Privacy Policy

01We care about your Personal data

Data protection is our special interest. This privacy notice explains which personal data we collect, why we collect them, how we use them, with whom we share your personal data, how we keep it safe and which rights do you have. When we use your data, we use them according to this Privacy notice. This Privacy notice is related to our website visitors and job applicants. The term “We” or “Our” in this Privacy Notice refers to the network of Martian & Machine firms which consists of the following legal entities:

  • Martian & Machine GmbH, based in Germany, Karl-Liebknecht-Str. 29A, 10178 Berlin
  • Martian & Machine d.o.o., based in Croatia, Ulica kneza Branimira 41, 10 000 Zagreb

You can get more details about Martian & Machine legal entities on this link.

If you have any questions regarding your Personal Data, please feel free to contact us via e-mail: or by post to our official address Karl-Liebknecht-Str. 29A, 10178 Berlin, Germany.

02What is Personal data?

Personal data means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

03And which Personal data we use?

Depending on the purpose, we collect the following type of Personal data:

  • Your name and surname
  • Contact details (email, telephone number)
  • Address
  • Date and place of birth
  • Information about your activities on the website, IP address, geographical location, type of device
  • Information about your education and skills
  • Information about your previous work experience
  • Information you provide us in the contact form
  • Information contained in your CV or motivational letter
  • Other information you voluntarily provide to us
04When do we collect your Personal data?

We collect your Personal data:

  • Directly from you (when you contact us or when you get interviewed)
  • Indirectly (from third parties- employee agency)
  • From public sources (Linked In and other public sources)
  • Automatically (when you visit this website)
  • From our website that uses cookies. Read more about cookies in the cookie policy.
  • When you engage with us through social media (when you tag us, mention us or contact us through social media)
05Am I obligated to provide you with my Personal data?

No, you are not obligated to provide us with your Personal data. However, where your Personal Data is required for us to manage recruitment process or to provide you with the information you have requested, we may not be able to offer you services or enter into a contract with you.

06Children’s Personal data

Our website is not intended for minors. We advise parents/guardians to inform their children about the safety and use of personal data on the Internet.

07Why we collect your Personal data?

We use your Personal Data for various purposes, which include:

  • sending you communication which you have requested

We use your data to provide you with the information about our services in the area in which you have expressed your interest through the contact web-form. It is our legitimate interest as a business to use your data for this purpose.

  • conduct fraud checks and prevent illegal activity

It is our legitimate interest as a business to use your data for this purpose.

  • to respond and defend against legal claims

It is our legitimate interest as a business to use your data for this purpose

  • operate our website

It is our legitimate interest as a business to use your data for this purpose

  • fulfilling our legal obligations

Sometimes we will use your personal data because it's necessary for us to comply with a legal obligation.

  • for the purposes of the recruitment process:
    • to conduct background (reference) checks of job applicants (verification of past employment, education, etc.)
    • to assess your skills and qualifications for the offered/opened position
    • to communicate with you about the recruitment process
    • to decide to whom to offer the job

It is our legitimate interest to decide whether to appoint you the role and to manage a recruitment process. Also, sometimes we need to process your data to take steps at your request prior to entering into a contract with you.

    • to communicate with you after the recruitment process

If your application was unsuccessful, we would like to keep your Personal Data in order to communicate with you about future job opportunities. The legal base is your consent.

08Sharing your data with third parties

We don’t sell or rent your Data.

In order to achieve the purposes, set out in this Policy, we share Personal data with third party which may include:

  • Third party service providers who work on our behalf or who we are working with (We work with carefully selected third parties, such as IT service providers, accountants, legal advisors, payment services, hire companies, etc.)
  • Public authorities and other bodies governed by public law
  • We may disclose your Personal Data to a third party as a part of a sale or merger or reorganization of our business assets.

We will always take care that your Personal data is protected.

09For how long we keep your data?

