The provisions of the EU General Data Protection Regulation (GDPR) have applied since May 25, 2018. With these notes on data protection, we would like to provide you with an overview of how we process your personal data in the UniCredit Bank AG application process and your data protection rights.
Personal data will only be collected or processed by UniCredit Bank AG in accordance with applicable data protection regulations.
Below you will find a quick and easy overview of what personal data we collect from you on this website and what we do with it. In addition, we will inform you about your rights under applicable data protection law and whom you can contact if you have any questions.
The responsible party for this Internet service is:
UniCredit Bank AG
Phone: +49 (0)89 378-0
Please note that in the course of the application process - depending on which companies you specifically apply to for a job - the following UniCredit Group companies in addition to UniCredit Bank AG will become data controllers within the meaning of the GDPR:
BA Real Invest Client Investment GmbH
Bank Austria Finanzservice GmbH
Bank Austria Real Invest Immobilien-Management GmbH
HVB Secur GmbH
UniCredit Bank Austria AG
UniCredit Direct Services GmbH
UniCredit Leasing (Austria) GmbH
UniCredit Services GmbH
UniCredit S.p.A. Munich Branch
UniCredit S.p.A. Vienna Branch
Wealth Cap Kapitalverwaltungsgesellschaft mbH
If, in the course of your application, you agree to open your profile to other positions in order to be actively approached by the relevant recruiter(s), your profile will also be shared with other UniCredit Group companies.
You can reach UniCredit Bank AG's Corporate Data Protection Officer(s) at:
UniCredit Bank AG
Phone: +49 (0)89 378-0
If you are interested in a job offer or register for this Internet service (i.e. create your profile), we collect personal data from you. As an applicant or registered interested candidate, relevant personal data are, for example:
During your visit to the website, we collect technical data through our IT systems, such as information about the Internet browser, the operating system or the time of the page request, in order to ensure error-free provision of the website. The collection of this data occurs as soon as you open our website and is indispensable for the operation of the site.
In connection with this website, we use the data only strictly for the purpose of preparing and carrying out the application process and, if an employment relationship is established, collecting the necessary data for carrying out the employment relationship.
For the fulfillment of (pre)contractual obligations (Art. 6 para. 1 b DSGVO).
The processing of data is carried out for the initiation of an employment relationship and for the implementation of pre-contractual measures (e.g. review of application documents, invitation to an interview).
Within the framework of the balancing of interests (Art. 6 para. 1 f DSGVO).
To the extent necessary, we process your data beyond the actual performance of the contract or pre-contractual measures to protect legitimate interests of us or third parties. Examples:
Based on your consent (Art. 6 para. 1 a DSGVO).
Insofar as you have given us consent to process personal data for specific purposes (e.g. for the further use of your applicant profile for other job advertisements or for the review of your application documents by an external service provider), the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. The revocation of consent does not affect the lawfulness of the data processed until the revocation.
Due to legal requirements (Art. 6 para.1 c DSGVO) or in the public interest (Art. 6 para. 1 e DSGVO).
In addition, as a bank, we are subject to various legal obligations, i.e. legal requirements (e.g. German Banking Act, Money Laundering Act, Securities Trading Act, tax laws) as well as banking supervisory requirements (e.g. of the European Central Bank, the European Banking Authority, the Deutsche Bundesbank and the German Federal Financial Supervisory Authority). The purposes of the processing include, among others, fraud and money laundering prevention and the fulfillment of control and reporting obligations under tax law.
Within the company to which you have applied, those departments that need your data to fulfill our contractual and legal obligations will receive access to it. Service providers and vicarious agents employed by us may also receive data for these purposes, provided that they maintain banking secrecy and data protection. With regard to this website, these are companies in the categories of IT as well as marketing and coverage measurement of the website. We only use selected service providers who are contractually obligated to process the data received exclusively in accordance with our instructions.
With regard to the transfer of data to recipients outside our bank, it should first be noted that this Internet service enables applications to be made to other UniCredit Group companies, which are themselves data controllers within the meaning of the GDPR. If you apply for a job at another company of the UniCredit Group, your data will of course also be forwarded to this company.
In addition, we may only pass on information about you if this is required by law or if you have given your consent. Recipients:inside of personal data may be public bodies and institutions (e.g. Deutsche Bundesbank, German Federal Financial Supervisory Authority, European Banking Authority, European Central Bank, financial authorities, law enforcement authorities) if there is a legal or official obligation.
UniCredit Bank AG does not transfer data to countries outside the European Economic Area (so-called third countries) within the scope of this website.
