Recruitment Privacy Policy

This Recruitment Privacy Policy is set in line with our company’s policy on the protection of information relating to job applicants and their individual applications. Protecting the confidentiality and integrity of personal data is a critical responsibility that we take seriously at all times. We will ensure that personal data is always processed in accordance with the provisions of relevant data protection legislation.

Controller and Data Protection Officer

Lilium GmbH, Claude-Dornier Str. 1, Geb. 335, 82234 Wessling, registered with the commercial register of the local court (Amtsgericht) Munich under HRB 216921, represented by the managing director Daniel Wiegand.

We have appointed a data protection officer who may be reached via privacy@lilium.com.

For the purposes of this Recruitment Privacy Policy a Candidate includes:

  • an active job seeker who registers via our Careers-section on our website, or applies to a role that we have advertised;
  • a candidate that has been placed via a third party on a temporary, permanent or contract basis; and/or
  • someone we identify as a potential job seeker through external resources and has agreed for the individual’s personal data to be stored and used for possible employment and recruiting purposes.

Personal data is any information relating to an identified or identifiable natural person. Personal data includes e.g. name, email address or telephone number.

Data processing is any activity that involves the use of personal data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organizing, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transmitting or transferring personal data to third parties. We will transfer your Personal Data to a third party only within the scope of legal provisions, i.e. if we are obliged to transfer the data due to a government or court order, or if applicable legal provisions authorize the transfer.

Applicable legal provisions are, in particular, those of the regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016, repealing the directive 95/46/EC, on the protection of individuals with regard to the processing of personal data, on the free movement of such data (“General Data Protection Regulation”, GDPR) as well as in the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the German Telemedia Act (Telemediengesetz, TMG).

What kind of data will you share with us?

Your Contact Details including name, email, address and telephone number, gender, your career history, qualifications, country of residence, language skills and any other personal information you include in your interactions with Lilium. We may also ask for additional information to assist us with our recruitment process and in the event you are offered a job, an example would be date of birth and work documents.

We may carry out video interviews using a third party platform, namely the service “Zoom” by Zoom Video Communications, Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA (https://zoom.us/privacy) and “Starleaf” by StarLeaf Limited, 6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom (https://support.starleaf.com/legal-information/starleaf-privacy-notice/). Any personal information you share in a video will be processed by the engaged third-party platform (Zoom or Starleaf) for using their service and will be shared with Lilium for the purpose of and as part of the application process. If you do not want to share your data via video call with us, please let us know and we will arrange a meeting in person or a phone call instead.

You may also share details of other people with us; for example, if somebody else referred the job to you (someone you know at Lilium or otherwise). In those circumstances, you will need to check with that person that they are happy for you to share their personal information with us, and for us to use it in accordance with this Recruitment Privacy Policy.

Third Parties processing your Data

related technology required to run our recruiting processes.

We engage the third-party providers mentioned in this Recruitment Privacy Policy. In particular, we may engage and use the HR and recruiting software services by Personio GmbH, Rundfunkplatz 4, 80335 Munich/Germany (https://www.personio.com/privacy-policy/) for the purposes described here. We may also use the services by IDnow GmbH, Auenstraße 100, 80469 Munich/Germany (for more information: https://www.idnow.io/privacy/) as well as further third-party providers that process data in the EU for such described purposes.  

We will never share your personal data with a third party without a legal basis or your prior authorization. For further information you may contact us any time via email to privacy@lilium.com.

How is my Data processed when using the Lilium "Careers” section on lilium.com?

For the purpose of receiving and managing job applications via our website lilium.com, we use the services of Greenhouse Software, Inc., 110 Fifth Avenue, 3rd Floor, New York, NY 10011, USA (“Greenhouse Software”). In the “Careers” section of our Website interested individuals are forwarded to the Greenhouse Software website greenhouse.io and may apply for job openings and submit and/or upload related personal information, such as name, email address, LinkedIn-profile, information on why you would like to join, CV and personal documents.

Such data will only be processed on servers outside the European Union (EU) and provided to us or the Greenhouse Software after you clicked the respective ‘submit application’ button on the Greenhouse website greenhouse.io. The privacy policy of Greenhouse Software may be found here: http://www.greenhouse.io/privacy-policy.

Is my data processed outside the EU?

Data is transferred outside the EU due to the integration of cloud/hosting, mailing and career management services who work on our behalf and assist us in carrying out our business activities.

