1. Preamble
Below we inform you about the details of data protection when visiting our website.
The use of our website is generally possible without providing personal data.
If personal data is collected when you visit our website, we process it exclusively in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
The processing of personal data takes place exclusively in accordance with this data protection declaration.
We would like to point out that security gaps may occur during data transmission via the Internet, which cannot be prevented by the technical design of this website. Complete protection of personal data is not possible when using the Internet.
2 Responsible body, Art. 13 para. 1 lit. a GDPR
Mr Michael Molitor
Tückinger Höhe 8
58135 Hagen (North Rhine-Westphalia)
Phone: 49 (0)162/8340250
E-mail: molitor@schleifklinik.de
3 Data Protection Officer
Our data protection officer is:
GDI Society for Data Protection and Information Security mbH
58095 Hagen (North Rhine-Westphalia)
E-mail: datenschutz@gdi-mbh.eu
4 Hosting
Our website is operated on servers of united-domains AG, Gautinger Straße 10, 82319 Starnberg
We have concluded a data processing agreement with united-domains AG.
When you access our websites, data is automatically collected and stored in log files on our host's server. This data may contain personal information. The data collected includes:
- IP address of the requesting computer (in anonymized form )
- Date and time of access to our website
- Time zone of the requesting computer
- transmitted input values (e.g. email addresses)
- Name and URL of the requested page on our website
- URL from which the page was requested or the desired action was initiated
- Message about successful retrieval
- the Internet service provider of the accessing system
- screen settings or screen resolution used by the requesting computer
- Files requested on our website
- Connections to a link outside our website (outlink)
- Main language of the browser of the requesting computer
- Time required to display the requested content on the requesting computer (page generation time, transfer rate and page speed)
- Time required for the website to be generated by the server and downloaded by the user
- User location (country, region, city, latitude and longitude (geolocation)
- browser types and versions used
- the operating system of the requesting computer (referrer)
- Device type, brand and model of the requesting computer (desktop, mobile, TV, car, console, etc.)
- the last page you visited on our website
- other similar data and information used to avert threats in the event of attacks on our information technology systems
This data will not be merged with other data sources. The legal basis for data collection is Art. 6 Paragraph 1 Clause 1 Letter f of GDPR. Our legitimate interest in data collection arises from the purposes mentioned.
The data is deleted by the host as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session has ended.
In case the data is stored in log files, this technical information will be deleted after 14 days deleted or made unrecognizable.
The collection of data to provide the website and the storage of data in log files is essential for the operation of the website. You therefore have no option to object.
5 cookies
In addition to the data mentioned above, cookies are used on your computer when you use and visit our website.
When you visit our website for the first time, you will be asked whether you agree to the use of cookies and, if so, which categories you agree to.
Cookies are small text files that are stored by your browser on your device to save certain information. Furthermore, these cookies are used to make the use of our services more pleasant and convenient for you or for analytical purposes.
Most of the cookies we use are so-called "session cookies". They are used to provide you with the technical services of our website. After your visit, these cookies are automatically deleted from your browser.
Other cookies remain on your computer and enable us to recognize your device on your next visit (so-called persistent or permanent cookies).
The next time you visit our website using the same device, the information stored in cookies will be read either by our website (“first-party cookie”) or by another website to which the cookie belongs (“third-party cookie”).
These cookies are automatically deleted from your system after a preset period of time, which varies depending on the cookie.
Through the information stored and sent back, the respective website recognizes that you have already accessed and visited it with the browser of your device.
We use this information to optimally design and display the website according to your preferences. Only the cookie itself is identified on your device.
Any further storage of personal data will only take place with your express consent or if this is absolutely necessary in order to be able to use the service offered and accessed by you accordingly.
This website uses the following types of cookies, the scope and functionality of which are explained below:
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, e.g. third-party cookies (cookies that are set by a third party, i.e. not by the actual website you are currently on), exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. You can delete saved cookies at any time using your web browser.
You have the option of deactivating cookies in your browser at any time.
However, if cookies are deactivated, the functionality of this website may be limited.
Unless you have made or make any different settings, cookies that are intended to enable or ensure the necessary technical functions will remain on your device until you close the browser; other cookies may remain on your device for longer (maximum 6 months).
