ende +49 221 292 307 90 Mo.-Fr. von 09:00 - 17:00 Uhr hello@glowstaff.de
More than 7 years experience
International and national
Recommended by clients
More than 2000 projects
Request for free
Get advice now
Booking Request

 

Privacy Policy

Here you can find our Privacy Policy for download (as of 29 September 2025):

1. Controller & Data Protection Officer
The data controller (hereinafter referred to as “Glowstaff”) responsible for data processing on this website is:
Glowstaff GmbH, Im Mediapark 5, 50670 Cologne, Germany.

2. Scope and Right of Withdrawal
This Privacy Policy explains how and to what extent Glowstaff, as the operator of the domain https://www.glowstaff.de (hereinafter referred to as the “Website”), collects and uses personal data.

A “User” is any person who visits the Glowstaff website (hereinafter “Visitor”), has submitted an application (hereinafter “Applicant”), works as a freelancer (hereinafter “Freelancer”), works as a temporary employee (hereinafter “Temporary Employee”), has sent a booking request (hereinafter “Business Client”), or has used our app (hereinafter “App User”).

This Privacy Policy can be accessed at any time at https://www.glowstaff.de/datenschutz/. Glowstaff reserves the right to amend this Privacy Policy in compliance with applicable laws and regulations.

Certain data processing activities are only possible with your explicit consent. You may revoke any consent already given at any time by sending an informal email to the Data Protection Officer.

3. Right to Data Portability, Access, Rectification, Blocking, Erasure & Complaint
You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract, either yourself or to a third party. The data will be provided in a machine-readable format.

You also have the right to request, free of charge, information about your stored personal data, their origin, recipients, and the purpose of data processing. You may also request the correction, blocking, or deletion of this data. In this regard, you may contact our Data Protection Officer.

If you believe your rights have been violated under data protection law, you have the right to lodge a complaint with the competent supervisory authority. For Glowstaff, the competent authority is the State Data Protection Officer of the federal state of Berlin.

4. Data from Website Visitors
We collect certain information about your device, browser, and how you interact with our content when you visit www.glowstaff.de. We may use cookies to collect this personal data. The controller in this context is Glowstaff GmbH.

In its server log files, Glowstaff automatically stores the following information transmitted by your browser:

  • The Internet Protocol (IP) address of your device

  • The IP address of your internet service provider

  • The screen resolution of your device

  • The device type (unique device identifiers – UDI)

  • Browser and operating system versions

  • Geographic location (country only)

  • Preferred language for content display

  • Date and time of website access

  • The internet address from which you were directly referred to our website

  • The operating system you use

  • The sections of the website you visit

  • The specific pages and content you view

  • The hyperlinks you click

  • Survey results, i.e. your responses to survey questions

  • Material you send to or download from our website

  • Contact details and communications you voluntarily provide

If you choose to download reports or whitepapers, subscribe to the newsletter containing news, events, and alerts, or submit an inquiry, you may be asked to fill out a form providing information such as your name, email address, job title, and company.

From the moment you perform one of the above actions, we may link the information collected about your device, browser, and website usage directly to you. If you voluntarily provide personal data, this data will be stored until the purpose no longer applies or until you withdraw your consent. In any case, the data will be deleted after one year of inactivity at the latest.

5. Data from Applicants
We use your personal data to provide our staffing services. These include services in the areas of recruitment and selection, placement, temporary staffing, project placement, secondment, payroll, personal development, career counseling, coaching, planning, as well as HR and payroll administration.

We collect and process personal data about you as an applicant, such as:

  • Identification data – we may process your name, contact details (including home address, landline and mobile phone number), nationality and country of residence, date of birth, (in exceptional cases) your gender, your digital signature, and the languages you speak.

  • CV and other HR information – we may process your CV, employment history, information about your skills, experience and educational background, as well as other relevant information (such as your photo, interview results, and personal data contained in your cover letter or as part of the application).

  • Compensation and benefits information – we may process personal data relating to your current compensation and benefits, including (but not limited to) your current bonus, recurring payments, and benefits.

  • Performance- and conduct-related information – performance-related information, including (but not limited to) information about performance appraisals from the client or customer where you have been on assignment.

  • Government-issued identifiers – we may process identifiers issued by public authorities, including (but not limited to) ID card number, social security number and pension insurance number, where required by law.

