Based on your browser language, we recommend the following version of this page:

Privacy policy

I stay on this page

Basierend auf deiner Browsersprache empfehlen wir die folgende Version dieser Seite:

Privacy policy

Ich bleibe auf dieser Seite

Based on your browser language, we recommend the following version of this page:

Privacy policy

I stay on this page

Privacy policy

Fielmann takes the protection of your personal data very seriously and complies with the statutory provisions on data privacy, in particular the General Data Protection Regulation ("GDPR") for the processing of personal data. In the following, and in line with the provisions of data privacy law, we would like to inform you about the processing of your personal data on our webpages and when using our online services.

1. What are personal data?

In accordance with Article 4(1) of the GDPR, personal data are all data relating to an identified or identifiable person. This includes, for example, your name or your e-mail address, as well as the IP address at which you use our services.

2. Data Controller

The company responsible for processing (controller) is

Fielmann Group AG
Weidestrasse 118 a
22083 Hamburg
Germany

Phone.: +49 40 270 76 0
E-mail: bewerberdatenschutz@fielmann.com

3. Data Protection Officer

You can contact our Data Protection Officer at datenschutz@fielmann.com or by mail using the address Fielmann Group AG, Data Protection Officer, Weidestrasse 118 a, 22083 Hamburg. 

4. Processing of your personal data when you access our webpages and online services

a. Website access log

Certain data are automatically processed on our servers for system administration purposes and for statistical or security purposes, particularly for protection against attacks on our IT infrastructure. Provided such data qualify as personal data as defined in Article 4(1) of the GDPR, they shall be processed on the basis of Article 6(1)(f) of the GDPR for these purposes.

  • IP address
  • Requested page/name of the requested file 
  • Date and time of request
  • Amount of data sent 
  • Whether access request was successful 
  • The referrer URL, if the access request was made via an external link, and the search term, if the access request was made via an external search engine
  • The browser software that made the access request (language, version and configuration)
  • Details of your device’s operating system and interface

The aforementioned log data shall be stored on our servers for a period of 7 days as standard and then erased, provided Fielmann is not legally obliged to store the data for longer. In such cases, storing data for longer periods shall be based on Article 6(1)(c) of the GDPR.

b.Use of cookies and preferences

What are cookies?
Cookies are small files that are stored on your hard drive and save certain settings and data concerning the exchange with our systems or our service providers’ systems via your web browser. Different types of cookies may be used. There are so-called session ID cookies, which are erased as soon as you close your browser, and persistent cookies, which are stored on your device even after your browser is closed. These are cookies from Fielmann or third-party providers, insofar as is stated below. We also inform you of similar technologies below.

You will find detailed information on the cookies we use in the list of cookies.

You have the option to withdraw consent you have previously given, or to disable cookies used on the basis of our legitimate interest, as well as to object to the processing of your data at any time ("Opt-out").  

You can change your settings for the use of cookies via the "Privacy settings" link at the bottom of this page (in the footer) and withdraw your consent with effect for the future.

You can also remove stored cookies in your browser settings and disable the future storage of cookies. We would like to point out that not all the features of the webpages may be used if cookies are disabled. It is also possible to opt out of the use of cookies for online marketing purposes using various services via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.

c. Services with cookies and similar technologies

The legal bases for processing by the following services, which use cookies or similar technologies, are

  • your consent (Article 6(1)(a) of the GDPR), provided we ask you for it,
  • for the rest, and unless stated otherwise, the pursuit of our legitimate interests (Article 6(1)(f) of the GDPR).

Google Analytics

Google processes usage data and device information on our behalf in order to analyze the use of the website and compile reports about website activities. Cookies and other technologies are used for this purpose. The statistics obtained enable us to improve our offering and make it more interesting for you as a user. This website also uses Google Analytics for cross-device visitor flow analysis with user IDs.

If you have a Google Account, you can also disable cross-device analysis in the settings under “My Data”, “Personal Data”.