To protect your privacy, you should regularly check the cookies on your device and your browser history and delete them yourself.
6 SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties (end-to-end encryption). The protocols authenticate the communication partner and ensure the integrity of the data being transported.
7 Storage period
Unless a more specific storage period is specified in this data protection declaration, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion will take place once these reasons no longer apply.
8 contact options
On our website you can contact us by email or contact form to contact.
In this context, your details from the form (or/and from the email), including the contact details you provided there, will be stored and processed by us for the purpose of processing your request and in the event of follow-up questions. This data (name, telephone number, email address) will not be passed on to third parties without your consent.
The data will not be merged with other data collected on this website.
The processing of this data is based on Art. 6 Para. 1 Clause 1 Letter b GDPR, provided that your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 Para. 1 Clause 1 Letter f GDPR).
).
[Gm|D7]
The data you provide in the contact form or in the e-mail will remain with us until you request us to delete it, you object to the processing
or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
9 OpenStreetMap
By accessing the map service, OpenStreetMap uses user data exclusively for the purposes of displaying the map functions in the best possible way and temporarily storing the selected settings. This data includes in particular IP addresses, data about your browser, device and operating system, as well as data about the website visit.
If you have a user account with OpenStreetMap and are logged in when you visit our website, the following data will also be transferred to the OpenStreetMap servers:
· Email address associated with your account and
· content blocked by the user and associated messages.
The integration of the map representations is based on Art. 6 Paragraph 1 Clause 1 Letter f of GDPR. This is done to make our website more user-friendly and interesting. This is also our legitimate interest.
For the United Kingdom, there is an adequacy decision of the European Commission within the meaning of Art. 45 GDPR, on the basis of which no further special authorization is required for the transfer of data to Switzerland. The adequacy decision of the European Commission is available at this link: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32000D0518 .
By deactivating JavaScript in your browser, you can prevent data transfer to the OpenStreetMap servers. In this case, however, you will not be able to use the map display.
For more information on data protection in connection with OpenStreetMap, please see here .
10 Mapbox
This site uses the Mapbox map service via an API. The provider is MapBox Inc., 740 15th St NW, Washington, DC 20005, USA.
In order to use the functions of Mapbox, it is necessary to save your IP address. This information is usually transferred to a Mapbox server in the USA and saved there. The provider of this site has no influence on this data transfer.
If you do not want Mapbox to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use the map display.
The legal basis for the use of Mapbox is your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR, provided that you give us your consent to do so when you first access the site. Since MapBox Inc. has not certified itself for the EU-US Data Privacy Framework, we have concluded a data processing agreement with the provider containing standard data protection clauses within the meaning of Art. 46 Para. 2 lit. c GDPR.
For more information on how user data is handled, see Mapbox’s privacy policy: https://www.mapbox.com/privacy/ .
Among other things, it states that the visitor's IP address, the address of the page visited, the date and time and the pages accessed are stored. Mapbox says it uses this information solely to improve the service provided for diagnostic and analytical purposes. Mapbox does not pass on personal data to third parties.
You also have the option to prevent cookies from Mapbox by disabling third-party cookies in your browser settings.
11 Google
11.1 Information about Google services
We use various services from Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland on our website.
This means that Google may receive information from you. It cannot be ruled out that Google will also transmit the information to a server in a third country.
For the transmission of personal data, we have concluded a data processing agreement with Google containing EU standard data protection clauses in accordance with Art. 46 GDPR. Google has committed itself to complying with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 95/46/EC (Standard Contractual Clauses - SCC).
For further information please visit: https://policies.google.com/privacy/frameworks?hl=de
Furthermore, the provider has joined the EU-US Data Privacy Framework for data transfers to the USA, which ensures compliance with the European data protection level on the basis of an adequacy decision of the European Commission.
We have no influence on what data Google actually collects and processes. Google states that, in principle, the following information (including personal data) may be processed:
- Protocol data (especially the IP address)
- Cookies and similar technologies
If you are logged into your Google Account, Google may link the processed information to your account, depending on your account settings. You can find more information from Google at https://www.google.com/intl/de/policies/privacy/index.html.
