Privacy Notes

Name and address of the controller

RKM 740 Interdisziplinäre Facharztklinik GmbH & Co. KG
Pariser Str. 89
40549 Düsseldorf

Represented by the personally liable partner:

RKM 740 Interdisziplinäre Facharztklinik Verwaltungsgesellschaft mbH

Heinrich-Heine-Gärten 14

40549 Düsseldorf

 

Represented by the managing director:
Dr. med. Christian Wipper

The data controller responsible for processing personal data means the natural or legal person, alone or jointly with others, determining the purposes and means of the processing of personal data.

Contact details of the internal data protection officer:

Dr. med. Daniel Radke

Pariser Str. 89

40549 Düsseldorf

0211/95954860

 

Data collection/legal basis for processing

You are hereby informed on the data collection of the personal data collected, used and processed on this website. This is followed by an explanation of your rights.

Recording of general data and information

When you visit this website, your terminal device automatically sends information to our website server about the browser used; this information is temporarily stored in a log file.

The information recorded and stored includes:

  • Date of visit
  • IP address (PC/terminal device)
  • URL (of the retrieved file),
  • Referrer-URL
  • Browser/operating system/access provider

Purpose:

  • Connection and technical use of the website
  • Management and system security

 

The legal basis is: Art. 6 (1) sentence 1) f) GDPR

This website uses SSL and/or TLS encryption.

Data collection upon contact

If you contact us via the contact form, e-mail or telephone, your personal data are processed to handle the enquiry.

The personal data entered by the data subject are only used and stored internally by the controller for own purposes. The controller may transfer the personal data to one or several contract processors. Such processors also use the data exclusively for the controller’s internal purposes.

If you contact us, the following data are collected from you and then stored by us:

  • Name and address
  • E-mail address
  • Phone number
  • Insurance data

 

The purpose of collecting and storing the data is:

  • Creating offers
  • Identifying patients
  • Making appointments
  • Planning medical procedures
  • Handling and processing the order to correspond with you
  • Invoicing
  • To process any liability claims, as well as the assertion of any claims against you
  • Technical website administration
  • Management

Your consent is obtained before these data are processed..

Legal bases:

Art. 6 (1) sentence 1) f) GDPR

Art. 6 (1) sentence 1) b) GDPR (contractual conclusion)

Art. 6 (1) sentence 1) a) GDPR (consent)

Newsletter

If you voluntarily subscribe to our newsletter (regular advertising e-mail regarding our medical services and offerings or other information from our company), the data you enter will be used exclusively for this purpose and not forwarded to third parties.

These also include information relevant for the service or registration. The e-mail address is verified to see if it is valid via the so-called ‘double opt-in’ procedure. Once the newsletter has been subscribed to, this involves sending a confirmation e-mail and verifying the reply. No other data are collected.

You can unsubscribe from the newsletter (revoke consent) at any time either by sending a message to the contact address below or by using a link intended for this in the newsletter. You do not sustain any additional costs for the revocation above and beyond the regular transport/transmission costs (e.g. costs for a telephone call). Data are processed based on your consent according to Art. 6 (1) sentence 1) a) GDPR.

Newsletter dispatch

Existing patients

We reserve the right to regularly send to you information regarding our medical services and offerings by e-mail. We do not need to obtain any special consent from you pursuant to section 7(3) German Unfair Competition Prohibition Act (UWG). Data are processed in this regard solely based on our legitimate interest in personalised direct advertising pursuant to Art. 6 (1) sentence 1) f) GDPR. If you initially objected to your e-mail address being used for this purpose, we do not send an e-mail You are entitled at any time to object to your e-mail address being used for the aforementioned advertising purpose with effect for the future by sending a message to the controller stated at the top. You sustain merely the transmission costs according to the basic tariffs. Once your objection is received, your e-mail address will be removed from the mailing list.

Duration of storage

Personal data collected and transmitted as part of processing your enquiry and/or treatment are stored until expiry of the statutory storage duty. Following expiry of the statutory storage duty, all data are erased unless they are subject to a mandatory longer period of storage according to Article 6 (1) sentence 1) c) GDPR due to storage and retention duties under fiscal and commercial law (resulting from the German Commercial Code, German Tax Code or German Fiscal Code (e.g. 10 years for tax-relevant documents and/or 6 years for other business letters)) or unless you have consented to storage above and beyond this according to Art. 6 (1) sentence 1) a) GDPR.

