Data protection declaration on the websites of the interco Group
General – Information according to Art. 13 + 14 GDPR
The interco Group welcomes your visit to our website and your interest in our company. We take the protection and security of your personal data entrusted to us by you seriously and want you to feel safe and comfortable when visiting our websites and using our offers.
It is important to us that you know which personal data are collected when you use our offers and services and how we use these afterwards.
Intended use of data processing
Insofar as the interco Group processes personal data, this is done for the purposes stated in this Data Protection Declaration.
Processing of personal data
Accessing our websites
We collect and store the IP address assigned to your computer to transmit the contents of our websites which you have accessed to your computer (e.g. texts, images and files made available for download, etc.) (cf. Art. 6 Sec. 1 lit. b GDPR). In addition, we process these data to detect and track abuse. In this regard the legal basis is Art. 6 Sec. 1 lit. f GDPR. Our legitimate interest in data processing is to ensure the proper functioning of our websites as well as the business transactions conducted via these.
Insofar as we process your data for the purpose of providing the functions of our websites, as described above, you are contractually obliged to provide us with these data.
If you contact us by e-mail or contact form with regard to questions, your personal data will be processed at the same time. The legal basis of processing is based on Article 6 Sec. 1 lit b GDPR (Implementation of pre-contractual measures). Processing of your personal data must therefore be performed so that we can properly process the contact request and provide you with an answer. For this purpose, it is necessary to provide a valid e-mail address and your message, so that we can assign and answer the request. The provision of further personal data is optional. The information you provide will be stored for the purpose of processing your inquiry and for possible follow-up questions. After completion of your inquiry, the personal data will be deleted automatically.
Newsletter mailings and use of the mailing service provider CleverReach
With our Aktivline newsletter we inform you about our current products and services. If you wish to receive the newsletter, we require a valid e-mail address from you. The data collected are those which are entered on the input mask during registration. To be able to address you personally, we ask you to state your salutation and name. We will then send you an e-mail with a confirmation link. These data will only be used for mailing the newsletter. In addition to these data, we also store the date of registration. This logging serves solely as proof in the event that a third party misuses your e-mail address and orders the newsletter under your e-mail address without your knowledge. In this case your consent forms the legal basis (Art. 6 Sec. 1 lit. a GDPR).
Our newsletter is mailed via CleverReach, a newsletter mailing platform of the German provider “CleverReach GmbH & Co. KG Schafjückenweg 226180 Rastede”.
For this purpose, your e-mail address, as well as other data voluntarily provided by you, are processed on the servers of CleverReach on our behalf.
We have concluded a “Contract Processor Agreement” with CleverReach. This agreement obliges CleverReach to comply with our Data Protection Policy. CleverReach’s data protection policy can be viewed at: https://www.cleverreach.com/de/datenschutz/.
Cancellation / Revocation: you can revoke your consent to the storage of your personal data and their use for mailing the newsletter at any time. Your consent to mailing via CleverReach expires at the same time. Every newsletter contains a link to unsubscribe or send us an e-mail to info(at)interco-reha.de.
Evaluation form Aktivline
The website contains an evaluation form for the Aktivline model series. For this we need the mandatory data listed there. This is information relating directly to the patient (such as contact details and measurements of the patient). Furthermore, to fulfill the contractual measures, we require health data from the patient (e.g. diagnosis). The legal basis here is Art. 9 Sec. 2 lit. h GDPR. We require these patient data for the purposes of cost processing, if so desired, to the cost bearer (Art. 9 Sec. 2 lit. a GDPR).
It is also possible to consent to the processing of video and audio recordings for the purpose of faster processing of the cost assumption by the cost bearer. The patient or legal guardian has the option to revoke his/her consent at any time at: firstname.lastname@example.org. The photos and videos are then deleted immediately.
The website contains an evaluation form for the Aktivline model series. For this we need the mandatory data listed there. This is information relating directly to the patient (such as contact details and measurements of the patient). Furthermore, to fulfill the contractual measures, we require health data from the patient (e.g. diagnosis). The legal basis here is Art. 9 Sec. 2 lit. h GDPR. The personal data will, if desired, be transmitted to cost bearers for the purpose of cost assumption (Art. 9 Sec. 2 lit. a GDPR).
