Privacy policy
Thank you for visiting our website. Your privacy and the associated protection of personal data are important to us. That is why our business activities comply with the applicable data protection and data security legislation. It is very important to us that you feel safe with us. For this reason, we and our data protection officer ensure compliance with data protection regulations.
We are aware of the importance of the data you entrust to us and would like to inform you about this below:
the purposes for which your (personal) data is collected, processed and used,
how we handle and protect your data,
to whom we make the data available and
how you can exercise your rights.
When you access our website, we collect certain data about you. You can find more information about this in this text.
Please read the following information carefully.
Definitions
Data protection is a complex issue. When you access and use our website, data traces of your use remain on our servers for technical reasons.
Some data is transmitted to our servers by your Internet browser and recorded in so-called log files, which we would like to explain to you below.
We have summarised some basic meanings to make it easier for you to understand this privacy policy.
In simple terms, "order processing" (AV for short) within the meaning of Art. 28 of the General Data Protection Regulation (GDPR) is understood to mean a service in which personal data is collected, processed and/or used by a service provider on behalf of and in accordance with the instructions of the so-called controller. Before such an order is placed with a service provider, we conclude a special contract with the service provider and ensure further measures to protect your personal data.
"Cookies" are small text files that are stored on the end device you use (e.g. computer or smartphone) and that store certain settings and data for exchange with our system via your browser.
A cookie usually contains the name of the visited website from which the cookie data was sent, information about the age of the cookie and an alphanumeric identifier.
Cookies enable the systems to recognise the user's device and make any default settings immediately available.
A third party is any natural or legal person or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process the personal data, see Art. 4 No. 10 GDPR.
It is therefore not a third party, for example, if personal data is transferred to a service provider in the course of order processing in accordance with Art. 28 GDPR.
IP addresses are sequences of digits that can be assigned to individual IT devices or a group. Similar to postal addresses, the IP is used to assign data to the correct recipient. In addition, the browser type/version and the operating system used are also recorded.
"Personal data" means any information relating to an identified or identifiable natural person, in particular first and last name, date of birth, email address, home address, bank and payment details, as well as health data, see Art. 4 No. 1 GDPR.
"Controller" according to Art. 4 No. 7 GDPR is any person or body which alone or jointly with others determines the purposes and means of the processing of personal data. (in this case: the website operator).
A. Controller
Who is responsible for data processing and who can I contact?
The controller for data processing is
Sanvartis GmbH
Mercator Str.1b
47051 Duisburg
If a body other than the aforementioned body is the "controller" within the meaning of the General Data Protection Regulation, you will be informed explicitly and separately, unless this is obvious.
You can contact our data protection officer at the following email address: datenschutz@sanvartis.de
B. Purposes and scope of data processing when visiting the website
How is personal data processed when you visit our website?
Every time a user accesses a page on our website and every time a file is retrieved, access data about this process is stored in a log file on our server.
Each data record consists of
- the page from which the file was requested (so-called referrer URL)
- the name of the file
- the date and time of the request (so-called "time stamp")
- the amount of data transferred
- the access status (file transferred, file not found, etc.)
- a description of the type of web browser used (e.g. Mozilla Firefox, Google Chrome or Microsoft Edge, Apple Safari, Opera, etc.)
When you access our website, information of a general nature is automatically collected. This information (server log files) includes, for example, the operating system used, the domain name of your internet service provider and similar. This is exclusively information that does not allow any conclusions to be drawn about your person. This information is technically necessary in order to correctly deliver the website content you have requested and is mandatory when using the Internet. Anonymous information of this kind is statistically evaluated by us in order to optimise our website and the technology behind it.
The legal basis for this is Art. 6 para. 1 lit. f GDPR. We do not pass on your data to third parties unless you have consented to this. For certain areas (e.g. the hosting of our website), however, we rely on the use of service providers, which we oblige to comply with the legal requirements through order processing.
C. E-mail contact
You can contact us via the email address provided. In this case, the user's personal data transmitted with the e-mail will be stored and in some cases forwarded to our external service provider for processing. The data is used exclusively for processing the conversation.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
If contact is made by email, this also constitutes the necessary legitimate interest in processing the data. The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected.
D. Your personal data that we receive from other sources - social media
You can contact us via our presence on external sources such as LinkedIn and XING. However, this only happens if you "join our network" on LinkedIn or XING.
linkedin data protection / xing data protection
Here, too, we only collect the personal data from you that is required for further contact and communication.
The legal basis for the processing of your data in the context of the aforementioned contact is Art. 6 para. 1 lit. a GDPR; if you have not given your consent, Art. 6 para. 1 lit. f GDPR also applies.