We would also like to point out that this website uses Google Analytics with the code “anonymizeIp();” to ensure truncation of IP addresses. This prevents IP addresses from being linked to individual persons. Only in exceptional cases is the full IP address sent to a Google server in the USA and truncated there. In the event that personal data are transferred to the USA, appropriate safeguards are provided as per Article 46 of the GDPR. When using Google Analytics, other user data will be collected which could enable your identification, such as a link to a Google Account.

You can find the Google privacy policy here: https://policies.google.com/privacy

LinkedIn Insight Tag and Conversion Tracking

We use LinkedIn Insight Tag and Conversion Tracking from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). These services enable us to analyze the success of our ads in the LinkedIn network and display personalized advertising to you in it.

The LinkedIn Insight Tag sets a cookie in your browser. If you visit this website and are logged into your LinkedIn account at the same time, a connection to the LinkedIn server will be established. The following personal data will be processed: referrer URL, IP address, device and meta data, timestamp and your page views/use. These data will be encrypted, anonymized within seven days, and deleted within 90 days. We only receive summarized reports from LinkedIn about the target groups for the website and the performance of the advertising, so that we are able to analyze the success of our ads.

Conversion tracking also enables you to be recognized as a website user (across devices) so that we can show you targeted advertising for our job offers on LinkedIn, which may be of interest to you (retargeting).

You can find more information about data privacy on LinkedIn at https://www.linkedin.com/legal/privacy-policy.

You can withdraw your consent to data processing at any time and disable the use of your personal data for advertising purposes: https://www.linkedin.com/psettings/enhanced-advertising

d. Integration of other third-party services and content

Content is integrated into some of the pages of this online offering. The use of third-party online offerings is not possible unless the providers of such content are given access to the user's IP address because, without the IP address, it would not be possible to send content to the user's browser. The IP address is therefore required to be able to display such content. We strive only to use content from providers that use the IP address solely for the purpose of delivering content. However, we have no control over third parties storing users’ IP addresses for statistical purposes, for example. We will immediately inform users if we become aware of such behavior.

Vimeo and YouTube (video integration)

We integrate videos from the platforms Vimeo and YouTube, operated by Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA (“Vimeo”) and Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“YouTube”), into our online offering.

Usage and communication data, such as the webpages you visit and your interest in content, your IP address, meta and device data, as well as content data, such as form entries, may be transmitted to the respective provider. The legal basis for this is provided by Article 6(1)(f) of the GDPR. Our legitimate interests lie in the user-friendly integration of videos and optimized playback.

Vimeo and YouTube may use Google Analytics or similar tracking cookies and pixels for its own analysis purposes. Providers can obtain information about the use of this website via the data collected and merge this information with other data. These are also used to offer you personalized suggestions for other videos on the video platforms. As far as possible, we use "Privacy Enhanced Mode" for video integration. This prevents the use of information from the use of this website for personalization.

Further information on data privacy at Vimeo can be found here: https://vimeo.com/privacy and at YouTube at https://policies.google.com/privacy.

5. Making contact, contact form

Personal data are also processed when you contact us. The data you provide, such as your name and your e-mail address, and the content provided in the contact form will be forwarded to the relevant contact persons at Fielmann who use your data exclusively to process your request (for example, to our customer service for queries regarding our products, or to our Investor Relations department for questions on Fielmann shares).

In this case, your personal data are processed in connection with the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, or for the general processing of your request (Article 6(1)(b) of the GDPR).

Processing of personal data above and beyond this does not take place, provided nothing to the contrary is stipulated and there are no retention obligations. Your data will be stored until the respective purpose of processing has been achieved.

6. Information for applicants

a. (Online) applications to Fielmann

We enable you to submit an online application for advertised job vacancies or to send us an unsolicited application on our webpages, in particular our Fielmann careers page (www.jobs.fielmann.com).