It is also possible to consent to the processing of video and audio recordings for the exclusive purpose of optimal manufacturing of the product. The patient or legal guardian has the option to revoke his/her consent at any time at: info(at)interco-reha.de. The photos and videos are then deleted immediately.
Registration form for seminars
We offer you the option of registering online for our seminars directly on our website. For this purpose we require the data marked by the mandatory fields from you. You are welcome to voluntarily provide us with further information. The legal basis here is Art. 6 Sec. 1 lit. b GDPR (contractual measures).
In our online shop you have the option of creating a customer account. For this purpose we require the following data from you: first name, last name, tax number/tax ID, e-mail, billing and delivery address and a password. The purposes of data processing are as follows:
- Identification of you as a contractual partner
- Plausibility check of the entered data
- Payment processing and for shipping your order
- Credit screening
Data processing is performed in response to your inquiry and is required in accordance with Art. 6 Sec. 1 Sentence 1 lit. b for the aforementioned purposes for performance of the contract and for other pre-contractual measures.
We store the personal data which we have collected for registration and login until you request us to delete your customer account. In the case of a request for deletion, we will only retain the necessary information relating to your orders if additional storage is required for the fulfilment of the contract on the basis of Art. 6 Sec. 1 Sentence 1 lit. b GDPR or if we are obliged to store the information for a longer period of time according to Art. 6 Sec. 1 Sentence 1 lit. c GDPR on the basis of tax and commercial law storage and documentation obligations (from HGB, StGB or AO [German Commercial Code, German Penal Code, Tax Code]).
In our online shop you have the option of sending us a product enquiry. Here your following data will be processed: name, e-mail, subject and your message. The legal basis here is Art. 6 Sec. 1 lit. b GDPR ((pre-)contractual measure).
Information obligations for job applicants
On our website interco.gmbh you have the option of viewing job vacancies. You can then apply per e-mail. We would like to point out that the transmission by e-mail is not encrypted and that the transmitted data could possibly be viewed by third parties.
If you apply for a job with us, we process the information we receive from you during the application process, e.g. in the form of a letter of application, CV, certificates, correspondence, telephone or verbal information. In addition to your contact details, information about your education, qualifications, work experience and skills are of particular relevance to us. In addition, we process data which you provide us voluntarily (e.g. as part of your CV or as attachments).
The legal basis for the processing of your personal data during the application process is Art. 6 Sec. 1 lit. b GDPR (pre-contractual measure).
Only those persons within our company who are involved in the selection process for the advertised position are granted access to your data.
Your personal data will not be transmitted to third parties outside the company.
We store your applicant data for the duration of considering your application. If your application is unsuccessful or if you withdraw your application, your application data will be deleted in accordance with statutory storage obligations, unless you have expressly agreed to a longer storage period. If your application is successful, the data you provide us with in your application will be processed further with regard to your future employment in our company. Legal basis is Art. 6 Sec. 1 a, b and f GDPR as well as § 26 BDSG (German Federal Data Protection Act).
You have the right of information according to Art. 15 GDPR, the right of correction according to Art. 16 GDPR, the right of deletion according to Art. 17 GDPR, the right of limitation of processing according to Art, 18 GDPR, the right of objection according to Art. 21 GDPR and the right to data transfer according to Art. 20 GDPR. In addition, you have the right to complain to the supervisory authority responsible for you.
To exercise these rights, please refer to the contact information given below.
If you do not provide us with the required personal data, this will not have any negative consequences for you. However, incomplete or inaccurately completed applications will not be considered. Unfortunately, a job application cannot be submitted without providing your personal data and will therefore be deleted.
Transfer to third parties
If necessary, your personal data will be passed on to contract processors for the purposes stated in this Data Protection Declaration.
Here, we partly use service providers (located in Germany) who process data on our behalf (e.g. for e-mail marketing). In the cases described here, the information is passed on to these third parties to enable further processing. The external service providers are carefully selected and regularly checked by us to ensure that your privacy remains protected.
