Privacy Policy

1.   General information

1.1.        Preamble and scope

In the following privacy policy, we inform you about the types of your personal data (hereinafter referred to as ‘data’) we process, for what purposes and to what extent. This privacy policy applies to the provision of our services on our websites as well as our social media presences (hereinafter referred to collectively as ‘online offering’).

Furthermore, only the term ‘JOB Group’ is used in this privacy policy, which includes both JOB-Holding GmbH & Co.KG and all affiliated subsidiaries and partner companies.

All terms used are not gender-specific.

Last updated: 17 September 2025

1.2.        Responsible organisations and individuals

The controller is:
JOB-Holding GmbH & Co.KG
Kurt-Fischer-Strasse 30
22926 Ahrensburg
Germany

Phone: +49 (4102) 2114 0
Fax.: +49 (4102) 2114 70
E-Mail: info@job-group.com
Website: www.job-group.com

You can contact our data protection officer at:
Deutsche Datenschutz Consult (DDSC) GmbH
Stresemannstrasse 29
22769 Hamburg
Germany

Phone: +49 40 228 60 70 0
Fax: +49 40 228 60 70 99
E-Mail: datenschutzbeauftragter@job-group.com
Website: https://www.ddsc.de

You can contact our supervisory authority at:
Independent State Centre for Data Protection Schleswig-Holstein
P.O. Box 71 16
24171 Kiel
Germany

Phone: +49 431 988 1200
Fax: +49 431 988 1223
E-Mail: mail@datenschutzzentrum.de
Website: https://www.datenschutzzentrum.de

1.3.        Purpose of this privacy policy

This privacy policy explains how we process your data. This includes the indication of the purpose of use, the legal basis, the storage period, the categories of any data recipients, the indication of a possible transfer of the data to countries outside the EU, as well as information on your rights as a data subject (deletion, restriction, rectification, revocation, right to lodge a complaint). If we obtain data from other institutions, we will also disclose this, stating the type of data and its origin. In addition, we provide you with information on how you can securely transmit information about yourself to us and how you can exercise your rights as a data subject.

1.4.        Changes to this privacy policy

Please note that we amend our privacy policy from time to time to take into account changes to services and changes in the law. If possible, please read our privacy policy before each visit to our online offering to learn about such changes. This effort serves your own interests, which are protected by data protection law with the information obligations imposed on us. Please refer to section 1.1 (‘Preamble and scope’) for the current version (date) of this privacy policy.

2.   Processing of data in our online offering

2.1.        Processing of connection data in our online offering

When you visit our online offering, connection data relating to you (more precisely about the connection of your device to our website) is stored automatically and without your intervention. This is:

• IP address (provider) and location of your Internet access (e.g. town/city/country)
• Date and time of the request (time stamp)
• Content of the request (requested website / address / URL / URI)
• Access status (HTTP status code)
• The amount of data transferred (data volume of the websites accessed)
• Website from which the request comes (referrer, e.g. search engine)
• Operating system (manufacturer, version and screen resolution)
• Browser software (manufacturer, version and language)

The temporary storage of the IP address by the system is necessary to enable the website to be displayed on the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session. Logging is carried out to identify and defend against misuse.

The data is also stored in the log files of our systems. The legal basis for the temporary storage of data and log files is point (f) of Article 6 (1) GDPR.

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. The log files are kept for a period of 30 days and then deleted automatically.

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user. The stored data is not merged with other data sources.

In order to protect the data transmitted via our online offering, we use what is known as TLS encryption. You can recognise such encrypted connections by the prefix https:// in the address bar of your browser or by the padlock symbol in front of the address bar. In this case, the data connection is end-to-end encrypted.

2.2.        Use of cookies and analytics data in our online offering

Dateien, die Ihr Webbrowser auf Ihrem Endgerät ablegt, um bestimmte Einstellungen, wie z.B. die Sprachauswahl oder das Anzeigeformat der aufgerufenen Webseite, für künftige Besuche unseres Onlineangebotes zu speichern.

Essential cookies that are required for the proper functionality and presentation of the websites are used on our online offering. In addition, functional (for website optimisation and presentation of content) as well as optional (statistics and marketing) cookies are used, the content of which is used by us for technical analysis and statistical collection of website usage and marketing purposes (this process is referred to as user click behaviour).

