- Information regarding data processing of applications
- Hinweis zur Datenverarbeitung von Bewerbungen
Welcome to the website www.crosslend.com (the “CrossLend Platform”). The CrossLend Platform is operated by CrossLend GmbH, Kemperplatz 1, 10785 Berlin (“CrossLend”).
The term “CrossLend Platform” in these ToU comprises all websites located at www.crosslend.com , its subpages and subdirectories, and all CrossLend owned and/or operated websites that are linked to www.crosslend.com by CrossLend and its subsidiaries. The term also refers to the secure areas of the CrossLend Platform. Those secure, login-protected areas are separately referred to as the “CrossLend Marketplace” in these ToU.
CrossLend makes the technical services of the CrossLend Platform available to institutional investors (“Investors”), as well as to originators and other users.
You may only access the CrossLend Platform if you are an entrepreneur within the meaning of § 14 of the German Civil Code (BGB).
The CrossLend Marketplace is only accessible to particular Users. For example, only Investors who are classified as “Qualified Investors” (as defined in the Prospectus Law) or originators, as approved by CrossLend in its sole discretion, may access the CrossLend Marketplace. Those users with access to the CrossLend Marketplace are referred to as “Marketplace Users” in these ToU.
For the provision of the services offered under these ToU, CrossLend does not act as a credit institution nor as a financial services provider in accordance with the German Banking Act (Kreditwesengesetz).
1.1 The use of the CrossLend Platform shall only be admissible on the basis of the CrossLend ToU.
1.2 The use of the CrossLend Platform by the Users is free of charge. No entitlement for the use of the CrossLend Platform and the services of CrossLend shall exist. CrossLend will provide access to the CrossLend Marketplace in its sole discretion.
1.3 CrossLend reserves the right to amend these ToU. Such amendments shall be considered accepted by the User if no objection thereto is made in writing to CrossLend within one month of the User’s receipt of the amendment notification. CrossLend will specifically point out this consequence in the amendment notification.
2. Services for potential and active investors
2.1 The CrossLend Marketplace offers potential and active Investors a technical platform for the selection and subscription of securities as well as for access to information and notifications regarding their investments. The CrossLend Marketplace particularly enables potential and active Investors to get an overview of the potential securities for subscription and of the status of their subscribed securities.
2.2 CrossLend collects, processes and uses information about the respective potential or active Investor and/or of the Investor’s representatives for the performance of the services of the CrossLend Marketplace and keeps this information throughout the contractual term of the CrossLend ToU. For these purposes, CrossLend collects basic data and subscription application data of the Marketplace User. For purposes of allowing the subscription of securities, CrossLend will, on behalf of the Marketplace Users, within the scope of the technical services of the CrossLend Marketplace and throughout the contractual term, transfer data regarding the subscription application to the issuer of the securities and to its service providers.
2.3 The securities offered to the Investors are issued by CrossLend Securities SA (Luxembourg). The subscription of the securities by the Investors is part of a separate subscription agreement between the Investor and the issuer CrossLend Securities SA. The CrossLend Marketplace solely serves as an electronic means of communication between the Investor and the issuer.
2.4 CrossLend does not perform any investment advisory services. In particular, no investment recommendations are made nor is tax or legal advice provided. For more information, see the section entitled Disclaimer below.
3. Registration and contractual terms for the use of the website
3.1 A registration as a Marketplace User is required to use the CrossLend Marketplace to its full extent.
3.2 The registration requires all requested data to be provided completely and truthfully. Moreover, the Marketplace User is required to keep their registration data updated at all times.
3.3 With the successful registration of the Marketplace User with the CrossLend Marketplace, or otherwise with the creation of a first personal password for access to the CrossLend Marketplace, a contract for the use of the CrossLend Platform becomes effective on the sole basis of the CrossLend ToU.
4.General duties of the Users
4.1 A CrossLend account shall only be used by a registered Marketplace User.
4.2 The Marketplace User is obliged to keep the password(s) of their CrossLend account secret and to carefully safeguard the access to their CrossLend account (confidentiality obligation). The Marketplace User will ensure that no unauthorised third party gains knowledge of their password(s). To prevent misuse, passwords should not be stored electronically nor be otherwise put in writing. The Marketplace User shall immediately change the respective password if unauthorised third parties become aware of it, or if the Marketplace User suspects that unauthorised third parties have gained access to it. The Marketplace User is hereby recommended to regularly change their password(s) for security reasons. Marketplace Users shall be liable for damages resulting from breaches of their confidentiality obligation, vis-à-vis both CrossLend and other Users of the CrossLend Marketplace.