  • Photos and video recordings – when participating in events, meetings, conferences, etc. related to recruitment, we may process photos or videos of you.

  • Visitor information – when accessing our premises, we may collect your name, contact details, vehicle license plate and other identifiers for security reasons. Where we are legally obliged to do so, we may also ask you to disclose information about your health status for health and safety reasons (including information on viral infections, influenza, etc.).

  • Survey results – we may process your responses to survey questions.

  • Information you provide to us – we may process additional personal data if you provide it to us.

  • Contracts and invoices – depending on the service you choose as a freelancer, we may process information required for contracts and invoices, including (but not limited to) bank details.

These data may be collected directly or indirectly from you—for example by email, form, uploading a CV, or via LinkedIn or XING (“individual application”); or by registering and setting up an applicant account.

If we did not collect your data directly from you, we will inform you about the purpose and the data sources we use when we contact you in connection with our services (e.g., to draw your attention to a job offer). Exceptions apply where providing this information to you would involve a disproportionate effort. In such cases, we may take alternative measures to protect your rights and freedoms.

6. Data from Temporary Employees and Freelancers
We collect and process your data for the provision of our staffing services, including placement, staffing, secondment, payroll, recruitment and preselection, in- and outsourcing, personal development and employability, reintegration, career counseling and outplacement, consulting, planning, as well as HR and payroll administration.

If you work as a temporary employee or freelancer for one of our clients, we may process the following personal data about you, for example:

  • Identification data – your name, contact details (including home address, landline and mobile phone number), nationality and country of residence, date of birth, (in exceptional cases) gender, digital signature, and languages spoken.

  • Professional information – we may process personal data relating to your professional activity, including (but not limited to) your job title, job description and place of work, your department, your professional email address, reporting lines, and your employment status (full-time/part-time/etc.).

  • Financial information – financial information, including (but not limited to) your account number, bank details, VAT identification number.

  • Payroll data – we may process payroll data, including (but not limited to) recurring payments and benefits, your bonus.

  • Performance- and conduct-related information – performance-related information, including (but not limited to) information about your performance evaluations.

  • Information on disciplinary measures – details of any disciplinary measures taken against you, where applicable.

  • Government identifiers – official identifiers, including (but not limited to) ID number, social security number and pension insurance number, where required by law.

  • CV and other application information – your CV and other relevant information (e.g., your photo, interview notes, and information contained in the cover letter or as part of the application process).

  • Travel and expense data – travel and accommodation information as well as expense information, including (but not limited to) travel itineraries, hotel and travel loyalty cards.

  • Information you voluntarily provide – information you voluntarily provide to us, including (but not limited to) information you share when using IT support or calling the helpline, as well as information about you transmitted through the use of a webcam when communicating with us.

  • Vehicle information – information about your private or company vehicle, including (but not limited to) license plate, tickets and fines.

  • Transport service data – information related to the provision of transport services (contact details: first and last name, mobile number, your home address—only if no stop can be assigned to you—boarding and alighting durations, arrival times, scheduled times according to shift and work schedule (start and end time)).

  • Photo and video material – when participating in external or internal events, meetings, conferences, or other events, we may process photos or videos of you.

  • Trade union membership – data revealing your trade union membership.

  • Information about your family and dependents – details about your family and dependents, including (but not limited to) emergency contact information.

  • Information related to badges/access control cards – employee badges and access control cards may contain your name, photo and employee number and be linked with other stored data (department, telephone number, license plate).

  • Video surveillance material – we may process footage of you obtained through the use of video surveillance systems.

  • Survey results – we may process your responses to employee or satisfaction surveys.

  • Information related to your use of company devices, software and access to the corporate network – we may process information related to your use of our devices, software and access to our networks, including (without limitation) your browsing history and your use of email, the internet and social media, whether at the workplace, on our devices, or otherwise via our networks.

  • Visitor information – when accessing our premises, we may collect your name, contact details, vehicle license plate, ID card, etc., for security reasons. Where legally required, we may also ask you to disclose information about your health status for health and safety reasons.

  • Other special categories of data, such as:

    • Health information – health-related information, including (but not limited to) injuries and exposures, incident reports, disability, illness and incapacity for work, as well as information on maternity protection, where required by law.

    • Religious affiliation – data about your religious affiliation, where required for payroll purposes. Where we process these special categories of data, we will protect, secure and use this information in accordance with this notice and applicable laws.