We use the tool Workday, a service of Workday Limited, The King's Building, May Lane, Dublin 7, Ireland ("Workday"). Your personal data will be stored by this processor and processed within the EU. Fielmann Group AG, Weidestrasse 118 a, 22083 Hamburg, is responsible for the processing of your data (controller), possibly together with the respective company (store) of the Fielmann Group (hereinafter referred to jointly as “Fielmann”) where you applied for a job. For applicants in Switzerland, Fielmann AG, Steinenvorstadt 62, 4051 Basel, is solely responsible for the processing of your personal data (controller).

We process the personal data you send us and provide to us during the application process in order to complete the application procedure for the position you applied for and, if necessary, to establish an employment relationship and for applicant management. The following kinds of personal data may be processed:

  • Contact data: Name, title (if any), address data, date of birth, language, e-mail address and telephone number (including cellphone number).
  • Qualifications data: All the data provided as part of the application process, in particular the data provided in the cover letter, the CV, the references and in the completed application forms.
  • Data from interviews and tests: All the personal information that may have been provided during an interview or was part of a test during the application process.

These data are necessary to give us an impression of your qualifications and both your personal and professional suitability for the job, as well as to be able to communicate with you during the application process.

The use of Workday means that the processing of your IP address and possibly usage data is technically required in order to provide the services.

We also process your personal data for the purpose of analyzing and optimizing our applicant management system.

Fielmann talent pool (optional): If you agree to this separately, we intend to store your application data described above, including your contact details, beyond the specific application process within Fielmann Group AG and make them available to other companies within the Fielmann Group (nationally or internationally, as requested) in order to be able to offer you potentially interesting job vacancies.

This may include the following data in particular:

  • Contact data: Title, name, address data, date of birth, language, e-mail address and phone number.
  • Education/training and qualifications data: All the information provided as part of the application process, in particular the information provided in the cover letter, the CV, the references and in the completed application forms.
  • Interview data: All the personal information that may have been provided during an interview.

It may also contain special categories of personal data as defined by Article 9(1) of the GDPR, e.g. on health.

Your data will initially be stored for a period of 2 years. We, as well as the respective companies, may contact you regarding this by phone, text message, e-mail, or mail. This consent is voluntary and can be refused or withdrawn without affecting the application process and without other disadvantages. If you also register for a Workday candidate account ("Workday Career Center"), all personal data provided by you will also be stored here and can be viewed and managed directly by you.

The processing of your personal data for the purpose of completing the application process is carried out on the basis of Section 26(1) sentence 1 of the German Federal Data Protection Act (BDSG) and Article 6(1)(b) of the GDPR. It is not possible to complete the application process without such processing. Insofar as you give us your consent above and beyond this - for example, for the talent pool and the further provision of your applicant data or registration in the Career Center - or transmit further personal data to us voluntarily and without being asked to do so, we shall process these data, to the extent permissible, on the basis of Article 6(1)(a) and Article 9(2)(a) of the GDPR. This consent can be withdrawn at any time with effect for the future, using the contact details stated above.

We may also be subject to legal obligations (Article 6(1)(c) of the GDPR, and also carry out processing in the pursuit of our legitimate interests as per Article 6(1)(f) of the GDPR, such as for asserting and defending claims, and optimizing applicant management (unless we otherwise ask for your consent).

Only Fielmann employees who require access for the stated purposes will get access to your personal data. Besides the relevant employees in the HR department, this could also include decision-makers in the respective departments or Fielmann companies, particularly in the stores where you have applied for a job. We have data processing agreements with service providers whose technical services we use in particular. Beyond this, your personal data is only made available once we have informed you and you have given your consent, if necessary.

We only store your data for the period of time actually required to complete the application process or for the above-mentioned purposes. When the application process is complete, we will block your data from further access and erase them no later than 6 months after the end of the application process, unless the application results in employment, unless there are statutory retention obligations to the contrary or unless you expressly consent to a longer period of storage (see talent pool). Your data is only added to our talent database for other positions with your consent. You can withdraw your previously given consent at any time with effect for the future using the contact details stated above.

b. Online tests

We conduct aptitude tests in the pre-selection of applicants for vocational training. For this purpose, we will send you an invitation to the test or request you to take the test as part of the online process. We also offer you the chance to practice answering questions online in a test trainer, such as you might encounter in the Fielmann application process. We use the service provider Cyquest GmbH, Heussweg 25, 20255 Hamburg (“Cyquest”): https://www.cyquest.net/.