4.3 The Marketplace User is obliged to immediately inform CrossLend of any evidence of misuse of their account by third parties.
4.4 It is prohibited for the Marketplace User to use the CrossLend Marketplace in an unlawful manner, in violation of the contract or in any other abusive way, such as impairing or disturbing the functionality of the CrossLend Marketplace (e.g. by violating the system integrity), transferring the CrossLend account to third parties or providing access to the CrossLend account to unauthorised third parties.
To the extent it is technically feasible and commercially reasonable, CrossLend undertakes to offer an unrestricted availability of the CrossLend Platform. However, CrossLend does not guarantee the latter. In particular, maintenance works, security and capacity reasons, technical circumstances as well as events outside of CrossLend’s control may lead to temporary inaccessibility to the CrossLend Platform.
6. Intellectual property and permitted use of the CrossLend Platform
6.1 The data and material, including pictures, graphics, illustrations, designs, symbols, photos, texts and other images (hereinafter in this clause 6.1 referred to as “Content”) on the CrossLend Platform are protected by copyright law, trademark law, data protection law and/or other laws of intellectual property. Any use and/or copy of the Content without the prior written consent of CrossLend constitutes a violation of the CrossLend ToU and is prohibited.
6.2 The use of automated systems or software for the extraction of data from the CrossLend Platform, in particular for commercial purposes, is prohibited.
7. Data protection
8. Contractual term and termination of the CrossLend ToU
8.1 Unless terminated, the CrossLend ToU shall remain in full force and effect for an undetermined term.
8.2 Both the User and CrossLend may terminate this contract at any time by serving a written notice of termination (e.g. via email, fax or letter) to the other party with 2 weeks prior to the end of the month. Termination is precluded prior to the settlement of any ongoing investment.
8.3 The right of termination with cause remains unaffected.
9.1 CrossLend shall be liable for damages resulting from willful misconduct or gross negligence, death or personal injury caused by CrossLend’s negligence, or fraud or fraudulent misrepresentation.
9.2 Subject to clause 9.1, CrossLend will not be liable whether based on a claim in contract, tort (including negligence), breach of statutory duty or otherwise arising out of or in relation to this Agreement for any loss of profits, loss of business, loss of revenue, anticipated savings, goodwill or any indirect or consequential damages even if foreseeable and if CrossLend has been advised of the possibility of such losses.
9.3 Subject to clause 9.1, CrossLend shall not be liable for damages resulting from events outside of CrossLend’s control including where such damages could not have been prevented by mitigation by or on CrossLend’s behalf.
9.4 Subject to clause 9.1, CrossLend shall not be liable for any failures or disturbances in the technical infrastructure of the CrossLend Platform that are outside its control.
9.5 CrossLend does not have control over the information and services provided by third parties. CrossLend shall not be liable for any information or acts of third parties and shall not be liable for any damages resulting therefrom.
The content of the CrossLend Platform is intended solely for information purposes. Any investment report on the CrossLend Platform depicts an analysis of the selected time period. It is not to be construed, under any circumstances, by implication or otherwise, as a prediction of future portfolio performance, default rates or distribution figures.
ALL INFORMATION IS PROVIDED ON AN “AS IS” BASIS WITHOUT GUARANTEE, REPRESENTATION OR WARRANTY OF ANY KIND (WHETHER EXPRESS OR IMPLIED). CROSSLEND DISCLAIMS LIABILITY FOR ANY INFORMATION NOT BEING COMPLETE, ACCURATE, SUITABLE OR RELEVANT FOR YOU.
No information provided by CrossLend forms a fiduciary relationship between it and the recipient, nor does it constitute advice. No information should be construed as an offer, or a solicitation of an offer, of securities or related financial instruments, or an invitation or inducement to engage in investment activity (unless expressly provided otherwise).
Investments in Notes are subject to risks, which can be found in the Private Placement Memorandum and should be carefully considered, prior to making any investment decisions.
11. Closing provisions
11.1 Place of performance of the services is the place of business of CrossLend.
11.2 These ToU shall be governed by, and be construed in accordance with, the laws of the Federal Republic of the Federal Republic of Germany without regard to the rules of private international law and the UN Convention on the Sale of Goods. The District Court of Berlin shall have exclusive jurisdiction over all disputes arising from or in connection with these ToU.
11.3 Should one or more provisions of the conditions hereof be or become invalid in whole or in part, the validity of the remaining provisions shall not be affected. The Parties undertake to agree on an effective substitute provision as close as possible to the ineffective provision or the intended purpose of the ineffective provision. The same shall apply to gaps in the contract.