For all technically non-essential cookies, we obtain your consent via an upstream cookie consent manager.

In our online offering, the connection data is processed anonymously in order to provide users of our online offering with better services, to collect and analyse statistics and trends and to administrate and improve our online offering.

When you visit our online offering, you have the option to make a selection via the consent manager which cookies you want to allow when you visit our online offering. You also have the option of adjusting the settings at any time, including retrospectively, for future visits to our online offering. To do so, please click on the button "Manage consent" in the lower right-hand area of our online offering:

2.2.1.     Essential cookies for the correct display of our online offering

Real Cookie Banner and Complianz GDPR/CCPA Cookie Consent Manager

This cookie is used to test whether cookies can be installed in order to store a reference to the record of consent to what services from what service groups the visitor has consented, and if consent is obtained according to the Transparency Consent Framework (TCF), to store the consent in TCF. As part of the obligation to provide information in accordance with the GDPR, the consent is documented in full. All settings of the Cookie Consent Manager at the time of consent as well as the technical circumstances (e.g. size of the visible area when consenting) and the user interactions (e.g. clicking on buttons) that led to consent are stored. Real Cookie Banner asks website visitors for their consent to the use of cookies and the processing of personal data. For this purpose, each website visitor is assigned a UUID (pseudonymous device identification), which is valid until the expiry of the cookie for storing the consent. Furthermore, the selected language as well as the types of consent and the time of your submission are stored on the server side and in the cookie on your device.

Website of the RealCookieBanner: https://devowl.io/de/wordpress-real-cookie-banner/ (you are leaving our online offering).

Webseite von Complianz: https://complianz.io/ (you are leaving our online offering).

WPML

WPML is a multilingual system for displaying our online offering in different languages to make it accessible to a larger number of users. The cookie can store the language of the user and can redirect the user to the version of our website that corresponds to the language of the user’s browser. The legitimate interest in the use of this service is the storage of the user’s language in order to transmit the content of our online offering in the correct language.

WPML website: https://wpml.org/de/ (you are leaving our online offering).

2.2.2.     Functional cookies and services

Google Tag Manager

Google Tag Manager is a service for managing tags that are triggered by a specific event, which insert an external script (e.g. JavaScript) or send data to an external service (e.g. Google). No cookies are placed on the user’s device in the technical sense, but technical and personal data such as the IP address is transmitted from the device to the server of the service provider (Google) in order to enable the use of the service. Google Tag Manager makes it possible to configure and manage tags (e.g. integration of third-party services, recording of events, forwarding of collected data between different services). For this purpose, the user’s IP address and metadata must be processed. The data is processed in order to be able to provide the functionalities of Google Tag Manager and to improve Google’s services. Google shares personal information with its affiliates and other trusted companies or individuals who process it on Google’s instructions and in accordance with Google’s privacy policies.

You can find this setting in the Consent Manager under ‘Functional (3)’.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Website: https://marketingplatform.google.com (you are leaving our online offering).

Privacy policy: https://policies.google.com/privacy (you are leaving our online offering).

Data processing agreement: https://business.safety.google/adsprocessorterms (you are leaving our online offering).

Standard contractual clauses (guarantee of data protection level for processing in third countries) https://business.safety.google/adsprocessorterms (you are leaving our online offering).

Youtube

YouTube allows the embedding of content on websites published on youtube.com in order to enhance the website with videos. This requires the processing of the user’s IP address and metadata. Cookies or similar technologies can be stored and read out. This may include personal data and technical data such as user IDs, consent, video player settings, connected devices, interactions with the service, push notifications and the account used. This data can be used to record websites visited, to compile detailed statistics about user behaviour and to improve Google’s services. It can also be used for profiling, for example to offer you personalised services like advertising based on your interests or recommendations. This data may be combined by Google with the data of users logged in to Google websites (e.g. youtube.com and google.com). Google shares personal information with its affiliates, other trusted companies or individuals who may process it based on Google’s instructions and in accordance with Google’s privacy policy.

Privacy policy: https://policies.google.com/privacy (you are leaving our online offering).
Data processing agreement: https://business.safety.google/adsprocessorterms (you are leaving our online offering).
Standard contractual clauses (guarantee of data protection level for processing in third countries) https://business.safety.google/adsprocessorterms (you are leaving our online offering).

