§ 1 Information about the collection of personal data

(1) In the following we inform on collecting personal data when using our website. Personal data is all data that refer to you personally, for example name or contact details (e.g. phone number, postal an e-mail-address) and user behavior.

(2) The responsible body as defined by the article 4, §7 of the EU General Data Protection Regulation (GDPR) for this website is:
R.Geerlofs GmbH & Co. KG
Zentrum der Rehabilitation
Karolingerstr. 32, D-75177 Pforzheim
Germany
Phone: +49 (0) 7231 / 139 86 00
Fax.:+49 (0) 7231 / 139 86 10
E-mail: info@zentrum-der-rehabilitation.de

Should you have any questions, please contact our Data Privacy Officer:
e-mail: datenschutzbeauftragter@zentrum-der-rehabilitation.de tel.:00497231/1398631

(3) When you contact us by e-mail or via the contact form, the provided data given (e-mail address, name, phone number) will be saved by us to answer your questions. In this context, we delete arising data after the storage is no longer necessary or restrict processing if there are statutory retention requirements.
(4) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective transactions. In doing so, we also describe the specified criteria for the storage duration.

§ 2 Your rights

(1) You have the following rights with respect to the personal data concerning you:

Right to access
Right of recticication or cancellation
Right to restriction of processing
Right to object or processing
Right to data portability

(2) You also have the right to complain to a data protection supervisory authority if your personal data is processed by us.

§ 3 Collection of personal data when visiting our website

(1) In the case of merely informative use of the website, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure the stability and security (legal basis is Art.6 (1) sentence 1 DS-GVO):
– IP address
– Date and time of the request
– Time zone difference to Greenwich Mean Time (GMT)
– Content of the requirement (concrete page)
– Access status / HTTP status code
– Each transmitted amount of data
– Website from which the request comes
– Browser
– Operating system and its interface
– Language and version of the browser software

(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and by which the body that sets the cookie (here through us) receives certain information. Cookies can not run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective.

(3) Use of cookies
a) This website uses the following types of cookies, the scope and operation of which are explained below:

Transient cookies (see b)
Persistent cookies (see c)

b) Transient cookies are automatically deleted when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser setting according to your wishes, e.g decline the acceptance of third-party cookies or all cookies. Please be aware that you may not be able to use all features of this site.
e) The flash-cookies used are not detected by your browser but by your Flash plugin. We also use HTML 5-storage objects, which are stored on your device. These objects store the data needed independent of your browser and have no automatic termination date. If you do not want us to process Flash cookies, please install a respective add-on such as “Better Privacy” for Mozilla Fox ((https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the usage of html 5 storage objects when you go into private browsing mode. We also advice you to manually delete your cookies and your browsing history on a regular basis.

§ 4 Further functions and offers of our website

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will generally need to provide other personal information that we use to provide the service and for which the aforementioned data processing principles apply.

(2) In part, we use to process your data from external service providers. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.

(3) Furthermore, we may disclose your personal data to third parties, if action participations, competitions, contracts or similar services are offered by us together with partners. For more information, please refer to your personal data or below in the description of the offer.

(4) Insofar as our service providers or partners are based in a country outside the European Economic Area (EEA), we inform you about the consequences of this circumstance in the description of the offer.

§ 5 Objection or revocation against the processing of your data

(1) If you have given your consent to the processing of your data, you can revoke them at any time. Such revocation will affect the admissibility of the processing of your personal data after you have given it to us.

(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if, in particular, the processing is not required to fulfill a contract with you, which we describe in each case in the following description of the functions. In the event of such a disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.

(3) Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. About your advertising conflict you can inform us under the contact details in § 1.

§ 6 Google Analytics

(1) This website uses Google Analytics, a web analytic service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. 
In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. 
Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. 
On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider.

(2) 
Google will not associate your IP address with any other data held by Google.

(3) You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. 
Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under http://tools.google.com/dlpage/gaoptout?hl=de.