Maintaining the privacy of your data is a top priority at CrossLend. CrossLend considers it essential to establish high standards of data privacy protection for all Users of the CrossLend Platform and to continually improve these standards. We therefore adhere to and comply with the applicable statutory requirements of the Federal Republic of Germany and the European Union in all data processing procedures. One of our main concerns in this regard is allowing you to determine to what extent CrossLend processes your data and to decide the way in which you will share your personal data with us.
Our Data Privacy Officer can also be contacted in this way.
2. Collection, Processing and Use of Personal Data
In order to provide our services to you, it is necessary for us to collect, process and use your personal data as specified below.
2.1 Personal data
Personal data shall mean any information concerning the personal or material circumstances of an identified or identifiable natural person. This includes, in particular, information which can be traced back to your identity, such as your name, telephone number, mailing address or email address. Statistical data collected when you visit the CrossLend Platform and which cannot be directly linked to your identity is, for instance, not considered/classified as personal data.
2.2 Collection, Processing and Use of your Personal Data
Maintaining the privacy of your data is one of our top priorities. As a result, we strictly adhere to applicable legal requirements when collecting, processing and using your personal data. We collect, store and process your data to offer you a better user experience on the CrossLend Platform, and to provide you with the technical services that, among other things, enable investments in Notes. We may additionally use your data for the purpose of keeping you informed via engaging, relevant newsletters – which you may opt to receive – for our own marketing purposes. We also collect, process and use your personal data to verify your identity and for fraud prevention.
2.2.1. Visiting the CrossLend Platform
Every time the CrossLend Platform is accessed, we collect the access data which your browser automatically transmits to make your visit to the CrossLend Platform possible. This access data comprises in particular:
- IP address of enquiring device
- Date and time of enquiry
- Address of the website called up and of the website enquiring
- Information on the browser and operating system used
- Online identifiers (e.g. device identifiers, session IDs)
The processing of this access data is necessary to make the visit to the CrossLend Platform possible and to ensure the permanent functionality and security of our systems. The access data is saved for the foregoing purposes in internal logfiles, in order to develop the CrossLend Platform further according to the usage patterns of our visitors (e.g. if our website is increasingly accessed on mobile rather than desktop devices) and to manage our website in a general way. The legal basis is Art. 6 (1) lit. b of the GDPR. The information saved in the logfiles allows no direct conclusion to be drawn about you as a person – in particular, we only save IP addresses in an abbreviated, anonymised form.
2.2.2 Registration on the CrossLend Marketplace
Some Users will be given the possibility of registering for our login area – the CrossLend Marketplace. We have highlighted with an identification mark the compulsory information which such Users are required to provide for registration as a Marketplace User. Without this data a registration is not possible:
- Name of company
- First name and last name of the respective authorised person to represent the company
- Email address and phone number of the respective authorised person to represent the company
This personal data is stored in order to set up your account and to enable you to gain access to the CrossLend Marketplace. You agree to treat your log in information as confidential and not to share this information with unauthorised third parties. You may amend your log in details at any time in your user profile. The legal basis for this processing is Art. 6 (1) lit. b of the GDPR.
2.2.3 Potential and Active Investments on the CrossLend Marketplace
For these purposes, CrossLend collects basic data and subscription application data about you. To facilitate the subscription of securities, CrossLend will, on your behalf, and within the scope of the technical services of the CrossLend Marketplace, transfer data regarding the subscription application to the issuer of the securities and to its service providers.
The legal basis for this processing is Art. 6 (1) lit. b of the GDPR as it serves the purpose of the subscription of securities.
2.2.4 Identity verification
Obliged entities under German Anti Money Laundering legislation (e.g. credit institutions, financial services providers) and under comparable national regulations are required to obtain information about the identity and address of a customer. This process aims to prevent the misuse of the services of obliged entities for unlawful activities such as identity theft, identity fraud or money laundering. Verifying the identity of a customer (or “knowing your customer” –“KYC”) is a legal requirement and an essential aspect of risk management practices.
The legal basis for this processing is Art. 6 (1) lit. c of the GDPR, as we are legally obliged to verify your identity under Anti Money Laundering legislation.
2.2.5 Use of your Data for Marketing Purposes
If you are a Marketplace User, we will collect additional information from you for marketing purposes. In addition to processing your data to enable registration or to process an investment, we will use your data to send you information via email, SMS, letter or phone about products, services and marketing campaigns that may be of interest to you. You may partially or fully opt out of the use of your personal data for marketing purposes at any time without incurring any costs other than the transmission costs at standard rates.