2.2.3.     Statistical cookies and services for statistical surveys

Google Analytics and Google Analytics 4

Google Analytics generates detailed statistics about user behaviour on our online offering in order to obtain analytics. For this purpose, the IP address of a user and metadata that can be used to determine the country, city and language of a user must be processed. Cookies can be stored and read. This may include personal data and technical data, such as the user ID, which may provide the following additional information:

• Time-related information about when and for how long a user has been or is on the various websites of our online offering,
• Device category (desktop, smartphone and tablet), operating system, browser and screen resolution that a user has used,
• Where a user came from (e.g. website of origin, search engine including search term, social media platform, newsletter, organic video, paid search or campaign),
• Whether a user belongs to a target group or not,
• What a user has done on our online offering and what events were triggered by the user’s actions (e.g. page views, user engagement, scrolling behaviour, clicks, added payment information and user-defined events such as e-commerce tracking),
• ined events such as e-commerce tracking), Conversions (e.g. whether a user has purchased something and what has been purchased),
• Gender, age and interests, if assignment is possible.

This data could also be used by Google to record the websites visited and to improve Google’s services. It can be combined with other Google products (e.g. Google AdSense, Google Ads, BigQuery, Google Play) that the website operator uses via several domains operated by this website operator. It can also be combined by Google with the data of users who are logged in to Google websites (e.g. google.com). Google shares personal information with its affiliates and other trusted companies or individuals who process it on Google’s instructions and in accordance with Google’s privacy policies. It can also be used for profiling by the website operator and Google, for example to offer a user personalised services, such as advertisements based on a user’s interests or recommendations.

You can find this setting in the Cookie Consent Manager under ‘Statistics (1)’.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://marketingplatform.google.com/intl/de/about/analytics/ (you are leaving our online offering).
Privacy policy: https://policies.google.com/privacy (you are leaving our online offering).
Data processing agreement https://business.safety.google/adsprocessorterms (you are leaving our online offering).
Standard contractual clauses (guarantee of data protection level for processing in third countries): https://business.safety.google/adsprocessorterms (you are leaving our online offering).
Opt-out: (Opt-out): https://tools.google.com/dlpage/gaoptout?hl=de (you are leaving our online offering).
Settings for displaying advertisements: https://adssettings.google.com/authenticated (you are leaving our online offering).
Further information: https://privacy.google.com/businesses/adsservices (you are leaving our online offering) – Types of processing and processed data.

2.2.4.     Cookies and services for marketing

LinkedIn Insight Tag

The LinkedIn Insight Tag helps us determine whether you are the target audience for displaying ads within the LinkedIn advertising network. In doing so, you can be specifically addressed in a target group we have created (e.g. people who have ‘liked’ a particular company). In addition, the data is used for so-called ‘remarketing’ in order to be able to display targeted advertising again to users who have already clicked on one of our ads within the LinkedIn advertising network or have visited our online offering. The LinkedIn Insight Tag also enables us to track the effectiveness of LinkedIn advertising (e.g. conversation tracking). Cookies are used to distinguish users, record their behaviour on our online offering in detail and combine this data with advertising data from the LinkedIn advertising network. This data can be combined with the data of users registered on linkedin.com with their LinkedIn accounts.

You can find this setting in the Consent Manager under ‘Marketing (4)’.

Further information:  https://business.linkedin.com/de-de/marketing-solutions/insight-tag (you are leaving our online offering).
Privacy policy: https://de.linkedin.com/legal/privacy-policy (you are leaving our online offering).

Microsoft Advertising Universal Event Tracking (UET) Tag (formerly Bing Ads)

Microsoft Advertising Universal Event Tracking (UET) Tag creates detailed statistics about user behaviour on our online offering in order to obtain analytical information such as the conversion rate and the success of Microsoft Advertising campaigns. Cookies can be stored and read. These may include personal data and technical data such as user ID, session ID, language used, link this data with advertising data from the Microsoft Advertising network and include the name of the logged-in user. This requires the processing of the user’s IP address and metadata. This data may be used to collect visited websites and detailed statistics about user behaviour and to improve Microsoft services. Microsoft shares personal information with subsidiaries controlled by Microsoft and with suppliers. This data may be combined by Microsoft with the data of users logged in to Microsoft websites (e.g. microsoft.com and bing.com). It can also be used for profiling, for example to offer you personalised services, such as advertising based on your interests or recommendations.

