Privacy Policy

Thanks for visiting our website and for supporting our mission. We are committed to protecting the privacy and security of your personal data. This data protection and privacy policy outlines how we collect, use, store, disclose and protect your personal information in compliance with the German Federal Data Protection Act and General Data Protection Regulation Art. 6 (1) b) GDPR.

WeAreMarsha (“we,” “us,” or “our”) operates as a technology recruiting service and IDEA (Inclusion, Diversity, Equity and Accessibility) consulting business. This privacy policy is only valid for users, visitors navigating this website https://www.wearemarsha.org. This page informs you of our policies regarding the data collection, use, and disclosure of information we receive from clients (“Employers”), candidates (“Job seekers”) and users (“Visitors”) through our services and website. We respect the privacy of visitors and users of our Services. In case there are any terms in this privacy notice that you do not agree with. Please, we kindly ask you to discontinue using our Services immediately.

What is personal data?

Personal data refers to any information that relates to an identified or identifiable natural person. This can include a wide range of information that, alone or in combination with other data, can identify an individual. Under Art. 6 (1) b) GDPR), personal data is any information that can directly or indirectly identify an individual, emphasizing the broad scope of what can be considered personal data. This includes data that can lead to identifying someone when combined with other information.

What sort of data do we collect?

With your consent, we may collect and process the following data. We may collect the respective data on the legal basis of processing Art. 6 (1) sentence 1 lit. f). GDPR.

From talents (“Job seekers”):

● Name
● CV (e.g., education and professional background)
● Address
● Location
● Phone number
● Email address
● Publicly available professional data (e.g.LinkedIn, Xing, Github)
● IP address
● Anonymous data (e.g. usage behavior through third party technology)

From prospective clients (“Employers”):

● Company name
● Email address
● Telephone number
● Sent and received emails are stored in our CRM

We may collect the respective data for providing your company a Service on the legal basis of Art. 6 (1) b) GDPR and or exclusively on the legal obligation of Art. 6 (1) c). GDPR to ensure the operation of our Services.

How is your personal data processed and used?

We may process your data with your explicit consent to deliver, enhance, and manage our Services, communicate with candidates effectively, ensure security and comply with legal obligations. The legal basis for processing your data is Art. 6 (1) lit. b) GDPR. A storage of data can be revoked at any time by sending us an email via: privacy@marshaintech.com. We may collect your personal data when you:

● Register to join our talent pool or and/visit our website via your browser
● Contact you (e.g. via email) about our services
● Subscribed to our newsletter to receive updates
● Join our events
● Apply to a vacancy through our job board
● When you contact us via telephone, email or our social media platforms (e.g. LinkedIn, IG, Spotify, business cards)

Talent pool 

We offer job seekers (“Talents”) a possibility to join a Talent pool. Our talent pool is used for future job opportunities in which we aim at matching employers to job seekers (“Talents”). When job seekers (“Talents”) express a desire to join our talent pool, they give us an explicit consent on the legal basis of Art. 6 (1) lit. a. and Art. 7 GDPR. Your consent can be revoked at any time on the basis of Art. 21 GDPR.

Google Analytics

At WeAreMarsha, we are dedicated to enhancing your experience on our website and improving our services through data-driven insights. To achieve this, we use Google Analytics, a web analytics service provided by Google Inc. Google Analytics helps us understand how visitors interact with our website by collecting and analyzing data such as the pages you visit, the time spent on each page, and the links clicked. The legal basis is article 6.1 (f) GDPR. This information allows us to identify trends, track the effectiveness of our marketing efforts, and make informed decisions to better serve our users. Importantly, the data collected by Google Analytics is anonymized and aggregated, ensuring that your personal information remains private and secure. For additional information, please, see https://policies.google.com/privacy?hl=en-GB. By using our website, you consent to the processing of data about your visit by Google Analytics in accordance with Google’s Privacy Policy.

With whom do we share your personal data or who receives your data?

In accordance with Art. 28(1) GDPR, we may disclose your personal data to third parties/service providers (e.g. employers, hiring partners) who may process your data on our behalf and/or on the basis of our legitimate economic interest in which your rights and interests in the protection of your personal data are not overridden see Art. 6 (1) f) GDPR. Service providers are only allowed to process your data under your explicit consent and within the framework of the recruiting process determined by us. The legal basis of this process is on the legal basis of Art. 6 (1) sentence 1 lit. b) and f) GDPR. Our service providers are carefully selected (based on a contractual agreement) therefore, are contractually obligated to comply with GDPR standards, ensuring that your data is handled securely and only for the specific purposes we have authorized. The aforementioned will access your personal data either with your explicit consent or when you actively apply to one of our job opportunities through our job board. Otherwise, we will not disclose your personal data to service providers/employers prior to your consent on the basis of Art.6 (1) a) GDPR.

How do you make sure my data is secure?

While we make sure to implement technical measures to protect your data against manipulation or unauthorized access. However, we must point out that the internet does not allow for absolute data security despite all technical measures. Consequently, we cannot guarantee 100% security of your personal information. We are not liable for actions of third parties who may unlawfully intercept or access the data provided to us. Nonetheless, we remain committed to safeguarding your information to the best of our ability

Your Data Protection Rights

As a user of our services, you have certain rights regarding the protection of your personal data. These rights are designed to give you control over how your data is collected, used, and processed by organizations. Under GDPR, you have the following rights regarding your personal data:

● Right to Access: You have the right to access the personal data that organizations hold about you. This includes the right to request information about the purposes of the processing, the categories of data being processed, and the recipients of your data.
● Right to Rectification: If you believe that the personal data held about you is inaccurate or incomplete, you have the right to request that it be corrected or updated by the organization.
● Right to Erasure: Also known as the “right to be forgotten,” you have the right to request the deletion or removal of your personal data when there is no compelling reason for its continued processing.
● Right to Restriction of Processing: In certain circumstances, you have the right to request the restriction of the processing of your personal data. This means that your data may be stored by the organization but not further processed.
● Right to Object: You have the right to object to the processing of your personal data in certain situations, such as for direct marketing purposes or where the processing is based on legitimate interests.

● Right to Withdraw Consent: If the processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing carried out before the withdrawal.

If you wish to revoke your consent and request the deletion of your personal data, please contact us at privacy@marshaintech.com with your request. We will process your request in accordance with GDPR regulations, ensuring that your data is securely deleted from our systems. Please note that revoking consent may affect our ability to provide you with certain services and employment agreements.

Changes to this Privacy Policy

We reserve the right to update or change our Privacy Policy at any time. Any changes to this Privacy Policy will be posted on this page with an updated effective date. We kindly recommend you to review it frequently. Your continued use of our services after we post any modifications to the Privacy Policy constitutes your acknowledgment of the modifications and your consent to abide by the updated Privacy Policy.

Contact Us

We protect your personal data and respecting your privacy throughout our recruitment process. Should you have questions about our data protection privacy, please, feel free to reach out to: privacy@marshaintech.com

This privacy policy was last updated May 17th, 2025.