The legal basis for this is our legitimate interest to market our services, Art. 6 (1) lit. f of the GDPR. This processing is based on your explicit consent, pursuant to Art. 6 (1) lit. b of the GDPR.
You have the possibility of subscribing to our Newsletter, in which we tell you the latest news about our products and campaigns.
For Newsletter subscriptions we use the so-called double opt-in procedure i.e. we shall only send you the Newsletter by email if you confirm, by clicking a link in our registration email, that you are the holder of the email address provided. Should you confirm your email address, we shall store your email address, the time of registration and the IP address used for the registration for such time until you cancel the Newsletter. This storage serves only the purpose of sending you the Newsletter and providing you with your registration. You can cancel the Newsletter at any time. A link to this effect is placed in every Newsletter. A message to the contact details given above or in the Newsletter (e.g. by email or letter) is likewise sufficient for this. The legal basis is Art. 6 (1) lit. a of the GDPR.
In our Newsletter we use various established technologies to measure user interactions (e.g. opening of the email, links clicked). We use this data in a pseudonymised form for general statistical evaluations and to optimise and develop further our contacts and customer communication. This is done with the aid of graphics which are embedded in the Newsletter (so-called pixels). This data is collected only in a pseudonymised way, and the data once collected is not combined with your personal data. The legal basis for this is our foregoing legitimate interest under the terms of Art. 6 (1) lit. f of the GDPR. In our Newsletter, we aim to share with our customers those topics which are of the most relevance to them. If you do not wish your user pattern to be analysed, you can cancel the Newsletter or disable graphics in your email program in a standard way.
Unsubscribing from the Newsletter is possible at any time e.g. via the unsubscribe link at the bottom of every Newsletter. Alternatively you can direct your request to unsubscribe at any time to the contact details set out above.
In order to complete your registration as a Marketplace User, and to keep you updated with the status of your investment, we will communicate with you via email, phone, SMS or letter, using the addresses and phone number provided. Marketplace Users are hereby expressly informed that, in principle, the possibility of unauthorised third parties being able to view, read, manipulate and/or delete electronically transmitted data cannot be excluded.
The legal basis for this is Art. 6 (1) lit. b of the GDPR, as contacting you serves purposes of our contractual relationship.
2.2.8 Market and Opinion Research
To improve our services, we will also use your data for general market and opinion research. We will use your data only for statistical purposes in an anonymised form. Your responses to survey questions will not be published or disclosed to third parties without your consent. We will not store your responses to our surveys in combination with your email address or other personal data.
You may partially or fully opt out of your data being used for market and opinion research at any time by sending a written message to our postal address or email address, indicated in section 1 above. All survey emails automatically include a link to unsubscribe from further mailings.
The legal basis for this is Art. 6 (1) lit. f, as it is our legitimate interest to understand our target audience and improve our business.
3.1 General Information about Cookies
3.2 Cookies used by CrossLend
For some parts of the CrossLend Platform it is necessary for us to insert cookies. A cookie is a small text file which is saved by your browser onto your device. Cookies are not inserted to execute programs or to load viruses onto your device. The main purpose of cookies is to provide a product or service especially tailored to you and to make your use of our services as time-saving as possible.
We use our own cookies in particular
- For log-in identification;
- For load distribution;
- To note that information placed on our website has been displayed to you – so that on your next visit to the website it does not need to be displayed again.
In this way we wish to enable you to use our website in a convenient and customised way. These services are based on our foregoing legitimate interest, and the legal basis is Art. 6 (1) lit. f of the GDPR.
We further use the cookies and comparable technologies (e.g. web beacons) of partners for analytical and marketing purposes. This is described more precisely in the following sections
3.3 How can you prevent your device from accepting cookies?
You can change your browser settings to prevent cookies from being automatically accepted without your express approval. In most cases, the help function in the menu bar of your web browser will explain how to reject new cookies and how to disable cookies you have already received.
We recommend always logging out fully after you have used a computer which has multiple users and is set up to accept cookies.
3.4 Interest-based Advertising
In order to provide you with interesting and customised offers, the CrossLend Platform uses interest- based online advertising. For this purpose, we use so-called retargeting technology that is based on cookies and similar technologies. This allows us to address those visitors to platform who showed interest in our products on the websites of our partners. We will only collect anonymised and pseudonymised data and will not merge this data with personal data. In the event that you do not wish to receive interest-based advertising, you may prevent this by selecting the respective settings under the hyperlink http://preferences-mgr.truste.com/
The website of TRUSTe, Inc, 835 Market Street, San Francisco, CA 94103-1905, USA (“TRUSTe”) allows you to either opt out of all advertisements across-the-board, or alternatively, block individual advertisement providers. Please note that after deletion of all of your browser’s cookies or your use of another browser at a later stage, the opt-out cookie must be reset.