The service providers are service providers / processors bound by instructions and are therefore obliged by us to, among other things, treat your data exclusively according to our instructions and the respective applicable data protection laws. In particular, they are obliged to treat your data as strictly confidential. They are also prohibited from processing the data for purposes other than those agreed.
The transfer of data to contract processors is based on Art. 28 Sec. 1 GDPR.
We also do not sell your data to third parties, nor do we market them in any other way.
In addition, we transmit your personal data to cost bearers for the purpose of cost assumption provided that you have consented to this.
Planned data transfer to third countries
A transfer to third countries is currently not planned, otherwise the corresponding legal requirements will be created. In specific, you will be informed about the respective recipients or categories of recipients in accordance with legal requirements.
interco uses technical and organizational security measures to protect the data you have made available against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. This also applies when external services are contracted. The effectiveness of our security measures is reviewed and the measures are continuously improved in line with technological developments.
We use the following types of cookies:
These cookies are essential for the functioning of our website. For example, this includes the assignment of anonymous session IDs to bundle several queries to a web server or the error-free function of logins and orders.
These cookies help us to save your chosen settings or to support other functions when you navigate through our website. This allows us to remember your preferred settings for your next visit or to save your login data for certain areas of our website.
These cookies collect information on how you use our website (e.g. Internet browser used, number of visits, pages accessed or time spent on the website). These cookies do not store information which would allow a personal identification of the visitor. The information collected by using these cookies is aggregated and therefore anonymous.
The acceptance or rejection of cookies – also for web tracking – can be configured in the settings of your web browser. You can configure your browser to refuse to accept cookies as a matter of principle or to inform you in advance if a cookie is stored. In this case, however, the functionality of the website may be impaired (e.g. for orders). Your browser also offers a function for deleting cookies (e.g. via Delete Browser Data). You can find more information on this in the operating instructions or as a rule under Settings of your Internet browser.
Use of Cookie Men of d-mind GmbH
The cookie banner captures and stores the consent to cookie usage for the respective user of our website. Our cookie banner ensures that statistical and marketing cookies are only set once the user has given his/her express consent to their use.
Further information can be found in the Data Protection Declaration of d-mind GmbH at https://www.d-mind.de/datenschutz/. @undefined
Note on data transfer to the USA
Our website includes tools from companies based in the USA, among others. When these tools are active, your personal information may be transferred to the US servers of the respective companies. We wish to point out that the USA is not a safe third country within the meaning of the EU data protection law. U.S. companies are required to disclose personal information to security authorities without the possibility of legal action against them by you as the data subject. It can therefore not be excluded that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.
For data processing in the USA there is an agreement according to EU standard contract clauses.
This website uses the Google Maps API, a map service of Google Inc. (“Google”), to display an interactive map. However, it is only used if you have consented to its use (Art.6 Sec. 1 lit. a GDPR). You have the option of revoking your consent at any time. By using Google Maps, information about your use of this website (including your IP address) may be transmitted to a Google server in the USA and stored there.
Google may transfer the information obtained through Maps to third parties if this is required by law or if third parties process these data on behalf of Google.
Under no circumstances will Google link your IP address to other Google data. Nevertheless, it would be technically possible for Google to identify at least individual users based on the received data. It is possible that the personal data and personality profiles of users of the website could be processed by Google for other purposes over which we have and can have no influence. This and the fact that data are transferred to the USA is problematic for data protection reasons.
For data processing in the USA there is an agreement according to EU standard contract clauses.
Integration of network plug-ins to social networks
Our website uses buttons for the social networks
facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA
YouTube, LLC, 901 Cherry Ave., San Bruno CA 94066, USA
The buttons are marked with the logo of the respective social network. These are not the usual social plug-ins, but buttons with embedded links. The buttons must be activated (clicked) separately by you. As long as these buttons are not clicked, no data are transferred to the social networks. Only when you click on the buttons and thereby declare your consent to communicate with the servers of the social network, will the buttons become active and establish the connection.
