The Fressnapf Group (hereinafter: "We") ensures a uniformly high level of data protection through various measures, which are guaranteed by all individual companies. The responsible entity for the processing of personal data related to the current application relationship is the individual company which the Applicant applies to. Due to the group structures, it is possible that individual aspects are also processed for this company by other individual companies or that an internal group transfer takes place. In this respect, the following statements apply to all individual companies. 

We collect, store and use your personal data only in accordance with the applicable data protection regulations, in particular the European General Data Protection Regulation (DSGVO) and national data protection regulations.   

If you still send us your application documents in person or by post, we will unfortunately not be able to consider them. The original documents will be destroyed immediately in accordance with data protection regulations. 

1. Who is responsible for your data

The legal entity which processes your application is responsible for ensuring legally compliant handling of your personal data that it holds and processes in the context of your application in accordance with country Data Privacy regulations. For optimal management of applicant data, we use the SAP software SuccessFactors, in which all application master data and activity-related data are recorded. For SuccessFactors, there is a defined authorization system within the SAP system that ensures that only authorized persons can access the applicant's data required at any given time. 

2. Purposes 

a) Fulfillment of legal obligations 

In recruitment, future employers must fulfill several legal obligations arising from your application. These may vary in line with the legal differences in national laws governing labor, anti-discrimination, safety and security at work, etc. but will be well known obligations as listed below: 

• Assurance of non-discriminating treatment and equal opportunities 

b) Other purposes/processes in the legitimate interest of Fressnapf Group 

Other processing activities may simply be justified by company legitimate interest. These are 

• Compliance checks with policies 
• Support diversity goals / equal treatment 
• Recruitment and selection 

3. Categories of personal information processed  

Categories of applicant’s personal information company may process in the recruitment and selection process include: 

• Personal details (name, home address)  
• Contact details (private phone number and e-mail) 
• Application data (CV, education, prior employers, skills, photograph, etc.)  
• Interview notes (selection criteria, suitability/assessment details, etc.)  
• Organisation classification data (segment, function, job, discipline, position)  
• Details of negotiation and offer of compensation data including bonuses, allowances, etc.  
• Career preferences information  

Information about your racial or ethnic origin, physical or mental health, sex life, political or religious beliefs, biometric or genetic data, trade union memberships or criminal history will only be collected and processed, if we are legally obliged to or if you have provided your express and prior consent to do so. 

4. Recipients of your personal information 

Within the Group, your personal information will only be disclosed to authorized individuals if and to the extent necessary to fulfill a particular purpose. However, based on company’s matrix regional structure (into segments/functions/regional businesses) teams in charge of particular tasks may not necessarily be located in your country of application so that your data may be accessed from abroad. 

In any case, role-based access levels ensure that access to your personal data is limited on a strict need-to-know basis. At Fressnapf Group, some processes/services are outsourced to external providers (e.g. application data storage is handled by SAP Successfactors). 

Whenever external parties are engaged to provide services which involve personal data (e.g. data hosting, application management and/or support, user support, etc.), these are carefully chosen. Their services are limited and clearly defined. 

Subject to written agreements which contain relevant legally required clauses on data protection. This ensures appropriately secure and confidential data handling (which is also limited to authorized staff only). 

Sometimes, Fressnapf Group is legally obliged to disclose applicant’s personal information in response to a request from a court, tribunal or regulator, or as part of a litigation process. Where disclosure is in company's discretion we will consult with you prior to making such disclosure and, in order to protect your privacy, we will only disclose the minimum amount of information necessary for the required purpose. 

5. Data security 

Fressnapf Group’s digital security standards are based on recognized international standards to protect systems and data against unauthorized access, damage, loss or destruction. 

All staff, suppliers and business partners involved in the design, operation, management or use of digital technology, systems and information must comply with these security requirements. All access permissions granted to personal information held by Fressnapf Group is subject to strict security administration processes and must be limited to the business need. To protect our information, Fressnapf Group IT systems include suitable security measures to defend and detect any digital/cyber threats. 

6. Your rights related to your personal data 

Individuals in the EU are given a number of rights with regard to their own personal data including the right to lodge a complaint directly with a Data Protection Authority. Applicable rights you can exercise are: 

• Access: The right of access allows you to ask for a copy of your personal data. 
• Rectification: This right allows you to request any false personal data to be corrected or incomplete data to be amended. 
• Restriction: This right allows to stop/suspend the further processing of personal data e.g. until a dispute is resolved. 
• Erasure: You can request the deletion of personal data, which is not processed in compliance with privacy legislation (e.g. illegally obtained data or where the justified data retention period was exceeded). 

We are entitled at any time to discontinue this service or to delete your data in whole or in part without giving reasons. 

Furthermore, you may revoke your consent to the processing of data at any time without incurring any adverse consequences. Address your revocation to: support.pitsy.ie.team@ie.maxizoo.eu. In the event of revocation, all data will be physically deleted upon receipt of the revocation notice and cannot be restored. 

7. Data retention periods  

Unless e.g. labor, tax or other applicable laws require FN I MZ to retain certain information for a specified minimum period of time, your personal information will be retained in line with company "Records Retention Schedule" or otherwise only as long as necessary to fulfill the particular purpose. After that time your data will be either deleted or de-personalized, e.g. if used for long-term statistical purposes.  

8. Disruption of the service, discontinuation or modification of the service or deletion of data 

We do not guarantee that the service will be available at certain times. We do not rule out disruptions, interruptions or a possible failure of the online offer. The servers are carefully backed up on a regular basis. As far as data is transmitted to us - no matter in which form - you are however recommended to make backup copies. We reserve the right to change, expand, limit or completely discontinue this service at any time. Any liability on our part for deleted data or data loss is therefore excluded. 

9. Supervisory authority 

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the country of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes applicable law. The relevant supervisory authority is:The Data Protection Commision .