To conduct the test, the data processed are: Your name, your address and date of birth, communication data as well as your details and answers, as well as technically required data such as IP address and device data. However, it is possible to use the test trainer without entering any further personal data. In this case, only your IP address, device data and the required usage data will be processed. The legal basis for processing your personal data is provided by Section 26(1) of the BDSG and, for the use of the test trainer, Article 6(1)(b) of the GDPR. The data will only be processed while you are using the test trainer on the website, and will be erased when you finish with and leave the test trainer. When it comes to processing as part of the aptitude test for the application process, your data will be deleted 6 months after the end of the application process, which does not result in employment, provided there are no other retention rights or obligations.

c. Google Jobs

We also use Google Jobs, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") for our job advertisements. Google Jobs is the ideal way to display and manage job advertisements on the Internet. We do not transmit any of your personal data to Google. When using Google Jobs, however, data are collected directly by Google. Further information regarding this can be found in Google's privacy information: https://policies.google.com/privacy

7. Disclosure to third parties and commissioned data processors

Your personal data will only be disclosed to third parties or commissioned data processors as outlined in the privacy policy.

All service providers are carefully chosen by us and are contractually obliged to adhere to our high security standards. As part of "commissioned data processing", the companies receive personal data in the scope required for the task they have been engaged to perform. Usage of these data by the engaged company for its own purposes is contractually excluded, unless otherwise stated.

The legal basis here is provided by the legal bases for processing described in more detail above. Personal data may also be disclosed based on the GDPR, the BDSG and, where applicable, other relevant statutory regulations, provided we are legally obliged to do so (Article 6(1)(c) of the GDPR).

8. Secure processing of your data in the EU

Fielmann takes technical and organizational measures to protect your data from unauthorized access or loss. Our security measures are continuously improved in line with technological developments.

As a rule, your data are processed within the EU. If, in exceptional cases, data are transferred to a third country, this is only done if it is essential to be able to offer you the respective services and in compliance with the strict requirements of the GDPR, including subject to appropriate safeguards (Articles 44, 46 et seq. of the GDPR).

9. Duration of storage

We store your personal data at most until the respectively stated processing purposes have been fulfilled.

10. Your rights

You have the following rights with regard to the processing of your personal data:

  • Right of access, as per Article 15 of the GDPR, to the personal data concerning you we process;
  • Right to rectification of inaccurate or incomplete data, as per Article 16 of the GDPR, and/or erasure including the ‘right to be forgotten’, as per Article 17 of the GDPR, particularly if there are no retention obligations;
  • Right to restriction of processing as per Article 18 of the GDPR;
  • Right to object to processing, in the legally stated cases as per Article 21(1) of the GDPR, and the right to object at any time to processing for direct marketing purposes (Article 21(2) of the GDPR) (see below for further details);
  • Right to data portability as per Article 20(1) of the GDPR.

In addition, you have the right to lodge a complaint to a supervisory authority for data protection.

If you have given your consent to the processing of your data, you can withdraw it at any time with effect for the future.

To the extent that we base the processing of your personal data on our overriding legitimate interests, you have the right to object to the processing (Article 21(1) of the GDPR).

This applies where the processing is not necessary for the performance of a contract with you, as outlined in this privacy policy. When exercising such an objection, we ask you to provide the reasons why we should not process your personal data, as carried out by us. In the event of a justified objection, we shall examine the situation and shall either end or adapt the data processing, or demonstrate our compelling legitimate grounds for continuing the processing.

Irrespective of this, you may object at any time and without providing reasons to the processing of your personal data for marketing and profiling purposes (Article 21(2) of the GDPR).