You can find this setting in the Consent Manager under ‘Marketing (4)’.

Service provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland
E-Mail: msft@microsoft.com
Website: https://www.microsoft.com/ (you are leaving our online offering).
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement (you are leaving our online offering).

Google Ads including enhanced conversions

Google Ads Conversation Tracking tracks the conversion rate and success of Google Ads campaigns. Cookies are used to differentiate users and track their behaviour on the page in detail, and to combine this data with advertising data from the Google Ads advertising network. In addition, the data is used for so-called ‘remarketing’ in order to be able to display targeted advertising again to users who have already clicked on one of our ads within the Google Ads network. This data may be combined with data relating to users who have logged into their Google accounts on google.com or a localised version of Google.

You can find this setting in the Consent Manager under ‘Marketing (4)’.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
E-Mail: data-access-requests@google.com

Privacy policy: https://policies.google.com/privacy (you are leaving our online offering).

Data processing agreement: https://business.safety.google/adsprocessorterms (you are leaving our online offering).

Standard contractual clauses (guarantee of data protection level for processing in third countries) https://business.safety.google/adsprocessorterms (you are leaving our online offering).

Our online offering on social networks (social media)

We maintain online presences on social networks and process user data on these in order to communicate with them there or to offer information about ourselves.

Please note that user data is processed outside of the European Union. This may result in risks to users because it could, for example, make it more difficult to enforce users’ rights. Furthermore, please note that, as the provider of the online offering on the social media platforms, we have no knowledge of the content of the transmitted data or how it is used by the provider of the social network. The purpose and scope of the data collection and the further processing and use of the data by the provider of the social networks, as well as your rights in this regard and setting options to protect your privacy, can be found in the data protection information of the respective provider.

For a detailed description of each form of processing and ways to opt out, please refer to the privacy policies or guidelines of the operators of the respective social networks.

We process the data of visitors to our social media channels if they communicate with us via these platforms, e.g. by posting on our online presences or sending us messages through them.

If these contact requests or messages are also made via other communication channels at the request of the communication partner, we store this data, such as e-mail address, telephone number or name. The purpose is aimed at the communication request or the initiation of business in order to respond to the requests accordingly or provide the service properly. The legal basis is points (b) and (f) of Article 6 (1) GDPR. We store this data for a period of six months, unless a longer period is specified under other provisions of this privacy policy.

Please also note that in the case of requests for information and the exercising of the rights of the data subject, these can be exercised most effectively vis-à-vis the providers. Only the providers have access to user data and can take appropriate measures and provide information directly.

We maintain a presence on the following social media platforms. When you click on one of the following profile links, you will leave our current website but not our online offering. When you click on the data protection guidelines and privacy policy, you will leave our online offering too.

LinkedIn
Adress: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Our profile: https://linkedin.com/company/7478824
Privacy policy: https://de.linkedin.com/legal/privacy-policy

YouTube
Adress: Google Ireland Limited, Gordon House – Barrow Street, Dublin 4, Irland
Our profile: https://www.youtube.com/@JOBGroup_since1971
Privacy policy: https://policies.google.com/privacy?hl=de

Facebook (Meta Inc.)
Adress: Facebook Germany GmbH, Caffamacherreihe 7, Brahmsquartier, 20355 Hamburg
Our profile: https://www.facebook.com/TheJOBGroup#
Privacy policy: https://www.facebook.com/privacy/policy/

Instagram (Meta Inc.)
Adress: Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5, Irland
Our profile: https://www.instagram.com/job_group1971/
Privacy policy: https://privacycenter.instagram.com/policy/

2.4.        Links to other websites and online services

Our online offering may contain electronic references (links) to other websites. Our websites may also contain graphic elements such as banners, images, videos or short links that take you to another website when you click on them. We cannot be held responsible for content on online services that do not match our root domains job-group.com or e-bulb.com or are not listed in the profile links in section 2.3 ‘Our online offering on social networks (social media)’ or ‘Application process’.

3.   Application process

3.1.        Direct application option and alternative contact options

If you would like to use the direct application option on our online offering, please note that we work with the service provider Personio. As soon as you click on the red button [„APPLY NOW“] on one of the advertised job advertisements, you will be redirected to our online offering at Personio (https://job-group.jobs.personio.deIf you do not agree to this, you will not be able to use direct applications in our recruitment portal via Personio. Instead, you can send us an e-mail with the job title in the subject line to hr@job-group.com to submit your application.

