Privacy and Cookie Policy

Privacy Policy

 Current status: AcceptedCurrent status: Denied

Privacy Policy

The protection of personal data and the responsible handling of information are important and special concerns for us, the Futurepath GmbH (“Futurepath” / “us” / “we”). We process personal data only in accordance with legal requirements, in particular the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

This privacy policy informs you in accordance with Art. 13, 14 GDPR about how we process personal data in case you visit our website, apply as a Tech Candidate, or apply for a job with us. Furthermore, we inform you about the protection of your privacy on the terminal equipment used by you within the meaning of Section 25 of the German Telecommunications Digital Services Data Protection Act (TDDDG).

This privacy policy also contains information on recipients of your personal data, erasure and retention periods, your rights as a data subject, and automated decision making.

A. General Information

Controller and Data Protection Officer

Controller: Futurepath GmbH, Zehdenicker Straße 1, 10119 Berlin, [email protected]
Data Protection Officer: Dr. Sebastian Heep, PLANIT // LEGAL, Jungfernstieg 1, 20095 Hamburg, [email protected]

Your Rights

  • Right to confirmation and access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)
  • Right to lodge a complaint (Art. 77 GDPR)

Erasure of Your Personal Data

We erase your data when it is no longer necessary for processing purposes, upon withdrawal of consent, or if you object to processing unless there are compelling legitimate grounds. Retention periods under German law are usually six years (business correspondence) or eight years (accounting data).

Data Transfer to Third Parties

Data may be shared with service providers (e.g. IT, hosting, accounting, legal advice) under Art. 28 GDPR. Transfers to authorities occur only if legally required.

Data Transfer Outside the EEA

We may transfer data to third countries such as the US with adequate safeguards (e.g. EU Standard Contractual Clauses or the EU–US Data Privacy Framework).

No Automated Decision-Making

We do not use automated individual decision-making as per Art. 22 GDPR.

Amendments

We may amend this policy to reflect legal, technical, or organizational changes. The latest version is always available on our website.

B. Purposes and Legal Basis of Data Processing

B.1 Website Use

Internet Connection Data

When you access our website, your IP address and related usage data are processed to ensure functionality and security (Art. 6(1)(f) GDPR).

Cookies and Local Storage

We use necessary and optional cookies for functionality, analytics, and marketing. You can manage your preferences via our cookie banner.

Technical Necessary Cookies

These cookies are essential for website operation (Art. 6(1)(f) GDPR). Examples: cmplz_policy_id, jetpackState, etc.

Cookies Requiring Consent

Optional cookies (functional, analytics, marketing) are used only with your consent (Art. 6(1)(a) GDPR). Examples include Weglot, Google Analytics, HubSpot, and LinkedIn cookies.

Google Analytics & Ads

We use Google Analytics and Google Ads to analyze and improve website performance. IP anonymization is enabled. Transfers to the US are based on the Data Privacy Framework.

Withdrawal of Consent

You can withdraw your cookie consent anytime by reopening the cookie banner via the link in our footer.

Google Fonts

Fonts are served from our own server, not from Google servers (Art. 6(1)(f) GDPR).

Social Media Links

Links to Facebook, Instagram, LinkedIn, Xing, and X use the Shariff solution to prevent data transmission until you click a button. See respective providers’ privacy policies for details.

Contact Form

If you contact us, we process your data to respond to your inquiry (Art. 6(1)(b) or (f) GDPR).

Newsletter

We use double opt-in for newsletters. You can unsubscribe anytime (Art. 6(1)(a) GDPR).

Customers, Suppliers, Business Partners

Data is processed for communication and contract execution (Art. 6(1)(b) or (f) GDPR).

C. Job Applications

C.1 Application as a Tech Candidate

Applications are processed via Recruit CRM (Workforce Cloud Tech Inc., US). Data may be transferred to WorkGenius Berlin GmbH and used for interviews or testing. Legal basis: Art. 6(1)(b) GDPR.

Integration with WorkGenius Platform

Futurepath integrates Tech Candidate profiles into the WorkGenius platform for efficiency and broader opportunities. Legal basis: Art. 6(1)(f) GDPR. You can object anytime via [email protected].

WorkGenius privacy policy: www.workgenius.com/privacy-policy

C.2 Application at Futurepath

Applications via Personio (Personio GmbH, Munich). Interviews scheduled via Calendly or Google Calendar. Both providers are certified under the Data Privacy Framework.

Unsuccessful applications are deleted after six months; optional candidate pool storage up to 12 months with consent (Art. 6(1)(a) GDPR).

Version: September 2025
Futurepath GmbH