Privacy Policy

Privacy Policy

1. Identity and contact details of the controller

This Privacy Policy applies to data processing by:

Global Energy Interconnection Research Institute Europe GmbH

Kantstr. 162

10623 Berlin, Germany

e-mail: datenschutz [at] geiri.eu

www.geiri.eu

2. Collection and storage of personal data and the type and purpose of their use

2.1 When you visit the website

When you visit our website www.geiri-eu.com, information is automatically sent by the browser used on your end device to our website servers. This information is stored temporarily in what is called a log file. The following information is collected during this process without any action on your part and stored until it is automatically deleted in accordance with applicable data protection regulations:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the requested file,
  • Website from which access is obtained (Referrer URL),
  • Browser used and, where applicable, your computer’s operating system and the identity of your access provider.

The specified data are processed by us for the following purposes:

  • Ensuring that the website can establish a connection smoothly,
  • ensuring that our website is easy to use,
  • analysis of system security and stability, as well as
  • for additional administrative purposes.

The specified data is stored in a form that enables identification of the persons concerned for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack). In the event of a security-relevant event, server log files are stored until the security-relevant event is eliminated and fully resolved.

The legal basis for the data processing is Article 6 (1) (f) of the General Data Protection Regulation (GDPR). Our legitimate interest is based on the data collection purposes listed above. We do not on any account use the data collected for the purpose of identifying you. The provision of this data is not required by law or contract or to enter into a contract. You are not obliged to provide the personal data. It is not, however, possible to access the website if the data are not provided. We also use cookies and analysis services when you visit our website. More detailed explanations can be found below.

2.2 OpenStreetMap

We further include on our website map material from OpenStreetMap ("OSM"). OSM is a free project that collects and structures freely usable geodata and stores it in a database for use by anyone under a free license. The integrated map material is not hosted via our servers, but is provided by the OSM server via a frame under the sole responsibility of OSM. OSM uses cookies to display its map material to improve user-friendliness. We do not have any influence on this. Additional information about data protection at OSM can be found at https://wiki.openstreetmap.org/wiki/Privacy_Policy The legal basis for the data processing is Article 6 (1) (f) GDPR. Our legitimate interest is to provide you information on the location of our office in a user friendly way.

2.3 Job Application Platform

We also offer you the possibility on the website to apply for a job with us by using an online application platform (“Job Application Platform”). We process personal data in this respect for technical operation of the Job Applicant Platform and conduct the application and, if applicable, hiring process.

2.3.1 Collection of Data

As part of our online recruitment process, we collect the information required for recruitment processes at GEIRI which you insert and submit to us via the platform. We therefore collect and process the following application data in connection with your online application ("Application Data"):

  • Title (Mr./Mrs./Ms.)
  • Other titles
  • First name
  • Surname
  • Date of birth
  • E-mail address
  • Telephone number
  • Letter of application
  • Curriculum Vitae, in particular with statements about: School education, Professional education / higher education, Degrees, Practical experience and previous employer-employee relationships

Only the provision of your name and e-mail address and the attachment of an application document are mandatory. The inclusion of other application data listed above is voluntary. The legal basis for the data processing is Article 6 (1) (f) GDPR as the processing is necessary for taking steps prior to entering into a contract.

We will confirm the receipt of your online application by email.

By submitting your application you represent and warrant that the information provided by you is true. Please note that any incorrect information or deliberate omission may constitute grounds for a rejection or for dismissal at a later stage.

In particular, we ask you not to send any information that cannot be used under the German General Equal Treatment Act (Gleichbehandlungsgesetz). This includes in particular direct or indirect information on race, ethnic origin, gender, religion or ideology, age or sexual identity. Similarly, you should not send any information on illnesses, pregnancy, political views, philosophical or religious convictions, membership of a union, physical or mental health or sex life. Furthermore, we ask you to refrain from sending information that may possibly infringe the rights of third parties (in particular their copyrights and personal rights). In the event that you nevertheless send us such data, you hereby explicitly consent to us using them.

We welcome applications from severely disabled candidates. If they are equally suitable, we will give them preferential consideration in our application process.

