDPR. The additional retention period is initially 6 months.

You can revoke your consent at any time with effect for the future without giving reasons and without fear of detriment. In this case, please contact our contact person in the company to whom you have also given your consent. If you no longer have this data, please contact people-systems@rational-online.com.

Insofar as an employment relationship exists between you and us, we may, in accordance with Article 6(1)(b) GDPR, further process the personal data already received from you for the purposes of the employment relationship (performance of the contract).

Contact us by e-mail or contact form

When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions and process your requests. The legal basis in this respect is Article 6(1)(f) GDPR. Where we ask for information in our contact form that is not required for making contact with you, we have always marked this as optional. This information is used to specify your request and to improve the processing of your request. Any communication of this information is expressly on a voluntary basis and with your consent, Article 6(1)(a) GDPR. Insofar as this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request. Of course, you can revoke this consent at any time for the future.

Your data, which we have received in the course of contacting you, will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.

As the controller, our company has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, internet-based data transmissions can always have security gaps. Absolute protection cannot be guaranteed; in any case, sending unencrypted e-mails is not secure. We therefore ask you not to send sensitive data by unencrypted e-mail, but to use either encrypted communication channels (e.g. our contact form) or the postal service.

Data transfer

As a matter of principle, your personal data will not be transferred to third parties unless,

You have given us your express consent to do so,
the disclosure is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest requiring protection in the non-disclosure of your data,
there is a legal obligation for the disclosure or
this is legally permissible and necessary for the processing of contractual relationships with you.

We make a point of processing your data within the EU/EEA. In certain cases, data may be transferred to RATIONAL Group companies based outside the EU/EEA or we may use service providers based outside the EU/EEA who process data there. In these cases, we will ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient before transferring your personal data. This can be achieved, for example, through EU standard contractual clauses or binding corporate rules or special agreements to whose provisions the company can be subject.

We will forward your application documents to the following recipients within our group of companies for the purpose of carrying out the application process:

RATIONAL AG, Landsberg am Lech, Germany
LechMetall GmbH, Landsberg am Lech, Germany
RATIONAL Komponenten GmbH, Landsberg am Lech, Germany
RATIONAL Technical Services GmbH, Landsberg am Lech, Germany
RATIONAL Dienstleistungsgesellschaft mbH, Landsberg am Lech, Germany
RATIONAL Montage GmbH, Landsberg am Lech, Germany
RATIONAL Deutschland GmbH, Landsberg am Lech, Germany
RATIONAL F & E GmbH, Landsberg am Lech, Germany
RATIONAL Ausbildungsgesellschaft mbH, Landsberg am Lech, Germany
RATIONAL UK Ltd., Luton, United Kingdom
RATIONAL France S.A.S., Wittenheim, France
RATIONAL Wittenheim S.A.S., Wittenheim, France
TOPINOX S.A.R.L, Nantes, France
RATIONAL Italia s.r.l., Mestre, Italy
RATIONAL Ibérica Cooking Systems S.L., Barcelona, Spain
RATIONAL Austria GmbH, Salzburg, Austria
RATIONAL International AG, Balgach, Switzerland
RATIONAL Schweiz AG, Balgach, Switzerland
RATIONAL Sp. z o.o., Warsaw, Poland
RATIONAL Czech Republic s.r.o, Prague, Czech Republic
RATIONAL Scandinavia AB, Malmö, Sweden
RATIONAL Endüstriyel Mutfak Ekipmanları Ticaret Limited Sirketi, Istanbul, Turkey
RATIONAL Cooking Systems, Inc., Rolling Meadows, USA
RATIONAL Canada Inc., Mississauga, Canada
RATIONAL Mexico, S.A. DE C.V., Mexico City, Mexico
RATIONAL Brazil Comércio E Distribuição de Sistemas De Cocção Ltda., São Paulo, Brazil
RATIONAL Colombia - America Central SAS, Bogotá, Colombia
RATIONAL Japan Co., Ltd., Tokyo, Japan
RATIONAL Trading (Shanghai) Co., Ltd., Shanghai, China
RATIONAL Technology (Suzhou) Ltd., Suzhou, China
RATIONAL International India Private Ltd., Gurgaon, India
RATIONAL Cooking Systems PTE. LTD., Singapore, Singapore
RATIONAL Kitchen and Catering Equipment Trading FZCO, Dubai, United Arab Emirates

External service providers, such as internal group IT service providers or
tts CS GmbH, Schneidmühlstrasse 19, 69115 Heidelberg, Germany
ABS Team GmbH, Mühlenweg 65, 37120 Bovenden, Germany
SAP Deutschland SE & Co. KG, Hasso-Plattner-Ring 7, 69190 Walldorf, Germany
will only receive your data to the extent necessary in connection with the use of the career portal and your application process. In these cases, however, the scope of the transmitted data is limited to the necessary minimum. If our service providers come in contact with your personal data, we shall ensure within the scope of contract processing as defined by Article 28 GDPR that the provisions of data protection laws are observed accordingly. Please also note the respective data protection information of the providers. The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with the legal requirements within a reasonable scope.

Data security

We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to technological progress.

Your rights

You have the following rights in relation to personal data concerning you:

General rights

You have the right of access, rectification, erasure, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this with effect for the future.

To exercise your rights, please contact us by e-mail at

People-systems@rational-online.com or by post to RATIONAL Aktiengesellschaft, Data Protection Officer, Siegfried-Meister-Straße 1, 86899 Landsberg am Lech, Germany. The exercise of your rights described under this point is free of charge for you.

Rights in data processing according to legitimate interest

Pursuant to Article 21(1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) GDPR (data processing in the public interest) or on the basis of Article 6(1)(f) GDPR (data processing for the purposes of safeguarding a legitimate interest); this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes data protection rules (Article 77 GDPR).

The supervisory authority responsible for us is:

Bavaria DPA (Bayerisches Landesamt für Datenschutzaufsicht)
Promenade 27 (Schloss)
91522 Ansbach
Germany

Links to other websites

Our websites may contain links to websites of other providers. We would like to point out that this data protection declaration applies exclusively to the websites of our company. We have no influence on and do not check whether other providers comply with the applicable data protection regulations.

Modifications to the data privacy statement

We reserve the right to change or adapt this data privacy statement at any time in compliance with the applicable data protection regulations.

As of April 2025