privacy policy

Data Protection
We are pleased that you are visiting our website. The protection of your privacy and the protection of your personal data, so-called personal data, when using our website is important to us.

Here you will find information about how we handle your personal data when you visit our website. In order to provide the functions and services of our website, it is necessary for us to process personal data.

Responsible body
The controller responsible for data processing on this website is:
CuraSwing GmbH
Paracelsusring 6a
14547 Beelitz-Heilstätten
Germany

Commercial register: HRB 31544
PT: +49 (0)33204 22500
E: info@curaswing.de

Contact details of the data protection officer
If you have any questions about data protection, you can also contact our data protection officer at any time at the following e-mail address or the following address:
E-Mail: rieder@recura-kliniken.de


Data Protection Officer
RECURA Kliniken SE
Paracelsusring 6a
14547 Beelitz-Heilstätten
Germany


Terminology and definitions
The data protection declaration of CuraSwing GmbH is based on the terms used by the European legislator for directives and regulations when the General Data Protection Regulation (GDPR) was adopted. Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms in this data protection declaration:

a) personal data
Personal data is all information that relates to an identified or identifiable natural person (hereinafter "data subject"). A natural person is considered to be identifiable when they can be identified, directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

b) data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the person responsible for processing.

c) processing
Processing is any process carried out with or without the help of automated procedures or any such series of processes in connection with personal data, such as the collection, recording, organization, ordering, storage, adaptation or change, reading, querying, use, disclosure by transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction.

d) restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.

e) profiling
Profiling is any type of automated processing of personal data that consists of using this personal data to evaluate certain personal aspects that relate to a natural person, in particular aspects relating to work performance, economic situation, health, personal To analyze or predict the preferences, interests, reliability, behavior, whereabouts or relocation of this natural person.

f) pseudonymization
Pseudonymisation is the processing of personal data in a way in which the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organizational measures that ensure that the personal data cannot be assigned to an identified or identifiable natural person.

g) controller
The controller is the natural or legal person, public authority, agency or other body that alone or jointly with others decides on the purposes and means of processing personal data. If the purposes and means of this processing are specified by Union law or the law of the member states, the person responsible or the specific criteria for his appointment can be provided for in accordance with Union law or the law of the member states.

h) processors
Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller.

i) recipient
Recipient is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. Authorities that may receive personal data as part of a specific investigation under Union law or the law of the member states are not considered recipients.

j) third party
A third party is a natural or legal person, public authority, agency or body other than the data subject, the person responsible, the processor and the persons who are authorized to process the personal data under the direct responsibility of the controller or the processor.

k) consent
Consent is any voluntary, informed and unambiguous declaration of intent given by the person concerned for the specific case in the form of a declaration or other unequivocal affirmative action with which the person concerned indicates that they consent to the processing of their personal data.

Legal basis for data processing
The processing of your personal data may be based on the following legal bases:

Art. 6 I lit. a DS-GVO serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose.

If the processing of personal data is necessary to fulfill a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b GDPR.

The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, for example to fulfill tax obligations, the processing is based on Art. 6 I lit. c GDPR.

In rare cases, it may be necessary to process personal data in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were injured and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d GDPR.

Ultimately, processing operations could be based on Art. 6 I lit.f GDPR.

Processing for the display and security of the website
Every time the website is accessed, necessary personal data is processed for the purposes of security and the correct display of the website. In this respect, the processing is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR). Data may be collected, among other things:

Access to the website (date, time and frequency)

Which browser and browser version you are using

The operating system you are using

Ihre IP-Adresse, die Ihr Internet-Access-Provider Ihrem Computer bei der Verbindung zum Internet zuweist

Data protection for applications and in the application process
The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits relevant application documents to the controller by electronic means, for example by email or via a web form on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller stand in the way of deletion. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

newsletter
Your e-mail address will only be stored and processed for the purpose of receiving the newsletter. You can object to receiving the newsletter at any time without giving reasons. The legal basis for this processing is your consent to the processing (Art. 6 para. 1 lit. a GDPR).

Cookies
In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk and assigned to the browser you are using and through which certain information flows to the body that sets the cookie (in this case us). Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.
a) This website uses the following types of cookies, the scope and function of which are explained below:
Transient cookies (see b)
Persistent cookies (see c).
b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
d) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.

Revocation of your consent to data processing
Some data processing operations are only possible with your express consent. You can withdraw your consent at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority
As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based.

The State Commissioner for Data Protection and the Right of Access to Files

Dagmar Hartge
Stahnsdorfer Damm 77
14532 Kleinmachnow
Telefon: 033203/356-0
Telefax: 033203/356-49
E-Mail: Poststelle@LDA.Brandenburg.de

Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties. The data will be provided in a machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

Rights of the data subject
a) Right to confirmation
Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller.

b) Right to information
Any person affected by the processing of personal data has the right, granted by the European legislator, to obtain from the controller free information about the personal data stored about him or her and a copy of this information at any time. Furthermore, the European legislator has granted the data subject access to the following information:

  • the purposes of processing
    the categories of personal data being processed the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations where possible the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
  • the existence of a right to lodge a complaint with a supervisory authority
    if the personal data is not collected from the data subject: All available information about the origin of the data
    the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject
  • Furthermore, the data subject has a right to information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.
    If a data subject wishes to avail himself of this right of access, he or she may, at any time, contact any employee of the controller.

c) Right to rectification
Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to demand the immediate correction of incorrect personal data concerning them. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.
If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the controller.

d) Right to erasure (right to be forgotten)
Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary
The personal data was collected or otherwise processed for purposes for which it is no longer necessary.
The data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
The data subject objects to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21 (2) GDPR.
The personal data was processed unlawfully.
The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
The personal data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.
If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by CuraSwing, he or she may, at any time, contact any employee of the controller. An employee of CuraSwing shall promptly ensure that the erasure request is complied with immediately.
If CuraSwing has made the personal data public and is obliged to erase the personal data pursuant to Article 17(1) GDPR, CuraSwing shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other controllers which are processing the personal data to erase the personal data.

e) Right to restriction of processing
Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
The data subject has objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by CuraSwing, he or she may at any time contact any employee of the controller.

f) Right to data portability
Any person affected by the processing of personal data has the right, granted by the European legislator, to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR or on a contract pursuant to point (b) of Article 6(1) of the GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in exercising their right to data portability pursuant to Art. 20 (1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.

g) Recht auf Widerspruch
Any person affected by the processing of personal data has the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.
CuraSwing shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.
If CuraSwing processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing.
In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by CuraSwing for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
In order to exercise the right to object, the data subject may contact any employee of CuraSwing. The data subject is also free, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to exercise his or her right to object by automated means using technical specifications.

i) Profiling
Als verantwortungsbewusstes Unternehmen verzichten wir auf eine automatische Entscheidungsfindung oder ein Profiling.