Data Affected: Personal data is only collected if you provide it to us voluntarily. Beyond that, no personal data is collected. Any processing of your personal data beyond the scope of the statutory grounds for permission will only be carried out on the basis of your express consent.

Purpose of processing: Execution of the contract.

Categories of recipients: Public authorities in the presence of overriding legislation.

External service providers or other contractors.

Other external bodies insofar as the data subject has given his consent or a transfer is permissible for the sake of overriding interest.

Third country transfers: Processors outside the European Union may also be used as part of the performance of the contract.

Duration of data storage: The duration of data storage is based on the statutory retention obligations and is usually 10 years. 

 

 

The following formulations require individual adaptation to your company situation. In general, website analysis on your own systems with abbreviated IP addresses or with third-party providers with exclusive processing of usage data on behalf of your company is permissible without the consent of website visitors. However, an opt-out option must be created for this anonymized tracking. Tracking measures for the traceability of website visitors (“re-targeting”, cross-device tracking, etc. require the documented consent of the website visitors in advance). Furthermore, care must be taken to ensure that when integrating third-party code (e.g. integration of YouTube videos, Google fonts, map material, etc.), care is taken to ensure that data of your website visitors is not automatically forwarded to third-party providers.

 

 

When you access our websites, you transmit data to our web server via your internet browser (for technical reasons). The following data is recorded during an ongoing connection to communication between your internet browser and our web server:

 

– Date and time of the request

– Name of the requested file

— Page from which the file was requested

— Access status (file transferred, file not found, etc.)

— Web browser and operating system used

— Full IP address of the requesting computer

— amount of data transferred.

 

For reasons of technical security, in particular to defend against attack attempts on our web server, this data is stored by us for a short time. We are not able to draw conclusions about individual persons on the basis of this data. After a short time at the latest, the data is anonymized by shortening the IP address at the domain level, so that it is no longer possible to establish a reference to the individual user. In anonymised form, the data is also processed for statistical purposes; there will be no comparison with other databases or disclosure to third parties, even in excerpts.

 

 

 

On our website, we offer you the opportunity to book appointments directly online via the service “Doctolib” (Doctolib GmbH, Wilhelmstraße 118, 10963 Berlin). For this purpose, an external script from Doctolib is integrated. When you visit our website, a direct connection can be established between your browser and Doctolib’s servers. In particular, your IP address and technical connection data will be transmitted to Doctolib. If you use the booking function, Doctolib processes other personal data that you enter in the form (e.g. name, telephone number, e-mail address). The processing is carried out either on the basis of our legitimate interest in simply making an appointment (Art. 6 para. 1 lit. f GDPR) or, if you make an appointment, for the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR).

 

 

 

Data Affected: Data provided for the performance of the contract; if necessary. additional data for processing on the basis of your explicit consent. The data is processed on the basis of legal requirements in order to fulfil the treatment contract between the patient and the attending physician and the associated obligations. The collection of health data is a prerequisite for your treatment. If the necessary information is not provided, careful handling cannot take place.

Purpose of processing: Performance of the contract

Categories of recipients: Public authorities in the presence of overriding legal provisions

We will only transfer your personal data to third parties or other contractors if this is necessary and permitted by law or if you have consented.

Third country transfers: In the context of the execution of the contract, processors outside the European Union may also be used, including email providers. 

Duration of data storage: The duration of data storage is based on the statutory retention obligations and is usually 10 years. According to other provisions, there may be longer retention periods, for example 30 years for X-ray recordings § 28 paragraph 3 of the X-ray Ordinance. 

 

 

Data Affected: Data provided for the performance of the contract; if necessary. additional data for processing on the basis of your explicit consent.

Purpose of processing: Execution of the contract within the framework of the employment relationship. 

Categories of recipients: Public authorities in the case of overriding legal provisions, including the tax office, social security institutions, employers’ liability insurance associations. 

External service providers or other contractors, including for data processing and hosting, payroll accounting, travel expense accounting, insurance services.

Other external bodies insofar as the person concerned has given his consent or a transfer is permissible for overriding interest, including for insurance benefits. 

Third country transfers: In the context of the execution of the contract, processors outside the European Union may also be used, including email providers. 

Duration of data storage: The duration of data storage is based on the statutory retention obligations and is usually 10 years. 

 

Specific information on the processing of supplier data

Data Affected: Data provided for the performance of the contract; if necessary. additional data for processing on the basis of your explicit consent.

Purpose of processing: Contract execution, including enquiries, purchasing, quality assurance.

Categories of recipients: Public authorities in the presence of overriding legal provisions, e.g. tax office, customs. 

External service providers or other contractors, including for data processing and hosting, accounting, payment processing. 

Other external bodies insofar as the data subject has given his consent or a transfer is permissible for the sake of overriding interest.

Third country transfers: In the context of the execution of the contract, processors outside the European Union may also be used, including email providers. 

Duration of data storage: The duration of data storage is based on the statutory retention obligations and is usually 10 years. 

 

 

Data Affected: Application details

Purpose of processing: Implementation of the application process.

Categories of recipients: Public authorities in the presence of overriding legislation.

External service providers or other contractors, including for data processing and hosting. 

Other external bodies, provided that the person concerned has given his consent.

Third country transfers: In the context of the execution of the contract, processors outside the European Union may also be used, including email providers. 

Duration of data storage: Application data will usually be deleted within four months after notification of the decision, unless consent has been given to longer data storage in the context of admission to the applicant pool.

 

 

In addition, you can assert your rights to information, correction or deletion or to restriction of processing or to exercise your right to object to processing as well as the right to data portability at any time. Here you will find the possibility to contact us by e-mail or letter. You also have the right to contact the data protection supervisory authority in the event of complaints.