AMBOSS GmbH is a young company providing high quality services for physicians and medical students as well as learning materials. We want you, as a user of our services, to understand how we use information and what options you have to protect your data. We are aware of the importance and sensitivity of your personal data and thank you for your trust. Handling it responsibly is a major concern for us. If you have any questions about this, please do not hesitate to contact us.
This data protection declaration informs applicants about the nature, scope and purpose of the processing of personal data by AMBOSS. It applies to applications that you send to us via our application portal. In addition, you can find information about data processing on the website operated by us in our general data protection information. You can find them here.
AMBOSS SE
Torstrasse 19
10119 Berlin, Germany
E-mail: hello@amboss.com
Phone: +49 (0) 30 – 5770221- 0
Managing Directors: Dr. med. Madjid Salimi, Dr. med. Nawid Salimi, Benedikt Hochkirchen
Local Court Berlin (Charlottenburg), HRB 270315
Our representative and wholly-owned subsidiary in the US:
AMBOSS MD Inc.
234 5th Avenue, 2nd Floor
New York, NY, 10001
Phone: 347-835-5441
AMBOSS SE
Data Protection Officer
Torstrasse 19
10119 Berlin, Germany
privacy@amboss.com
Last Update Date: August 2023
1.1 With regard to the terms used, such as “personal data”, “user” or “processing”, we refer to Art. 4 of the EU General Data Protection Regulation (GDPR).
1.2 We process users’ personal data exclusively in compliance with the relevant provisions of data protection law. In accordance with Art. 13 GDPR, we inform you of the legal basis of our data processing. If the legal basis is not stated in this privacy policy, the following applies: Legal basis for the processing of personal data with separate consent is Art. 6 para. 1 lit. a GDPR, legal basis for the processing of data for the performance of a contract and for the implementation of pre-contractual measures is Art. 6 para. 1 lit. b GDPR, legal basis for the processing of personal data to comply with our legal obligations is Art. 6 para. 1 lit. c GDPR and legal basis for the processing of personal data to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR.
2.1 You have the option of applying directly for a vacant position with us via our application portal. To process your online application and to carry out the application process, we collect, process and use the personal data that you have provided to us via our application portal. The data is used for the purpose of the application process. This also includes contacting you.
2.2 For our application portal, we use the services of Workable Software Limited, 5 Golden Square, 5th Floor, London, W1F 9BS, United Kingdom (“Workable”). For this purpose, the data you provide to us as part of the application process is stored and processed on Workable’s servers in the United States. This is done under an existing data processing agreement with Workable.
2.3 The processing of your data is based on your consent according to Art. 6 para. 1 lit a GDPR, if you have given it, and on pre-contractual measures according to Art. 6 para. 1 lit b GDPR and Section 26 para. 1 of the German Federal Data Protection Act (BDSG).
3.1 First of all, only our employees who are involved in the application process receive knowledge of your personal data. In addition, we use external service providers within the framework of the data processing explained in this data protection declaration or, if necessary, commission them with certain services. In addition to the aforementioned providers of the applicant management programs, data may in individual cases be passed on to legal advisors when asserting our claims.
3.2 Personal data is only passed on to third parties on the basis of legal permits and within the framework of legal requirements. If we commission service providers with the processing of data within the framework of a so-called “data processing agreement”, this is done on the basis of Art. 28 GDPR.
3.3 Personal data may also be transferred to servers outside the EU or to trusted third parties based outside the EU. If you apply for employment with our subsidiary AMBOSS MD Inc. 234 5th Avenue, 2nd Floor, New York, NY, 10001, your data will be transferred to them. If there is no EU Commission decision on an adequate level of data protection in the country in question, the transfer will take place on the basis of so-called EU standard contractual clauses, which aim to ensure that your rights and freedoms are adequately protected. You should be aware that many countries do not offer the same legal protection for personal data as in the EU. While your personal data is located in another country, it may be accessed by courts, law enforcement and national security authorities of that country in accordance with its laws.
You only need to provide the personal data that is required for the application process or whose provision is required by law or contract. Without this data, we will not consider you for the application process or be able to fulfill individual contractual obligations.
We do not use fully automated decision-making including profiling in accordance with Art. 22 GDPR as part of the application process.
5.1 To the extent applicable under the GDPR, you have the right:
6.1 If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
6.2 If you wish to exercise your right of revocation or objection, it is sufficient to send an e-mail to our above-mentioned e-mail address. You may also call us at the above-mentioned phone number.
7.1 We collect the following categories of personal data:
We collect the above categories of personal data from you, our service providers, and other third parties.
7.2 We use this personal data for a variety of business purposes, including to conduct our business and to manage our relationship with you. This may include to manage our relationship with you; helping to ensure security and integrity to the extent the use of the personal data is reasonably necessary and proportionate for these purposes; debugging to identify and repair errors that impair existing intended functionality; perform services, including maintaining or servicing accounts, verifying your information, or providing any other services; undertaking internal research for technological development and demonstration; undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured for, or controlled by us; and for any other business purpose permitted by law.
We do not sell or share your personal data, and we have not knowingly sold or shared the personal data of anyone under 16 years of age.
We limit the use and disclosure of your sensitive personal data to those business purposes permitted under applicable law, and we do not use it to infer characteristics about you.
We will not use personal data collected for additional purposes that are incompatible with the disclosed purpose in this Job Applicant Privacy Notice without providing you with notice.
Your data will be stored by us for as long as is necessary to process your application. In the event that the application process is terminated, your data will be deleted after 6 months at the latest. If you have agreed to further storage of your data in our talent pool, your data will be stored in our talent pool for a further 12 months and then automatically deleted. In the event that your application leads to an employment relationship with us, your data will be forwarded from our application software Workable to our HR management software BambooHR and then deleted from Workable.
We reserve the right to change this Job Applicant Privacy Notice from time to time to reflect changes in the law or expansion of the functionality of our services. You should therefore read the Job Applicant Privacy Notice regularly to be informed about the protection of your data.
In addition, you can inform yourself about data processing on the website operated by us in our general data protection information. You can find them here.