2. Subject of Protection
Subject of protection is personal data, which is all information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). This mainly includes data that enables to draw conclusions about your identity (e.g. information such as name, postal address, e-mail address and telephone number).
Konen & Lorenzen is one of the leading companies in the field of recruitment consulting for the hotel, catering and tourism industry internationally. There are no standard requirements for the cooperation with our clients and applicants because every partner requires individual solutions that can only be developed with extraordinary dedication. This is the basis for the entire recruitment process of Konen & Lorenzen Recruitment Consultants, from needs assessment to follow-up support, specifically tailored to the needs of our applicants and clients.
Based on years of experience within the hotel industry at home and abroad, Konen & Lorenzen today has a team of qualified consultants in six locations, which displays a high level of expertise, flexibility and competence in a variety of fields.
By registering and sending your application documents, you will be added to our database. At the same time, you have the opportunity to apply for job advertisements on our website. The purpose of our database and the job board is to match employers and potential employees and to achieve the best possible solution for the positioning of qualified personnel within a company.
4. Collection and Processing of Personal Data
4.1.1 Technical requirements
In order to establish a connection to our website, your browser sends certain data to the web server of our website. This is a technical necessity for providing you with the information you have called up. To enable this, data regarding your IP address, the date and time of your retrieval and the type of your operating system are stored and used for a maximum of 30 days. We reserve the right to store such data for a limited period of time in order to protect our legitimate interests and, in the event of unauthorised access or attempts to cause us deliberate damage, to initiate the tracing of personal data (Art. 6 para. 1(f) GDPR). Such data will be stored or transmitted by us for this purpose only and for no other purpose, without us informing you in advance and asking for your permission.
Cookies can usually be disabled or removed by using tools provided in most commercial browsers. The settings must be defined and individually set for each browser you use. For this purpose, the various browsers provide different functions and options.
In order to be able to use our website fully and comfortably, you should accept those cookies that enable the use of certain functions or make their use more comfortable. The following listing gives you an overview about the purpose for which our cookies are used and for how long they are stored:
List of Cookies:
|euCookie||www.konen-lorenzen.de||Is used to hide the cookie banner after giving the approval for using cookies.||Until the end of the session|
|_ga||www.konen-lorenzen.de||Registers a unique ID that is used to generate statistical data about how the visitor uses the website.||2 years|
|_gid||www.konen-lorenzen.de||Registers a unique ID that is used to generate statistical data about how the visitor uses the website.||Until the end of the session|
|Until the end of the session|
When accessing our website, our cookie banner text informs you about the use of these cookies and you accept them by continuing to use them or by clicking on the “Accept” button.
Types of Cookies:
In order to explain the most common types of cookies to you in more detail, we have explained them below for your understanding:
Session cookies allow users and the changes they have made within a website to be recognised. They allow the website to track their movements across individual pages so that data that has already been entered/stored does not have to be entered/stored again, for example shopping carts used by online shops. The respective session cookie stores the chosen items in the shopping cart so that it contains the correct items when paying at the checkout. Session cookies are deleted when logging out or lose their validity once the session has expired automatically.
Persistent or Protocol Cookies:
A persistent or protocol cookie stores user information and settings on the user’s computer for the period of time defined by the respective cookie’s expiration date. This speeds up your access and makes it more convenient, for instance because you do not need to adjust your language settings or re-enter your login data every time. Such cookie is automatically deleted once the expiration of its storage period is reached.
Third-party cookies usually have no influence on the use of the site, as they do not originate from the operator of the website. For example, they serve the purpose of collecting data for advertising, custom content and web statistics and passing it on to the respective third party provider.
Tracking cookies are special text files that provide the opportunity to collect data about the behaviour of an Internet user. This is intended to provide information about the user’s main interests, for example, in order to be able to place customised promotions. Tracking cookies are therefore set not only when logging in, but automatically when visiting the website.
4.1.3 Using our contact forms
Our website provides contact forms, allowing you to get in touch with us for various purposes. To ensure a secure transfer of your data, we use a state-of-the-art encrypted connection that is protected by SSL certificate. By clicking on the “Submit Form” button you agree to transmit the data entered in the input mask to us. We store your name and e-mail address and, where appropriate, any other information you provide in order to be able to contact you and answer your enquiry in the best possible way. By doing this, on the one hand we can offer you the service you expect from us, and on the other hand we have the opportunity to continuously improve ourselves (Art. 6 para. 1(f) GDPR).
Our website also provides forms that can be used to send us your application. In addition to the information mentioned above, further information is required, which is necessary to take the measures required for your enquiry (Art. 6 para. 1(f) GDPR). Such information includes, among other others:
- Contact details
- Personal information (e.g. date of birth)
- Information on your school education and your professional career
- Language skills
Your data will only be processed to evaluate your application and stored to be recognised in the event of any renewed application.
4.1.4 Tracking tools
Our website uses functions of various web analysis services from other companies such as Google Inc. Below, we explain in more detail which services are involved and which data are analysed.
