Data Privacy Statement

We at PRO ACTIV Reha-Technik GmbH would like to thank you for visiting our website and your interest in our company and our services. Protecting your privacy is very important to us when processing your data. That is why we process your personal data exclusively in accordance with the provisions of German and European privacy law. We want you feel safe when you visit our website.

Introduction

This privacy policy fulfils our duty to inform visitors and users of these pages in accordance with Art. 13 of the European Union General Data Protection Regulation (GDPR). Protection of personal data is our priority. Personal data is detailed information concerning personal or factual circumstances of a specific or specifiable natural person. This includes information like name, address, e-mail and telephone number. The legal privacy foundations are derived from the German Telemedia Act as well as the European Union ePrivacy Regulation, in addition to GDPR.

Your privacy rights as a user of this website (data subject rights)

Under data privacy law, you are considered a data subject of our collection of your personal data as part of your visit to our website. Accordingly, you have legal rights as a data subject when you use this website. In detail, these are the following rights:
You are entitled at all times to request information on the personal data stored regarding your person, the source and recipient of such information, and the purpose of data processing – without stating reasons. You also have a right to rectification, correction, blocking or deletion of such data. You can also restrict processing of your data and/or object to processing (objection right) for reasons arising from your particular situation, and you also have a fundamental right to data portability. If you have consented to our processing of your data, you can revoke this consent at any time. You are also entitled to complain to the supervisory authority as per Art. 77 of GDPR.

Contact details: Data processor – Data protection coordinator – Data protection officer

If you have any questions on data privacy at PRO ACTIV Reha-Technik GmbH that are not answered in this Privacy Policy, or to assert your rights as a data subject, you can use the following contact options:
The members of the Management Board specified in the Legal Notice at www.proactiv-gmbh.com are responsible for data processing. However, as they also work on many other topics, we recommend that you contact our data privacy coordinators by e-mail at (datenschutz(at)proactiv-gmbh.de). You can also contact us by post. See the Legal Notice for our address.
PRO ACTIV Reha-Technik GmbH has also appointed an external data privacy officer (DPO). You can also reach our DPO at:datenschutz(at)proactiv-gmbh.de.

Please note that you can ask any of our staff about your rights as a data subject. However, it would make it much easier for us to respond to your inquiry if you address data privacy inquiries directly to our data privacy coordinator (datenschutz(at)proactiv-gmbh.de).
To take advantage of your right to complain pursuant to Art. 77 of GDPR, please contact the competent supervisory authority.

Recipient of personal data

If you send us personal data, the main recipients are the employees of PRO ACTIV Reha-Technik GmbH entrusted with the task in question. It is also possible that we commission other companies and individuals to perform tasks for us, e.g. services that you have requested from us using the contact request (for example, a printed product brochure). In this case, your data may be sent to the company commissioned by us for the purpose specified by you. For further details, see sections ‘Obligation of employees and external service providers’ and ‘Collaboration with external service providers’.

Transfer of personal data to a third country

We do not intend to transfer personal data outside the jurisdiction of the GDPR. As a rule, data is only sent to third countries with a recognised data privacy standard, e.g. a contractual obligation based on European Commission standard protection clauses. Depending on the browser settings, IP addresses and/or referral links or online IDs etc. may be forwarded. Since we do not initiate the combination of this data, it cannot be ruled out that personal data is created and that it is processed outside the jurisdiction of the GDPR. You can prevent forwarding in your browser. For further details see the ‘Google Web Services’ section.

Storage period

We only store personal data you share with us via our website until the purpose for which you sent it to us has been served. If storage periods mandated by commercial and tax law must be observed, the storage period for certain data can be up to ten years.

Purpose of data collection

Our site can generally be used without providing personal data. However, there may be deviating regulations to use individual services on our site. If so, they are explained separately below, informing you in particular about the type, scope and purpose of collection, the use and processing of personal data. In spite of this, we generally only process personal data if this is required to provide a functional website as well as our contents and services. However, if this results in collection of personal data, the purpose is technical provision of our website, for information purposes and contractual purposes in provision of services. Data may also be collected for marketing and advertising purposes. Your personal data is only used for the above purposes and to the extent required to achieve these purposes.

