PRIVACY POLICY FOR APPLICANTS

The following information will give you an overview of the collection and processing of your personal data in connection with the application process.

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States of the European Union as well as other data protection regulations is:

Maxon Computer GmbH
CEO: David McGavran
Max-Planck-Str. 20,
61381 Friedrichsdorf

Name and address of the Data Protection Officer

The data protection officer of the controller is:

Christoph Kluss, Rechtsanwalt
Haaß & Kluss
Martorffstr. 5
60320 Frankfurt am Main
Phone: +49 69 562095
E-Mail: gdpr(at)maxon(dot)net

Categories of personal data

As part of the application procedure, we process the data provided by you from your application and your CV.

Usually these are general data about your person (first and last name, address, contact details, etc.) as well as information about your school education, professional trainings and employment qualifications.

Legal basis and purposes of the processing

Data processing for employment purposes (Art. 6 para. 1 sentence 1 lit. b GDPR, Clause 26 para. 1 Federal Data Protection Act-2018 (BDSG-2018))
We process data for the purpose of carrying out pre-contractual measures which are based on the application process. The purposes of the data processing are primarily derived from the application procedure or process. The processing of data is carried out in particular to conduct application procedures.

Data processing based on given consent (Art. 6 para.1 sentence 1 lit. a GDPR, Clause 26 para. 2 BDSG-2018)
Legal justification of processing personal data is ensured if the applicant agrees to the processing for specified purposes (e.g. further storage after the application procedure). Consent that has been granted can be revoked at any time with effect for the future. This also applies to the revocation of consents granted to us before the GDPR came into force, this means before 25. May 2018.

Data processing based on a legitimate interest (Art.6 para.1 sentence 1 lit. f GDPR, Clause 26 BDSG-2018)
As far as necessary, we process your data exceeding the purposes of the application process to protect legitimate interests of us or third parties. Examples:

  • Assertion of legal claims and defence in legal disputes,
  • Ensuring IT security and IT operation,
  • for the processing of multiple applications.


In the event of an employment relationship between you and us, we will process the personal data already received from you for the purpose of establishing the employment relationship and for its performance. The legal basis for this is Art. 88 GDPR in conjunction with Clause 26 BDSG-2018.

Recipients of your personal data

Within the company, the departments involved in the application procedure are authorized to access your data. These departments can also be recipients outside the European Union, if your application refers to an open position in such a country or your future department head is located in such a country.

In addition, we have some of the above processes and services carried out by carefully selected service providers commissioned in accordance with data protection regulations. These include companies in the categories of IT services, business communication, file and data destruction.

Another data transfer to a country outside of the European Union (so-called third country) is in general not intended. In exceptional cases, however, such a data transfer may take place for the performance of contractual obligations, if appropriate consent has been granted, to protect our legitimate interests or if it is required by law.

We will ensure before disclosure that, apart from exceptional cases permitted by law, the recipient either has an adequate level of data protection or you have given your sufficient consent. To ensure an adequate level of data protection in these third countries, either adequacy decisions of the EU Commission or adequate and appropriate safeguards in the form of e.g. EU standard contractual clauses, privacy shield certifications or binding corporate rule exist.

Internal recipients:
  • HR Department,
  • Potential disciplinary supervisor.
External recipients:
  • Maxon Computer Inc. - 2640 Lavery Court, Suite A - Newbury Park, CA, 91320 – USA
  • Maxon Computer Ltd. - 10 Doolittle Mill - Froghall Road, Ampthill - BEDFORD, MK45 2ND - United Kingdom,
  • Maxon Computer Canada Inc. – 434, rue St.-Pierre, bureau 400, Montréal, Québec, H2Y 2M5 – Canada,
  • IT services (external datacenters),
  • Service provider for file and data destruction,
  • Service provider for telecommunication,
  • Lawyers.


Otherwise, data will only be passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary to fulfil legal obligations or if we have your consent.

Duration of data storage

Your personal data will be stored at least for the duration of the application process, as long as this is necessary for the decision on your application.

If your application was not successful, we usually delete your personal data no later than six months after the end of the application procedure.

In case you have agreed to a longer storage of your personal data, we store them according to your approval.

In addition, we only store your personal data for a longer period of time if this is required by law or in a specific case to assert, exercise or defend legal claims for the duration of a legal dispute.

Rights of the data subject

You, as the data subject, have the right to obtain information under Art. 15 GDPR, the right of

correction in accordance with Art. 16 GDPR, the right of deletion in accordance with Art. 17 GDPR, the right of restricting the processing of your personal data in accordance with Art. 18 GDPR, the right of notification in accordance with Art. 19 GDPR and the right of data transferability in accordance with Art. 20 GDPR.

The right to deletion does not apply as long as we have to store certain data for a certain period of time in order to comply with legal requirements (see also "Duration of data storage").

Per Art. 21 para. 1 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Art. 6 para. 1 sentence 1 lit. e GDPR or Art. 6 para. 1 sentence 1 lit. f GDPR; this also applies to profiling based on these provisions.

In the event of your objection, we will then no longer process your personal data unless we can prove compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You can revoke your consent for the processing of personal data at any time. Revocation of the consent does not affect the legality of the processing that has taken place on the basis of the consent until revocation.

Furthermore, without prejudice to any other administrative or judicial remedy, you have the right to appeal to a data protection supervisory authority in accordance with Art. 77 of the GDPR, in particular in the Member State of your residence, your place of work or place of the suspected infringement, if you consider that the processing of your personal data is not lawful.


Back to job overview >