Data Privacy Statement

Are you interested in the contents of this page for informative reasons, please find here our data privacy statement.

Data Privacy Statement for applicants

If you want to apply for a position at MARC O’POLO, please find all important information on data privacy in the following.

When you apply to MARC O'POLO for employment, a training place or an internship you will be asked to provide personal data by means of entries in the applicant portal or by attaching documents. We attach great importance to making storing, processing and using your personal data transparent and in addition want to show you our fundamental principles for the subject of IT security at MARC O'POLO.

The controller for the purposes of Art. 4(7) EU General Data Protection Regulation (GDPR) is Marc O'Polo International GmbH, Hofgartenstraße 1, 83071 Stephanskirchen. You can contact our data protection officer at datenschutz@marc-o-polo.com or at our postal address, attention “Data Protection Officer”.

 

The portal you have just opened is provided for applications that are addressed to the registered offices of German companies that are members of the MARC O'POLO Group. This German group includes the following affiliates of MARC O'POLO AG: 

 

MARC O'POLO International GmbH

MARC O'POLO Einzelhandels GmbH

MARC O'POLO Shoes GmbH

MARC O'POLO DENIM & CAMPUS GmbH

MARC O'POLO License AG

MARC O'POLO Accessories GmbH

MARC O'POLO France SARL

These companies have a cross-company joint Human Resources Department, which processes and uses your data that we acquire in the framework of the application process, and controls the procedure for applications. The controller for the purposes of data protection law is the company to which you are submitting your application through this portal. In the case of unsolicited applications, and for the pool of applicants, this is one of the above-mentioned companies. In order to enable you to find a suitable position that is the best possible for you, we carry out cross-company matching to see whether there is a vacancy corresponding to your profile.

The possibility of accessing the data is relevant and restricted to the purpose of the data collection. All employees are obliged to comply with regulations that are relevant to data protection law.

A

Purpose, categories of personal data, legal basis and storage

I. Categories of personal data and purposes of processing
We process in particular the following categories of your personal data in the framework of the application process. We use only information that you made available to us or that we can obtain from publicly available sources:

  • basic data (e.g.: name, contact data, marital status, date of birth, gender, nationality, citizenship); 
  • sensitive data, such as religious affiliation or confession or any severe disability (only if you indicate this);
  • education/vocational training, career, references, skills, competences and other information from your CV or accompanying letter;
  • willingness to a possible move if you are employed;
  • where applicable, driving licence class, including all training and certificates for managing and using company vehicles or vehicles for business use;
  • personal data that is contained in protocol files or security reports (in particular IP address, user name, password, place and time you accessed our network) for the purpose of system protection and monitoring and logging use of our network in order to be able to guarantee its security.

II. Legal basis for processing your personal data
The legal basis is in principle Art. 6(1) point (b) of the General Data Protection Regulation, EU 2016/679 (GDPR) in combination with s. 26 German Federal Data Protection Act (FDPA, amended), which enable processing of your personal data for the purpose of performance of measures prior to entering into a contract. 

If information about you is not necessary for this purpose, we process it only with your consent in accordance with Art. 6(1) point (a) GDPR. With regard to possible compliance activities, Art. 6(1) point (c) and Art. 6(1) point (f) GDPR are regarded as the legal basis, because processing the respective personal data may be required for our legitimate interests. These legitimate interests exist in notification of infringements that are relevant to us and examination of compliance with applicable laws.

Insofar as we forward your personal data to companies in our Group other than the group IT services provider, and this is not done in the framework of job processing, the legal basis for this forwarding is again Art. 6(1) point (f) GDPR. Our legitimate interests in this regard are (i) a centralised global IT approach with harmonised processes and (ii) cost savings that result from operating a centralised IT system.

In addition, Art. 6(1) point (c) can be used as the legal basis, if we have to process your personal data to comply with a legal obligation.

III. Consent to the talent pool
In general, you have the possibility of having your profile included in the talent pool. Should your application be unsuccessful, by ticking the appropriate box you consent to storage by Marc O'Polo of personal data that you provided throughout the application process (for example in the accompanying letter, CV, references, applicants questionnaire), beyond the end of the concrete application process. Marc O'Polo uses this data to contact you later and to continue the application process, if another position comes into consideration.

If you provided “special categories of personal data” in accordance with Art. 9 of the General Data Protection Regulation (e.g. a photo showing your ethnic origins, information on a severe disability, etc,) in your application letter or in other documents that you submitted during the application process, your consent covers this data as well. However, Marc O'Polo wants to evaluate all applicants solely on the basis of their qualifications and asks you therefore where possible not to include information of this nature in your application.

