Privacy Policy
Privacy Policy
Scroll to section: Information for processing job applicant data
Definitions
- Personal data: Any information relating to an identified or identifiable individual, directly or indirectly through identifiers such as name, location, or factors specific to the physical, physiological, economic or social identity of an individual.
- Processing: Any operation or set of operations performed on personal data. Processing includes storing, collecting, retrieving, using, combining, erasing and destroying personal data, and can involve automated or manual operations.
- Cookies: A cookie is a small text file that interacts with the browser and is stored locally on the user's device when visiting a website. Under “Cookies” definition, we also consider web browser storages, Local and indexed DB (DataBases), Web SQL (Structured Query Language) and other similar technologies.
References in this Privacy Notice to “we”, “us”, and “our” are references to the INNIO entity responsible for the processing of your personal information, which generally is the INNIO entity that obtains your personal information.
This Privacy Notice applies to the personal information we obtain through websites, mobile applications and social media pages that reference this Privacy Notice (“Online Channels”); offline collection in connection with sales, marketing, partner and supplier engagement (“Offline Channels”); and third-party sources, including ad networks and lead brokers (collectively, the “Channels”). This Privacy Notice does not apply to personal information obtained through our Careers website, or to products and services that post separate privacy policies.
This Privacy Notice describes the types of personal information we obtain through the Channels, how we may use that personal information, with whom we may share it, and how you may exercise your rights regarding our processing of the information. The Privacy Notice also describes the measures we take to safeguard the personal information we obtain and how you can contact us about our privacy practices.
The Online Channels may provide links to other third-party websites and features, or contain third-party cookies, that are not owned or controlled by the company. We are not responsible for the privacy practices of third parties, which are subject to their respective privacy policies.
Click on one of the links below to jump to the listed section:
- Cookies and Similar Technologies
- Google Analytics
- Google Remarketing
- Microsoft Advertising Remarketing
- Notice to California Residents
- Children’s Personal Information
- Information about Chatbot Application
- Information about accessiBe Application
- Country Location
- Information about the Marketo Contact Form
- Information about the Marketo Web Personalization
- Information about LinkedIn
- Information for Processing of Job Applicant Data
- Privacy Policy for Processing and Contacting Potential Business Partners
- Changes to Our Privacy Notice
Personal Information We Obtain
- contact information (such as company name, name, phone and fax number, email and postal address) for you or for others (e.g., principals in your business);
- information used to create your online account (such as username, password and security question and answer);
- biographical and demographic information (such as date of birth, age, gender, job title/position, marital status and dependent, spousal and other family information);
- purchase and customer service history;
- financial information (such as payment information, including name, billing address and payment card details (i.e., card number, expiration date and security code); bank account information; financial statements; income; and credit score);
- location data (such as data derived from your IP address, country and zip code) and the precise geolocation of your mobile device where we have provided notice and choice, as appropriate;
- contact information you provide about friends or other people you would like us to contact;
- clickstream data and other information about your online activities (such as information about your devices, browsing actions and usage patterns, including but not limited to, the advertising campaigns and other source of information which brought you to our website), including across the Online Channels and third-party websites, that we obtain through the use of cookies, web beacons and similar technologies and
- other personal information contained in content you submit to us (such as through our contact features).
- utm_campaign: This UTM parameter marks the individual campaign for a product. We can identify which campaign has taken you to our website.
- utm_source: With this UTM parameter the source, for example: Google, or others is indicated.
- utm_medium: this UTM parameter describes the advertising or marketing medium. For example: CPC, banner, email newsletter.
- utm_term: to identify paid search keywords.
- utm_content: set of different values, helping us to determine the aspects of shown ad, such as settings of our campaign, type of device on which ad was displayed, etc.
We also collect information about the emails we send to measure and improve the efficiency of our outbound email communications. We use cookie-similar technology provided by our Marketing automation system (Marketo) for it. This data includes information whether emails were delivered, opened and whether any actions were taken with these emails. INNIO can associate this data with profiles we store in our systems.
In addition, in connection with our insurance and financial services products, we may obtain government-issued ID numbers.
We use third-party web analytics services in connection with the Online Channels, including Google Analytics, Adobe Analytics and Marketo, which use cookies and similar technologies to collect data (such as IP addresses) to evaluate use of and interaction with the Online Channels. (You may learn about Google’s advertising features, including Google Analytics’ currently available opt-out mechanisms.). You can review and manage data about your activities which are collected by Google via the following link https://myactivity.google.com/myactivity.
Please note that providing personal information to us is voluntary on your part. If you choose not to provide us certain information, we may not be able to offer you certain products and services, and you may not be able to access certain features of the Online Channels.