Use of Google Analytics with Anonymisation Function
If you want to decide on your own which data Google may collect regarding the website you visit, you can download a deactivation add-on for your Internet browser. However, such an add-on does not prevent data from being transmitted to us or other web analysis services used by us. For more information about using and installing the add-on, please visit:https://tools.google.com/dlpage/gaoptout?hl=en.
4.1.5 Shariff solution by c’t
Our website uses the so-called “Shariff solution” for sharing our content. In this way, we protect your privacy and prevent the unwanted transfer of data about your surfing habits through social media plug-ins such as Facebook, Google or Twitter. Social media plug-ins are usually integrated into websites via so-called “iframes”. As a result, personal data such as the IP address or locally stored cookies is already communicated to the social media services when loading the site. “Shariff” replaces social media plug-ins with simple HTML links and a script retrieves how often a site has already been shared or tweeted. Instead of your IP address, only our server address is communicated to the social media services. Only if you actively click on a plug-in, your above mentioned personal data will be transmitted by your consent. For more information on the “Shariff solution” by c’t, please visit: https://github.com/heiseonline/shariff.
4.1.6 Social media plug-ins
All information about the different plug-ins given below only applies provided that the Shariff solution by c’t is not used. Our website uses this solution so that no information is communicated to social media services without your consent.
Our website uses various social media plug-ins to expand and link our own Internet presence via social networks.
In the following, we will explain in more detail which plug-ins are involved.
Our website contains plugins of the social network “Facebook”, which belongs to Facebook Inc.1601 South California Avenue, Palo Alto, CA 94304, USA, hereinafter referred to as “Facebook“. Facebook plug-ins can be identified by one of the Facebook logos (white „f“ on a blue background, terms such as “Like”, “Gefällt mir”, “Share”, “Teilen”, “Follow”, “Folgen” or a “Thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. For any relevant information about the appearance and functions of the plug-ins, please visit: https://developers.facebook.com/docs/plugins.
From the moment you access our site, the stored plug-in establishes a direct connection between your browser and the Facebook servers. We as website operators have no influence on which and to what extent such plug-in transmits data to Facebook. According to Facebook, this is data about your visit to our site (e.g. IP address, date and time). However, once you click on one of the plug-ins, additional data are transmitted that can associate you directly with your Facebook account (if you have such an account and are logged in to it). Facebook processes such data to provide you with a personalised user experience on our website and to upgrade its own products. For more information, please visit: https://www.facebook.com/help/186325668085084.
Our website contains functions (plug-ins) of the microblogging service Twitter, which are provided by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, hereinafter referred to as “Twitter”. Such plug-ins are identifiable by one of the Twitter logos (white bird profile on a light blue background, or the other way around, and the addition “tweet”). When visiting our website, a direct connection is established between your browser and the Twitter servers. So-called “log data” are sent to Twitter via this connection, even if you do not have a Twitter account. According to Twitter, this may be your IP address, browser type, operating system or information about the websites you visit. Your web activity is not associated with your name, email address, phone number or your Twitter username. Twitter deletes, obfuscates or aggregates your log data after a maximum of 30 days. According to Twitter, all data collected by Twitter are used to personalise, evaluate and enhance its own services.
You can define your personalisation settings under https://twitter.com/personalization.
You can change your Twitter privacy settings in your account settings under https://twitter.com/login?redirect_after_login=%2Faccount%2Fsettings.
Our website contains the plug-in “google+1”, which is provided and operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”. The Google plug-in is typically identifiable by a button marked “G” and “+”, or “+1”, as well as the added text “share” or “teilen”. From the moment you access our website, your browser establishes a direct connection to the Google servers and transmits all data collected by the plug-in from your visit to our website to Google. We as website operators have no influence on which and to what extent the plug-in sends data to Google.
If you are logged in via your “Google” or “Google Plus” account when visiting our site, the data collected by Google may be directly associated with that account. To avoid this, please log out of “Google” or “Google Plus” before visiting our website.
According to Google, the data collected about you will be processed for the purpose of enhancing Google’s services and personalising the content of the site.
This website incorporates plug-ins from the LinkedIn social network of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, hereinafter referred to as “LinkedIn”. You can typically identify them by the LinkedIn logo (the letters “in” in white on a blue background) and added text such as “share” or “teilen”. All information about the appearance of the LinkedIn plug-ins is provided under the following link: https://developer.linkedin.com/plugins.
Our site uses social plug-ins of the social network Pinterest, which is operated by Pinterest Inc, 808 Brannan Street San Francisco, CA 94103-490, USA (“Pinterest”). When you access a site that contains such a plug-in, your browser establishes a direct connection to the Pinterest servers. The plug-in transmits log data to the Pinterest server in the USA. Such log data may include your IP address, the address of the sites you visit, which also includes Pinterest functions, the type and settings of your browser, the date and time of your request, information on how you use Pinterest, and cookies.
5. Further General Information
5.2 Who is responsible for the data processing? (Art. 13 para. 1 (a), (b) GDPR)
Responsible for the data processing on our website is Konen & Lorenzen GmbH & Co. KG. You can find the contact details in our Legal Notice: https://www.konen-lorenzen.com/legal-notice/.
