Find your perfect match!

Find your perfect match!

Arrival

Departure

-

-

  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • Su
Save

Occupancy

  • Occupancy
  • Rooms
    1
  • Adults
    2
  • Children
    0
Save

Save code


DATA PROTECTION POLICY "Application"

Vienna House Hotelmanagement GmbH

  1. Processing activity
    Application Management

  2. Controller
    Vienna House Hotelmanagement GmbH ("VIENNA HOUSE")
    Business address: Dresdner Straße 87, 1200 Vienna, Austria
    Telephon: +43 1 333 73 73-0
    Email: office[a]viennahouse.com

  3. Purposes of data processing
    On the legal basis of preparation of the contract
    1. management of the application process
    2. selection of suitable employees
    3. documentation of a fair, legal selection process

  4. Legal basis of data processing
    1. Contract preparation (Art. 6 (1)(b) GDPR)
    2. Consent (Art 6 (1)(a) GDPR): If an application is not successful, the applicant can voluntarily consent that the employer stores his personal data for a period of 5 years after the end of the current year of the application, and returns to it where required. Furthermore, the applicant can voluntarily consent that his personal data are also transferred to companies in the group, should a position come into consideration for him there.
    3. Legitimate interest to process data

  5. Analyses of personal aspects of the employer ("profiling")
    The employer does not undertake any profiling measures within the framework of the employment relationship.

  6. Obligation to provide data
    The applicant undertakes to provide his data correctly.

  7. Automated decision-making
    The applicant is not subject to any automated decision which has a legal effect on him.

  8. Types of data processed
    disclosed by the applicant: Name; Home address; Email address; Telephone; Citizenship; Date of birth; Place/country of birth; Gender; Photo; Family status; Qualification data (education); Previous employers; Position applied for; References (certificates of service); Evidence of employment

  9. Internal recipients of data
    Company management, HR department

  10. External recipients of data
    Within the group, personal data is only received by offices, employees and vicarious agents who require these data to satisfy contractual and legal obligations as well as to safeguard legitimate interests. Processors only receive data insofar as this is necessary for their respective tasks. All processors are contractually obliged to comply with all data protection law provisions. A current list of companies in the group can be found here.
    Contact can be made with all external recipients via the persons responsible or their data protection officers for all data protection queries.

  11. Transfer to third states
    No data is transferred to states outside the EU as part of data processing.

  12. Retention period
    Legal basis of contract preparation: On the legal basis mentioned above as well as statutory provisions (the law on equal treatment), the employer generally continues to process electronic data for an additional 40 months after appointment to the position (= 36 months for potential contractual damage claims + max. 4 months to file suit) in a manner which is personally identifiable, and thereafter deletes the data (or at least the data which allows reference to be drawn to the data subject's identity). Physical data (paper format) will be destroyed immediately following rejection.
    Legal basis consent: Insofar as the applicant has granted consent to priority notice of his application and forwarding within the group, the data shall be stored until revocation of the consent, but for a maximum of 5 years after the end of the current year of the application, and thereafter erased.

  13. Customer rights
    • Art. 15 GDPR "Right of access": The customer has the right to obtain confirmation as to whether their personal data is being processed.
    • Art. 16 GDPR "Rectification": The customer has the right to have inaccurate or incomplete personal data rectified.
    • Art. 17 GDPR "Erasure": The customer has the right to demand the erasure of personal data without undue delay where the grounds stated under Art. 17 Para. 1 GDPR apply.
    • Art. 18 GDPR "Restriction": The customer has the right to demand that the processing of personal data is restricted where the grounds stated under Art. 18 Para. 1 GDPR apply.
    • Art. 20 GDPR "Data portability": The customer has the right to receive their personal data in a structured, commonly used and machine-readable format.
    • Art. 21 GDPR "Object" The applicant has the right to lodge an objection at any time to the processing of his personal data on the legal basis of Art 6 (1)(e) (processing in the public interest) or (f) (processing on the basis of a legitimate interest).

  14. Right to lodge a complaint
    Art. 77 GDPR
    Every applicant has the right to lodge a complaint with a supervisory authority if he considers that the processing of personal data relating to himself infringes on this regulation.

  15. Supervisory authority
    Austria
    Austrian Data Protection Authority
    Barichgasse 40-42, 1030 Vienna, Austria
    Tel.: +43 1 52 152-0
    E-Mail: [email protected]

    Czech Republic
    The Office for Personal Data Protection
    Urad pro ochranu osobnich udaju
    Pplk. Sochora 27
    170 00 Prague 7
    Tel.: +420 234 665 111
    Fax: +420 234 665 444
    E-Mail: [email protected]
    www.uoou.cz

    Germany
    Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
    Husarenstraße 30
    53117 Bonn
    Tel.: +49 228 997799 0; +49 228 81995 0
    Fax: +49 228 997799 550; +49 228 81995 550
    E-Mail: [email protected]
    www.bfdi.bund.de
    The competence for complaints is split among different data protection supervisory authorities in Germany. Competent authorities can be identified according to the list provided under www.datenschutz-wiki.de/Aufsichtsbeh%C3%B6rden_und_Landesdatenschutzbeauftragte

    Poland
    Personal Data Protection Office
    ul. Stawki 2, 00-193 Warsaw
    Tel.: +48 22 53 10 300
    Fax: +48 22 53 10 30
    Infoline: +48 606 950 000
    E-Mail: [email protected]
    www.uodo.gov.pl

    Romania
    The National Supervisory Authority for Personal Data Processing
    Opre B-dul Magheru 28-30 Sector 1
    BUCUREŞTI
    Tel.: 40.318.059.211
    Fax: 40.318.059.602
    E-Mail: [email protected]
    www.dataprotection.ro

    Slovakia
    Office for Personal Data Protection of the Slovak Republic
    Hraničná 12, 820 07
    Bratislava 27
    Tel.: + 421 2 32 31 32 14
    Fax: + 421 2 32 31 32 34
    E-Mail: [email protected]
    www.dataprotection.gov.sk

Version: Feb 2020

Download PDF