E. Embedding of external services and media (iframes)
Third-party offers may be integrated into our website. These cannot be played directly from our website; you must first consent to access them. When you visit the website, these providers receive the information that you have accessed the corresponding subpage of our website. Further data is also transmitted. This takes place regardless of whether you have a user account that you are logged in to or whether you do not have a user account. If you do not wish to be associated with your profile, you must log out before activating the respective button. You have the right to object to the creation of these user profiles, whereby you must contact the respective provider to exercise this right. With the embeddings, we pursue the interest of showing you content that is of interest to you in order to make our website more interesting for you.
The legal basis for the processing of your data is Art. 6 (1) f) GDPR. You can withdraw your consent at any time via the cookie banner.
F. Personal information automatically collected by us - cookies
What are cookies?
Cookies and similar technologies are very small text documents or pieces of code that often contain a unique identification code. When you visit a website or use a mobile application, a computer asks your computer or mobile device for permission to store this file on your computer or mobile device and gain access to information. Information collected by cookies and similar technologies may include the date and time of the visit and how you use a particular website or mobile application.
Why do we use cookies?
Cookies ensure that you remain logged in during your visit to our online shop, that all items in your shopping basket remain saved, that you can shop securely and that the website continues to function smoothly. The cookies also ensure that we can see how our website is used and how we can improve it. In addition, depending on your preferences, our own cookies can be used to present you with targeted adverts that match your personal interests.
What type of cookies do we use?
Functional and essential cookies
Marketing cookies
Our pages use so-called session cookies as standard. These are used to be able to assign several requests from a page visit as belonging together.
In order to utilise the full functionality of our website, it is necessary for technical reasons to allow session cookies. Session cookies are deleted as soon as you end your browser session.
Note: Our Webflow platform used for programming this website does not use its own cookies.
The legal basis for the processing of your data is Art. 6 (1) f) GDPR. You can withdraw your consent at any time using the cookie consent tool.
G. Cookie Consent Tool
We use a specially programmed "User Centrics" cookie consent tool that allows the user to allow or reject various cookie categories in a bundle. It provides detailed information about the use of individual cookies and services. The settings of the cookie consent tool are also stored in a cookie.
You can find our "User Centrics" cookie consent tool at any time on our website if you scroll down to the bottom of the website and click on the "Cookie settings" link.
The legal basis for the processing of the described data - insofar as it is personal - is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to offer you an appealing, user-friendly and technically functional website.
H. SSL encryption
To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.
Your IP address and the date and time of your visit are also logged for information security purposes.
I. YouTube videos
We embed YouTube videos on some of our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. YouTube is informed which pages you visit. If you are logged into your YouTube account, YouTube can assign your surfing behaviour to you personally. You can prevent this by logging out of your YouTube account beforehand. When a YouTube video is started, the provider uses cookies that collect information about user behaviour. If you have deactivated the storage of cookies for the Google Ad programme, you will not have to expect any such cookies when watching YouTube videos. However, YouTube also stores non-personalised usage information in other cookies. If you wish to prevent this, you must block the storage of cookies in your browser. Further information on data protection at "Youtube" can be found in the provider's privacy policy at YouTube and Google privacy policy
J. Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc ("Google").
The provider is Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland)
Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site.
The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
However, if IP anonymisation is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area.
Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.
On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
K. Purposes and scope of data processing when visiting the website
Collection of further data
1. contact form
When you use the contact form, we collect your personal data (title, first name, surname, company, street, house number, postcode/city, telephone, fax, email address) only to the extent provided by you. The data processing serves the purpose of establishing contact. We only use your e-mail address to process your enquiry. Your data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. This is usually the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The legal basis for the processing of the described data - insofar as it is personal - is Art. 6 para. 1 lit. f GDPR.
2. applicant data
We only collect the personal data from you that we need to support you in your job search and to maintain our relationship with you after we have found a position for you. This includes, in particular, your personal data with contact information and - in order to fully assess your application - information about your previous professional career.
You can provide us with information in a variety of ways, depending on what suits you best. This may include that you:
Entering your details into an application form on our website as part of the registration process;
handing in your application documents in printed form at one of our recruitment events;
sending us your application documents by e-mail;
apply for jobs via a job search engine, which will then redirect you to our website;
send us your data via LinkedIn or XING.
In the online application process, data is requested that is required for the online application. The fields provided for this purpose are marked as "mandatory fields" with an asterisk "*". In addition to the completed online application form, we require your CV and your complete certificate file, which you can attach. You can also provide further voluntary information and upload additional information that complements your profile as a file.
Please do not provide information that is not usable under the General Equal Treatment Act, such as race, religion or ideology, as well as special categories of personal data in accordance with Art. 9 GDPR, including illnesses, ethnic origin and political opinion. The same applies to content that is likely to infringe the rights of third parties, such as copyrights.
If we ask you for your gender as part of the application process or during further support, this is because we want to write to you or address you in the right way. The reason for entering your date of birth is that the legal minimum age is stipulated for some jobs.