You can contact our data protection officer at the following address:
Konen & Lorenzen GmbH & Co. KG
Attn.: Data Protection Officer
Kaiserswerther Straße 282
Phone: +49 (0) 211 239 554 – 14
5.3 Who gets your personal data? (Art. 13 para. 1(e), (f) GDPR)
We treat your personal data confidentially and do not pass them on to third parties, unless you have given your consent or such provision is based on a legal or contractual obligation. In isolated cases, we engage processors to process your personal data. This is done in accordance with Art. 28 GDPR and on the basis of a data processing agreement.
Furthermore, it should be noted that Konen & Lorenzen also has branches and businesses outside the European Union and some recipients are located in countries, which may not have an adequate level of data protection within the meaning of the European Data Protection Regulation (GDPR). For this reason, all affiliated companies outside the European Union are contractually bound by the standard data protection clauses enacted by the commission in accordance with the review procedure under Art. 46 para. 5, 2 GDPR. Among the affiliated companies of Konen & Lorenzen are Konen & Lorenzen GmbH & Co. KG in Germany, Konen & Lorenzen International AG and Konen & Lorenzen International GmbH & Co. KG in Switzerland, KLW Middle East FZE in the United Arab Emirates and CONnect International SDN.BHD in Malaysia.
By registering via our online form, you also make your data available to these affiliated companies. Should you wish to restrict the use of your data for these companies, you can inform Konen & Lorenzen in writing, by e-mail to .
5.4 How long is your data stored? (Art. 13 para. 2(a) GDPR)
The legislator has enacted a variety of retention obligations and periods.
In principle, we only store your data for as long as legally required.
After expiry of such periods, the corresponding data is routinely deleted if it is no longer necessary to fulfil the contract. Data that we process on the basis of your consent will be stored until revoked or as long as the data is required. We store such data on the basis of a legitimate interest for as long as the legitimate interest exists.
Commercial or financial data regarding a closed business year will be deleted after a further ten years in accordance with legal regulations, unless longer retention periods are prescribed or required for legitimate reasons. If data is not subject to specific retention period, they are deleted when the purposes for which they are processed cease to apply.
5.5 For what purposes and on what legal basis do we process your personal data? (Art. 13 para. 1(c), (d) GDPR)
We have already explained the purposes and legal bases of data processing. In addition, the following generally applies: if necessary, we process your data to protect our or third parties’ legitimate interests pursuant to Art. 6 para. 1(f) GDPR, for example, for asserting legal claims and defending against litigation matters or for guaranteeing IT operations and security.
If we have a legitimate interest or have received your written consent to process your personal data, we process your data for the purposes of external communication and marketing according to Art. 6 para. 1(a) or (f) GDPR. You have the right to revoke your consent at any time.
In order to comply with legal requirements, we may or must, if necessary, process your data and pass it on to third parties (pursuant to Art. 6 para. 1(c)).
We do not use your data in any way for automated decision-making or profiling.
5.6 What are your rights and obligations? (Art. 13 para. 2(b), (c), (d), (e) GDPR)
Any data subject has the following rights. According to:
- Art. 15 GDPR you have the right to information. This means that you may require us to confirm whether personal data concerning your person is processed by us.
- Art. 16 GDPR you have the right to correction. This means that you may require us to correct any inaccurate personal data concerning your person.
- Art. 17 GDPR you have the right to deletion (“right to be forgotten”). This means that you may require us to delete personal data concerning your person immediately, unless we cannot delete your data, for example, because we have to observe legal retention obligations.
- Art. 18 GDPR you have the right to restrict processing. This means that we are not allowed to process your personal data any more, apart from storing it.
- Art. 20 GDPR you have the right to data portability. This means that you have the right to receive the personal data concerning your person that you have provided us in a structured, common and machine-readable format and to communicate this data to another person in charge.
- Art. 7 para. 3 GDPR you have the right to revoke your consent for the future at any time.
- Art. 13 GDPR you have a right of appeal to the competent supervisory authority.
Furthermore, you have the right of objection that we explain in more detail at the end of this privacy information.
If you wish to exercise your rights, please contact our data protection officer (for contact details see above).
Competent supervisory authority
Landesbeauftragte für Datenschutz (Privacy officer for North Rhine Westphalia)
Street address: Kavalleriestr. 2-4, 40213 Düsseldorf
Mailing address: Postfach 200444, 40102 Düsseldorf
Phone: +49 (0) 211 38424 -0
|Information on your right of objection in accordance with Art. 21 of the General Data Protection Regulation (GDPR)
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning your person, which is based on Article 6 para. 1(f) of the GDPR (data processing on the basis of balancing interests); this also applies to any profiling based on this provision within the meaning of Article 4, para. 4 GDPR.
If you file an objection, we will no longer process your personal data unless we can prove compelling and legitimate reasons for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Please send your objection in writing (by e-mail or by post) to our data protection officer (for contact details see above).