Providers that process data outside the EU and references to applicable safeguards may be found here:

We use the service by Amazon Web Services, Inc., 410 Terry Avenue North Seattle WA 98109, USA (“AWS”) for the purpose of hosting your data provided through the Website or Service, whereas data might be processed in the USA. For further information please refer to https://aws.amazon.com/compliance/eu-data-protection/ and https://aws.amazon.com/compliance/germany-data-protection/

For sending emails and newsletters we use the services by the mail provider “Mailchimp” by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA that receives and processes on our behalf the data necessary for the order, in particular email address, IP address, device name. Details on Mailchimp and its privacy policy can be found here: https://mailchimp.com/legal/privacy/; https://eep.io/assets/yzco4xsimv0y/3nCyJIzUaQg6MOqgSimCMC/41ca785b19f0dcd75322be31ba530844/DPA_Sample.pdf

For user and applicants’ surveys, we use “SurveyMonkey” by Survey Monkey Inc., 285 Hamilton Avenue, Suite 500, Palo Alto, CA 94301, USA. The privacy policy of MonkeySurvey may be found here: https://www.surveymonkey.com/mp/gdpr/?ut_source=content_center&ut_source2=surveymonkey-committed-to-gdpr-compliance&ut_source3=inline&ut_ctatext=here

We use Greenhouse Software for managing applications through our website as described above. The privacy policy of Greenhouse Software may be found here: http://www.greenhouse.io/privacy-policy

For video calls we use the service “Zoom” by Zoom Video Communications, Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA. The privacy policy and further information on Zoom as well as an opt-out may be found here: https://zoom.us/privacy

The US companies providing the services of AWS, Mailchimp, MonkeySurvey, Greenhouse Software and Zoom are certified under EU-US-Privacy-Shield and comply with data protection standards applicable in the EU. The “Privacy Shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA (see: https://www.privacyshield.gov/)

We also use the service “Starleaf” by by StarLeaf Limited, 6th Floor, One London Wall, London, EC2Y 5EB, United Kingdom for video calls and interviews. Further information and applicable safeguards for compliance with EU data protection standards by Starleaf may be found here: https://support.starleaf.com/legal-information/starleaf-privacy-notice/; https://318jud367y2743qanus941sz-wpengine.netdna-ssl.com/wp-content/uploads/guides/starleaf_dpa_v5.1.pdf

For the purpose of e-signing agreements we use the service “DocuSign” by DocuSign Inc., 221 Main St., Suite 1000, San Francisco, CA 94105, USA. More information about data processing by DocuSign and the applicable safeguards may be found here: https://www.docusign.com/company/privacy-policy; https://www.docusign.com/trust/privacy/gdpr

Your personal data will also be processed by us as well as the respective social media provider (such as Facebook, Linkedin, Twitter, YouTube, Instagram) in and outside the EU when you visit and use our social media pages. For more information on data processing on our social media pages please also refer to our Social Media Privacy Policy: https://www.lilium.com/social-media-privacy-policy

Information we collect from other sources and analysis of Data

We may collect some personal information about you from public sources to verify the details that you provide to us. You can also register for an account on our website as set forth above.

We also process aggregated, pseudonymized or anonymous user data regarding the usage of our services.

The data we collect as described above are used to improve the quality of our service. If such data are considered personal data, the legal basis for such data processing is Art. 6 (1) f. GDPR based on our legitimate interests of quality assurance.

How do we use your personal data?

We process your personal data for fulfilling our contractual or pre-contractual obligations (based on Art. 6 (1) b. GDPR) or – as applicable – for the purpose of the employment relationship with you (Section 26 BDSG), in particular, we use your data:

  • To get in touch with you, communicate with you, update you and to facilitate your application,
  • To offer an online-application system that is connected to our website,
  • To respond to your questions or concerns,
  • To carry out vetting of staff members (where required); this may involve our collection and use of sensitive personal information including information obtained from criminal background checks about offences or alleged offences and information relating to any proceedings for offences committed or allegedly committed,
  • To verify your identity and get agreements signed with you, this may involve our collection and use of sensitive personal information such as your biometric data,
  • When necessary and for the purposes of our legitimate interests to maintain adequate records, we may collect and handle information related to medical information, ethnic origin or criminal records,
  • To assist in any disputes, claims or investigations relating to your application, or
  • To comply with our legal, regulatory and professional obligations.

We may also use your non-sensitive and sensitive data with your explicit consent (based on Art. 6 (1) a. GDPR, Art. 9 (2) a. GDPR or Section 26 BDSG), for example to keep you informed about other opportunities if you wish us to do so (see consent form at the end of this Recruitment Privacy Policy).