(4) This website uses Google Analytics with the extention “-anonymizelp ()” function, which abbreviates IP addresses and excludes a personal association. If the data reveal personal information, they will be deleted immediately.

(5) We use Google Analytics to analyze the user behavior on our site in order to improve our offer. For the exceptional case that personal data are transferred to the US, Google has signed up for the EU/US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework). The legal basis for the use of Google Analytics is Art.6 (1) sentence 1 DS-GVO.

(6) Information about the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of use: http://www.google.com/analytics/terms/de.html, overview on data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the privacy policy: http://www.google.de/intl/de/policies/privacy.

(7) This website also uses Google Analytics for a user flow analysis across multiple devices, which is carried out via a user ID. You can deactivate the cross-device analysis of your website visit by clicking on “my data” and “personal data.”

§ 7 Use of the blog features

(1) On our blog, where we publish posts about our activities, you can leave public comments. Your comments will be published with your given username. We advice you to use a pseudonym instead of your real name. You only need to give your username and e-mail address. Other information about you are not required. When you leave a comment, we store your IP address and delete it after one week. The storage is necessary in order to protect us against liability claims in case of possible publication of illegal content. We need your e-mail-address to contact you if a third party should object to your published content as unlawful. The legal basis for the storage of your data is Art.6 (1) point b and f GDPR. The comments will not be reviewed prior to publication. We reserve the right to delete comments if they are objected to as unlawful by third parties.

(2) When you write a comment, you can put a check mark on our e-mail service to get informed if other users leave a comment to your post. Therefore we use the so-called double opt-in process, which means that you receive an e-mail that asks you to confirm that the e-mail address belongs to you and to express your desire to receive information from us. You can unsubscribe at any time by clicking on the link contained in the e-mail. We store your personal data (including e-mail address, your registration dates for the service and your IP address) until you unsubscribe from the notification service.

(3) Our comments function uses the plug in “disqus” (operated by the Big Head Labs, Inc., http://www.disqus.com), which is responsible for the processing of the comments. With disqus you can leave a comment concerning our posts, which will be stored and displayed as long as the commented post is on our site, unless you delete your comment beforehand. You can use the comments function as an unregistered guest or registered user of disqus on all websites using disqus. You also can register via your accounts on facebook, twitter or google. Please note that in this case they will also store your personal data. Disqus will provide us with the data which are needed for the comments function. The legal basis is Art.6 (1) sent. 1 lit. f GDPR. (Since your personal data are processed in the US, we have concluded standard data protection clauses). The contact details of the responsible body are: Big Head Labs, Inc., San Francisco, USA. Terms of use:http://help.disqus.com/customer/portal/articles/466260-terms-of-service/. For more information about the processing of your personal data please read the privacy policy of the provider: http://help. disqus.com/customer/portal/articles/466259-privacy-policy.

§ 8 Social Media

1. Use of social media plug-ins

(1) We currently use the following social media plug-ins: facebook, google+, twitter, xing, T3N, LinkedIn, Flattr. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the marking on the box above, its initial letter or the logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data mentioned under § 3 of this declaration will be transmitted. In the case of Facebook and Xing, according to the provider in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (for US providers in the USA). Since the plug-in provider collects data via cookies in particular, we recommend that you delete all cookies before clicking through your browser’s security settings.

(2) We do not have any influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing, the storage periods. We also do not have any information on the deletion of the data collected by the plug-in provider.

(3) The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand oriented design of its website. Such an evaluation takes place in particular (also for non logged-in users) for the representation of appropriate advertisement and in order to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise the right. Through the plug-ins we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art.6 para.1 s. 1 lit. f GDPR.

(4) The data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.

(5) For more information on the purpose and extent of data collection and its processing by the plug-in provider, please refer to the data protection declarations of the these providers as notified below. They will also provide you with further information about your rights concerning this matter and setting options to protect your privacy.