For more information about interest-based advertising and opt-out options, please visit www.truste.com/consumer-privacy/about-oba/
The legal basis for the data processes described in the following section is Art. 6(1) lit. f of the GDPR, grounded on our legitimate interest in providing you with personalised advertising.
3.4.1 Google Analytics
Google will process the information so obtained to evaluate your use of the website, to assemble reports on the website activities for the website operators, and to supply further services connected with website use and internet use.
As set out above, you can so configure your browser that it rejects cookies, or you can prevent the capture of the data generated by cookies and relating to your use of the CrossLend Platform ((including your IP-address) and the browser add-on provided by Google.
You can find more detailed information on this matter in the Privacy Statement of Google Analytics.
You should never share your passwords with unauthorised third parties and you should change them regularly. Every time you leave the CrossLend Platform, you should log out of your session and close your browser window to prevent unauthorised users from accessing your CrossLend Marketplace account.
5. Right of Access to Information
You have the right at any time to require us to provide information about the processing of your personal data (right of access). When providing you with this information, we shall explain the data processing and supply an overview of the data relating to you which has been stored. Should data stored with us be inaccurate or no longer up-to-date, you enjoy the right to have this data corrected (right to rectification). You can also require the erasure of your data (right to erasure or right to be forgotten). Should the erasure not be possible due to other legal regulations, the data processing will be restricted so that your data is only available to serve the purposes required under those other legal regulations. You can also have the processing of your data restricted if you believe that the data which we have stored is not correct (right to restriction of processing). You also have the right of data portability, which means that we can send you at your request a digital copy of the personal data which you have provided to us.
To exercise your rights as set out here, you can communicate with us at the above contact details. This also applies should you wish to receive copies of guarantees for certification of an adequate data-protection level.
You also have the right to object to the data processing based on Art. 6 (1) lit. e or f of the GDPR. Finally, you have the right to complain to data protection supervisory authorities. You can exercise this right at a supervisory authority in the member country of your place of residence, of your workplace, or of the place of alleged breach. In Berlin, the competent regulatory authority is: Data Protection and Freedom of Information Officer, Friedrichstrasse 219, 10969 Berlin.
6. Right to withdraw consent and object to processing activities
Under Article 7 (3) of the GDPR you have the right at any time to withdraw your consent which you have given previously for the processing of your data. This will mean that CrossLend will no longer process your data based on that previous consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Insofar as we process your data on the basis of legitimate interests under Art. 6 (1) lit. f of the GDPR, you have the right under Art. 21 of the GDPR to object to the processing of your data and to mention grounds relating to your particular situation that in your opinion speak in favour of prevailing legitimate interests. Where personal data is processed for direct marketing purposes, you have a general right of objection which will also be implemented by us without your stating reasons.
Information regarding data processing of applications
This information shall give you an overview about the processing of your personal data when you apply for a job at CrossLend.
Controller according to the General Data Protection Regulation EU (2016/679) (“GDPR”) and other data privacy rules is:
CrossLend GmbH („CrossLend“)
10785 Berlin Germany
Phone: +49 30 208 488 100
2. Processing of Personal Data
According to Article 4 lit 1 GDPR personal data is information relating to an identified or identifiable natural person, e.g. name, email address, IP address.
For the application process we are processing the data that you make available to us. This includes the following data:
- email address
- application documents (CV, engagement letter, etc)
- interview notes
- IP address, when you apply through the online application form
Furthermore, we process the data that you make available to us when you contact us during the application process.
We may use other sources to process data from you, e.g. recruiter, websites or other public available data such as your profiles on professional social networking platforms, such as LinkedIn or Xing.
3. Purpose and legal basis
We process your personal data for the purpose of the selection of job applicants.
The legal basis for data processing is Section 26 Federal Data Protection Act (BDSG) in conjunction with Article 6 para. 1 lit. b General Data Protection Regulation (GDPR) and Art. 88 GDPR. The legal basis for the processing of information that you have given us voluntarily is Section 26 para 2 BDSG in conjunction with Art. 6 para 1 lit. a GDPR and Art. 88 GDPR, your consent. The legal basis for the use of the data from public available sources is Art. 6 para 1 lit f GDPR in conjunction with Section 9 para 2 lit e GDPR. The legitimate interest is to receive an overview of your background.
