We take the protection of personal data very seriously.
Therefore, we strictly adhere to the rules of the data protection laws of the Federal Republic of Germany (BDSG) and the European Data Protection Regulation (GDPR).
We take the protection of personal data very seriously.
We treat your personal data confidentially and according to the legal regulations of the relevant data protection laws, in particular the European General Data Protection Regulation (GDPR).
Responsible Data Controller for the collection, processing and use of your personal data in the context of the GDPR is: PXG Health Tech GmbH,
Friedrichsplatz 17 , 68165 Mannheim, Germany.You can reach our Data Protection Officer at or our postal address with the addition "Data Protection Officer”.
We process all personal data that we receive from you as part of the application process. This includes master data (such as name, address, telephone numbers and e-mail address, gender, birth dates, martial and parental status, nationality, etc.), data about your school education, data about your previous employment relationships, data about your interests outside your job, your application photo and other data that you voluntarily provide to us.
Purposes and legal bases of data processing
We process your data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) for our own purposes.
Art. 88 GDPR, § 26 para. 1 BDSG is the basis for the processing of data for deciding on the grounds for the establishment, the establishment and the performance of employment relationships. In addition, the relevant legal basis for the processing for the initiation of contractual relationships is Art. 6 para. 1 lit. b GDPR, for the protection of legitimate interests Art. 6 para. 1 lit. f GDPR or on the basis of consent Art. 6 para. 1 lit. a GDPR. The legal basis for the reimbursement of expenses is Art. 6 para. 1 lit. c, f GDPR.
A legitimate interest applies in the following cases, in particular:
Once an employment contract has been concluded, data is stored in the personal file of the person concerned. This data then serves as a basis for the later professional development of the person concerned (e.g. recognition of further training, further development opportunities/needs, promotion opportunities depending on existing qualifications, etc.).
Categories of personal data receipts
Within our company, only those positions that are entrusted with the preparation and execution of the application process receive your data. These are our employees in the HR department as well as in the specialist areas in which a vacancy is to be filled, the managers and potential superiors. Also service providers (so-called contract processors, Art. 28 GDPR) used by us and working on behalf of us may process data for these purposes. For example, the application procedure is handled by our holding company PHOENIX Pharma SE within the framework of order processing. In addition, service providers are used to host our website, our e-mails and our contacts, as well as IT service providers and service providers for document management and document destruction.
If your application is of interest to another company in our company group without you having applied there, we will ask you whether we may forward your application to that company.
Duration of data storage
In principle, we delete your data as soon as they are no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We process and store your personal data for the duration of the application process. If the application process leads to an employment relationship, your data will be transferred to the personnel file and stored there for the duration of the employment relationship. If the application does not lead to an employment contract, the data will be deleted at the latest after five months after receipt of the cancellation. This does not apply if the processing and storage of your personal data is necessary to assert, exercise or defend legal claims.
In individual cases, individual data may be stored for a longer period of time (e.g. travel expense accounting). The duration of the storage depends then on the legal storage obligations, for example from the German Commercial Code or the German Tax Code (ten years). Finally, the storage period is also assessed according to the statutory limitation periods, which regularly amount to three years.
If there has been no successful recruitment, but your application is still of interest to us, we will ask you whether we may retain your application for future vacancies.
Transfer to third countries
A data transfer of your applicant data in non-EU states does not occur.
Rights of the data subject
You have the right to request information about your stored personal data, their origin and recipients and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the scope of the applicable legal provisions.
You may also have the right to restrict the processing of your data and to have the data you provided received back and also transmitted in a structured, common and machine-readable format. If you have given us your consent to process personal data for specific purposes, you can revoke your consent at any time with effect for the future.
If we process your data to protect legitimate interests, you may object to such processing for reasons arising from your particular situation. You also have the right to contact a data protection supervisory authority and lodge a complaint.
No obligation to provide data
There is no legal or contractual obligation to provide data. Within the scope of your application, you should only provide the personal data required for the application process. Without this data, however, we will have to reject your application.
Last review and update: August 2019