V2 (022024)
ITM Isotope Technologies Munich SE uses the onlyfy one service (by XING) to process job applications. This Privacy Policy will inform you about the processing of your data by the onlyfy one service and by ITM Isotope Technologies Munich SE.
With regard to interaction within the company account of ITM Isotope Technologies Munich SE, ITM Isotope Technologies Munich SE and New Work SE have shared responsibility pursuant to Article 26 GDPR, as they jointly determine the purposes and means of processing pursuant to Article 4 (7) GDPR. The current version of the agreement on shared responsibility pursuant to Article 26 GDPR, which New Work SE concludes with companies that use onlyfy one, can be viewed here https://www.xing.com/terms/onlyfy-one to gain information on the key aspects of the agreement.
onlyfy one is part of the extensive XING service operated by New Work SE, which pursues the aim of improving and simplifying users’ working lives with a variety of applications (onlyfy one, as well as the XING social and jobs network, kununu, etc.), and creates a more fulfilling working world of work for individuals while boosting the performance of companies. As part of the extensive XING service, onlyfy one is an online platform on which or through which talent and companies meet.
With regard to data processing for which New Work SE is solely responsible or is responsible within the scope of the shared responsibility with ITM Isotope Technologies Munich SE, detailed information is available in the XING Privacy Policy at https://privacy.xing.com/en/privacy-policy. You will also find contact details for New Work SE, as well as for the New Work SE data protection officer there.
When submitting an application, you enter into a user relationship with New Work SE for the purpose of processing applications. In addition, you will receive support and New Work SE can present you with other opportunities in support of your career. A public profile will not be automatically created for you on the XING social and jobs network. The legal basis for New Work SE processing your data is, in particular, Article 6 (1)(b) GDPR (processing necessary for the performance of a contract).
You can pause the creation of your online application at any time and continue at a later point. Cookies are used for this purpose. The data you provide to create the user account, as well as any uploaded documents, are recorded in the company account of ITM Isotope Technologies Munich SE in onlyfy one. The data remains recorded even if an application is paused and/or not completed. In this case, your application is flagged as incomplete and the data remains visible to ITM Isotope Technologies Munich SE only.
The data you have provided as part of the online application can be read, edited, or updated in your candidate profile at any time.
If the calendar function is used, your data is processed during and for the purpose of setting appointments within the application process. The legal basis is Article 6 (1)(f) GDPR. The calendar function is provided by an IT service provider (Cronofy Ltd., United Kingdom). The United Kingdom is classified as a secure third country based on the adequacy decision of the European Commission. Further information on data protection at Cronofy is available here: https://www.cronofy.com/gdpr/ and https://docs.cronofy.com/policies/privacy-notice/
If you use the apply using WhatsApp function, your consent, which can be withdrawn at any time, forms the legal basis for communication (Article 6 (1)(a) GDPR). When applying via WhatsApp, all required applicant information is requested during a WhatsApp chat. The data is then sent directly to onlyfy one through a service provider, and is processed further there as part of and for the purpose of the normal application process.
The apply via WhatsApp function is provided by an IT service provider (PitchYou) that can gain access to your data for this purpose. More information is available here: https://www.pitchyou.de/en/pitchyou-gdpr. Candidate data from apply via WhatsApp are transferred to onlyfy one via an interface. Immediately after this transfer, candidate data are deleted from the apply via WhatsApp infrastructure in PitchYou. Further processing then takes place exclusively in onlyfy one.
Please note that you use your personal WhatsApp account for applications, and therefore we cannot rule out that messages will be transferred, to the USA in particular. WhatsApp data protection information, such as its processing or exercising of data protection rights with regard to WhatsApp is available here: https://www.whatsapp.com/legal/privacy-policy-eea.
Subject to your consent, your application will be sent from WhatsApp via the PitchYou infrastructure to onlyfy one. You have the right to withdraw your consent to this at any time. Either way, your application data will be deleted from the PitchYou infrastructure once transferred to onlyfy one, meaning that PitchYou will not process your data any further.
The FADP applies to circumstances which have an impact on Switzerland, even if said circumstances are initiated outside of Switzerland. Correspondingly, this privacy policy applies to information in line with the EU GDPR and the FADP. Here, EU GDPR terminology is used in favour of FADP terminology. However, FADP terminology is used if the FADP applies and the terminology differs from EU GDPR terminology in a given language. The About this site section on XING contains the name and address of our representative in Switzerland.
Content
A. Information obligations of the ITM Group regarding applicant dataThe subject of this data protection declaration is to provide information about which personal data is processed in connection with your application via our website.
By submitting the application form to the ITM Group, you agree that your details may be stored, processed and used for contact with you in the application process for the duration of the application process. Without this consent, you cannot send your online application.
ITM Isotope Technologies Munich SE, Human Resources, Walther-von-Dyck-Str. 4, 85748 Garching/Munich, career@itm-radiopharma.com, + 49 (89) 329 8986 6000. You can contact our data protection officer via
datenschutz@itm-radiopharma.com .
ITM Isotope Technologies Munich SE, ITM Oncologics GmbH, ITM Medical Isotopes GmbH, ITM Pharma Solutions GmbH and ITM Solucin GmbH represent a group of companies within the meaning of Art 4 No. 19 GDPR. ITM Isotope Technologies Munich SE has a controlling influence on the other companies in the area of data storage and the implementation of data protection regulations. ITM Isotope Technologies Munich SE controls the processing of personal data in the companies affiliated to the group of companies in terms of data protection. A data protection officer has been appointed for the group of companies, who can be easily reached from any branch.