    • Information on sanctions concerning you – we may check whether you are a politically exposed person (PEP), a Specially Designated National, or otherwise subject to sanctions under applicable laws or regulations.

7. Data from Business Clients

In connection with our services, we process your personal data if you work for a company with which we conduct business (or intend to conduct business, e.g. to submit proposals for services or to maintain a business relationship with the company you work for).

We process the following personal data about you:

  • Identification data – we may process your name and other contact information (including email address, landline and mobile number), your gender, your digital signature, and the languages you speak.

  • Professional information – we may process data relating to your work, including (without limitation) your job title, location, and department.

  • Photos and video recordings – if you attend our events, meetings, conferences, etc., we may process photos or videos of you.

  • Survey results – we may process your responses to survey questions.

  • Visitor information – when accessing our buildings, we may collect your name, contact details, vehicle license plate, ID, etc., for security reasons. Where legally permitted, we may also ask you to disclose information about your health status (including information on viral infections, influenza, etc.) for health and safety reasons.

  • Information you provide to us – we may process additional data if you choose to share it with us.

  • Information regarding trade sanctions – we may check whether you are a politically exposed person (PEP), a Specially Designated National, or otherwise subject to sanctions under applicable laws or regulations.

As part of our business activities, we may also share personal data of business contacts with carefully selected partner companies that offer similar or complementary services. This is done to ensure the best possible handling of inquiries, to expand our partner network, and – where legally permissible under data protection law – for commercial use and sharing of business-related contact inquiries, such as through the brokerage or sale of leads between companies. The sharing of such data is carried out exclusively within a B2B context and does not involve any consumer or private customer data.

8. Data from App Users

In connection with our services, we use a mobile app for personnel planning and time tracking. It allows our temporary employees to apply for assignments, record their working hours, and receive internal information.

Data may be transferred by Glowstaff to processors engaged in performing contractual relationships, in particular Teamhero GmbH, Alt-Moabit 19, 10559 Berlin.

We process the following personal data about you:

  • Identification data – your name, contact details (including home address, landline and mobile phone number), nationality and country of residence, date of birth, (in exceptional cases) gender, digital signature, and languages spoken.

  • Professional information – data relating to your professional activity, including (but not limited to) your job title, job description and place of work, your department, business email address, reporting lines, and employment status (full-time/part-time/etc.).

  • Financial information – including (but not limited to) your account number, bank details, and VAT identification number.

  • Payroll data – including (but not limited to) recurring payments and benefits, your bonus.

  • Performance and conduct information – including (but not limited to) performance evaluations.

  • Disciplinary information – details of any disciplinary measures taken against you, if applicable.

  • Government-issued identifiers – including (but not limited to) ID number, social security number, and pension insurance number, where required by law.

  • CV and other application information – your CV and other relevant details (e.g. your photo, interview notes, and information included in your cover letter or during the application process).

  • Travel and expense data – travel and accommodation details as well as expenses, including (but not limited to) travel itineraries, hotel and travel loyalty cards.

  • Information you voluntarily provide – including (but not limited to) information shared when using IT support or contacting the helpline, as well as information transmitted via webcam when communicating with us.

  • Vehicle information – information about your private or company vehicle, including (but not limited to) license plate, tickets, and fines.

  • Transport service data – information related to the provision of transport services (contact details: first and last name, mobile number, home address—only if no pick-up point is assigned—boarding and alighting times, arrival times, scheduled times according to shift/work schedule).

  • Photos and videos – if you participate in internal or external events, meetings, conferences, or other activities, we may process photos or videos of you.

  • Union membership – data revealing your membership in a trade union.

  • Family and dependent data – including (but not limited to) emergency contact details.

  • Access badge/control card information – employee badges and access cards may contain your name, photo, and employee number and be linked with other stored data (department, telephone number, license plate).

  • Video surveillance material – footage obtained through the use of CCTV systems.

  • Survey results – your responses to employee or satisfaction surveys.

  • Information related to your use of company devices, software, and network access – including browsing history, use of email, internet, and social media, whether at work, on company devices, or otherwise via our networks.

  • Visitor information – when entering our premises, we may collect your name, contact details, vehicle plate number, and ID for security purposes. Where legally required, we may also request information about your health condition for health and safety reasons.

  • Special categories of data, such as:

    • Health data – including (but not limited to) injuries and exposures, incident reports, disability, illness, incapacity for work, and maternity protection, where required by law.