You may withdraw your application at any time.

2.3.2 Collection, Processing, Use and Forwarding of your Application Data

The Application Data provided by you will only be collected, saved, processed or used by GEIRI for purposes in connection with your interest in employment with GEIRI at the present time or in the future – in particular the processing of your specific application or a future application. Your online application will be exclusively processed and taken note of by the relevant contacts at GEIRI. Upon registration of your online application, you agree that you can be contacted and informed in writing, in text form (in particular email) and/or by telephone in connection with the application process. All employees at GEIRI who are in charge of processing your Application Data are bound to keep your Application Data confidential.

The legal basis for the data processing is Article 6 (1) (b) GDPR as the processing is necessary for taking steps prior to entering into a contract.

Please note that our online recruitment site is operated on behalf of and as a data processor for GEIRI by Haufe Service Center GmbH and as sub-processors by Haufe-Lexware GmbH & Ko. KG, Haufe-Lexware Services GmbH & Co. KG, Haufe-umantis AG, noris network AG and NIIT Technologies Ltd. These entities will in their position as data processors and data sub-processors collect, process and use your Application Data for GEIRI in line with this privacy statement. Your Application Data will be processed by Haufe, exclusively in the Federal Republic of Germany, Switzerland and India. If your application is successful, the Application Data sent by you may also be used by GEIRI for administrative matters associated with your employment that you will be informed about separately in your employment contract.

Based on your consent (Art. 6 (1) (a) GDPR) we also transfer your application data to Global Energy Interconnection Research Institute Co. Ltd. in China, the holding company of GEIRI, in order to process your application. Under the GDPR, China is a so-called third country that does not provide an adequate level of protection regarding the processing of personal data and is not subject to an adequacy decision of the EU within the meaning of Art. 45 (3) GDPR. Your personal data is therefore transferred to China without appropriate safeguards. China does not currently offer an adequate level of data protection established by a decision of the European Commission, so it is not guaranteed that the data processing principles, supervisory authorities and/or data subjects rights there are comparable with those in the EU. You can withdraw your consent at any time by sending an email to datenschutz [at] geiri.eu

2.3.3 Storage duration

Should your specific application not be successful, you consent that GEIRI will keep the Application Data sent by you for six more months after the end of the application process and for the purpose of answering questions in connection with your application and its rejection.

This does not apply in case you consent in to a more extensive use of your Application Data in connection with an applicant pool according to Section 2.3.4 below.

2.3.4 Consent to Longer Storage of your Application Data in our talent pool

If the specific application for which you have sent your Application Data is not successful or if you filed an unsolicited application, you can – by activating the specific check-box – consent that GEIRI includes your application data into our general talent pool. In this case, GEIRI will store your Application Data after the end of your specific application process or after a specific review of your Application Data and may use this data to possibly contact you at a later date and continue the application process if you should come into consideration for another position.

GEIRI will initially store your Application Data for a period of one year after the start of the storage of such data in the applicant tool. GEIRI will contact you before the end of this year and will ask you for an additional consent to store your Application Data in the applicant pool. If you give your consent GEIRI will store and use you Application Data respectively for another year. In any case, GEIRI will not store and use your Application Data for more than two years.

The legal basis for this data processing is your express consent (Articles 6 (1) (a) and 9 (2) (a) GDPR). This consent to a longer storage of the Application Data is voluntary and will not affect your chances in the specific application process. You may refuse to give your consent or revoke it at any time without giving any reason and without suffering any disadvantages.

2.3.5 Data Security

The security of the Application Data you send to us is very important to us. Your Application Data will therefore be transmitted in encrypted form and then saved in a data base which is protected from access by third parties and is only accessible to a particular group of people. Only people who need access to your Application Data in connection with a specific or future application process will have access to them, as further specified in this Data privacy statement.

2.4 When you contact us via our contact form

We offer you the opportunity to contact us via a contact form provided on our website. A valid e-mail address and a name are required for this so that we know who the inquiry is coming from and can respond to it. Additional information can be provided on a voluntary basis.

