Privacy Policy
Version 01/2025
We process your personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR), national data protection legislation and all other applicable laws. This website contains the following data protection information pursuant to Article 13 et seq. GDPR:
In addition to this privacy policy for applicants and prospective customers, we refer to our general privacy policy at https://www.motel-one.com/en/data-privacy/, in which you can find information on the processing of personal data when using our website.
I. Contact information of our data protection officer
For any questions relating to data protection issues, please contact our data protection officer at:
KINAST Rechtsanwaltsgesellschaft mbH
Nordstraße 17a
50733 Cologne, Germany
E-Mail: dsb-motelone@kinast.eu
II. Information pursuant to Article 13 et seq. GDPR for applicants
The following data protection information applies to the data processing carried out by Motel One and The Cloud One hotels during application procedures.
1. Controller responsible for data processing
Your contractual partner (Motel One or The Cloud One Hotels) is responsible for data processing.
Motel One GmbH
Tegernseer Landstrasse 165
81539 Munich
Germany
Tel.: +49 (0) 089 665025-0
Fax: +49 (0) 089 665025-50
Website: www.motel-one.com or www.the-cloud-one.com
Email: privacy@motel-one.com or privacy@the-cloud-one.com
2. Purposes and legal basis of data processing
In the application process, we distinguish between personal data that is required to complete the application and personal data that is provided voluntarily.
2.1 Initiating an employment relationship
Personal data that is required to complete the application procedure is processed for the purpose of deciding whether to initiate an employment relationship. The legal basis for this data processing is the implementation of pre-contractual measures in relation to an employee relationship in accordance with Article 6(1)(b) of the GDPR.
If your application is successful, we will process the personal data you provide during the application procedure. In this case, the processing serves to establish the employment relationship in accordance with Article 6(1)(b) of the GDPR.
2.2. Consent
Furthermore, you may voluntarily provide personal data during the application procedure, e.g. so that we can form an initial impression of you. The legal basis for this activity is your consent in accordance with Article 6(1)(a) of the GDPR, which you have granted us for one or more specific purposes by ticking the corresponding box on our job portal or the applicant platform, or via email. These purposes include, for example, the inclusion of your application in an applicant database for future vacancies. Consent is given voluntarily and may be revoked at any time. This shall not affect the legality of the data processing that is carried out on the basis of your consent until this consent is revoked.
2.3 Consent to be contacted via WhatsApp
You also have the option of consenting to being contacted via WhatsApp. Here too, by ticking the corresponding box on our applicant platform, you give us your consent in accordance with Article 6(1)(a) of the GDPR to contact you via WhatsApp. Consent is given voluntarily and may be revoked at any time. This shall not affect the legality of the data processing that is carried out on the basis of your consent until this consent is revoked.
Communications via WhatsApp are protected by end-to-end encryption. However, WhatsApp does have access to the metadata of the communications (sender, recipient, time, file size, etc.). Furthermore, despite having concluded all necessary data protection contracts, we cannot rule out the possibility that WhatsApp collects, processes, uses and transfers your data to third parties for its own or third-party purposes. Please note that your data may also be processed outside the European Union/European Economic Area. For this reason, we have obtained assurances from WhatsApp that the necessary guarantees are in place regarding the transfer of data to third countries pursuant to Article 44 et seq. of the GDPR.
Nevertheless, there may be privacy risks for users, as an adequate level of data protection may not be guaranteed and it may be more difficult for the data subjects to exercise their rights.
Please refer to WhatsApp’s privacy policy. WhatsApp’s terms of use and privacy policy can be found here: Privacy Policy – EEA (whatsapp.com).
We do not store your mobile phone number or your personal data on the end device on which the WhatsApp chat programme is located. The record of the chat with you will be deleted after the end of the application phase at the latest.
3. Origin of the data
In general, we receive your personal data from you (via email or post). We also receive applications via our application platform, where you can independently upload the data required to complete the application process. Your personal data may also be transferred to us by service providers and application portals with whom we have concluded corresponding data protection agreements. These include Indeed and LinkedIn, provided that you have consented to this transfer or initiated it yourself (e.g. via the ‘Easy Apply’ button). More information on data protection at Indeed and LinkedIn can be found here:
FAQ: Indeed’s approach to data protection
4. Categories of personal data processed
The categories of personal data processed include, in particular, the following data or categories of data:
4.1 Required personal data
The following information is routinely required for the application process:
• Your master data (first name, surname)
• Your contact details (address, email address, telephone number)
• Your professional and personal skills (education, training, higher education, further training, language certificate(s)).
4.2 Voluntarily provided personal data
The following information is routinely provided voluntarily during the application process:
• A photograph
• Your date of birth
• Information about your hobbies
• Information about any skills acquired in your private life (for example, if you have led a youth organisation or completed voluntary work).
5. Categories of recipients of personal data
Within the company of the controllers, your personal data will only be received by people and offices (e.g. specialist departments) who need it to initiate and establish an employment relationship. In some cases, certain data is transferred to all associated companies if this data processing function is undertaken centrally for all associated companies. In addition, we make use of various service providers for the purposes of managing applications and operating our applicant platform, with whom – depending on the particular situation – an agreement on contractual processing has also been concluded in accordance with the requirements of Articles 28 and 29 of the GDPR.
6. Transfer of data to third countries
During the processing of your personal data by Motel One, The Cloud One and its service providers, some data may be transferred to third countries outside the EU or the European Economic Area (EEA). We will only transfer your data in this way if there are suitable guarantees in place regarding compliance with EU data protection requirements pursuant to Article 44 et seq. of the GDPR (e.g. an adequacy decision for the state in question pursuant to Article 45(1) of the GDPR, or the conclusion of standard contractual clauses pursuant to Article 46(2)(c) of the GDPR) or if you have given us your informed consent to the transfer of your data to third countries (Article 49(1)(a) of the GDPR).
7. Duration of data retention
We only retain your personal data for as long as is required to fulfil the purpose for which it was collected or for as long as statutory retention periods apply. Your personal data will be stored for as long as is required for the application process.
If your application is unsuccessful or if you withdraw your application, we will delete the personal data you provided during the application process no later than six months after the application process has been completed. We only store your personal data for a longer period of time if this is necessary and permissible for legal reasons or if you have given us your consent to do so.
If you revoke your consent, the storage period specified for unsuccessful or withdrawn applications will apply.
8. Automated decision-making
Automated decision-making as defined by Articles 13 and 22 of the GDPR occurs when data subjects are subjected to an assessment of personal aspects concerning them, which is based solely on automated processing and which produces legal effects concerning the data subject or similarly significantly affects them. The personal data of applicants is not processed in this way.
9. Obligation to provide personal data
The provision of the personal data listed under point 4.1 as part of the application procedure is required for the initiation or establishment of the employment relationship. Without this information, the application procedure cannot be completed. The provision of the personal data listed under point 4.2 is voluntary.
10. Rights of data subjects
Data subjects can request information on the personal data stored about them via the above-mentioned email address. In particular circumstances, data subjects can also request the correction or deletion of their data. You also have the right to limit the processing of your data and the right to receive your data in a structured, current and machine-readable format. Furthermore, you have the right to revoke any consent you have given. Consent is given voluntarily and may be revoked at any time by sending a message to the email addresses listed here. This shall not affect the legality of the data processing that is carried out on the basis of your consent until this consent is revoked.
Data subjects may file a complaint with the data protection officer or a supervisory authority if they believe that the processing of their personal data violates the GDPR.
Data subjects can assert their rights at privacy@motel-one.com or privacy@the-cloud-one.com.