The legal basis for the processing of your data in the context of job search support and career counselling results from Art. 6 para. 1 sentence 1 lit. a and f GDPR, Art. 88 GDPR (in conjunction with § 26 BDSG in Germany, or, if applicable, the Austrian Data Protection Act).
L. Disclosure of personal data
We collect and use your data in accordance with legal requirements and only for our own purposes.
Your data will not be passed on to so-called third parties unless there is a legal obligation to do so or you have consented to the transfer.
Your personal data may be passed on to the following categories of recipients.
Companies of the Medperion group of companies:
Employees of Sanvartis GmbH (The information you provide to us will be treated confidentially at all times).
Employees of Careforce GmbH (The information you provide to us will be treated confidentially at all times).
Employees of Medperion Services GmbH (The information you provide to us will be treated confidentially at all times).
M. Google reCAPTCHA
We use reCAPTCHA on this website. The provider is Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland). The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics.
This analysis begins automatically as soon as the website visitor enters a website with activated reCAPTCHA. To analyse this, reCAPTCHA evaluates various pieces of information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google. If reCAPTCHA is used in "invisible mode", the analyses run completely in the background. Website visitors are not informed that an analysis is taking place.
The legal basis for processing the data is Art. 6 para. 1 lit. f GDPR.
The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Data processing is based on standard contractual clauses contained in the data processing addendum to Google's General Terms and Conditions or the data processing agreements.
For more information on reCAPTCHA, please refer to the privacy policy and terms of use at the following link: https://policies.google.com/privacy?tid=331749508656
Google is committed to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/list.
N. Duration of data use
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies.
Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject.
The data will also be blocked or erased if a storage period
storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
O. Rights of data subjects
Every data subject has the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, the right to object under Art. 21 GDPR and the right to data portability under Art. 20 GDPR, provided that there are no legal requirements to the contrary (in particular under Art. 15, 17 GDPR).
Right to lodge a complaint/supervisory authority
If you are of the opinion that the processing of your personal data is not lawful, you can lodge a complaint with the competent data protection supervisory authority (Article 77 GDPR)
LDI NRW
If you wish to exercise your rights as a data subject, including your right to erasure or blocking, please contact datenschutz@sanvartis.de, stating your full name and email address.
Right to information
Under the legal requirements of Art. 15 GDPR, you can of course request information at any time as to whether we process your personal data. If we process your personal data, you can also request information about the circumstances and organisation of the processing and more detailed information about the processed data.
Right to rectification
In accordance with Art. 16 GDPR, you can request that incorrect information about you be corrected.
Right to erasure
Under the legal requirements of Art. 17 GDPR, you are entitled to demand that we erase personal data concerning you without undue delay. The right to erasure does not exist, among other things, if the processing of personal data is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation to which we are subject (e.g. statutory retention obligations) or for the assertion, exercise or defence of legal claims.
Right to restriction of processing
You can request the restriction of the processing of your personal data in accordance with Art. 18 GDPR.
Right to data portability
You are entitled, under the conditions of Art. 20 GDPR, to request that we provide you with the personal data concerning you that we process in a structured, commonly used and machine-readable format.
Right to object
In accordance with the requirements of Art. 21 GDPR, you have the right to object to the processing of your personal data and to demand that we stop processing it. The right to object exists only to the extent provided for by law . Your objection may be opposed by legitimate interests that make further processing necessary.
Right of cancellation
You can withdraw your consent to the processing of your personal data at any time and with effect for the future in accordance with Art. 7 para. 3 GDPR without incurring costs that exceed the transmission costs according to the basic tariffs.
Obligation to notify
According to Art. 19 GDPR, we are obliged to inform all recipients to whom personal data has been disclosed about corrections, deletions and restrictions on the processing of your personal data. Exceptions may apply if this is impossible or involves a disproportionate effort. We will be happy to inform you about these recipients on request.
Automated decision-making in individual cases including profiling:
We also ensure your rights in accordance with Art. 22 GDPR.
You or your data are therefore not subject to decisions based solely on automated processing - including profiling.
P. Place of data processing
Your data is generally processed in Germany. Information that you transmit to us may be stored on non-German servers within the European Union (EU).
If data is transferred to locations in countries outside the European Union (so-called third countries), this is explained here in this privacy policy under the corresponding text sections B-N.
Q. Person authorised for data protection
If you have any questions, you can also contact our data protection officer
Mr Michael Jung
Mercatorstr.1b
47051 Duisburg
E-mail: datenschutz@sanvartis.de
R. Availability of the websites
We give no guarantee for the constant availability of the web pages, but naturally endeavour to prevent or rectify faults.
S. Changes to the privacy policy
Advances in technology, legal requirements or changes to processes may have an impact on this privacy policy, among other things. We therefore reserve the right to amend this privacy policy at any time with effect for the future. The current version of the privacy policy can be found on this website. Please visit this subpage of the homepage regularly to keep yourself informed about the applicable provisions.
Status: 10.06.2025