We will process the data for the assessment of your application and the performance of the employment contract according to Section 26 BDSG in conjunction with Art. 6 para 1 lit b GDPR.
If you are interested in other positions within CrossLend or would like us to store your data for future positions, the legal basis for processing your data is Section 26 para 2 BDSG in conjunction with Art. 6 para 1 lit a GDPR and Art 88 GDPR.
The processing of your personal data may be necessary for the defence against claims from the application process. Legal basis is Art. 6 para 1 lit f GDPR. The legitimate interest is the burden of proof in a procedure.
4. Recipients, categories of recipients
Within CrossLend only those employees have access to your data who are in charge of the application procedure.
We may disclose your personal data also to authorities and/or law enforcement authorities when necessary for the above purposes, when required by law or when necessary to protect our legitimate interests in accordance with applicable law.
5. Retention period
Applicant data will be deleted six months after the end of the specific application procedure. In case of expressed interest also in other positions, the data we will store your application data with your consent (which can be revoked at any time).
We may be required to store the data for a longer period if there is a longer legal retention period.
If you start working for us, we will store the data for the duration of the employment relationship. The data processing for the purpose of the employment relationship is subject to another information that you will receive separately.
6. Third-party processors
In some cases, we may need to share some of your data we process through the application process with places and people outside our company. As part of the processing, your personal data will be transmitted to our external service provider (known as a “Processor”) Personio GmbH, Rundfunkplatz 4, 80335 Munich, Germany.
Service providers working on our behalf sometimes process data for us. If this is the case, we conclude so-called data processing agreements with those service providers, by which we oblige a service provider to carry out the processing of the data carefully and in accordance with our instructions. As a result, service providers must process the data according to our specifications and on our behalf, which is why they are referred to as a Processor.
Your personal data will not be transmitted by CrossLend GmbH to third countries.
7. Obligation to provide personal data
Without entering data, an application is not possible. You are not legally or contractually obliged to submit your information to us. However, since we need information about you in our application process, the possible consequence of not providing such information is that we cannot adequately consider you as an applicant.
8. Rights of the data subject
As a data subject you have several rights. For assertion of rights you can contact us:
CrossLend GmbH („CrossLend“)
10785 Berlin Germany
Phone: +49 30 208 488 100
a. Access, rectification, erasure
In accordance with Art. 15 GDPR, you may at any time obtain from the controller confirmation as to whether or not personal data concerning you are being processed, and where that is the case, access to personal data. Information is provided free of charge.
If your personal data is incorrect or incomplete, you have the right to correct and amend it (Art. 16 GDPR).
You can request the erasure of your personal data at any time, unless we are legally obliged or entitled to further processing of your data (Art. 17 GDPR).
If the legal requirements are met, you can demand a restriction on the processing of your personal data (Art. 18 GDPR).
b. Right to object
You can object to data processing in accordance with Art. 21 GDPR. We will then stop processing your data. This is not the case if we can prove compelling reasons worthy of protection, which outweigh your rights.
c. Right to data portability
Upon request, we will provide you with your personal data transmitted by you in a standard machine-readable data format (Art. 20 GDPR).
d. Right to withdraw consent
If you have given us your consent to process personal data, you can withdraw it at any time with future effect without affecting the legality of the processing carried out on the basis of the consent until withdrawal. This also applies to the withdrawal of declarations of consent that were given to us before the GDPR was valid, i.e. before 25 May 2018.
e. Right to lodge a complaint
You have the right under Article 77 GDPR to lodge a complaint with the supervisory authority if you believe that the processing of personal data concerning you violates the GDPR.
9. Automated decision making
In principle, we do not use automated decision making for the establishment, execution and termination of business relationships. If we use automated decision making, we will inform you separately.
Hinweis zur Datenverarbeitung von Bewerbungen
Dieser Hinweis gibt Ihnen einen Überblick über die Verarbeitung Ihrer personenbezogenen Daten, wenn Sie sich für eine Position bei CrossLend bewerben.
Verantwortlicher im Sinne der Datenschutz-Grundverordnung EU (2016/679) („ DSGVO“) und anderer Datenschutzbestimmungen ist:
CrossLend GmbH („CrossLend“)
10785 Berlin Deutschland
Tel.: +49 30 208 488 100
2. Verarbeitung personenbezogener Daten
Gemäß Artikel 4 Abs. 1 DSGVO sind personenbezogene Daten alle Informationen, die sich auf eine identifizierte oder identifizierbare natürliche Person beziehen, z.B. Namen, Email-Adresse, IP-Adresse.