Cookies and Similar Technologies
The company uses Cookies on our Online Channels. We use cookies to personalize content, to provide additional social media features and to analyze our traffic. We share the information collected about the use of our site with our social media, advertising and analytics partners. You can get familiar with the categories of cookies we use and change your cookie settings by visiting Privacy Preferences Center.
We use various services at our website. We are regularly updating the list of services that generate cookies. Please be aware that any of the third-party services used by innio.com can at any time unilaterally adjust the set of cookies/data that is stored in user’s browser. Please find below the list of services that generate cookies, categories of these services, providers and descriptions what cookies generated by these services are used for:
| Category | Service | Provider | Description |
|---|---|---|---|
| Strictly Necessary Cookies | Session number | INNIO | Cookie to save the PHP session number, example «bb13a743a3e5f4231ab 410d47ce4f508» required by the website to identify a user as a single user during the time of his navigation on the website. |
| Strictly Necessary Cookies | Cookies Compliance Tool | INNIO | Cookies function as a website’s cookies compliance tool, dedicated to managing consent on cookies. |
| Strictly Necessary Cookies | Marketo Form | Marketo | Cookies created by Marketo service to create forms. These cookies are assigned to the domain name info.innio.com. These cookies are technical cookies which are strictly necessary on all pages displaying a Marketo form, such as the contact page. To learn more, please visit the following pages: https://www.marketo.com/company/legal/, https://documents.marketo.com/legal/privacy/, https://documents.marketo.com/legal/cookies/. The transfer of personal data to the USA may not be based on appropriate safeguards due to the fact that US authorities are allowed under US law to access and use such data transferred from the EU to the US. These transfers are not regulated in such a way that would meet requirements equivalent to those existing under EU law specifically regarding the principle of proportionality as monitoring programs based on US legislation are not limited to what is strictly necessary. |
| Strictly Necessary Cookies | accessiBe | accessiBe | Cookies created by the accessiBe service. The accessiBe service provides our visitors the ability to make quick adjustments to website user interfaces in order to make the website content accessible, regardless of circumstance and ability. AccessiBe does not collect any identifiable or personal data of its users. AccessiBe cookies help to store settings you made in the accessiBe widget. |
| Marketing Cookies | Marketo | Marketo | Cookie created by the Marketo service to collect analytical information and to target ads/communications sent by email during emailing campaigns. Tracking data is directly assigned to personal data after the user’s fill out of any public forms on the website, such as the contact form. To learn more, please visit the following pages: https://www.marketo.com/company/legal/, https://documents.marketo.com/legal/privacy/, https://documents.marketo.com/legal/cookies/. The transfer of personal data to the USA may not be based on appropriate safeguards because US authorities are allowed under US law to access and use such data transferred from the EU to the US. These transfers are not regulated in such a way that would meet requirements equivalent to those existing under EU law specifically regarding the principle of proportionality as monitoring programs based on US legislation are not limited to what is strictly necessary. |
Please note that your data may be transferred to the USA. The transfer of personal data to the USA may not be based on appropriate safeguards due to the fact that US authorities are allowed under US law to access and use such data transferred from the EU to the US. These transfers are not regulated in such a way that would meet requirements equivalent to those existing under EU law specifically regarding the principle of proportionality as monitoring programs based on US legislation are not limited to what is strictly necessary.
Google Analytics
This website uses Google Analytics.
When you accept the use of Google Services Cookies category at our website, Google Analytics collects information about your behavior.
The information collected by Google Analytics helps us to understand who visits our website, and how visitors use our website, which may result in changes on our website and to our advertising campaigns. This service can also help build targeted advertising campaigns (e.g. remarketing ads), by exchanging data between Google Analytics and Google Ads. To learn more, please visit the following pages:
https://policies.google.com/technologies/cookies,
https://policies.google.com/technologies/types,
https://policies.google.com/technologies/partner-sites and
https://policies.google.com/privacy.
We use the advanced functionality offered by Google Analytics including, but not limited to:
- Google signals: Google Analytics associate visitor’s information it collects from our website site and/or apps with Google information from accounts of signed-in users who have consented to this association for the purpose of ads personalization. This Google information may include end user location, search history, YouTube history, and data from sites that partner with Google—and is used to provide aggregated and anonymized insights into cross device behaviors of our users (learn more at: https://support.google.com/analytics/answer/9445345, https://myactivity.google.com/myactivity).
- Granular location and device data collection: metadata about the city-level location and granular device details.