After being clicked, the button corresponds to a so-called share-plug-in. The social network is provided with information about the visited page, which you can share with your contacts in your social network. If you wish to “Share” information, you must be logged in. If you are not logged in, you will end up on the login page of the social network you clicked on and you will no longer be on the pages of interco.gmbh. If you are logged in, the information that you would like to recommend the respective article will be transmitted.
By activating the button, the social networks then receive – among other things – the information that and also when you accessed the corresponding page of our website, as well as, for example, your IP address, details of the browser used and the language settings. When you click the button, your click is transmitted to the social network and used according to its data usage guidelines.
If the button is activated, we have no influence on the collected data and the data processing procedures and are not responsible for this data processing and in this respect we are not responsible in the sense of the GDPR. We are also not aware of the full extent of data collection, its legal basis, the purposes as well as the storage periods. Therefore the information provided here is not necessarily complete.
To our knowledge, the provider stores these data in user profiles which he uses for the purposes of advertising, market research and/or demand-oriented design of his website. Such an analysis is carried out in particular (also for users who are not logged in) for the purpose of presenting needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. To exercise this right of objection, please contact the respective provider.
The purpose and scope of the data collection and the further processing and use of the data by the respective social network as well as your rights and setting options to protect your privacy can be found in the information provided by
bei Google: http://www.google.com/intl/de/policies/privacy
bei youtube: http://www.youtube.com/t/privacy_at_youtube
If you do not want the social network to receive data about you, you must not click the button.
Online presence in the social media
interco maintains several online presences within the social networks and platforms, e.g. Facebook, YouTube, in order to have the opportunity of communicating with active users and to inform them about our service portfolio. To this end, interco makes use of the technical platforms and services offered by the operators. In the social networks and on other external platforms, the respective operators’ own data protection regulations apply, even if we disseminate information and maintain a presence there.
We would like to point out that you use the social network and platform services offered here as well as their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating etc.). The data collected about you in this context are processed by the operators of the platforms and may, if required, be transferred to countries outside the European Union. What information the operators receive and how this is used is described in general terms in the respective data protection guidelines. On the individual platforms you can also find information on how to contact the operators as well as to the setting options with regard to promotional advertisements.
In which manner the operators of the social networks use the data from visiting the respective pages for their own purposes, to what extent activities on the pages are assigned to individual users, how long these data are stored and whether data from a visit to the respective page are passed on to third parties is not conclusively and clearly stated by the operators and is not known to us.
When visiting our Facebook page, Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA) collects, among other things, your IP address and other information which is available on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with statistical information about the usage of the Facebook page. The legal basis for the collection of data is our legitimate interest (Art. 6 Sec. 1 f GDPR). In accordance with Art. 26 GDPR, Facebook and interco are jointly responsible for processing the Insights data. However, Facebook assumes primary responsibility and interco makes no decisions regarding the processing of these data. As Facebook is constantly developing the availability and processing of data, interco refers to Facebook’s data protection declaration for further details (https://www.facebook.com/about/privacy/). As only Facebook has full access to the user data, we recommend that users contact Facebook directly regarding requests for information or other questions about their rights as users (e.g. right to deletion). If the user no longer wishes to receive the data processing described here in the future, the link between the user profile and our site can be disconnected using the function “I no longer like this site”.
Objection to processing can be filed via the following link https://www.facebook.com/settings?tab=ads.
More information is available on Facebook at the following link: http://de-de.facebook.com/help/pages/insights.
In addition, Facebook uses the “Facebook Pixel” remarketing feature, a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. This function is used to present interest-related advertisements (“Facebook Ads”) to visitors of the websites in the context of their visit to the Facebook social network. For this purpose, the Facebook remarketing tag was implemented on this website. This tag is used to establish a direct link to the Facebook servers when visiting the website. Hereby, your visit to this website is transmitted to the Facebook server and Facebook assigns this information to your personal Facebook user account.