Duty of provision

Providing personal data is partially stipulated by law (tax law) and/or arises from contractual regulations (transparency of the contractual partner). Not providing personal data would prevent a contract from being concluded and therefore would not come into being For any information about the statutory or contractually stipulated provision of personal data, please contact the data controller.

Transfer of data

No transmission of your personal data to third parties will take place for purposes other than those set out below. Forwarding requires:

  • Express consent Art. 6 (1) sentence 1) a) GDPR, or
  • Data transfer is required pursuant to Article 6 (1) sentence 1) f) GDPR in order to assert or defend against claims or exercise legal rights and there are no grounds to assume that you have an overriding legitimate protection-worthy interest in non-disclosure of your data, or
  • Statutory obligation Art. 6 (1) sentence 1) c) GDPR, or
  • It is required to process the client relationship according to Art. 6 (1) sentence 1) b) GDPR.
  • Routine erasure and blocking of personal data
  • If the storage period has elapsed, the personal data are routinely erased.

Data processing in third countries

If the data are processed in a third country (i.e. outside of the European Union (EU), the European Economic Area (EEA)) or they are processed as part of availing oneself of third-party services or disclosure and/or transmission of data to other persons, bodies or businesses, this takes place only consistent with the statutory regulations

We process data or allow data to be processed in third countries, subject to express consent or statutorily required transmission, only if such third countries have a recognised data protection level, contractual obligation by way of so-called standard protection clauses from the EU Commission, or there are certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, EU Commission information page: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

Your rights as the relevant data subject are:

  • 15 GDPR to demand confirmation as to whether or not personal data concerning you are being processed and disclosure about the personal data we are processing.
  • 16 GDPR to demand rectification of your inaccurate stored personal data or completion of your incomplete personal data.
  • 17 GDPR to demand the deletion of your personal data stored by us unless processing of aforesaid is necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for asserting, exercising or defending legal claims.
  • 18 GDPR to demand the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful but you refuse the deletion thereof and we no longer require the data while you require aforesaid in order to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 GDPR.
  • 20 GDPR receipt of the provided personal data in a machine-readable format.
  • 7 (3) GDPR consent can be revoked at any time.
  • 77 GDPR complaint to a supervisory authority.

Cookies: Use, legal basis and purpose

We use so-called cookies to optimally organise the functional scope as well as the technical display of our website and to further optimise this too. These are small text files placed and/or stored on your terminal device. These cookies are used to store data on your computer when you visit our website.

Moreover, we use cookies on our website to enable the users’ surfing patterns to be analysed.

When a user accesses our website, information is provided on the use of cookies for analytical purposes and the user is requested to provide their consent to the processing of their personal data for this purpose. In this connection, reference is also made to this Privacy Policy.

The legal basis is Art. 6 (1) sentence 1) f) GDPR

The legal basis is Art. 6 (1) sentence 1) a) GDPR if the user has provided consent

The purpose of using technically necessary cookies is to simplify the user experience on websites Some of our website functions cannot be provided without cookies. These are functions that need to recognise your browser when you move from one page to another. We require cookies for the following applications: adopting language settings Data collected with technically necessary cookies are not used for profiling purposes.

Analysis cookies are used to improve our website’s quality and contents. Using the analysis cookies, we find out how the website is being used and are thus able to improve our offering continuously.

Storage period:

  • Temporary cookies (also called: session cookies): Temporary cookies are erased no later than when a user has left an online offering and closed their terminal device (e.g. browser or mobile application).
  • Permanent cookies: Permanent cookies remain stored even once the terminal device has been closed. This type of cookies enables you to be recognised when you revisit the website after a prior visit.

Cookie consent tool

We use a cookie consent tool to manage the consents you have provided to use certain tools which are technically unnecessary.

If a tool requires cookies, you will be informed about the requested cookies in a pop-up window before you use the tool. You can then decide whether you agree and if so, with which cookies you agree, or

You can adjust your consent again at any time or revoke such.

The cookie consent tool is used based on our legitimate interest in operating the website efficiently in a legally compliant manner. If we do not use such, we will not be able to request the necessary consents and document the user’s decision. We require the documentation pursuant to Art. 5 (2) GDPR to be able to prove that we operate the website consistent with prevailing law.

Date of storage, options for objection and erasure

Cookies are stored on the user’s computer and thence transmitted to our site. This means that, as user, you have full control over the use of cookies. You can change your browser settings to disable the transmission of all or certain cookies. Cookies that have already been stored can be erased at any time. This can also take place automatically. If you disable cookies for our website you may not be able to use all the functions of the website to their full extent.