- Personalized advertising: to export our Google Analytics audiences and conversions to our linked ads accounts for the purpose of delivering relevant, personalized experiences to our end users and improve the efficiency of our advertising.
This functionality helps us to collect detailed information about the audiences of visitors of our website and make necessary improvements to our website and advertising campaigns. This information helps Google to make their services more useful for you, like helping you rediscover the things you’ve searched for, read, and watched.
You can manage the settings about the information on activities Google collects from various devices and Google services when you are logged in with your Google account (or another identifier), via the link https://myactivity.google.com/myactivity.
The use of Google Analytics is based on Art. 6 para. 1 lit. f GDPR. INNIO has a legitimate interest in marketing its products as effectively as possible. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Google Remarketing
This website uses the Remarketing functionality of various Google Services.
The remarketing function analyzes your behavior on our website (e.g. clicking on certain products) in order to classify you in certain advertising target groups and subsequently show suitable advertising messages to you when you visit other online content. Further information about Google Remarketing can be found at
https://support.google.com/google-ads/answer/2453998,
https://support.google.com/google-ads/answer/2701222,
https://support.google.com/analytics/answer/2611268.
Furthermore, the advertising target groups created with Google Remarketing can be linked with Google’s cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC).
If you have a Google account, you can object to personalized advertising at the following link: https://www.google.com/settings/ads/onweb/.
The use of Google Remarketing is based on Art. 6 para. 1 lit. f GDPR. INNIO has a legitimate interest in marketing its products as effectively as possible. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Further information and the data protection provisions can be found in Google’s privacy policy at: https://policies.google.com/technologies/ads.
How We Use Personal Information
We may use the personal information we obtain to:
- provide and administer our products and services;
- process and fulfill orders and keep you informed about the status of your order;
- communicate about and administer our products, services, events, programs and promotions (such as by sending alerts, promotional materials, newsletters and other marketing communications);
- conduct and facilitate surveys, sweepstakes, contests, focus groups and market research initiatives;
- perform data analytics (such as market research, trend analysis, financial analysis and customer segmentation);
- engage in ad retargeting and evaluate the effectiveness of our marketing efforts (including through our participation in ad networks);
- provide customer support;
- process, evaluate and respond to requests, inquiries and applications;
- create, administer and communicate with you about your account (including any purchases and payments);
- administer and register participants in our courses;
- provide investor services;
- conduct marketing and sales activities (including generating leads, pursuing marketing prospects, performing market research, determining and managing the effectiveness of our advertising and marketing campaigns and managing our brand);
- operate, evaluate and improve our business (such as by administering, enhancing and improving our products and services; developing new products, services and Online Channels; managing our communications and customer relationships; and performing accounting, auditing, billing, reconciliation and collection activities);
- verify your identity and protect against and prevent fraud and other unlawful activity, unauthorized transactions, claims and other liabilities, and manage risk exposure and quality;
- conduct investigations and comply with and enforce applicable legal requirements, relevant industry standards, contractual obligations and our policies and terms (such as this Privacy Notice and other Online Channels terms of use); and
- maintain and enhance the safety and security of our products, services, Online Channels, network services, information resources and employees.
We may combine personal information we obtain through Online Channels with information we obtain through Offline Channels, as well as other information, for the purposes described above. We may anonymize or aggregate personal information and use it for the purposes described above and for other purposes to the extent permitted by applicable law. We also may use personal information for additional purposes that we identify at the time of collection. We will obtain your consent for these additional uses to the extent required by applicable law.
Where required by applicable law, we will obtain your consent for the processing of your personal information for direct marketing purposes.
The legal basis for our company processing your personal information as described above will typically be one of the following:
- Your consent;
- Performance of a contract with you or a relevant party;
- Our legitimate business interests; or
- Compliance with our legal obligations.
Your Communications and Privacy Settings (Communications Preference Center)
You can use your Communications Preference Center webpage, where you can adjust your personal/contact data, your communications preferences.
You will get access to the Communications Preference Center, once we’ve registered your email and profile in our CRM/ Marketing automation system.
If you have been registered in Communications Preference Center, you can always access it via the link.
At this moment, Communications Preference Center is available only in the English language.
If you can’t get access to the Communications Preference Center using this link, but you had access before, please send us an email to privacyquestions@innio.com.
You can always change your data and preferences by sending us an email to privacyquestions@innio.com.
Personal Information Sharing
We do not sell or otherwise disclose personal information about you except as described here or at the time of collection.
- We may share personal information within our company for the purposes described in this Privacy Notice.
