Logo Grand Metropolitan Hotels

Privacy Policy

Privacy Policy – Career Platform (Application Portal)

Grand Metropolitan Hotels Holding B.V.

1. Controller

Grand Metropolitan Hotels Holding B.V.
Keizersgracht 391 A
1016 EJ Amsterdam
The Netherlands
E-mail: info@grandmethotels.com

This Privacy Policy explains how we process personal data in connection with your use of our Career Platform and during the recruitment process.

2. Categories of Personal Data Processed

As part of your application, we may process the following types of personal data:

  • Identification and contact details: name, address, date of birth, telephone number, e-mail address

  • Application documents: CV, certificates, cover letter, and any other documents you choose to provide

  • Technical data: IP address, date and time of submission (server logs)

Please refrain from submitting special categories of personal data (e.g., health data, religious affiliation) unless specifically required for the position.

3. Purposes of Processing

Your personal data is processed exclusively for the following purposes:

  • Managing and conducting the recruitment process

  • Contacting you in connection with your application

  • Assessing your suitability for the advertised position

  • Internal documentation and decision-making

  • Compliance with legal obligations related to recruitment procedures

4. Legal Basis

The processing of your personal data is based on:

  • Art. 6(1)(b) GDPR – processing necessary for pre-contractual measures at your request

  • Art. 6(1)(f) GDPR – legitimate interests (e.g., coordinating internal recruitment processes)

  • Art. 6(1)(c) GDPR – compliance with legal obligations

  • Art. 9 GDPR – only when special categories of personal data are provided voluntarily and processing is legally permissible

5. Application Methods

You may apply in the following ways:

  1. Via our online application form on the Career Platform

  2. Through external partner platforms, such as HotelCareer

If you apply through third-party platforms, their respective privacy policies also apply.

6. Recipients of Personal Data

Your personal data is accessible only to those involved in the recruitment process:

  • The responsible HR department

  • Internal decision-makers directly involved in hiring procedures

Data is shared only when:

  • Required for technical service provision (hosting, IT infrastructure)

  • Required by law

  • Necessary for the legitimate interests of the recruitment workflow

We do not disclose your data to unauthorised third parties.

7. Data Transfers to Third Countries

If hosting providers or software systems outside the EU/EEA are used, your data may be transferred to third countries.
In such cases, we ensure that appropriate safeguards are in place, such as:

  • Adequacy decisions issued by the European Commission

  • Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR

  • Other legally accepted mechanisms ensuring an adequate level of data protection

Data is transferred only when all GDPR requirements are met.

8. Storage Period

We store your personal data only for as long as necessary:

  • During the recruitment process: until the procedure is completed

  • If your application is unsuccessful:
    Your data is stored for six months, in line with statutory retention obligations and to defend against possible legal claims (e.g., under anti-discrimination laws)

  • If you join a talent pool: only with your explicit consent

  • If you are hired:
    Your data will be transferred to our HR administration system and retained in accordance with statutory employment and tax regulations

After expiration of these periods, your data is deleted or anonymized.

9. Cookies and Tracking Technologies

Our Career Platform uses cookies and tracking technologies where technically necessary or based on your consent via the cookie banner.
Details regarding:

  • Cookie types

  • Provider information

  • Purpose

  • Storage duration

  • Options to withdraw consent

are listed in the cookie section at the bottom of the page.

10. No Newsletters / No Automated Decision-Making

  • We do not send newsletters or job update communications.

  • We do not conduct automated decision-making or profiling under the meaning of Art. 22 GDPR.

11. Your Rights as a Data Subject

In accordance with Articles 15–22 GDPR, you have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure (where legally permissible)

  • Right to restriction of processing

  • Right to data portability

  • Right to object

To exercise your rights, please contact:
info@grandmethotels.com

You also have the right to lodge a complaint with the competent data protection supervisory authority.

12. Data Security

We implement technical and organisational measures to protect your data against loss, manipulation, destruction, or unauthorised access.
Our security practices are reviewed and updated regularly in line with technological developments.

13. Amendments to This Privacy Policy

We reserve the right to update this Privacy Policy to ensure compliance with legal requirements or to reflect changes in our recruitment processes.
The latest version is always available on this Career Platform.