Social media

Data processing in social media

Various social media are used. As part of communication with users, user data may be processed outside of the European Union, meaning that risks may arise from difficulties in enforcing rights. Regarding US providers certified under the Privacy Shield, we refer to the fact that they thus undertake to adhere to EU data protection standards.

User data are usually processed for advertising and market research purposes to be able to create use profiles from use patterns. The use profiles may be used to display targeted advertisements, for example. For these purposes, cookies are usually stored on the users’ computers, storing the use patterns and interests of the users.

Facebook

Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA („Facebook“)

Visit https://de-de.facebook.com/about/privacy/ to read the settings options that Facebook offers to protect the privacy of the data subject.

The legal basis is Art. 6 (1) sentence 1) f) GDPR

Instagram

Our website uses so-called Instagram social plugins (‘plugins’), which are operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (‘Instagram’). The plugins are marked with an Instagram logo, for example in the form of an ‘Instagram camera’. You can find an overview of the Instagram plugins and their appearance here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges When you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Instagram servers. The content of the plugin is transmitted from Instagram directly to your browser and integrated into the page. Through this integration, Instagram is informed that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram. This information (including your IP address) is sent from your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can immediately attribute your visit to our website to your Instagram account. If you interact with the plugins, for example by pressing the ‘Instagram’ button, this information is also transmitted directly to an Instagram server and stored there. The information will also be published on your Instagram account and displayed to your contacts there. If you do not want Instagram to directly associate the data collected via our website with your Instagram account, you must log out of Instagram before visiting our website. You can prevent the Instagram plugins from loading with additional browser add-ons, e.g. with the NoScript script blocker (http://noscript.net/)

For further information and valid data protection regulations, please visit https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.


LinkedIn

Our website uses social plugins (‘plugins’) of the LinkedIn social network operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. . The plugins are indicated with a LinkedIn logo or the ‘LinkedIn Social Plugin’ label. If you visit a website of Messe Düsseldorf GmbH containing such a plugin, a direct connection to the LinkedIn servers is established when you click the icon. The contents of the plugin are sent directly by LinkedIn to your browser and integrated into the website. When plugins are integrated, LinkedIn is informed that you have visited the relevant page of our website. If you are logged in to LinkedIn, LinkedIn can attribute your visit to your LinkedIn account. If users interact with the plugins, by for example posting a comment, this information is sent directly from your browser to LinkedIn which then stores this information. For the purpose and scope of the data collection and the further processing and use of the data by LinkedIn, as well as your rights and options in this regard to protect your privacy, please visit http://www.linkedin.com/legal/privacy-policy. If you do not want LinkedIn to collect data about you via our website using plugins, you need to log out of LinkedIn before you visit our website.

The legal basis is Art. 6 (1) sentence 1) f) GDPR

Online analysis

Google Maps

On our website, we use the function to embed Google Maps of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; ‘Google’) on our website.
The function enables geographical information and interactive maps to be visually displayed.
In the process, Google also collects, processes and uses data of the visitors to the pages in which the Google Maps are embedded More information about the collection and use of data by Google is available in the Google Privacy Policy: https://www.google.com/privacypolicy.html. You can also alter your settings in the Data Protection Center to manage and protect your data processed by Google.
As a result, your data may also be transmitted to the USA. There is an adequacy decision of the European Commission regarding data transfers to the USA
You have the right at any time to object to the processing of your personal data for reasons arising from your particular situation and the processing is based on Art. 6(1) f) GDPR.
To do this, you need to deactivate the JavaScript application in your browser. However, please note that in this case you might not be able to use the full functionality of this website, such as the interactive map display.
Google AdSense

This website uses Google AdSense, an advertising display service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’). Google AdSense uses so-called ‘DoubleClick DART Cookies’ (‘cookies’). These are text files that are stored on your computer and enable the analysis of your website use. Moreover, Google AdSense also uses so-called ‘web beacons’ (small invisible graphics); using such allows simple activities such as visitor traffic to the website to be recorded, collected and evaluated The information (including your IP address) generated by the cookie and/or the web beacon about your use of this website is usually transferred to one of Google’s servers in the USA and stored there.

Google uses the information received in this way to evaluate your use pattern in terms of the AdSense advertisements. The IP address sent by your browser as part of Google AdSense is not combined with other data held by Google. Under certain circumstances, Google may transfer this collected information to third parties to the extent that this is prescribed by law and/or where third parties process the data on Google’s behalf.