- We may share personal information with service providers we have retained to perform services on our behalf (such as marketing activities, payment processing, order fulfillment, customer support and data analytics). These service providers are contractually required to safeguard the information provided to them and are restricted from using or disclosing such information except as necessary to perform services on our behalf or to comply with legal requirements.
- We may share personal information with our joint marketing partners and other business partners for the purposes described in this Privacy Notice.
- We may disclose personal information about you (1) if we are required or permitted to do so by applicable law or legal process (such as a court order or subpoena), (2) to law enforcement authorities or other government officials to comply with a legitimate legal request, (3) when we believe disclosure is necessary to prevent physical harm or financial loss, (4) to establish, exercise or defend our legal rights, (5) in connection with an investigation of suspected or actual fraud or illegal activity or (6) otherwise with your consent.
- We reserve the right to transfer to relevant third-parties any information we have about you in the event of a potential or actual sale or transfer of all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution or liquidation) or other business combination. In such case, we will require the relevant third parties to provide comparable levels of protection as INNIO provides with respect to the information we share.
Data Transfers
We may transfer the personal information we collect through the Channels to and store such data in other countries which may have different data protection laws than the country in which the information was provided. If we do so, we will transfer the personal information only for the purposes described in this Privacy Notice. To the extent required by applicable law, when we transfer your personal information to recipients in other countries, we will take measures to protect that information.
Your Choices and Rights
We offer you certain choices in connection with the personal information we obtain about you. You may exercise choice over how information about your interests is used by ad networks to deliver you relevant advertising. The Online Channels are not designed to respond to “do not track” signals received from web browsers.
To the extent provided by the law of your jurisdiction, you may have the right to (1) access certain personal information we maintain about you; (2) request that we update, correct, amend, erase or restrict your personal information; or (3) exercise your right to data portability; (4) request to have your personal data deleted. Where provided by law, you may withdraw consent you previously provided to us or object at any time to the processing of your personal information on legitimate grounds relating to your particular situation, and we will apply your preferences going forward as appropriate. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. To the extent permitted by applicable law, a charge may apply before we provide you with a copy of any of your personal information that we maintain. Depending on your location, you may have the right to file a complaint with a government regulator if you are not satisfied with our response.
How We Protect Personal Information
We maintain administrative, technical and physical safeguards, consistent with legal requirements where the personal information was obtained, designed to protect against unlawful or unauthorized destruction, loss, alteration, use or disclosure of, or access to, the personal information provided to us through the Channels.
Retention of Personal Information
To the extent permitted by applicable law, we retain personal information we obtain about you as long as (1) it is needed for the purposes for which we obtained it, in accordance with the provisions of this Privacy Notice or (2) we have another lawful basis, stated in this Privacy Notice or at the point of collection, for retaining that information beyond the period for which it is necessary to serve the original purpose for obtaining the personal information.
Additional Information
Notice to California Residents
Subject to certain limits under California law, California residents may ask us to provide them with (1) a list of certain categories of personal information we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year and (2) the identity of those third parties.
Children’s Personal Information
The Online Channels are designed for a general audience and are not directed to children under the age of 13. We do not knowingly collect or solicit personal information from children under the age of 13 through the Online Channels. If we become aware that we have collected personal information from a child under the age of 13, we will promptly delete the information from our records.
Information about Chatbot Application
Our website visitors can use chatbot service at our website. Chatbot service is dedicated to improve overall user experience with the website (e.g. help with navigation across the content, possibility to fill-out a contact form if customer is interested to get in touch with INNIO representative, and more). Chatbot service is provided by Chatbot.com (LiveChat, Inc.). If you want to use chatbot service at our website, you need to accept chatbot cookie category. You can receive more information on chatbot.com, its policies and the cookies that it uses in the Cookies and Similar Technologies section of this policy, in the Privacy Preference Centre and via following links: https://www.chatbot.com/, https://www.chatbot.com/legal/privacy-policy/, https://www.chatbot.com/legal/terms-and-conditions/, https://www.chatbot.com/legal/security/, https://www.chatbot.com/legal/gdpr-faq/. Currently chatbot service is only available at INNIO’s English website.
Information about accessiBe Application
AccessiBe is a solution allowing our visitors to make quick adjustments to website user interfaces in order to make the website content accessible, regardless of circumstance and ability. Additional information about the accessiBe application can be found via the following links: https://accessibe.com/product, https://accessibe.com/product/security, https://ace.accessibe.com/faqs.
Country Location
We analyze your IP address to determine the country of your location only, and provide personalization of web content on our website. For this purpose, we use free data provided by MaxMind, Inc. of known IP addresses. After such analysis, your IP information and country information are not stored in INNIO´s databases.