2. Scope and purpose of data processing
All data that you provide to us via the application tool will be processed solely for the purpose of carrying out the application and selection process and serve solely to assess your professional suitability and to contact you. This includes your title(s), first name, surname, address, telephone number, e-mail address, curriculum vitae and data on your education and qualifications (Art. 6 para. 1 b) GDPR; § 26 BDSG). However, in the context of employment, you only have to provide the personal data necessary for the establishment, implementation and termination of employment. Otherwise, a proper personnel management is not possible.
If you provide "special categories of personal data" in the letter of application or other documents submitted by you in the application process in accordance with Art. 9 GDPR (e.g. a photo showing ethnic origin, information about severely disabled status, etc.), your consent also refers to this data. However, ITM Isotope Technologies Munich SE would like to evaluate all applicants only according to their qualifications and therefore asks you to refrain from providing such information in the application as far as possible.
Your application documents will only be passed on to the departments that need them to evaluate the application and for recruitment (HR department, responsible department responsible for job advertisements, legal department and board of ITM Isotope Technologies Munich SE).
3. Personal data
For the automated processing of your application, the following data is collected and processed:
We store the written, electronic communication that takes place between you and the ITM company for which you are applying. Furthermore, we process comments and evaluations that are written about you in the course of your application process.
4. Shared responsibility
In this context, New Work SE, Am Strandkai 1, 20457 Hamburg, supports us as a technical service provider who provides us with the software "onlyfy one". As part of the comprehensive XING service, onlyfy one is an online platform on which talents and companies come together. On or via onlyfy one, companies can, among other things, publish job advertisements, identify interesting talents (possibly also from the professional network XING), receive and manage applications and exchange ideas with talents and applicants. New Work SE supports this coming together of talents and companies on or via onlyfy one. This is done, among other things, by recommending talents and displaying them in the customer's company account as well as by generating and providing recruiting-relevant information and analyses on the basis of data that New Work SE processes in onlyfy one and, if applicable, in other XING applications or outside. New Work SE takes technical and organisational measures to ensure the protection of data in accordance with the General Data Protection Regulation.
In accordance with this joint responsibility, we have concluded a contract with New Work SE in accordance with Article 26 GDPR, which regulates which obligations under the GDPR the controllers assume and guarantee. The responsibilities can be found in the following link in Appendix 2 of the contract:
Link: onlyfy one: Terms and Conditions | XING
The data collected in the context of your application will neither be published nor passed on to third parties without authorization, in particular without your consent. Apart from our employees, who process your data in the context of processing your application, we do not pass on your personal data to third parties.
6. Storage of your application data, right to information and request for deletion
Personal data of rejected applicants will be stored for a maximum period of six months, starting from the day of rejection of the application. If you prefer a longer storage period in the course of your application process (for example, to continue your application process later), we ask you to make these settings accordingly during registration. The principles described also apply to an unsolicited application, i.e. if you do not apply for a specific position or if you send the applicant data by post or e-mail.
Longer storage periods may also result from the fact that the data is necessary to assert, exercise or defend legal claims before an authority or that there are statutory storage obligations. The data will be stored for as long as necessary to fulfil these purposes.
B. Information obligations of the ITM Group regarding cookies
1. Preamble
Session cookies are used on our application portal. Cookies are small text files that enable us to make the use of our application portal more pleasant for applicants, e.g. by determining whether you have already visited an individual page of our website and thereby storing information about your preferred activities on the website or thus tailoring our website to your individual interests. As soon as a user accesses our platform, a cookie is stored on the end device (laptop, tablet, smartphone or PC) of the respective user.
2. Session Cookies
We only use the following cookies on the application portal to enable applicants to log in and use the application portal securely:
Name | Domain | Provider | Purpose of data processing | Standard expiration time |
PHPSESSID | Itm.onlyfy.jobs | ITM | This cookie is necessary for user authentication to the various databases and for use in forms | 24 hours |
The legal basis for these cookies is Article 6 (1) (f) GDPR our legitimate interest. We are of the opinion that due to our implemented measures, our interest in the processing of the data prevails.
3. Content Delivery Network (CDN)
We operate our application portal on servers in data centers that are located exclusively in the Frankfurt region. For the worldwide deployment of the application portal, we use Cloudfront's Content Delivery Network (CDN).
This is a service of Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 98109-5210. It provides duplicates of data from a website on various AWS servers distributed around the world. These servers located in non-EU countries are only accessed if this website is accessed from a network in a non-EU country. This allows us to achieve a faster loading time of the website, greater reliability and increased protection against data loss. Some of the images and files embedded on this website are then loaded from the Cloudfront CDN when the page is accessed.
The use of Amazon Web Services and the Amazon CDN Cloudfront is in the interest of a higher reliability of the website, increased protection against data loss and a better loading speed of this website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
To learn more about Amazon Web Services' privacy practices, please visit:
Link: GDPR - Amazon Web Services (AWS)
4. Safety
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties, taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including their probability and Effects) for the person concerned. Our security measures are continuously improved in line with technological developments.
C. Your rights
You have the right to request confirmation from us at any time as to whether we process your personal data and the right to information about this personal data. Your right to rectification, erasure and restriction of data processing, as well as the right to object to the processing of personal data at any time, or to revoke your consent to data processing at any time or to request data transfer. All requests for information, requests for information, revocations or objections to data processing should be sent by e-mail to our data protection officer or to the above-mentioned contact details. In addition, you have the right to complain to a supervisory authority in the event of data breaches.
D. Changes
We always keep this privacy policy up to date. Therefore, we reserve the right to change them from time to time and to update changes in the collection, processing or use of your data. The current version of the data protection declaration is always available under "Privacy Policy" within the application portal.
Status: [03.11.2022]