(6) Addresses of the respective plug-in providers and URL with their data protection information:
a) [Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; weitere Informationen zur Datenerhebung: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications sowie http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook hat sich dem EU-US-Privacy-Shield unterworfen, https://www.privacyshield.gov/EU-US-Framework.
b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google hat sich dem EU-US-Privacy-Shield unterworfen, https://www.privacyshield.gov/EU-US-Framework.
c) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter hat sich dem EU-US-Privacy-Shield unterworfen, https://www.privacyshield.gov/EU-US-Framework.
d) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
e) T3N, yeebase media GmbH, Kriegerstr. 40, 30161 Hannover, Deutschland; https://t3n.de/store/page/datenschutz.
f) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn hat sich dem EU-US-Privacy-Shield unterworfen, https://www.privacyshield.gov/EU-US-Framework.
g) Flattr Network Ltd. mit Sitz in 2 nd Floor, White bear yard 114A, Clerkenwell Road, London, Middlesex, England, EC1R 5DF, Großbritannien; https://flattr. com/privacy.]

2. AddThis Bookmarking

(1) Our website contains AddThis plug-ins. These plug-ins allow you to set bookmarks or the sharing of interesting website content. When using AddThis it comes to using cookies. Through the plug-ins we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art.6 para.1 s. 1 lit. f GDPR.

(2) Through theses plug-ins your browser connects directly to the AddThis servers and maybe also to the chosen social network or bookmarking service. AddThis receives the information that you have accessed the respective site of our online offer as well as the data mentioned in § 3 of this statement. These information are processed on the AddThis servers in the USA. (We have concluded standard data protection clauses with AddThis). If you send content of our website to social networks or bookmarking services, the respective social network can draw a connection between your visit of our site and your user profile. We have no influence on the collected data and data processing nor do we know the full extent and purpose of the data collection and the storage period.

(3) The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand oriented design of its website. Such an evaluation takes place in particular (also for non logged-in users) for the representation of appropriate advertisement and in order to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise the right.

(4) You can prevent the participation in this tracking process by setting an opt-out cookie with effect for the future: http://www.addthis.com/privacy/opt-out. You can also configure your browser to prevent cookies.

(5) More information about purpose, extent and processing of the collected data by the plug-in provider as well as about your rights and setting possibilities to protect your privacy: AddThis LLC, 1595 Spring Hill Road, Sweet 300, Vienna, VA 22182, USA, www.addthis.com/privacy.

3. Inclusion of YouTube videos

(1) We have included YouTube videos in our online offerings which are stored on http://www.YouTube.com and are directly playable from our website. (These are all included in the “extended data protection mode”, i.e. you do not transfer data about yourself as a user to YouTube if you do not play the videos. The data mentioned in § 2 is only transmitted when you play the videos. We have no influence on this data transfer.)

(2) By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in § 3 of this Statement will be transmitted. This happens regardless of whether YouTube provides a user account that you are logged in to, or if there is no user account. When you are logged in to Google, your data will be assigned directly to your account. If you do not wish to associate with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and/or needs-based design of its website. Such an analysis is carried out in particular (even for non-logged-in users) for the provision of needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles. To exercise this right, you must contact YouTube.

(3) Further information on the purpose and extent of the data collection and its processing by YouTube can be found in the Data Protection Statement. There you will also find further information about your rights and settings options for the protection of your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

4. Inclusion of Google Maps

(1) On this website we use the offerings of Google Maps. This allows us to show you interactive maps directly on the website and allow you to conveniently use the map feature.
(2) By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in § 3 of this Statement will be transmitted. This happens regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you are logged in to Google, your data will be assigned directly to your account. If you do not wish to associate with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and/or needs-based design of its website. Such an analysis is carried out in particular (even for non-logged-in users) for the provision of needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles. To exercise such right, you must contact Google.
(3) For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the data protection statements of these providers. There you will also find further information about your relevant rights and settings options for the protection of your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.