Legal basis for data collection

Personal data may only be collected with a legal basis. Where we process personal data as part of our website, this is generally based on asserting the data controller's legitimate interests in accordance with Art. 6 (1) (f) of GDPR.
Assertion of legitimate interests is a balance of interests and includes both our interests and those of the company responsible for processing, as well as the interests of the users of our website. We, as a company, would like to inform you about our company and its products and services. You, as a user and potential customer, supplier, competitor, information seeker and/or applicant, are interested in learning about us, our services and products in a technically accessible and convenient manner. Our website also allows users to get in touch with us. Accordingly, data processing is in the interests of both parties. At the same time, processing of personal data is minimised, which allows us to conclude that assertion of legitimate interests offers sufficient legal grounds for processing.

Cookies

Our website uses cookies to make our site more user-friendly, more effective and safer overall – for example, when it comes to speeding up navigation on our website. Cookies also enable us to measure the frequency at which specific pages are accessed and generic use of the websites.
Cookies are small text files saved on your computer system. Cookies do not cause any damage to your computer and do not contain any viruses. Please note that some of the cookies are sent from our server to your computer system. Most of these are ‘session cookies’. ‘Session cookies’ are deleted automatically from your hard drive at the end of the browser session. Other cookies stay on your computer system and allow us to recognise your computer system again on your next visit (‘persistent’ cookies). Of course, you can reject cookies at any time if your browser permits that. However, if you do so, you will not be able to use all functions of our website fully.
The Help function in the menu bar of most browsers explains how you can stop your browser from accepting new cookies, how you can have your browser warn you when you receive a new cookie and how you can deactivate all cookies received.
Of course, you can also delete all cookies retrospectively. The method depends on your browser and operating system. We kindly ask you to look up the correct procedure for subsequent deletion of cookies for your system.

Server log

Every visit to the pages on this website is recorded in the server log files and saved. This data is used exclusively for technical analysis of server use, for example to avoid server overload and/or to control the server overload.

Specifically, the following data is collected:

Requesting host address (IP address)
Date and time of access
Name of the file accessed
HTTP status code
Quantity of data transferred
Website from which you visit us (referrer URL)
Browser/operating system/user interface
Details on the server service used
Log version

This anonymous data is stored separately from any personal data you provided, and does not allow any conclusions to be made about your person. They are only sent to third parties if legally mandatory or if ordered to do so by a court decision. Data is not forwarded for commercial or non-commercial purposes. However, we reserve the right to check this data retrospectively if we become aware of specific indications of illegal use. For example, this can be the case in the event of DDoS attacks on our websites.

Contact options

Our website also allows you to contact us by e-mail and via contact forms. Your details from the inquiry form including the contact details you provide for processing your inquiry, and in the event of follow-up questions are forwarded to us in encrypted form and saved by us.
If you wish to contact us by e-mail, we draw your attention to the fact that confidentiality of the information forwarded is not guaranteed with non-encrypted e-mails. Third parties can read the contents of non-encrypted e-mails (see the ‘Information security’ section).

Applications

Please use regular mail to apply for jobs with us. If you apply by e-mail, please note that we cannot guarantee confidentiality. Even though we offer transport encryption via our mail server (TLS), the confidentiality depends on various mail relay servers, which are outside our control: We have no influence on whether they also use TLS, and whether they analyse the e-mails. If you have concerns in this regard, please use regular mail for your application.
After completion of the selection procedure, the applicants’ data is stored for up to six months.

Use of Google Web services

Like many other websites and online service providers, we use technical web services provided by Google. It can be assumed that Google collects and connects the data generated by its cookies, for example (such as online IDs and IP addresses). Combined with unique identifiers and other information received by Google servers, Google can also create profiles on users of this website and expand existing profiles.
If you do not consent to your data being processed, there is an option to deactivate Google technologies, thus preventing data from being transferred to Google. There are multiple ways to do this: You can install suitable browser add-ons (e.g. uMatrix or Disconnect [as at: 25 April 2018]) and instruct them to prevent transfers to Google. You can also deactivate Javascript function in your browser. However, please note that if you do so, you will not be able to use parts of our website, or some functions will be restricted.

Google APIs

Our website uses Google APIs by Google Ireland Limited, commercial register no.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). It is a programming interface provided by Google. When using this interface, data, in particular the IP address, may be sent to Google. You can prevent your personal data (esp. your IP address) from being collected and forwarded to Google and processing of this data by Google, by deactivating Javascript in your browser or installing a tool like ‘NoScript’.