Adobe Marketing Cloud
DoubleClick Floodlight is a service provided by Google Inc., Mountain View, California, USA. DoubleClick Floodlight cookies allows insights as to whether you complete certain actions on social media platforms after you have seen or clicked through a display/video ad on Google or other platforms via DoubleClick. DoubleClick uses this cookie to understand the content that you have interacted with on our/the website to be able to send you targeted advertising later on.
Via Facebook Insights, a service of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA, Facebook collects, among other things, your IP address and other information which is available on your PC in the form of cookies. This information is used to provide statistical information about the usage of the respective site. More information is available on Facebook at the following link:
You can deactivate the MediaMind cookies at www.networkadvertising.org/choices/ deaktivieren.
Standard periods for the deletion of data
The legislators have enacted various retention periods and obligations. After expiry of these periods, the corresponding data are deleted as a matter of routine. Insofar as data are not affected by this, they will be deleted when the purposes stated in this Data Protection Declaration no longer apply. Insofar as this Data Protection Declaration does not contain any other deviating provisions regarding the storage of data, the data collected by us will be stored by us for as long as they are required for the above-mentioned purposes for which they were collected.
Other uses of data and data deletion
Further processing or use of your personal data is generally only performed to the extent permitted by law or if you have consented to data processing or use. In the event of further processing for purposes other than those for which the data were originally collected, we will inform you of these other purposes and provide you with other relevant information prior to further processing.
Detection and tracking of misuse
We keep information for the detection and prosecution of misuse, in particular your IP address, for a maximum of 7 days. In this regard the legal basis is Art. 6 Sec. 1 lit. f GDPR. Our legitimate interest in keeping data for 7 days is to ensure the proper functioning of our website and the business transactions conducted via the website as well as to be able to ward off cyber attacks and the like. Where applicable, we use anonymous usage information to design our website to meet requirements.
Rights concerning the processing of personal data
Right to information
You have the right to obtain information on the personal data relating to you and processed by us at any time upon request, within the scope of Art. 15 GDPR. To do this, you can submit a request by mail or e-mail to the addresses given below.
Right to correction of incorrect data
You have the right to demand that we correct the personal data concerning you without delay if they are incorrect (Art. 16 GDPR). To do this, please use the contact addresses given below.
Right to deletion
You have a right to immediate deletion (“Right to be forgotten”) of the personal data concerning you if the legal reasons according to Art. 17 GDPR are given. These are given, for example, when the personal data are no longer necessary for the purposes for which they were originally processed or you have withdrawn your consent and if there is no other legal basis for processing; the data subject objects to processing (and there are no overriding reasons for processing – this does not apply for objections to direct marketing). To exercise your above right, please contact the addresses given below.
Right to limitation of processing
You have a right to restrict processing if the preconditions are met and in accordance with Art. 18 GDPR. Accordingly, the restriction of processing may be necessary, in particular if processing is unlawful and the data subject refuses deletion of the personal data and instead requests the restriction of the use of the personal data or if the data subject has lodged an objection to processing pursuant to Art. 21 Sec. 1 GDPR, as long as it is not yet clear whether our legitimate reasons outweigh yours. To exercise your above right, please contact the addresses given below.
Right to data transferability
You have a right to data transferability according to Art. 20 GDPR. Here you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and to transfer these data to another responsible body, such as another service provider. The prerequisite for this is that the processing is based on consent or on a contract and is performed using automated procedures. To exercise your above right, please contact the addresses given below.
Right to objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is based among other things on Art. 6 Sec. 1 lit. e or f GDPR; objection pursuant to Art. 21 GDPR. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims. To exercise your above right, please contact the addresses given below.
Right of appeal to a supervisory authority
If you are of the opinion that the processing of personal data concerning you by us is unlawful, you have the right to lodge a complaint with the supervisory authority responsible for us, which you can contact as follows:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
P.O. Box 20 04 44
Data Protection Officer
If you have further questions regarding the processing of your personal data, you can contact our Data Protection Officer directly, who is also available in the event of requests for information, applications or complaints:
TÜV Technische Überwachung Hessen GmbH
Contact data of the responsible controller:
interco Group GmbH
Im Auel 50
Telephone: +49 2243 88070