The processing is carried out for the purpose of establishing contact on the basis of our legitimate interest in responding to your inquiry, according to Art. 6 (1) (f) GDPR. The personal data collected by us when you contact us are deleted in accordance with statutory requirements once your inquiry has been dealt with.

2.5 When you visit our Profile on LinkedIn

When you visit our company profile on LinkedIn, LinkedIn processes and stores data (e.g. job function, country, industry, seniority, and employment status data) that you provided. We do not have control over the processing of such personal data but only receive anonymous aggregated information about visits on our profile. This processing is governed by a Joint Controller arrangement according to Art. 26 GDPR (the Page Insights Joint Controller Addendum, available here: https://legal.linkedin.com/pages-joint-controller-addendum). Further information about the processing of your personal data by LinkedIn is available here: www.linkedin.com/legal/privacy-policy

2.6 When you visit our Profile on Xing

When you visit our company profile on Xing, the data you provide to Xing is stored and processed. We do not have control over the processing of such personal data but only receive anonymous aggregated information about visits on our profile. Further information about the processing of your personal data by Xing is available here: https://privacy.xing.com/en/privacy-policy

3. Disclosure of data

With the exception of the service providers who act on our behalf to provide our website, we do not generally disclosure your personal data to third parties. Exceptions only apply in the following cases if:

  • You have given your express consent to this in accordance with Article 6 (1) (a) GDPR,
  • disclosure in accordance with Article 6 (1) (f) GDPR is necessary for the purposes of pursuing our legitimate interests or the legitimate interests of third party and there is no reason to assume that you have any overriding interest in your data not being disclosed which is worthy of protection,
  • disclosure in accordance with Article 6 (1) (c) GDPR as required by law, and
  • this is permitted by law and required by Article 6 (1) (b) GDPR for the performance of contractual relationships with you.

4. Security

We have taken technical and organizational security measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees and any service providers who work for us are obliged to comply with all applicable data protection legislation. Are security measures are subject to a continuous improvement process and our privacy policies are constantly revised. Please ensure that you have the most up-to-date version.

5. Rights of data subjects

You have the right:

  • in accordance with Article 15 GDPR to obtain information about the personal data processed by us;
  • in accordance with Article 16 GDPR to obtain without undue delay the rectification or completion of your personal data stored by us;
  • in accordance with Article 17 GDPR to obtain the erasure of the personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression or information, for compliance with a legal obligation, for reasons of public interest or for the establishment exercise or defense of legal claims. If we have made your personal data public, we are obliged, taking account of available technology and the technical possibilities, to inform controllers which are processing the personal data that the you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data;
  • in accordance with Article 18 GDPR to obtain the restriction of the processing of your personal data if you contest the accuracy of the personal data, the processing is unlawful, but you oppose their erasure and we no longer require the data, but you require these for the establishment, exercise or defense of legal claims or you have objected to their processing in accordance with Article 21 GDPR;
  • in accordance with Article 20 GDPR to receive your personal data in a structure, commonly used and machine-readable format or have such transmitted to another controller;
  • in accordance with Article 7 (3) GDPR to withdraw your consent given to us at any time. This means that we may no longer continue the data processing based on this consent in future, and
  • in accordance with Article 77 GDPR to complain to a supervisory authority. You can usually contact the supervisory authority at your normal place of residence or your workplace or where we are headquartered for this.

6. Right to object and withdrawal of consent

If your personal data are processed on the basis of legitimate interests in accordance with Article 6 (1) (f) GDPR, you have the right in accordance with Article 21 GDPR to object to the processing of your personal data if grounds for this relating to your particular situation exist or the objection is to direct marketing. In the latter case you have a general right to object, which is implemented by us without any particular situation being specified. Sending an appropriate e-mail to datenschutz [at] geiri.eu is sufficient if you wish to exercise your right to withdraw consent or your right to object.

7. Amendments to this Privacy Policy

This Privacy Policy is currently valid. It may be necessary to amend this Privacy Policy due to the development of our website and its offers or due to any changes to statutory or regulatory requirements. You can access and print our Privacy Policy as amended at any time at our website at www.geiri.eu/privacy-policy/.