If you do not provide your personal data, you may face certain disadvantages, for example we will not be able to provide you with information and answers in our recruiting process.

Your Rights

You have the right to:

  • withdraw your consent relating to the use of data any time with effect for the future when such data processing is based in your consent;
  • object to the processing of your personal data, for example, if your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) f. GDPR insofar as there are reasons for this arising from your particular situation;
  • access the data stored by us and are also entitled to amend or rectify your data if such data are incorrect;
  • to request the erasure of your data;
  • receive information about the stored data (in a structured, current and machine-readable format) at any time and
  • to request the correction or deletion of the data in case of incorrect data storage.

If you wish to act according to your rights, please contact privacy@lilium.com.

You have also the right to lodge a complaint with a supervisory authority at your choice (for example the postal address of the responsible data protection authority for Bavaria/Germany is as follows: Bayerisches Landesamt für Datenschutzaufsicht, Postfach 606, 91511 Ansbach/Germany). An overview of the European National Data Protection Authorities may be found here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

How long do we keep your information?

We only keep your personal information for as long as we need to, to be able to use it for the reasons given in this Recruitment Privacy Policy, and for as long as we are required to keep it by law (for example due to legal retention periods, such as set forth in the German Commercial Code (Handelsgesetzbuch, HGB) or German Fiscal Code (Abgabenordnung, AO)). Criteria for the data storage and erasure are our internal policies, pre-set periods by the providers used and our economic and your personal interests. Unless otherwise required by law (for example due to an employment with us) we delete your application data after 6 months following the end of the application process. With your explicit consent we will keep your data for a maximum of 24 months.

Consent for Storing your Data

With your explicit consent (as set forth in the form below), we will keep your information in case any other opportunities become available which you might be interested in; we will only keep your information for a limited period and your details will be deleted on a general basis after 24 months. You may withdraw such consent with effect for the future at any time via email to privacy@lilium.com.

Data Security and Compliance with this Recruitment Privacy Policy

We have put in place procedures to deal with any data security breach and will notify applicants and any applicable regulator of a suspected breach where legally required to do so. Details of these measures are available upon request.  

We are allowed to amend this Recruitment Privacy Policy as provided for in and according to applicable law.

If you have any questions, comments or concerns about any aspect of this policy or how Lilium handles your personal information please email our team in the first instance on privacy@lilium.com.

Declaration of Consent to the 24-Month
Storage of Applicant Data by Lilium GmbH

I agree to Lilium GmbH, Claude-Dornier Str. 1, Geb. 335, 82234 Wessling storing my personal data that I have provided during the entire application process (for example in letters, CVs, certificates, applicant questionnaires, applicant interviews) beyond the end of the specific application process and for a period of 24 months. I agree that Lilium GmbH may use this information to contact me later and continue the application process if I am eligible for another job.

This consent also applies to data about my qualifications and activities from publicly available data sources (in particular professional social networks) that Lilium GmbH has permitted during the application process. My data will not be disclosed to third parties, except as set forth in the Recruitment Privacy Policy.

This consent is voluntary and has no effect on my chances in the current application procedure. I can refuse it without giving reasons and without fear of disadvantages. I can also withdraw my consent at any time, for example via email to privacy@lilium.com - in this case my data will be deleted immediately after completion of the application procedure.

Special categories of data: Lilium GmbH would like to evaluate all applicants only according to their qualifications and therefore asks to refrain from including such special categories of personal data in the application if possible. Supplementary declaration if my application contains special categories of data: My application to Lilium GmbH contains special categories of personal information (e.g. marital status information that may provide information about my sex life or sexual orientation; information about my health; a photograph that allows you to identify my ethnic origin and, if applicable, my sight and/or religion; similarly sensitive data as defined in Article 9 of the General Data Protection Regulation). My application may therefore only be processed in the present form with my consent. I agree that Lilium GmbH may process the specific categories of personal information contained in my letter of application and accompanying documents for the purpose of conducting the application process. This consent serves exclusively to be able to consider the application in its present form at all. The information will not be taken into account in the application process unless there is a legal obligation - especially for severely handicapped persons. My data will not be passed on to third parties. I am not obliged to give this consent and can instead submit an application adjusted for the special categories of personal data without this affecting my chances in the application process. I can refuse my consent without giving reasons and withdraw my consent at any time, for example via email to privacy@lilium.com. In the event of withdrawal, my data covered by the consent will be deleted immediately.

However, in the event of non-issuance or withdrawal of this consent, the application I have already submitted cannot be taken into account in the present form.

For details on data processing please also refer to our Recruitment Privacy Policy above.