However, UniCredit Bank AG uses service providers for certain tasks, most of which also use service providers that may have their registered office, parent company or data centers in a third country.
A transfer is permitted if the European Commission has decided that an adequate level of protection exists in a third country (Art. 45 GDPR). If the Commission has not made such a decision, UniCredit Bank AG or Service Provider:in may only transfer Personal Data to Service Providers:in in a Third Country provided that appropriate safeguards are in place (e.g., standard data protection clauses adopted by the Commission or the supervisory authority in a specific procedure) and enforceable rights and effective remedies are available.
UniCredit Bank AG has also contractually agreed with its service providers that data protection bases in compliance with the European level of data protection will always be concluded with their contractual partners as well.
We do not process and store your personal data for longer than we need them for the respective processing purposes.
If the data is no longer required for the fulfillment of contractual or legal obligations (e.g. proof of AGG compliance), it is regularly deleted.
Users of the Internet service are contacted every 11 months and asked to update their applicant profile - if they do not register with the system within one month, the applicant profile is automatically deleted. In addition, you can initiate the deletion yourself in the system at any time - provided that no processes requiring archiving prevent deletion, the profiles will be deleted immediately.
Every data subject has the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR, the right to object under Article 21 of the GDPR and the right to data portability under Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, you have the right to lodge a complaint with a competent data protection supervisory authority (Article 77 DSGVO in conjunction with Section 19 BDSG).
To assert your rights, please contact our data protection officer as described at the beginning of this data protection notice.
This website contains Social Apply capabilities that allow you to create your application by linking to specific platforms. The linked platforms are:
A cookie is a small file that stores Internet preferences. Almost every website uses cookie technology. It is downloaded by your internet browser the first time you visit a website. The next time you visit that website with the same terminal device, the cookie and the information stored in it is either sent back to the website that generated it (first party cookie) or sent to another website to which it belongs (third party cookie).
Depending on their function and purpose, cookies can be divided into the following categories: essential cookies, functional cookies, social apply cookies with third-party functionalities.
In the Cookie Banner, you can decide which categories/ cookies you want to allow. In addition to the selection in the Cookie Banner, when you first visit the website, you can also adjust your cookie settings directly in your browser settings.
In the following areas, you will be made transparent which providers and purposes fall into the corresponding cookie categories and exactly what data is set in the respective cookie.
We offer you the option to conveniently reject or agree to cookies that require consent. The various third-party cookies are grouped into the categories mentioned here. You have the option to switch individual categories on and/or off via the button. Your cookie preference is stored for one year. Even after active consent on your part, you have the right to object to this type of recording at any time by revoking your consent. You can do this via your browser settings.
If a category is switched off or remains switched off and this setting is confirmed/saved accordingly, all cookies of the corresponding category will no longer be loaded and thus no data will be transferred to the respective third-party providers.
If a category is switched on or remains switched on and this setting is confirmed/saved accordingly, all cookies from the category will be loaded and thus the described data will be transferred to the respective third-party providers.
Cookies that are absolutely necessary cannot be deactivated via the function of this page. You can generally deactivate cookies in your browser at any time. However, we would like to point out that our website will then no longer function at all or only partially.
For how long are cookies stored?
These are cookies that require your consent and are only set with your explicit consent. You can give this consent if you check the "Functional" category in the cookie banner and accept the selection. The selection via the "Accept all" button includes this consent.
On the one hand, language cookies are controlled by the functional cookies.
For how long are cookies stored?
In addition, the functionality of YouTube and Google Maps is controlled via functional cookies.
We use YouTube on individual pages of this website. This is a video portal of YouTube LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, hereinafter referred to as "YouTube". YouTube is a subsidiary of Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google".
We use YouTube in connection with no-cookie links to show you videos. However, when you click on a YouTube video, information (including your IP address, the date and time and the website you visited) may still be transmitted to the YouTube or Google server in the USA. We have no influence on this.
If you are logged into YouTube at the same time, YouTube will assign the connection information to your YouTube account. If you wish to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account.
Everything possible is being done using state-of-the-art technology to ensure that your data is secure on the Internet and in the bank's infrastructure. Nevertheless, we rely on your help - you can find out what you can contribute here: Fraud prevention (German)
In order to facilitate a speedy application process, UniCredit Bank AG sends all relevant information and documents to your e-mail address stored in the application procedure. UniCredit Bank AG offers transport encryption (TLS - Transport Layer Security) as standard here if the mail server of your e-mail provider supports TLS.