Information about the Marketo Contact Form
We use Marketo contact forms at our website to process your inquiries. By this we process the following personal data: Name, phone, email, company name, IP address, as well as any other information you may have provided us in your request.
For this purpose, we might send your contact to our global distributors, vendors or service providers who assists us in reaching out to our clients.
After submitting the contact form, your data will be stored in Marketo, (a marketing automation system) and, if you provided your email address, your data will be then copied from Marketo into Salesforce (a customer relationship management system). This helps us to maintain long-term relations with you as a potential or existing customer.
The legal basis for processing your personal data and to contact you for the purpose of answering your request is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
If you used the Marketo form to download material without filling in your data in the form, the Marketo system will save this action in a non-personalized profile in the Marketo system. In this case, if you do not accept the Marketing cookie category (Marketo cookie group), we will be deleting such profile within 14 days after the form submission.
The Marketo contact form saves your IP address when you submit the form, including when submitted form is non-personalized (without providing any data in the fields).
In order to learn more about Marketo contact forms, the Marketo system and its privacy policy, please visit the following pages: https://www.marketo.com/, https://www.marketo.com/company/legal/, https://www.adobe.com/privacy/policy.html, https://documents.marketo.com/legal/cookies/.
Please note that Marketo’s servers might be located in the USA and your data may be transferred to the USA. The transfer of personal data to the USA may not be based on appropriate safeguards due to the fact that US authorities are allowed under US law to access and use such data transferred from the EU to the US. These transfers are not regulated in such a way that would meet requirements equivalent to those existing under EU law specifically regarding the principle of proportionality as monitoring programs based on US legislation are not limited to what is strictly necessary.
Information about the Marketo Web Personalization
Marketo Web Personalization, also known as Marketo Real Time Personalization is a solution provided by Adobe Marketo, that main function is to allow us to create and manage special web campaigns, personalizing content of our websites in real-time, to show more relevant information to our visitors. Using this tool, we can adjust certain banners or blocks of information, show customers various widgets, dialog boxes, etc.
More information on Web Personalization can be found here: https://experienceleague.adobe.com/docs/marketo/using/product-docs/web-personalization/understanding-web-personalization/web-personalization-overview.html?lang=en.
Together with Marketo marketing automation system, Marketo Web Personalization allows us to group known websites’ visitors and new visitors into certain audiences/segments, and then, adjust website content in real-time to make it more interesting to the defined audiences/segments of visitors. Marketo can update the set of criteria that can be used in Web Personalization to define audiences/segments.
Audiences/segments can be built based on such criteria as demographical (e.g. potential visitor’s industry, organization, organization group, etc.), behavioral (e.g. known customers, certain list of customers, visitors that used certain search terms in Google, visited certain pages, visitors referred from certain source, visitors that are using certain device/browser, etc.) and other criteria groups (e.g. criteria and segments imported via API from 3rd party providers, criteria imported from our database, etc.). This tool also allows to analyze web campaigns effectiveness and content effectiveness.
To learn more about Marketo and Adobe privacy policies, please visit: https://www.adobe.com/privacy/policy.html, https://www.marketo.com/company/legal/, https://documents.marketo.com/legal/privacy/, https://documents.marketo.com/legal/cookies/, https://documents.marketo.com/toutapp/privacy.
Marketo may share collected personal data with a limited number of third parties. Complete list of sub-processors used by Adobe can be found here: https://www.adobe.com/privacy/sub-processors.html.
Marketo may transfer your data to the US. The transfer of personal data to the USA may not be based on appropriate safeguards because US authorities are allowed under US law to access and use such data transferred from the EU to the US. These transfers are not regulated in such a way that would meet requirements equivalent to those existing under EU law specifically regarding the principle of proportionality as monitoring programs based on US legislation are not limited to what is strictly necessary.
Information about LinkedIn
LinkedIn cookies-service
If you accept usage of Marketing cookie category at our website, LinkedIn cookies-service will be loaded to your browser. We use LinkedIn’s cookies-service (now, also known as: LinkedIn Insight Tag) to optimize our LinkedIn advertising campaigns, to track conversions from LinkedIn advertising campaigns, to retarget our website visitors with LinkedIn advertising, to learn more about our website visitors (audiences), in addition to that, we may use other available functionality of LinkedIn’s cookies-service. As the result, LinkedIn cookies-service helps us to optimize the website’s content and to improve our LinkedIn advertising campaigns as well as to run retargeting campaigns in LinkedIn. The use of LinkedIn’s cookies-service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR; the consent can be withdrawn at any time with effect for the future. To learn more about LinkedIn’s Insight Tag, its functionality and which data it collects, please visit these pages: https://business.linkedin.com/marketing-solutions/insight-tag, https://www.linkedin.com/help/lms/answer/a427660. You can receive more information about LinkedIn and its policies via the following links: linkedin.com, https://www.linkedin.com/legal/privacy-policy, https://www.linkedin.com/legal/cookie-policy.