The described data processing takes place pursuant to Art. 6 (1) sentence 1) f) GDPR for advertising targeted to the user by advertising third parties, whose advertisements are shown on this website based on the evaluated user pattern. The processing effectively serves our financial interest in exploiting the economic potential of our website by displaying personalised third-party advertising contents for a fee.

You can find out more about the Google Privacy Policy using the following link: http://www.google.de/policies/privacy/

You may permanently deactivate cookies for advertising specifications by setting your browser software to prevent such or by downloading and installing the browser plugin available under the following link:
http://www.google.com/settings/ads/plugin?hl=de

Please remember that you may not be able to use all the functions of this website to their full extent if you change your browser settings to prevent cookies from being stored.

The legal basis is Art. 6 (1) sentence 1) f) GDPR.

Google-AdWords

Our website includes integrating the so-called Google AdWords service. This is an online advertising service that allows advertisers to place advertisements in the Google search results and in the Google advertising network. Google AdWords allows the advertiser to define specific keywords in advance that are used to match user search terms with the advertiser’s advertisements. In the Google advertising network, advertisements are shown on the basis of an automatic algorithm and the defined keywords on thematically relevant websites.

The provider of the Google AdWords services is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of Google AdWords is to advertise our website by displaying interest-based advertising on third-party websites and in Google search results, and to display third-party advertising on our website. As explained previously, data subjects can change their browser settings to prevent our website’s cookies from being stored there Applying these settings to the Internet browser used would also prevent Google setting a conversion cookie on the data subject’s IT system. Furthermore, any cookie previously set by Google AdWords can be deleted via the Internet browser or another software program at any time.

The data subject can also object to interest-based advertising from Google. Further information on the Google Privacy Policy can be found at https://www.google.de/intl/de/policies/privacy/.

Weitere Informationen und die geltenden Datenschutzbestimmungen von Google können unter https://www.google.de/intl/de/policies/privacy/ abgerufen werden.

The legal basis is Art. 6 (1) sentence 1) f) GDPR

Google Analytics (with anonymisation function)

Our website includes integrating the so-called Google Analytics service. This is a web analysis service provided by Google Inc. (‘Google’). Google Analytics uses cookies. These are small text files that are stored on your terminal device and enable the analysis of your website use. The information generated by the cookie about your use of this website is usually transferred to one of Google’s servers in the USA and stored there. If IP anonymisation is activated on this website, Google will first truncate your IP address within Member States of the European Union or in other states that are parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to and truncated on a Google server in the USA. Google will use this information on behalf of the website operator to evaluate the way you use the website, to collate reports on website activities and to provide the website operator with other services related to website and Internet use. . The IP address sent by your browser as part of Google Analytics is not combined with other data held by Google. You can change your browser settings to prevent cookies from being stored; however, we draw your attention to the fact that, in these circumstances, you may find that you are unable to make full use of all functions on the website. You can also prevent the data (including your IP address) relating to your website use captured by the cookie being sent to or processed by Google by downloading and installing the browser plugin from the following link http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on the Google Privacy Policy can be found at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. For a more specific explanation on Google Analytics, visit https://www.google.com/intl/de_de/analytics.

The legal basis is Art. 6 (1) sentence 1) f) GDPR

Online appointments via Doctolib

For optimum appointment management, Doctolib GmbH, Mehringdamm 51, 10961 Berlin, Germany, is enlisted as a so-called contract processor.

Patients are able to make appointments with us online using the Doctolib calendar system. To make an appointment via Doctolib, you firstly need to sign up with Doctolib.

Doctolib is the controller under data protection law within the meaning of Article 4(7) GDPR.

Any appointment requests via Doctolib are forwarded to us with date and time, as well as your name, first name, telephone number and e-mail address The data are saved to manage the appointment and organise the practice’s activities We are responsible in terms of data protection law for this data processing; Doctolib acts as a contract processor in this regard, is obliged to adhere to data protection law and must not use the data for another purpose.

If you have provided consent, we send reminder text messages or e-mails using a Doctolib appointment management software. In so doing, Doctolib is our contract processor. Reminder messages are thus sent even if no appointments have been made originating from www.doctolib.de. If you grant consent, this may be revoked with effect for the future at any time.

For more specific information, visit www.doctolib.de

The legal basis is Art. 6 (1) sentence 1) b) GDPR

Purpose

  • Appointment management
  • Managing the treatment steps (appointment notification, appointment alterations, cancellations)

Which personal data are processed?