Google Maps

This website uses the Google Maps component to show maps and locations, as operated by Google Ireland Limited, commercial register no.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland. Every time the Google Maps component is accessed, Google saves a cookie (a third-party cookie) to process user settings and data when displaying the page on which the Google Maps component is integrated. This cookie by third-party provider Google is generally not deleted when the browser is closed, it expires after a specific time if you do not delete it manually beforehand. If you do not consent to your data being processed, there is an option of deactivating the Google Maps service, thus preventing data being transferred to Google. Use of Google Maps and the information obtained via Google Maps is implemented in accordance with Google’s terms and conditions of use www.google.com/intl/en/policies/terms/regional.html as well as the additional terms and conditions of business for Google Maps https://www.google.com/intl/en_en/help/terms_maps.html.

Font Awesome

For uniform presentation of fonts or icons, our website uses web fonts or icons provided by Fonticons, Inc. When you open a page, your browser downloads the required web fonts or icons to your browser cache to show texts, fonts and icons correctly. For this purpose, the browser you use must connect to Fonticons, Inc.’s servers. As a result, Fonticons, Inc. learns that our website was accessed from your IP address. Font Awesome is used in the interest of a uniform and appealing presentation of our online services. This is a legitimate interest in accordance with Art. 6 (1) (f) of GDPR. If your browser does not support Font Awesome, a standard font from your computer is used. For further information on Font Awesome, see https://fontawesome.com/help and the Fonticons, Inc. privacy policy: https://fontawesome.com/privacy.

etracker

Our website uses the etracker Analytics service. It is provided by etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. This data may be used to compile a usage profile using an anonymous user ID. Cookies may be used for this. The cookies allow your browser to be recognised. The data collected by the etracker technology will not be used to determine the personal identity of a visitor to our website, and will not be compiled with personal data relating to the person with the anonymous user ID, unless agreed to separately by the person concerned. You can object to data collection and storage at any time with an effect for the future. To object to data collection and storage of your visitor data for the future, you can download an opt-out cookie from etracker, to prevent visitor data from your browser being collected and stored by etracker: https://www.etracker.com/en This stores an opt-out cookie called ‘cntcookie’ from etracker. Please do not delete this cookie until you no longer wish to object. See etracker’s privacy policy for further information: https://www.etracker.com/en/data-protection-by-etracker.html.

jQuery

For uniform provision of display and operation functions, this site uses the jQuery technology provided by Google. When you open a page, your browser downloads the required program library to your browser cache to show texts and fonts correctly. For this purpose, it accesses program libraries from Google’s servers. It uses the Google CDN (Content Delivery Network). As a result, Google learns that your IP address opened our website. jQuery and the Google CDN are used in the interest of a uniform and appealing presentation of our online services. This is a legitimate interest in accordance with Art. 6 (1) (f) of GDPR. For further information on how user data is processed, see Google’s privacy policy. https://www.google.en/intl/en/policies/privacy/.

Google Analytics

We also use Google Analytics, a web analytics service provided by Google Ireland Limited, commercial register no.: 368047, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics also uses cookies that facilitate analysis of your use of our websites and online services. The information generated by the cookie on your usage of this website and online services is sent to a Google server in the USA and saved. We use Google Analytics with the ‘_anonymizeIp()’ extension so that IP addresses sent to Google are first truncated and processed on servers in Europe to rule out direct association with your person. Google uses this information to evaluate your visit to our website, compile reports on website activities for us and provide other services related to the use of our website and the Internet. Google may also send this information to third parties if this is legally required or if third parties process this data for Google. Under no circumstances will Google combine your IP address with other Google data. You can prevent cookies being installed Google Analytics by setting your browser software accordingly; we wish to point out that if this is the case, you may not be able to fully use all of our functions. You can use a Google browser plug-in to object to data collection and storage for Google Analytics at any time with future effect. If you visit our site using a mobile device (e.g. smartphone or tablet), you can use this link to object to use of Google Analytics with future effect. When you activate the link, we set a cookie in your browser that tells us that you want to stop Google Analytics being used on your device. Please note that you have to object again if you clear the cookies in your browser.

If you want to receive the newsletter offered on the website, we need your e-mail address and information that allows us to check whether you are the owner of the specified e-mail address and consent to receiving the newsletter. No other data is collected, or is only collected on a voluntary basis. We use this data exclusively to send the required information and do not pass it on to third parties.
The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Article 6 (1) (a) of GDPR). You can revoke your consent to save the data, the e-mail address as well as their use to send the newsletter at any time, e.g. using the ‘unsubscribe’ link in the newsletter. The legality of previous data processing procedures remains unaffected by the revocation.
We store the data you provided to receive the newsletter until you unsubscribe from the newsletter.

