Please log in for

Support

Privacy Policy for Applicants

Crytek takes the protection of personal data very serious and will handle your data very careful and according to the applicable law; specifically the General Data Protection Regulation (“GDPR”) and the German Federal Data Protection Law (“BDSG”). Please find below further information regarding the processing of Personal Data of Applicants.

What is Personal Data?

According to the GDPR personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Who is the controller?

If you apply for a job at Crytek we are the controller of your personal data. Our contact details are:

Crytek GmbH
An der Welle 3
60322 Frankfurt am Main
Germany
privacy@crytek.com

Contact data of our Data Protection Officer

DPO
Crytek GmbH, An der Welle 3, 60322 Frankfurt am Main, Germany
privacy@crytek.com

Why are we processing your personal data?

If you apply for a job at Crytek some personal data is necessary to assess whether your qualification matches the job profile. The processing of the respective data is legally based on Art. 6 (1) (b) GDPR as a necessary step to potentially conclude an employment agreement. If you agree to a longer retention period the legal basis is Art. 6 (1) (a) GDPR. Further, data processing activities (e.g. personality tests) are based on your consent (Art. 6 (1) (a) GDPR.

In some cases we work with recruitment agencies (“headhunters”) to fill vacancies. Headhunters are themselves data controllers within the meaning of the GDPR. The data is passed on to us on the basis of a legal basis that you have agreed with the headhunter. If we have received your data from a headhunter, we will inform you of this.

We use video conferencing for job interviews in some cases. We use Microsoft Teams as a tool to conduct video conferencing. This is only excuted with your prior consent, that you provide by accepting the invitation to the job interview based on a Teams video conference. The legal basis is therefore GDPR Art. 6 para. 1 lit a). Likewise, any recording of the conversation will only take place with your prior consent, which you be able to provide verbally at the beginning of the job interview. Consent is voluntary and can be revoked at any time.

We publish our contact details (e.g. e-mail address, telephone numbers, web form) at various times during the application process so that you can contact us of your own accord. If you contact us via the contact options offered, your details will be processed and stored so that they can be used to process and respond to your inquiry. The basis for this data processing is Art. 6 para. 1 lit. f) GDPR, our legitimate interest in providing you with an answer to your inquiry.

We use external digital signature services to sign employment contracts and other documents. This is done in our legitimate interest pursuant to GDPR Art. 6. para. 1 lit f) in a secure verifiable signature on contract-relevant documents.

Which personal data do we process?

Certain personal data is necessary for the specific application process. Generally we will need your:

  • Full name
  • Contact details
  • Qualifications, certificates, testimony and job experience
  • In some cases personality test or IQ-test
  • Picture and video data
  • IP addresses and browser data, when using digital services.
  • Digital signature

Who are the recipients of the personal data?

The access to your personal data is restricted to certain people inside Crytek on a “need-to-know” – basis. This will be members of the HR department, team leads/directors and – sometimes – subject matter experts which are stakeholders of the job.

Is personal data transfers of personal data to a third country or international organisation.

Some of the providers of our digital services that we use for data processing are located in third countries.

Within our application process we use software of the service provider based in the USA: Lever, Inc., 155 5th Street, 6th Floor, San Francisco, CA 94103. With regard to us Lever serves as a data processor in terms of the GDPR. Any transfer of personal data is safeguarded by a data processing agreement including Standard Contractual Clauses as provided by the European Union.

Microsoft Inc., USA is provider of our video conferencing system and email system. Microsoft serves as a data processor in terms of the GDPR. Any transfer of personal data is safeguarded by a data processing agreement including Standard Contractual Clauses as provided by the European Union.

Docusign, Inc., USA is provider of our digital signature services. Docusign serves as a data processor in terms of the GDPR. Any transfer of personal data is safeguarded by a data processing agreement including Standard Contractual Clauses as provided by the European Union.

How long will your personal data be stored?

In principle, Crytek stores data in accordance with statutory retention periods, e.g. under commercial and tax law.

If you have given us your consent, we will process and store the data until you withdraw your consent or ask us to delete the data.

We will store your personal data during the application process. If you are not hired by our company after completing the application process, we will store your data for a period of six months after the end of the application process unless you provided your explicit consent for storing your personal data for a period up to four years in order to review your qualifications for future job opportunities.

If you are hired by our company after completing the application process, we will store your data in the personnel file for the duration of the employment relationship plus 3 additional years.

We store communication data in accordance with the statutory retention periods.

What rights do you have?

At any time, you have the right to:

  • Request access to your personal data processed by us within the scope of Art. 15 GDPR.
  • Request that your data be corrected if these are incorrect in terms of Art. 16 GDPR.
  • Request that your data be deleted if the legal grounds exist in terms of Art. 17 GDPR.
  • Request the restriction of processing of your data, if the conditions are met in accordance with Art. 18 GDPR.
  • Request to port your personal data in a structured, commonly used and machine-readable format within the scope of Art. 20 GDPR.
  • Object to the further processing, if the processing is based on our legitimate interest in accordance with Art. 21 GDPR.
  • If the processing of your personal data is based on consent, you have the right to withdraw your consent at any time with effect for the future.
  • Lodge a complaint with a supervisory authority in a member state of the European Union. The supervisory authority responsible for us is:
    The Hessian Commissioner for Data Protection and Freedom of Information
    P.O. Box 3163
    65021 Wiesbaden
    Germany

To contact us about any of the foregoing rights, please send us an email to privacy@crytek.com.

In case of a confidential request, please email our Data Protection Officer directly: dpo@crytek.com.

What are the consequences of non-provision, objection or withdrawal to data processing?

If you object, restrict, or otherwise refuse the processing of your personal data mentioned above and/or ask us for a deletion, you might not be able to process your application.

Please also note that in certain cases we must comply with defined retention period (see above).

Crytek GmbH uses cookies on this website to improve your experience, analyse our traffic and integrate with social media. You may adjust your cookie preferences by clicking “customize”. Please find further information in our Privacy and Cookie policies. Here you can also withdraw your decision to accept or reject cookies at any time.

CustomizeRejectAccept