If you send your application documents to us via the direct application option [„APPLY NOW“] , the data you provide and files and documents you attach will be uploaded to our Personio recruitment portal. Data is always transmitted in encrypted form. Our HR team is notified of the submission of the new application and, after initial screening, forwards it to the line manager of the relevant department. Through our data protection guidelines, data protection training for our employees, granular authorisation concepts and TOMs, we can guarantee an appropriate level of protection at all times, and we have also concluded corresponding data protection agreements with Personio.

If you are hired, your data will be transferred to your digital personnel file from that point onwards. If you are not hired, your data will be automatically deleted in Personio after six months.

4.   Data security and data transmission

4.1.        Security of your data

To protect your data both technically and organisationally and taking into account the state of the art, the nature, the scope, the circumstances, the costs of implementation and the purposes of processing, as well as the varying likelihood and severity of a risk to your rights and freedoms, we have put in place suitable technical and organisational data security measures (TOMs) that ensure a level of protection appropriate to the risk. This is intended to protect your data from loss, misuse, unauthorised access, unauthorised publication, alteration or destruction.

Our online offerings use the latest encryption technology. You can recognise this by the padlock symbol or the prefix https:// in front of the website address. We also encrypt data entered on our online offering via SSL/TLS when it is transmitted to us.

You are primarily responsible for the secure transfer of your data from you to us. Electronic forms on our online offering are already technically and organisationally secured by us with up-to-date encryption technology. However, if you send us your data directly by e-mail, please note that e-mails are generally not encrypted. In case of doubt, use the postal service if you want to exclude the risk of transmission as much as possible.

4.2.        Transfer of personal data

As part of our processing of personal data, the data may be transferred or disclosed to other bodies, companies, legally independent organisational units or people. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into one of our online offerings. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts and agreements with the recipients of your data that serve to protect your data.

5.   Information about your rights

5.1.        Information, rectification, restriction of processing, deletion or disclosure of data

The data processed by us will be deleted in accordance with the statutory provisions as soon as the consent given for processing is revoked or other permissions or the processing purposes cease to apply. If the data is not deleted because it is necessary for other legally permissible purposes, its processing is limited to these remaining purposes. In these cases, the data will be blocked, the group of users who have access to this data will be restricted and the data will not be processed for purposes other than the other ones. This applies, for example, to data that must be retained for commercial or tax reasons or in order to assert, exercise or defend against legal claims, or to protect the rights of another natural or legal person.

If you believe that we are processing incorrect or untrue data about you, or need to delete data about you, or need to restrict its processing, please let us know using the contact details provided in section 1.2.

You have the right to information at any time regarding all data concerning you we have stored. In addition, you have the right to data portability in relation to the data provided to us.

5.2.        Right to lodge a complaint

We have appointed a data protection officer in accordance with the statutory provisions. The data protection officer specialises in data protection and data security law and is independent, which means they are not bound by our instructions. If you have any questions about data protection issues concerning our business relationship, please contact our data protection officer. The data protection officer will investigate the process and send you a reply, initially an intermediate message if necessary. However, if your enquiry concerns a business matter, please contact us directly using the contact details provided in section 1.2. The data protection officer can only give you answers relating to your data protection issues, as they are only responsible for monitoring our actions in compliance with data protection regulations. The data protection officer has a professional duty of secrecy towards us and third parties, as long as you do not release them from it.

In addition, you can lodge a complaint with the relevant supervisory authority, whose contact details can be found under ‘Responsible organisations and individuals’ in section 1.2, if you believe that we are not processing your data in compliance with the data protection regulations.

5.3.        Right to object and objection to advertising

For other contact with us, please note that we may process your data (not the connection data collected from you) without your consent for direct marketing purposes. By way of compensation, the law gives you the right to object. You can object to our use of your data for direct marketing purposes at any time with effect for the future. Please inform us of your objection using the contact information provided in the legal notice. When we receive your objection, we will add your data to an advertising exclusion database. Alternatively, we can delete your data at your request, provided that no legal retention periods apply. However, we cannot rule out the possibility that direct marketing will restart in this case.

Even if it is not for direct marketing, you can object to the processing of your data if you wish to assert specific reasons relating to your particular situation. In this case, please contact us using the contact details in section 1.2.