YouTube

Our website uses plug-ins from YouTube, a service provided by Google. The site is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages with a YouTube plug-in, a connection is established to the YouTube servers. The YouTube server is informed which of our pages you visited. If you are logged into your YouTube account, YouTube can also attribute your surfing patterns directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an appealing presentation of our online services. This is a legitimate interest in accordance with Art. 6 (1) (f) of GDPR. For further information on how user data is processed, see YouTube’s privacy policy at: https://www.google.en/intl/en/policies/privacy/.

Facebook/Facebook Like button

We may use plug-ins by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (‘Facebook’) on our websites. When you access a page of our website that contains one of these plug-ins, your browser establishes a direct connection with the Facebook servers. The content of the plug-in is sent directly to your browser, which incorporates it in the website. If the plug-ins are integrated, Facebook is informed that your browser opened the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in on Facebook. Your browser sends this information (including your IP address) directly to a Facebook server in the USA, which saves it. An overview of the Facebook plug-ins is available here: http://developers.facebook.com/docs/plugins/. If you are logged in to Facebook, Facebook can associate your visit on our website directly with your Facebook account. If you interact with the plug-ins, e.g. use the Like button or Share button, your browser also sends the corresponding information directly to a Facebook server, where it is saved. The information is also published on Facebook and shown to your Facebook friends. Facebook can use this information for advertising, market research and to design the Facebook pages accordingly. For this purpose, Facebook compiles use, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements shown to you on Facebook, inform other Facebook users about your activities on our website and to provide other services associated with your use of Facebook. If you do not want Facebook to attribute the data collected via our website to your Facebook account, you have to log out of Facebook before visiting our website. Please note that we have no knowledge of the data sent to Facebook and how it is used. For the purpose and scope of data collection and information on further processing and use of the data by Facebook and your rights and settings to protect your privacy, see Facebook’s privacy policies (https://www.facebook.com/about/privacy/).

Use and forwarding of personal data

If you commission us to provide a service, your personal data will only be used to the extent required to perform the task (e.g. to process information request or brochure orders). This includes, in particular, forwarding your data to transport companies, credit companies or other service providers used to provide the service or process the contract.
The data is not forwarded for any other purposes. In particular, your personal data is not sold to third parties.
The following exceptions from this procedure apply: We divulge customer accounts and personal data of customers if legally obliged to do so, or in exceptional circumstances if forwarding is required to protect central rights, either our rights and/or our customers' and third parties' rights, e.g. in the event of attacks on our network infrastructure. For example, this can include sharing data with companies that specialise in preventing and minimising abuse and credit card fraud and/or IT security. We wish to expressly clarify that in this context, no data is forwarded to these companies for commercial use that is inconsistent with this privacy policy.

Obligation of employees and external service providers

Of course, our employees and the service companies we commission are obliged to maintain confidentiality and comply with the provisions of GDPR.

Collaboration with external service providers

We commission other companies and individuals to do work for us. Examples include package delivery, sending letters or e-mails, analysis of our databases, IT services, advertising measures, processing of payments and customer service. These service providers have access to personal information required to perform the tasks entrusted to them. However, they are not permitted to use this data for other purposes. In addition, they are also obliged to comply with this privacy policy and GDPR when handling the information. If these sub-contractors are processors in accordance with Art. 28 of GDPR, we have concluded corresponding legally-compliant contracts with them.

Information Security

PRO ACTIV Reha-Technik GmbH uses appropriate technical and organisational security measures in line with the current state of the art to protect the data you provide to us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Your data will be stored in a secure operating environment that is not accessible by the public. Our security measures are assessed at regular intervals and improved continuously in accordance with technological developments.
If you wish to contact us by e-mail, we draw your attention to the fact that confidentiality of the information forwarded is not guaranteed with non-encrypted e-mails. The content of non-encrypted e-mails can be viewed by third parties. Accordingly, we recommend that you send us confidential information either as an encrypted e-mail or by regular mail.
We use your e-mail address exclusively to correspond with you. It is not used for other purposes or forwarded to third parties.

Protecting your data via TLS or SSL

For secure online data transfer, we use the hybrid encryption protocol Transport Layer Security (TLS), better known by the name of its predecessor, the Secure Sockets Layer software (SSL). This software encrypts the information that you send. All privacy-relevant information is stored in encrypted form in a protected database.

Status and changes to this privacy policy

The current version is dated 27 August 2020.
We reserve the right to amend this privacy policy at any time with future effect in compliance with the valid data privacy regulations. We will publish the changes here.