  • Family name (and name at birth), first name, date of birth
  • Telephone number, e-mail address, postal address
  • Password
  • Reason for the appointment
  • Treating physician
  • Appointment sequence

Personal data are not forwarded to commercial or advertising partners and used only to fulfil the mandate.

The legal basis is Art. 6 (1) sentence 1) b) GDPR

Your rights as the relevant data subject are:

  • 15 GDPR to demand confirmation as to whether or not personal data concerning you are being processed and disclosure about the personal data we are processing.
  • 16 GDPR to demand rectification of your inaccurate stored personal data or completion of your incomplete personal data.
  • 17 GDPR to demand the deletion of your personal data stored by us unless processing of aforesaid is necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for asserting
  • 18 GDPR to demand the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful but you refuse the deletion thereof and we no longer require the data while you require aforesaid in order to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 GDPR.
  • 20 GDPR receipt of the provided personal data in a machine-readable format.
  • 7 (3) GDPR consent can be revoked at any time.
  • 77 GDPR complaint to a supervisory authority.

Contact: Doctolib GmbH – Wilhelmstraße 118, Aufgang C, 10963 Berlin, Germany or datenschutz@doctolib.de.

 

Online appointments through tomedo

For optimum appointment management, zollsoft Praxissoftware GmbH is enlisted as a so-called contract processor.

As the manufacturer of the tomedo® practice information system, zollsoft GmbH offers an online service as part of contract processing to book an appointment between the physician and patient.

You do not have to register as a patient to use the service. Once choosing a reason for visit and an available appointment, the patient is prompted to transmit details (e.g. name, date of birth, telephone number, e-mail address) as pre-defined by the practice in a contact form. The practice requires these details, besides your voluntary details and content of your message, to process your enquiry, identify you as a patient of the practice, send appointment reminders and contact you if required (e.g. appointment cancellation at short notice). Your data are temporarily stored on the website for proper use of the online appointment calendar and subsequently transmitted to the local server of the physician’s practice information system. No further patient data are stored. The physician is obliged as part of his or her remit to maintain confidence and to protect this information. The data that are entered are automatically erased from the web server at the end of each calendar quarter at the latest and then stored only in the physician’s local practice information system. If you select the voluntary ‘remember details for next appointment’ option, your entries will be stored locally in your browser until you actively empty the cache and/or remove the tick mark the next time you book an appointment.

Data storage

All data that need to be stored permanently or temporarily to use the online appointment calendar properly are transmitted to a server in the data centre and stored there temporarily pursuant to the provisions of the General Data Protection Regulation (GDPR). Moreover, no data are forwarded to third parties.

The server is technically provided by:
Host Europe GmbH
Hansestraße 111
51149 Cologne
Germany

For more specific information, visit https://zollsoft.de/datenschutz/

The legal basis is Art. 6 (1) sentence 1) b) GDPR

Purpose

  • Appointment management
  • Managing the treatment steps (appointment notification, appointment alterations, cancellations)

Which personal data are processed?

  • Family name (and name at birth), first name, date of birth
  • Telephone number, e-mail address, postal address
  • Password
  • Reason for the appointment
  • Treating physician
  • Appointment sequence

Personal data are not forwarded to commercial or advertising partners and used only to fulfil the mandate.

The legal basis is Art. 6 (1) sentence 1) b) GDPR

Your rights as the relevant data subject are:

  • 15 GDPR to demand confirmation as to whether or not personal data concerning you are being processed and disclosure about the personal data we are processing.
  • 16 GDPR to demand rectification of your inaccurate stored personal data or completion of your incomplete personal data.
  • 17 GDPR to demand the deletion of your personal data stored by us unless processing of aforesaid is necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest or for asserting
  • 18 GDPR to demand the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful but you refuse the deletion thereof and we no longer require the data while you require aforesaid in order to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 GDPR.
  • 20 GDPR receipt of the provided personal data in a machine-readable format.
  • 7 (3) GDPR consent can be revoked at any time.
  • 77 GDPR complaint to a supervisory authority.

Contact: zollsoft Praxissoftware GmbH, Ernst-Haeckel-Platz 5/6, 07745 Jena, Germany https://zollsoft.de/kontakt/

Created by:

DREGER IP LEGAL, Attorney Dirk Dreger, Lindemannstr. 13, 40237 Düsseldorf, Germany, Telephone +49 (0)211 6915 5122, Fax +49 (0)211 6915 5111, info@dregeriplegal.de, www.dregeriplegal.de