This consent applies in addition to data on your qualifications and activities from generally accessible data sources (in particular professional social networks) that Marc O'Polo 

acquired legitimately in the framework of the application process. Your data will not be passed onto third parties.

Consent is voluntary and does not have any effect on your chances in the current application process. You can refuse it without stating reasons without this resulting in any disadvantages. In addition, you may withdraw your consent at any time; in this case the data will be deleted or destroyed within 6 months after conclusion of the application process. Please address your withdrawal to: jobs@marc-o-polo.de.

With your consent you agree to storage in the applicants pool for twelve (12) months. If a suitable position for you cannot be found in this period, you will be asked again for your consent to a longer period of storage, or your personal data will be deleted/destroyed in conformity with data protection law, unless statutory provisions preclude deletion, or further storage is necessary for the purpose of providing evidence.

IV. Are you obliged to notify us of your personal data or to make it available?
Provision of your personal data is a precondition for the application process and possible employment. If you do not want to let us have the information required for this, we cannot consider you for the vacancy we advertised.

In addition to the data that you provide yourself, we collect data on you from public sources, in particular from professional social networks such as Xing. This data collection is carried out in accordance with Art. 6(1) point f GDPR in the legitimate interests of Marc O'Polo.

V. Do we make automated decisions about you?
We do not make any automated decisions, solely via automatic processing, including profiling, which has legal implications for you.

VI. Storage periods
The criteria that are used to determine the applicable storage periods are that we store your personal data (i) for as long as this is necessary for the application process, (ii) or beyond the application process where necessary, or if you consented to this, (iii) in accordance with applicable statutory regulations or (iv) for as long as you have not withdrawn your consent.

In principle, your applicant data will be kept for 6 months after any rejection and then deleted or destroyed.

If you consent to inclusion in the Marc O'Polo talent pool, the storage period is extended to 12 months. After expiry of this period, you will be asked again for your consent to further storage of your data in the talent pool. If you consent, the storage period will be extended by a further 12 months. If you do not consent, your data will be deleted immediately in accordance with data protection requirements.

B

Transfer of personal data to third parties

I. Transfer of your data 
We transfer your personal data only to those positions that require your data to carry out our tasks. It may be necessary for this that service providers support us. In addition, it may also be necessary that your data has to be transferred to other divisions in our company group. In doing this, we comply with data protection regulations. Your personal data can be transferred to the following recipients in particular:

  • other Marc O'Polo group companies
  • IT service providers
  • waste disposal service providers
  • authorities, administrative bodies, banks
  • other service providers that support us, e.g., with regard to the recruitment process.

II. Transfer of your personal data to third parties in countries outside the European Union
 
Third parties in accordance with section 2.1 to which we transfer personal data may be located outside the European Union. If the European Commission has not published any adequacy decisions for the relevant country (this means that the data protection level in this country is not comparable with the level of data protection in the European Union), we use suitable security measures for your personal data. In principle, your data is only transferred to third countries that do not have an adequate data protection level by using the EU standard contractual clauses. If you have any further questions on this, please contact the data protection officer.

C

Your rights and our contact data

In accordance with the provisions of the EU General Data Protection Regulation you may assert the following rights against us:

  • right to information
  • right to rectification
  • right to restriction of processing
  • right to erasure / right to be forgotten
  • right to data portability 
  • right to object


If the processing of your personal data requires your prior consent, you also have the right to withdraw this consent without prejudice to the legitimacy of our processing based on your consent before its withdrawal.

You can contact us at any time to assert any of your above-mentioned rights:

Email: datenschutz@marc-o-polo.com

Postal address: MARC O'POLO International GmbH

Hofgartenstraße 1, 

83071 Stephanskirchen


You also have the right to contact the data protection supervisory authority. The competent supervisory authority is the Bavarian Data Protection Supervision Agency (Bayerisches Landesamt für Datenschutzaufsicht).

D

Technical information.


I. Cookies:
The website uses cookies in several places that are intended to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies that we use are session

Name Anbieter Zweck Dauer
be_typo_user company.marc-o-polo.com Backend login Session
PHPSESSID company.marc-o-polo.com User recognition Session
cookieoption company.marc-o-polo.com Privacy settings 30 days
_ga Google Google Analytics 2 years
_gat Google Google Analytics 1 minute
_gid Google Google Analytics 24 hours

Disable Google cookies

II. Security:
The security of your data has the utmost priority for us. Personal data that is exchanged between you and a company in the MARC O'POLO Group is always transferred by means of state-of-the-art encrypted connections. We take technical and organisational security measures to protect your personal data that we manage against accidental or intentional manipulation, loss and access by unauthorised persons. Our data processing and security measures are updated continuously.

We reserve the right to amend this data protection declaration from time to time.

Version: 07/2019