Für das Bewerbungsverfahren verarbeiten wir die von Ihnen uns zur Verfügung gestellten Daten. Dies beinhaltet die folgenden Daten:
- Bewerbungsunterlagen (Lebenslauf, Bewerbunsschreiben, etc.)
- Notizen von Bewerbungsgesprächen
- IP-Adresse, falls Sie das Online Bewerbungsformular für Ihre Bewerbung benutzen.
Weiterhin verarbeiten wir die Daten, die Sie uns während des Bewerbungsverfahrens zur Verfügung stellen.
Wir können auch andere Quellen verwenden, um Daten von Ihnen zu verarbeiten, z.B. Personalvermittler, Websites oder andere öffentlich zugängliche Daten, wie Ihre Profile auf den Plattformen von professionellen sozialen Netzwerken, wie z.B. LinkedIn oder Xing.
3. Zweck und Rechtsgrundlage
Wir verarbeiten Ihre personenbezogenen Daten, um eine Auswahl unter den Bewerbern für eine Position zu treffen.
Die Rechtsgrundlage für die Datenverarbeitung ist § 26, Bundesdatenschutzgesetz (BDSG) in Verbindung mit Artikel 6 Abs. 1 lit. b Datenschutz-Grundverordnung (DSGVO) und Art. 88 DSGVO. Die Rechtsgrundlage für die Verarbeitung der Daten, die Sie uns freiwillig zur Verfügung stellen ist § 26 Abs. 2 BDSG in Verbindung mit Art. 6 Abs.1 lit. a DSGVO. Die Rechtsgrundlage für die Verwendung von Daten aus öffentlich zugänglichen Quellen ist Art. 6 Abs.1 lit. f DSGVO in Verbindung mit § 9 Abs. 2 lit. e DSGVO. Das berechtigte Interesse ist darin begründet einen Überblick über Ihren Hintergrund zu erhalten.
Wir werden die Daten für die Beurteilung Ihrer Bewerbung und die Durchführung des Arbeitsvertrages gemäß § 26 BDSG in Verbindung mit Art. 6 Abs. 1 lit. b DSGVO verarbeiten.
Falls Sie an anderen Positionen bei CrossLend interessiert sind oder Sie es wünschen, dass wir Ihre Daten für zukünftige Positionen speichern, ist die Rechtsgrundlage für die Verarbeitung Ihrer Daten § 26 Abs. 2 BDSG in Verbindung mit Art. 6 Abs.1 lit. a DSGVO und Art. 88 DSGVO.
Die Verarbeitung Ihrer personenbezogenen Daten kann für die Verteidigung gegen Klagen aufgrund des Bewerbungsverfahrens notwendig sein. Die Rechtsgrundlage ist Art. 6 Abs. 1 lit. f DSGVO. Das berechtigte Interesse ist darin begründet den Beweis in einem Verfahren führen zu können.
4. Empfänger, Kategorien von Empfängern
Innerhalb CrossLends haben nur die Mitarbeiter Zugang zu Ihren Daten, die mit dem Bewerbungsverfahren beauftragt sind.
Wir geben Ihre personenbezogenen Daten auch an Behörden bzw. Strafverfolgungsbehörden weiter, insoweit dies für die vorgenannten Zwecke notwendig, gesetzlich vorgeschrieben oder zum Schutz unserer berechtigten Interessen nach geltendem Recht erforderlich ist.
Bewerberdaten werden sechs Monate nach dem betreffenden Bewerbungsverfahren gelöscht. Falls auch Interesse an anderen Positionen besteht, speichern wir Ihre Bewerberdaten mit Ihrer Zustimmung (ein Widerruf ist jederzeit möglich).
Es kann sein, dass wir die Daten für einen längeren Zeitraum aufbewahren müssen, falls eine längere Aufbewahrungsfrist gesetzlich vorgeschrieben ist.
Im Falle einer Einstellung werden wir die Daten für die Dauer des Arbeitsverhältnisses speichern. Die Datenverarbeitung für das Arbeitsverhältnis ist Gegenstand eines anderen Hinweises, den Sie separat erhalten werden.
6. Empfänger Ihrer personenbezogenen Daten
In bestimmten Fällen müssen wir einen Teil Ihrer Daten, die wir im Rahmen des Bewerbungsverfahrens verarbeiten, an Stellen und Personen außerhalb unseres Unternehmens weitergeben. Im Rahmen der Verarbeitung werden Ihre personenbezogenen Daten an unseren externen Dienstleister (sog. Auftragsverarbeiter) Personio GmbH, Rundfunkplatz 4, 80335 München, Deutschland, übermittelt.