We keep your Personal Data only as is necessary for the purpose it was collected. The retention period depends on the following criteria:

  • In which purpose do we process personal data?
  • What is a lawful basis for such processing?
  • Are we legally required to hold some types of Personal Data?
10Data protection and transfers of personal data outside of EEA

We take all necessary organizational and technical measures in order to protect your personal data. We store your Personal data inside the European Economic Area (EEA), except in the case when your personal data is stored on the servers in the country outside the EEA. For communicating with website visitors, we use a server which is in Germany. Please note that other countries may have different privacy regulations and standards than the EU. However, we will take care that your personal data is subject to the same safeguard measures as inside the EEA.

11Link to Social media

Our website contains a link to social media (Facebook, Instagram, Dribbble, Github etc.). Please note that Facebook and Instagram have their own privacy rules, so we advise you to read Facebook or Instagram Privacy rules. We are not responsible for the privacy rules of the Facebook or the Instagram even if you access them through our link.

12Processing of (personal) data by the operator of the recruitment website

General information

This recruitment website is operated by Personio GmbH, which offers a human resource and candidate management software solution ( Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The sole controller of this data within the meaning of article 24 of the GDPR is the enterprise carrying out this online application process. Personio's role is limited to operating the software and this recruitment website and, in this context, being a processor under article 28 of the GDPR. In this case, the processing by Personio is based on an agreement for the processing of orders between the controller and Personio. In addition, Personio GmbH processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website. We will refer to this in more detail below.

The controller

The controller under data protection law is:

  • Personio GmbH
  • Rundfunkplatz 4
  • 80335 München
  • Phone: +49 / 89 1250 1005
  • Commercial register entry number: HRB 213189
  • Registration Court: Amtsgericht München (Munich Local Court)
  • Data Protection Officer contact:

Access logs ("server logs")

Each access to this recruitment website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is section 15 subsection 1 of the German Telemedia Act (TMG), as well as article 6 (1) f of the GDPR. Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web. These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is section 15 subsection 1 of the German Telemedia Act (TMG), as well as article 6 (1) f) of the GDPR. When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected. These error logs are stored for a period of up to 7 days. There is no right to object to this.

Rights of data subjects

If Personio GmbH as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Personio GmbH's Data Protection Officer (see item B).

Concluding provisions

Personio reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.

13Your rights
  • Right to be informed about processing your Personal data
  • Right to withdraw a consent
    • If we process your Personal Data based on the consent, you have the right at any time to withdraw your consent, by sending the email to
  • Right of access to your Personal data or to ask for a copy of your Personal data
  • Right to correct your Personal data
    • If your Personal Data that we hold is incorrect or unaccrued, you have the right to correct or up to date it
  • Right to erasure (“Right to be forgotten”)
    • This is not your absolute right and only applies in certain circumstances.
  • Right to restrict the use of Personal data
    • This is not an absolute right and only applies in certain circumstances.
  • Right for your information to be portable (Personal data portability)
    • The right to data portability only applies when your lawful basis for processing Personal data is consent or for the performance of a contract; and when you are carrying out the processing by automated means (i.e. excluding paper files)
  • Right to object in case that we are processing your personal data based on legitimate interest, for direct marketing or statistical/research purposes
  • Right to lodge a complaint
    • This is not an absolute right and only applies in certain circumstances. If you are not satisfied with how we manage your data, you can contact us via email: or you can lodge a complaint to the National Data Protection Authority in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes Regulation (GDPR)
    • German DPA: Federal Commissioner for Data Protection and Freedom of Information (BfDI), Husarenstr. 30, 53117 Bonn, Germany
    • Croatian DPA: Data Protection Agency, Martićeva 14, 10 000 Zagreb, Croatia

If you have any questions about your rights or you want to exercise them, you can contact us via email We might ask for your additional information to verify your identity. In most cases, we will respond to your request within 30 days as of receipt of your request. We may extend the time to respond by further two months if the request is complex or we have received several requests from you. In such case, we will inform you about the reasons for delay.

14Changes to this Policy

We have the right to make changes to this Policy. Any changes we make will be published on this website.

This Policy was last updated in May 2021.