Please note that LinkedIn company’s servers might be located in the USA and your data may be transferred to the USA after you accept the usage of Marketing cookies category at our website. The transfer of personal data to the USA may not be based on appropriate safeguards due to the fact that US authorities are allowed under US law to access and use such data transferred from the EU to the US. These transfers are not regulated in such a way that would meet requirements equivalent to those existing under EU law specifically regarding the principle of proportionality as monitoring programs based on US legislation are not limited to what is strictly necessary.
LinkedIn contact forms
We may run advertising campaigns at LinkedIn social network. Some of our campaigns can include LinkedIn contact forms (also known as LinkedIn Lead Gen Forms).
After your completion of the contact form, we will be able to receive your contact data either by downloading your data using LinkedIn campaign manager cabinet or by receiving your data automatically via integration of LinkedIn with our systems (e.g. marketing automation, CRM-systems). Your data will be stored in our systems to facilitate our future communication. By submitting the data via the contact form at LinkedIn, you authorize INNIO to get in touch with you and/or forward your request to 3rd party vendors such as Sales/Services Providers for the purpose of processing your enquiry.
Using the contact form at LinkedIn website, you can also agree to receive future marketing communications from INNIO, which includes such materials as product updates, newsletters, invitations to events and more. You can receive more information about LinkedIn and its policies via the following links: linkedin.com, https://www.linkedin.com/legal/privacy-policy.
Please note that LinkedIn company’s servers might be located in the USA and your data may be transferred to the USA after you provide your data at LinkedIn website. The transfer of personal data to the USA may not be based on appropriate safeguards due to the fact that US authorities are allowed under US law to access and use such data transferred from the EU to the US. These transfers are not regulated in such a way that would meet requirements equivalent to those existing under EU law specifically regarding the principle of proportionality as monitoring programs based on US legislation are not limited to what is strictly necessary.
Information for Processing of Job Applicant Data
I. Who is responsible for data processing and who is the data protection officer?
The data controller is INNIO Jenbacher GmbH & Co OG, Achenseestrasse 1-3, A-6200 Jenbach. You can reach our data protection officer (RA Dr. Karsten Kinast, LLM., Hohenzollernring 54, D-50672 Cologne) at: DPO-INNIO@kinast.eu.
II. What data processing activities do we perform in context of the application process?
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the data protection laws, as well as all other relevant laws of the member states.
In connection with your application, we perform the following processing activities with your personal data.
1. Online application
a) Purpose of processing activity
If you submit an online application through our website, we process your personal data in order to process your submission for a work position in our company. It may be processed for the purpose of storing, merging, and making available an applicant database operated by INNIO.
The personal data processed can include your name, title, address, telephone number, date of birth, education, work experience, salary expectations and those data and images contained in the cover letter, curriculum vitae, references, or additional documents you have provided to us in this regard.
b) Legal basis
The primary legal basis for this processing activity is your consent, Art. 6 (1) a) GDPR.
All consents can be withdrawn independently at any time. A withdrawal has the consequence that we no longer process your data for the above-mentioned purposes from this point in time, and thus the corresponding rights, benefits, etc. can no longer be claimed. The lawfulness of the processing carried out on the basis of the consent until the withdrawal remains unaffected. For a withdrawal, please contact: careers@innio.com
c) Storage period
The data provided will be stored in the INNIO database for six months. In case you communicate your right to withdraw before this storage period has ended, all personal data will be deleted immediately from this point in time.
2. Job alerts
a) Purpose of processing activity
If you register for notifications in form of our job alert, we will process your personal data in order to assess your suitability for open work positions in our company. This personal data includes your name and contact details in order to contact you for a role, as well as the work fields and countries of your interest.
b) Legal basis
The primary legal basis for this processing activity is your consent, Art. 6 (1) a) GDPR.
All consents can be withdrawn independently at any time. A withdrawal has the consequence that we no longer process your data for the above-mentioned purposes from this point in time, and thus the corresponding rights, benefits, etc. can no longer be claimed. The lawfulness of the processing carried out on the basis of the consent until the withdrawal remains unaffected. For a withdrawal, please contact (careers@innio.com).
c) Storage period
The data provided will be stored in the INNIO database for six months. In case you communicate your right to withdraw your consent before this storage period has ended, all personal data will be deleted immediately apart from this moment.
