Data protection according to DSGVO (Status: 25th of May, 2018)
In principle, you can use our website without providing any personal data. If a data subject wishes to use our company’s services via our website, processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we always obtain the consent of the data subject.
The processing of personal data (e.g. name, address, email address or telephone number of a data subject) is always carried out in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations that apply to us.
With the following data protection declaration we would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. This data protection declaration also informs data subjects about their rights.
As the controller, we have implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via our website. However, data transmissions over the Internet can in principle contain security gaps. A 100% protection cannot be guaranteed. Therefore, each affected person can of course alternatively also e.g. transmit personal data by telephone.
This data protection declaration is based on the definitions used by the European directive and regulation giver when the GDPR was adopted (Article 4 GDPR). This data protection declaration should be both easy to read and understandable for every person. To ensure this, we would first like to explain the terms used. The following definitions are used in this data protection declaration:
- „Personal data“
all information relating to an identified or identifiable natural person (hereinafter “data subject”); An identifiable person is a natural person who can be identified directly or indirectly, in particular by assigning an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics, the expression of the physical , physiological, genetic, psychological, economic, cultural or social identity of this natural person;
- „Affected person“
any identified or identifiable natural person whose personal data are processed by the controller.
Every process or series of processes carried out with or without the help of automated processes in connection with personal data such as the collection, collection, organization, ordering, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or another form of provision, comparison or linking, restriction, deletion or destruction;
- „Restriction of processing“
the marking of stored personal data with the aim of restricting their future processing;
any type of automated processing of personal data, which consists in using this personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal preferences, interests To analyze or predict the reliability, behavior, location or change of location of this natural person;
the natural or legal person, public authority, agency or other body that alone or together with others decides on the purposes and means of processing personal data; if the purposes and means of this processing are specified by Union law or the law of the Member States, the person responsible or the specific criteria for naming them may be provided in accordance with Union law or the law of the Member States;
a natural or legal person, public authority, agency or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, authorities that may receive personal data as part of a specific investigation mandate under Union law or the law of the member states apply not as a recipient; The processing of this data by the aforementioned authorities is carried out in accordance with the applicable data protection regulations in accordance with the purposes of the processing;
a natural or legal person, public authority, agency or other body, apart from the data subject, the controller, the processor and the persons who are authorized to process the personal data under the direct responsibility of the controller or processor;
the data subject any voluntary expression of will in the form of a declaration or other unequivocal confirmatory act for the specific case, in an informed manner and unequivocally, with which the data subject indicates that they consent to the processing of their personal data.
2. Name and contact details of those responsible for processing
This data protection notice applies to data processing by:
Responsible: Dr. Birgit Hansen, email: birgit(at)heilpraxis-hansen.de, phone: +49 (0)30 202 38 110, fax: +49 (0)30 695 64 905
3. Collection and storage of personal data and the type and purpose of their use
a) When visiting the website
In principle, you can use our website without revealing your identity. When you visit our website, the browser used on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without your assistance and stored until it is automatically deleted:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the file accessed,
- Website from which access is made (referrer URL),
- Browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The data mentioned are processed for the following purposes:
The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.
b) Establishing contact
If you have any questions, we offer you the opportunity to contact us by email or phone. It is necessary to provide a valid e-mail address and your name so that we know who the request comes from and to be able to answer it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntarily given consent.
The personal data required for contacting us will be deleted after your request has been dealt with.
We will only pass on your personal data to third parties to the service partners involved in the execution of the contract, e.g. the logistics company responsible for delivery and the Credit institution responsible for payment matters.
In the event that your personal data is passed on to third parties, the scope of the transmitted data is limited to the necessary minimum.
Your personal data will not be passed on to third parties for purposes other than those mentioned above.
We only pass on your personal data to third parties if:
- You have given your consent pursuant to Art. 6 Para. a DSGVO,
- have given express consent to this the disclosure according to Art. 6 Para. 1 S. 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- in the event that for the transfer according to Art. 6 Para. 1 S. 1 lit. c GDPR there is a legal obligation, as well
- this is legally permissible and according to Art. 6 para. 1 sentence 1 lit. b GDPR is required for the processing of contractual relationships with you.As part of the ordering process, your consent to the transfer of your data to third parties is obtained.
6. Links to third party websites
We have researched and compiled the links published on our website with the greatest possible care. However, we have no influence on the current and future design and Contents of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt the content of these pages as our own. The provider of the website referred to is solely liable for illegal, incorrect or incomplete content as well as for damage caused by the use or non-use of the information. The liability of those who merely refer to the publication by a link is excluded. We are only responsible for third-party notices if we also have positive knowledge of any illegal or punishable content and it is technically possible and reasonable for us to prevent their use.
7. 7. Analysis and tracking tools
Our website does not use any tracking measures.
a) Google Analytics
We do not use Google Analytics
b) Google Adwords Conversion Tracking
We do not use Google Adwords Conversion Tracking
8. Social Media Plugins
We do not use plugins from social networks (e.g. Facebook, Twitter, Google+) on our website.
On our website we use a passive solution to give you the opportunity to share our content on social media services.
If you click on a social media icon on a page of our website, the corresponding social media service is opened in another browser tab quoting the URL of our page.
The respective social media service receives no further information from us, especially no personal data.
9. Data subject rights
• to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or opposition, the existence of a Right to lodge a complaint, the origin of your data, unless it was collected by us, and the existence of automated decision-making, including profiling and, if necessary, meaningful information about its details;
- to request the correction of incorrect or incomplete personal data stored by us without delay in accordance with Art. 16 GDPR;
- According to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for asserting, exercising or defending legal claims is required;
- to demand restriction of the processing of your personal data in accordance with Art. 18 GDPR, provided that the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it for the establishment, exercise or defense of legal claims or you have objected to processing in accordance with Article 21 GDPR;
- according to Art. 20 GDPR to receive your personal data, which you have provided to us, in a structured, common and machine-readable format or to request the transmission to another responsible person;
- to revoke your consent given to us at any time in accordance with Art. 7 Para. 3 GDPR. As a result, we may no longer continue the data processing based on this consent in the future and
- to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
10. Right to object
If your personal data is based on legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR are processed, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided there are reasons for this that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.
If you would like to exercise your right of withdrawal or objection, please send an email to: birgit(at)heilpraxis-hansen.de
11. Data security
We use the widespread SSL (Secure Socket Layer) procedure in connection with the highest encryption level supported by your browser. As a rule, this is a 256 B. it encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties
Our security measures are continuously improved in line with technological developments.
When communicating by email, we cannot guarantee complete data security, so we recommend sending confidential information by fax or post.
12. Up-to-dateness and change of this data protection declaration
This data protection declaration is currently valid and was last updated in May 2018.
Due to the further development of our website and offers about it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. The current data protection declaration can be called up on our website at any time
Source: Model data protection declaration created by lawyer Andreas Gerstel (http://www.anwaltblog24.de/)