Skip to main content

Processing of (personal) data by the entity in charge of the online application process

Privacy Policy
This privacy policy applies to personal data collected and stored by companies of the cosine group (cosine). The cosine group currently has companies in the Netherlands (headquarters), Germany and Italy. This policy will explain how our organization uses the personal data we collect from you when you visit our website and when you apply for a position (job or internship) at cosine. This includes information that is provided via our website, email and when we meet you in person.

Your permission

To submit a message using our website we ask you to give permission for the collection, storage and use of your data insofar as necessary and described in this policy.

What data do we collect and how?

  • When you visit our website, we store which pages you request, the time at which it occurs, the IP address from which you are accessing or the account you use and the system you use. We exchange a few cookies to keep track of your session.
  • When you visit our website and fill out a form online, we store which data you provide or modify, at what time you do this and from which IP address or account.
  • We store the e-mails you send to a cosine e-mail address.
  • When you apply for a position, we store personal identification information, such as your name, address, email address, telephone number and information regarding your education, career and related activities such as volunteer work.

How will we use your data?

When you visit our website and fill out a form online, we collect the information that you provide in a customer relationship management tool. We use your personal data for one of our cosine employees to contact you directly. If you have subscribed to the cosine newsletter we use it to send newsletters via email.

When you apply for a position, we process your application for a position at cosine and depending on the outcome of your application it will either:

  • be used for an offer for a position at cosine

  • be deleted from our database after 90 days

  • be anonymized to use as metadata for our internal recruitment reports

  • in some cases, with your consent, be added to our talent pool to consider you for future positions at cosine.

How do we store your data?

The data is stored on our own servers at cosine premises, the servers of Dutch hosting companies and data centers in the European Union.
When you apply for a position, we will keep your personal identification information for 90 days. Once this time period has expired, we will delete or anonymize your data. In case of anonymization, the data will only be available to us in the form of metadata for statistical analysis, without any direct personal reference, for example the number of applications per month/year.

Disclosure of data to third parties

When you visit our website and fill out a form online, we share your information with the companies in the cosine group. We do not share any of the information, including cookies, with any other person or organization.

When you apply for a position, data transmitted as part of your application will be transferred using TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers a human resource and applicant management software solution (https://www.personio.com/legal-notice/). In this context, Personio is our processor under article 28 of the GDPR and the processing is based on an agreement between cosine and Personio.

What are your data protection rights?

We would like to make sure you are fully aware of your data protection rights. Every user is entitled to the following:
  • The right to access – You have the right to ask us for copies of your personal data.
  • The right to rectification – You have the right to request us to correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
  • The right to erasure – You have the right to request us to erase your personal data, under certain conditions.
  • The right to restrict processing – You have the right to request us to restrict the processing of your personal data, under certain conditions.
  • The right to object to processing – You have the right to object to processing of your personal data by cosine, under certain conditions.
  • The right to data portability – You have the right to request us to transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact our Data Protection Officer.

Changes to our privacy policy

We may change this privacy policy from time to time by posting an updated version on the cosine website. In this case, the new privacy policy applies to any later visit to our recruitment pages or job application. We encourage you to check this policy regularly to keep up to date with the way we use your personal information. This policy was last updated on 10 April 2025.

How to contact us

If you have any questions about our privacy policy, your personal identification information collected by cosine, or would like to exercise one of your data protection rights, please contact our Data Protection Officer:
cosine
Attn. Karin Liang, Data Protection Officer
Warmonderweg 14
2171 AH Sassenheim
The Netherlands
+31 71 528 4962
privacy@cosine.nl

Processing of (personal) data by the operator of the recruitment website

General information

This recruitment website is operated by Personio SE & Co. KG, which offers a human resource and candidate management software solution (https://www.personio.com/legal-notice/). Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The sole controller of this data within the meaning of article 24 of the GDPR is the enterprise carrying out this online application process. Personio’s role is limited to operating the software and this recruitment website and, in this context, being a processor under article 28 of the GDPR. In this case, the processing by Personio is based on an agreement for the processing of orders between the controller and Personio. In addition, Personio SE & Co. KG processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website. We will refer to this in more detail below.

The controller

The controller under data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 München
Tel.: +49 (89) 1250 1004
Entry in the commercial register
Commercial register entry number: HRA 115934
Registration Court: Amtsgericht München
Data Protection Officer contact: privacy@personio.com

Access logs (“server logs”)

Each access to this recruitment website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web. These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected. These error logs are stored for a period of up to 7 days. There is no right to object to this.

Use of cookies

So-called cookies are used on parts of this recruitment website. They are small text files which are stored on the device with which you access this recruitment website. As a general rule, cookies serve the purpose of ensuring secure access to a website (“absolutely necessary”), implementing certain functionalities such as standard-language settings (“functional”), improving the user experience or the performance of the website (“performance”), or placing targeted advertisements (“marketing”). On this recruitment website, we generally use only cookies that are absolutely necessary, functional or performance-related, in particular for implementing certain default settings such as language, for identifying the job advertising channel, or for analyzing the performance of a job advert via which a user accessed this recruitment website. The use of cookies is absolutely necessary for providing our services and thus for the performance of the contract (article 6 (1) b) of the GDPR). Period of storage: up to 1 month or until the end of the browser session Right to object: You can determine via your browser settings whether you allow or object to the use of cookies. Please note that deactivating cookies may result in limited or completely blocked functionalities of this recruitment website.

Rights of data subjects

If Personio SE & Co. KG as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Personio SE & Co. KG’s Data Protection Officer (see item B).

Concluding provisions

Personio reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.