3. Candidate feedback requests
a) Purpose of processing activity
If you submit an online application through our website, we will process your data if you agree to the completion of a feedback form regarding our application process. This feedback will be used to improve our application process for future applicants. This personal data includes General personal information, e.g. answers (feedback) from candidates, any information related to the candidate’s experiences (which may make it possible to identify the applicant in question) and feedback related to the recruitment process. This data will be anonymized. INNIO has no need for the specific personal data.
b) Legal basis
The primary legal basis for this processing activity is our legitimate interest, Art. 6 (1) f) GDPR.
Our legitimate interest lies in the optimization of our application process and in better aligning it with the needs of our applicants and INNIO. You have the right to object this processing. Find more information under your rights in point V.
c) Storage period
In principle, the data is anonymized as soon as it has been collected. Deletion is therefore no longer necessary.
III. Data transfer of data to third parties
To conduct the above-mentioned feedback surveys, we use a service provider based in the EU. This service provider has sub-processors of their own. No further personal data is transferred to recipients outside the company in the context of the application process. The recipients inside the company are the Human Resources department and the respective responsible contact persons of the departments. Please contact our legal department for more specific information on the service provider.
IV. Data transfer to a third country outside the EU/EEA
If your data is also processed, at least in part, outside the EU or EEA by affiliated companies or external third parties (sub-processors) we implemented various requirements and measures to ensure an adequate level of data protection. The appropriate level of protection may result from the following points:
- An adequacy decision of the European Commission pursuant to Art. 45 GDPR.
- Conclusion of internal binding data protection regulations in accordance with Art. 47 in conjunction with Art. 46 Para. 2 lit. b) GDPR.
- Standard Contractual Clauses pursuant to Art. 46 Para. 2 lit. c) and d) GDPR.
- Approved rules of conduct according to Art. 46 para. 2 lit. e) in conjunction with Art. 40 GDPR.
- An approved certification mechanism according to Art. 46 (2) (f) in conjunction with Art. 42. GDPR.
- Contractual Clauses approved by the data protection authority pursuant to Art. 46. para. 3 lit. a GDPR.
- In exceptional cases, the transfer shall be determined in accordance with Art. 49(1) or Art. 49(1)(2) of the GDPR.
V. Your rights
In principle, you have the following rights:
Pursuant to Art. 15 GDPR, you can request information about your personal data processed by us.
- In accordance with Art. 16 GDPR, you can request the immediate correction of incorrect data, or the completion of your personal data stored by us.
- Pursuant to Art. 17 GDPR, you may request the erasure of your personal data stored by us, unless the processing is necessary for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise, or defense of legal claims.
- Pursuant to Art. 18 GDPR, you may request the restriction of the processing of your personal data if you contest the accuracy of the data, if the processing is unlawful, if we do not need the data and if you refuse to erase the data because it is necessary for the establishment, exercise, or defense of legal claims. You have the right to restrict processing pursuant to Art. 18 GDPR.
- Pursuant to Art. 20 of the General Data Protection Regulation, you may request that the personal data you have provided to us be received in a structured, commonly used, and machine-readable format, you may also request that it be transferred to another controller.
- If you have given us your consent, you have the right to withdraw, Art. 7 para. 3 GDPR.
- Furthermore, they have a right of objection from Art. 21 GDPR, which can exceptionally also be declared against a data processing that is lawful. We will no longer process your personal data unless there are compelling legitimate grounds for doing so.
If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can contact our Legal Counsel for Data Protection (legaldataprivacy@innio.com) , also internally at our HR Department or the respective data protection authority (The Austrian Data Protection Authority, address Barichgasse 40 – 42, 1030 Vienna, phone: +43 1 52 152-0, e-mail: dsb@dsb.gv.at).
Privacy Policy for Processing and Contacting Potential Business Partners
We hereby inform you about the processing of your personal data by INNIO Jenbacher GmbH & Co OG together with its affiliated companies (“INNIO Group”) and the rights to which you are entitled under the data protection law.
Who is responsible for data processing and who is the data protection officer?
The data controller is:
INNIO Jenbacher GmbH & Co OG
Achenseestrasse 1-3
A-6200 Jenbach
You can reach our data protection officer (RA Dr. Karsten Kinast, LLM., Hohenzollernring 54, D-50672 Cologne) at: DPO-INNIO@kinast.eu.
What data processing activities do we perform in context of contacting you for business and marketing purposes?