    • Religious affiliation – data concerning your religion, if required for payroll purposes. Where we process such special categories of data, we protect and use them in accordance with this notice and applicable laws.

    • Sanction-related information – we may check whether you are a politically exposed person (PEP), a Specially Designated National, or otherwise subject to sanctions under applicable laws or regulations.

9. Retention Period for Personal Data

Your data will be retained for as long as necessary to fulfill the relevant purpose, taking into account statutory retention periods. If data must be retained due to legal obligations, they will be deleted once the respective retention period expires. Tax-related retention obligations generally last ten years.

If you make a legitimate deletion request or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible grounds for retaining it (e.g. tax or commercial law obligations). In such cases, deletion will take place once these grounds no longer apply.

10. Purposes and Legal Basis for Data Processing

Glowstaff relies on Article 6(1)(a) GDPR as a legal basis for processing operations requiring consent for a specific purpose. The purposes include:

  • Contract fulfillment and pre-contractual measures (Art. 6(1)(b) GDPR): your personal data are processed to fulfill our contractual obligations and carry out pre-contractual steps. This includes handling inquiries, orders, and service delivery.

  • Legal obligations (Art. 6(1)(c) GDPR): we process your data to comply with statutory requirements, such as commercial and tax-law retention obligations.

  • Legitimate interests (Art. 6(1)(f) GDPR): in certain cases, we process data to protect our legitimate interests or those of third parties, such as ensuring IT security, preventing misuse, enforcing legal claims, and defending against legal disputes.

  • Consent (Art. 6(1)(a) GDPR): where you have given consent for specific purposes, processing occurs on that basis. You can withdraw your consent at any time with future effect.

  • Public interest (Art. 6(1)(e) GDPR): in specific cases, we may process data to perform a task in the public interest or in the exercise of official authority vested in us.

11. Sharing of Personal Data

We may share your personal data with the following parties:

  • Clients within the scope of our services, including placement, assignment, and payroll.

  • Competitors of the controller within projects for Master Vendor or Managed Service Provider arrangements.

  • Third parties providing HR services (e.g. payroll service providers).

  • Third parties providing IT-related services (e.g. external providers supporting our IT infrastructure; parts of our software and databases are hosted in cloud environments operated by third parties).

  • Marketing service providers (e.g. storing personal data in cloud-based CRM systems or engaging event or survey organizers).

  • Providers of professional services (e.g. auditors, tax consultants, and legal advisors).

  • Banks and insurance companies (e.g. to process payroll payments).

  • Pension funds.

  • Public authorities (e.g. mandatory disclosures to social security or tax authorities).

  • Law enforcement agencies, courts, and regulators (e.g. when requested by police during investigations).

We may also disclose your personal data to third parties:

  • in the event that we sell or acquire a business or assets, to potential buyers or sellers; or

  • if all or a substantial portion of our assets are acquired by a third party, in which case stored personal data may be transferred as part of the acquired assets.

If we transfer your personal data as described above, such transfers may occur both within and outside the European Economic Area (EEA). Any international transfer will only take place in compliance with applicable law and under conditions ensuring an adequate level of data protection, including appropriate safeguards.

Your personal data may be transferred from countries within the EEA to countries outside the EEA (e.g. the United States). In such cases, we ensure one of the following safeguards applies:

  • The laws of the recipient country ensure an adequate level of data protection.

  • The transfer is governed by the Standard Contractual Clauses approved by the European Commission.

  • Other appropriate safeguards under Article 46 GDPR are in place.

12. Cookies

Our websites use so-called “cookies.” Cookies are small data packets that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies may be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third parties within websites (e.g., cookies for processing payment services).

Cookies serve various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or video display). Other cookies may be used to analyze user behavior or for advertising purposes.

Cookies that are necessary to carry out electronic communications, to provide certain functions you desire (e.g., shopping cart), or to optimize the website (e.g., cookies for audience measurement) (necessary cookies) are stored on the basis of Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure the technically error-free and optimized provision of its services. Where consent for the storage of cookies and comparable recognition technologies has been requested, processing takes place solely on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); consent can be withdrawn at any time.

You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, to exclude the acceptance of cookies in certain cases or in general, and to activate automatic deletion of cookies when closing the browser. If cookies are disabled, the functionality of this website may be limited.

