Privacy Policy for Personio

Processing of personal data by the entity in charge of the online application process

I. General information and contact

This data privacy statement, which refers exclusively to data collected as part of the online application process, is to inform you about how your personal data that is collected as part of the online application process is handled at our end.

Responsible for data processing within the framework of this website within the meaning of the Basic Data Protection Ordinance (GDPR) is


Hornetsecurity Inc.

Living Place, Suite 200

Pittsburgh, PA, 15206

United States

+1 408-416-2585

Managing Directors: Daniel Hofmann, Daniel Blank

Commercial Register: Local Court Hannover HRB 201937

Value Added Tax ID: DE256599255

Chief Information Security Officer: Olaf Petry

Data Protection Officer: Lukas Wagner, LL.M.

II. Personal data collected as part of the application process

Personal data means any information concerning the personal or material circumstances of an identified or identifiable individual. This includes information such as, for example, your name, address, telephone number and date of birth, but also data relating to your specific career etc. by reference to which a specific individual can be identified with reasonable effort. However, information which cannot be (in)directly associated with your real-life identity is not personal data.

III. Fundamentals and purposes of processing personal data collected from application documents and during the application process

If you apply to us electronically, i.e. via e-mail or using our online form, we will collect and process your personal data for the purpose of executing the application process and preparing contracts.

By submitting an application via our recruitment website, you express your interest in taking up work with us. In this context, you transmit personal data, which we will use and store exclusively for the purpose of your job search / application process.

In particular, the following data is collected during this process:

  • Home
  • Date of birth
  • Email address
  • Phone number
  • Application documents
  • Salary requirement
  • Available from
  • Knowledge of German
  • English skills
  • Spanish skills
  • Highest school-leaving certificate
  • Highest qualification
  • Channel how you became aware of us
  • Other voluntary information

Furthermore, you can choose to upload expressive documents such as a cover letter, your CV and reference letters. These may contain additional personal data such as date of birth, address etc.

Only authorized HR staff and/or staff involved in the application process have access to your data.

The personal data is stored, as a rule, exclusively for the purpose of filling the vacancy for which you have applied.

You can apply at any time via the career portal to the following Group-affiliated companies:


– Hornetsecurity GmbH, Am Listholze 78, 30177 Hanover, Germany.

– Hornetsecurity Inc, 6425 Living Place, Suite 200, Pittsburgh, Pennsylvania 15206, United States

– Hornetsecurity Ltd, 55 Baker Street, London W1U7EU, United Kingdom

– Hornetsecurity Iberia S.L, Vía de las Dos Castillas, 33 Edificio 3 ÁTICA 3, PLANTA TERCERA D, 28224 Pozuelo de Alarcón – Madrid, Spain

– Altaro Limited (Malta), Block LS3, Level 1, Malta Life Sciences Park, San Gwann Industrial Estate, San Gwann SGN 3000, Malta


The career portal is administered by Hornetsecurity GmbH and is also made available to the other companies affiliated with the Group for applicant management purposes. The legal basis for the use of this joint applicant management is our legitimate interest pursuant to Art. 6 para. 1 lit. f) DSGVO in conjunction with Erw. 48 DSGVO in increasing efficiency and minimizing costs through the creation and use of joint administrative structures. The responsible party within the meaning of Art. 4 No. 7 DSGVO for data processing in connection with your application is the respective company to which you are applying.


Your data will be stored for a period of 90 days after the application process has been concluded. This is usually done to fulfill legal requirements and/or defending ourselves against any claims arising from legal provisions. After this period, we are obligated to delete or anonymize your data. In case of anonymization, the data will only be available to us in the form of so-called metadata, without any direct personal reference, for statistical analysis (for example, share of male and/or female applicants, number of applications per specified period of time etc.).

Assuming you have given your consent, we will store your data in our “Talent Pool” for a period of 90 days after the end of the application process – but not after you withdraw your consent – in order to identify any interesting positions for you. This also applies, for example, to applications for apprenticeships or internships. The legal basis is your consent pursuant to Art. 6 (1) a) DSGVO, which you can grant by checking the appropriate box in the application form. Your consent can be revoked at any time and will be effective from that point onward.

Should you be offered and accept a position with us during the application process, we will store the personal data collected as part of the application process for at least the duration of your employment.

IV. Disclosure of data to third parties

Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers a human resource and applicant management software solution ( In this context, Personio is our processor under article 28 of the GDPR. In this case, the processing is based on an agreement for the processing of orders between us as the controller and Personio.

V. Rights of data subjects

If we as the controller process personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. If you disagree with the processing of your data, we can no longer consider you when filling the position.
To assert your rights as a data subject in relation to the data processed during this online application process, please refer to our Data Protection Officer (see item 2).


VI. Concluding provisions

We reserve the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the application process or other processes. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.
In addition to this data privacy statement, please view our general data privacy statement at