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the data protection laws, as well as all other relevant laws of the member states.
In connection with our contacting for business and marketing purposes, we perform the following processing activities with your personal data.
1. Database maintenance
a) Purpose of processing activity
b) Legal basis
The primary legal basis for this processing activity is our legitimate interest, Art. 6 para. 1 lit. f GDPR.
Our legitimate interest lies in the establishment of business connections and the conduction of marketing. You have the right to object this processing. For more information about your rights please read section 5.
c) Storage period
We store the information if the data is necessary for our purposes. As soon as your data is no longer required by us, it will no longer be used within this context.
2. Contacting the customer
a) Purpose of processing activity
We will process your data to contact you with the information we will receive from the ZoomInfo Database. Contacting you serves the purpose of sending business proposals that might interest you. The personal data used in this regard includes your name and business contact information, e.g. email and phone number.
b) Legal basis
The primary legal basis for this processing activity is our legitimate interest, Art. 6 para. 1 lit. f GDPR.
Our legitimate interest lies in the establishment of business connections and the conduction of marketing. You have the right to object this processing. Find more information about your rights under section 5.
c) Storage period
The data will be stored for one year.
3. Data transfer of data to third parties
To conduct the above-mentioned processing to contact business and marketing prospects, we use ZoomInfo. Their services are hosted on the three major cloud providers with hosting data centers in the U.S. No further personal data is transferred to recipients outside the company in the context of the contacting from INNIO. Should you require more specific information on the service provider, please contact our legal department via LegalDataPrivacy@innio.com.
4. Data transfer to a third country outside the EU/EEA
If your data is also processed, at least in part, outside the EU or EEA by affiliated companies or external third parties (sub-processors) we implemented various requirements and measures to ensure an adequate level of data protection. The appropriate level of protection may result from the following points:
- An adequacy decision of the European Commission pursuant to Art. 45 GDPR.
- Conclusion of internal binding data protection regulations in accordance with Art. 47 in conjunction with Art. 46 Para. 2 lit. b) GDPR.
- Standard Contractual Clauses pursuant to Art. 46 Para. 2 lit. c) and d) GDPR.
- Approved rules of conduct according to Art. 46 para. 2 lit. e) in conjunction with Art. 40 GDPR.
- An approved certification mechanism according to Art. 46 (2) (f) in conjunction with Art. 42. GDPR.
- Contractual Clauses approved by the data protection authority pursuant to Art. 46. para. 3 lit. a GDPR.
- In exceptional cases, the transfer shall be determined in accordance with Art. 49(1) or Art. 49(1)(2) of the GDPR.
5. Your Rights
In general, you have the following rights:
- Pursuant to Art. 15 GDPR, you can request information about your personal data processed by us.
- In accordance with Art. 16 GDPR, you can request the immediate correction of incorrect data, or the completion of your personal data stored by us.
- Pursuant to Art. 17 GDPR, you may request the erasure of your personal data stored by us, unless the processing is necessary for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise, or defense of legal claims.
- Pursuant to Art. 18 GDPR, you may request the restriction of the processing of your personal data if you contest the accuracy of the data, if the processing is unlawful, if we do not need the data and if you refuse to erase the data because it is necessary for the establishment, exercise, or defense of legal claims.
- You have the right to restrict processing pursuant to Art. 18 GDPR.
- Pursuant to Art. 20 of the General Data Protection Regulation, you may request that the personal data you have provided to us be received in a structured, commonly used, and machine-readable format, you may also request that it be transferred to another controller.
- If you have given us your consent, you have the right to withdraw, Art. 7 para. 3 GDPR.
- Furthermore, they have a right of objection from Art. 21 GDPR, which can exceptionally also be declared against a data processing that is lawful. We will no longer process your personal data unless there are compelling legitimate grounds for doing so.
If you believe that the processing of your data violates the data protection law or that your data protection rights have been violated in any other way, you can contact our Legal Counsel for Data Protection (legaldataprivacy@innio.com) or the respective data protection authority (The Austrian Data Protection Authority, address Barichgasse 40 – 42, 1030 Vienna, phone: +43 1 52 152-0, e-mail: dsb@dsb.gv.at).
Changes to Our Privacy Notice
This Privacy Notice may be updated periodically and without prior notice to you to reflect changes in our information practices. We will indicate at the top of this Privacy Notice when it was most recently updated.
How to Contact Us
If you have any questions or comments about this Privacy Notice or if you would like us to update information we have about you or your preferences, please contact us at:
Data Privacy Officer
Dr. Karsten Kinast, LL.M
DPO-Innio@kinast.eu
www.kinast.eu