Which cookies and services are used on this website can be found in this Privacy Policy:

12.1 Necessary Cookies

Necessary cookies are crucial for the basic functions of the website. Without them, the site cannot function as intended. These cookies do not store personal data.

  • PHPSESSID (Duration: session):
    Native to PHP applications. Stores and identifies a user’s unique session ID to manage user sessions on the website. Deleted when all browser windows are closed.

  • cookieyes-consent (Duration: 365 days):
    Set by CookieYes to store users’ consent preferences so that they are honored on subsequent visits. No personal information about website visitors is collected or stored.

  • wpEmojiSettingsSupports (Duration: session):
    Set by WordPress when a user interacts with emojis on a WordPress site. Helps determine whether the user’s browser can display emojis correctly.

  • _wpfuuid (Duration: 1 year, 1 month, 4 days):
    Used by the WPForms plugin to link entries from the same user in the paid version and enable features such as the Form Abandonment add-on.

12.2 Functional Cookies

Functional cookies support certain features, e.g., sharing website content on social media platforms, collecting feedback, and other third-party functionalities.

  • pll_language (Duration: 1 year):
    Set by Polylang to store the language selected by the user upon return visits and to obtain language information when not otherwise available.

  • AMA_af2a999d3d83c68b84bace879ecd2b11, i18nLocale, coveto_domain (Duration: session):
    Set by Coveto to display job postings and route applicants.

12.3 Analytics Cookies

Analytics cookies are used to understand how visitors interact with the website. They provide insights such as visitor counts, bounce rates, traffic sources, etc.

  • ga, _ga, _gid, gat_gtag_UA (Duration: 1 year, 1 month, 4 days):
    Set by Google Analytics to calculate visitor, session, and campaign data and track site usage for analytics reports. Stores information anonymously and assigns a randomly generated number to recognize unique visitors.

  • CLID, _clck, _clsk, SM (Duration: 1 year):
    Set by Microsoft Clarity to store information about how visitors interact with the website, helping generate analytics reports (e.g., number of visitors, location of visits, pages viewed).

  • _fbp (Duration: 3 months):
    Set by Facebook to display advertising after visiting the website, either on Facebook or on a digital platform powered by Facebook advertising.

  • MR (Duration: 7 days):
    Set by Bing to collect user information for analytics purposes.

  • lo-uid, lo-visits, lo-domain-check-1716227161555 (Duration: 1 year, 1 month, 4 days):
    Set by LuckyOrange to calculate visitor, session, and campaign data and track site usage for analytics reports. Stores information anonymously and assigns a randomly generated number to recognize unique visitors.

12.4 Performance Cookies

Performance cookies are used to understand and analyze key performance indicators of the website, helping to provide a better user experience.

  • SRMB (Duration: 1 year, 24 days):
    Used by Microsoft Advertising as a unique visitor ID.

12.5 Advertising Cookies

Advertising cookies are used to deliver tailored advertising to visitors based on the pages they previously visited and to analyze the effectiveness of advertising campaigns.

  • _ttp, _tt_enable_cookie (Duration: 1 year, 24 days):
    Set by TikTok to track and improve ad campaign performance and personalize the user experience.

  • MUID (Duration: 1 year, 24 days):
    Set by Bing to recognize individual web browsers visiting Microsoft sites. Used for advertising, website analytics, and other operations.

  • ANONCHK (Duration: 10 minutes):
    Set by Bing to store a user’s session ID and verify ad clicks in the Bing search engine; also supports reporting and personalization.

  • fr (Duration: 3 months):
    Set by Facebook to show relevant ads by tracking user behavior across the web on sites with the Facebook pixel or “Facebook Social” plugin.

Contact Us

If you have questions about this policy or privacy concerns, wish to exercise your rights, or would like more information about the measures we take to adequately protect your personal data when transferring it outside the European Economic Area, please contact kontakt@glowstaff.de.

13. Data Protection Officer and Contact

Glowstaff GmbH
Im Mediapark 5
50670 Cologne, Germany

Data Protection Officer:
Mr Jan Barenbrock
Email: kontakt@glowstaff.de

You can exercise your rights by contacting us at kontakt@glowstaff.de.

We will handle your request with particular care to ensure you can effectively exercise your rights. We may ask you to provide proof of identity to ensure that we do not disclose your personal data to anyone other than you. Please note that in certain cases (e.g., due to statutory provisions) we may not be able to process your request immediately.