Dienstleister, die in unserem Auftrag tätig werden, verarbeiten teilweise Daten für uns. Sofern dies der Fall ist, schließen wir mit dem Dienstleister einen sog. Auftragsverarbeitungsvertrag ab, durch den wir den Dienstleister verpflichten, die Verarbeitung der Daten sorgfältig und nach unseren Weisungen vorzunehmen. Hierdurch verarbeiten die Dienstleister die Daten nach unseren Vorgaben und in unserem Auftrag, weswegen sie als Auftragsverarbeiter bezeichnet werden.
Ihre personenbezogenen Daten werden von CrossLend GmbH nicht an Drittländer übermittelt.
7. Verpflichtung personenbezogenen Daten anzugeben
Ohne Angabe von personenbezogenen Daten ist eine Bewerbung nicht möglich. Sie sind nicht gesetzlich oder vertraglich dazu verpflichtet, uns Ihre Daten zu übermitteln. Da wir bei unserem Bewerbungsverfahren jedoch Angaben zu Ihrer Person benötigen, ist die mögliche Folge einer Nichtbereitstellung, dass wir Sie als Bewerber bei uns nicht hinreichend berücksichtigen können.
8. Rechte der betroffenen Person
Als betroffene Person haben Sie verschiedene Rechte. Zur Geltendmachung Ihrer Rechte können Sie uns wie folgt kontaktieren:
CrossLend GmbH („CrossLend“)
10785 Berlin Deutschland
Tel.: +49 30 208 488 100
a. Zugang, Berichtigung, Löschung
Gemäß Art. 15 DSGVO können Sie jederzeit vom Verantwortlichen eine Bestätigung darüber erhalten, ob Sie betreffende personenbezogene Daten verarbeitet werden oder nicht verarbeitet werden und in den Fällen in denen Sie betreffende personenbezogene Daten verarbeitet werden, können Sie jederzeit Zugang zu den personenbezogenen Daten erhalten. Die Auskunft ist kostenfrei.
Falls Ihre personenbezogenen Daten unrichtig oder unvollständig sind, haben Sie das Recht diese zu berichtigen und zu vervollständigen (Art. 16 DSGVO).
Sie können jederzeit die Löschung Ihrer personenbezogenen Daten verlangen, außer wir sind gesetzlich verpflichtet oder berechtigt Ihre Daten weiterhin zu verarbeiten (Art. 17 DSGVO).
Falls die gesetzlichen Voraussetzungen erfüllt sind, können Sie eine Beschränkung der Verarbeitung Ihrer personenbezogenen Daten verlangen (Art. 18 DSGVO).
b. Das Recht Widerspruch einzulegen
Sie haben gemäß Art. 21 GDPR das Recht Widerspruch gegen die Datenverarbeitung einzulegen. Wir werden dann die Verarbeitung Ihrer Daten einstellen. Dies trifft dann nicht zu, falls wir zwingende schutzwürdige Gründe nachweisen können, die gegenüber Ihren Rechten überwiegen.
c. Das Recht auf Datenübertragbarkeit
Auf Anforderung stellen wir Ihnen die von Ihnen übermittelten personenbezogenen Daten in einer standardisierten maschinenlesbaren Form zur Verfügung (Art. 20 DSGVO).
d. Das Recht die Einwilligung zu widerrufen
Falls Sie uns Ihre Zustimmung gegeben haben Ihre personenbezogenen Daten zu verarbeiten, können Sie diese Zustimmung jederzeit mit Wirkung für die Zukunft widerrufen, ohne dass die Rechtmäßigkeit der aufgrund der Einwilligung bis zum Widerruf erfolgten Verarbeitung berührt wird. Dies gilt auch für den Widerruf von Zustimmungserklärungen, die uns gegenüber vor dem Inkrafttreten der DSGVO d.h. vor dem 25. Mai 2018 abgegeben wurden.
e. Das Recht Beschwerde einzureichen
Sie haben gemäß Artikel 77 DSGVO das Recht bei einer Aufsichtsbehörde Beschwerde einzureichen, falls Sie der Auffassung sind, dass die Sie betreffende Verarbeitung von Daten gegen die DSGVO verstößt.
9. Automatisierte Entscheidungsfindung
Wir setzen grundsätzlich keine automatisierte Entscheidungsfindung für die Begründung, Durchführung und Beendigung von Geschäftsbeziehungen ein. Sollten wir eine automatisierte Entscheidungsfindung einsetzen, werden wir Sie separat darüber informieren.