You can prevent this by logging out of your Google account or by making the appropriate account settings in your Google account. You can also prevent the installation of cookies - if Google sets any - by making the appropriate settings in your browser; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
For more information, please see Google’s privacy policy, which you can access here: https://www.google.com/policies/privacy/
For more information about the individual Google services that we use on this website, please see the additional privacy policy.
11.2 Google reCAPTCHA v3
We use the Google reCAPTCHA tool in version v3 on our website. The provider of the tool is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google").
Google reCAPTCHA v3 helps us keep our website secure and ensure that interactions on our website are carried out by a human and not by automated programs (so-called bots).
To do this, reCAPTCHA v3 analyzes the user's behavior using an advanced risk analysis engine and adaptive algorithms based on various characteristics
During the analysis, the following data is transmitted to Google:
- IP address Referrer URL operating system Cookies Mouse movements/keystrokes Length of stay Device settings (e.g. language settings or location) This analysis starts automatically as soon as the website visitor enters the website and takes place in the background. You can recognize the use of reCAPTCHA v3 by the symbol in the bottom right corner. The legal basis for the use of reCAPTCHA is your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR and Section 25 Paragraph 1 TTDSG, provided that you give us your consent to do so when you first access the site.
- To withdraw your consent, see “Cookies”.
- Google processes your data in the USA, among other places. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision of the European Commission.
- The terms of use of the reCAPTCHA service can be found at: https://www.google.com/intl/de/policies/privacy/ .
11.3 Google Fonts
- By integrating Google reCAPTCHA, “Google Fonts” are loaded, offered by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or if you have your registered office or place of residence in the EU, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
- We have no influence on that.
- The files required for this purpose may be provided via the Google domains fonts.googleapis.com, maps.gstatic.com, maps.googleapis.com and/or fonts.gstatic.com are requested.
- Gstatic is a domain used by Google to load static content into another domain name to reduce bandwidth usage and increase network performance for the end user.
- By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition,
- - the IP address,
- - Date and time of the request,
- - Time zone difference to Greenwich Mean Time (GMT),
- - Content of the request (specific page),
- - Access status/HTTP status code,
- - the amount of data transferred,
- - the website from which the request comes (so-called referrer),
- - Type and version of the browser used, including the language version used, and
- - Type and version of the operating system and interface used
- from your browser directly to a Google server. Google does not store this information and only uses it to deliver the requested fonts and to detect and, if necessary, ward off attacks on the IT system.
- If you have given your consent that the tools mentioned may be activated and Google Fonts may be reloaded, the legal basis for data processing is this consent (Art. 6 Para. 1 Clause 1 Letter a of GDPR).
- For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level on the basis of an adequacy decision of the European Commission.
- Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights and setting options for protecting your privacy: http://www.google.de/intl/de/policies/privacy .
12 Your rights and assertion of rights
- You are entitled to the rights set out below. You can assert these rights against us. To assert your rights, please use the data provided above or contact us by email at: [email address]. Information:
- According to Art. 15 GDPR, you have the right to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on its details;
- Correction:
- According to Art. 16 GDPR, you have the right to request the immediate correction of inaccurate or completion of your personal data stored by us;
- Deletion:
- According to Art. 17 GDPR, you have the right to request the erasure of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- Restriction of processing:
- According to Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or V defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR;
- Data portability:
- According to Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller;
- Revocation of your consent:
- According to Art. 7 Para. 3 GDPR, you have the right to revoke your consent at any time. This means that we may no longer continue the data processing based on this consent in the future. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
- Please send your revocation to the details given above or by email to: molitor@schleifklinik.de
- Right to object You have the right to object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6 (1) sentence 1 letter e) or f) of the GDPR, for reasons related to your particular situation; this also applies to profiling based on these provisions. The controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims. If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes. In connection with the use of information society services, you have the option of exercising your right of objection by means of automated procedures that use technical specifications, regardless of Directive 2002/58/EC. Automated decision-making in individual cases including profiling You h You have the right not to be subjected to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision is necessary for entering into or fulfilling a contract between you and the controller, is permitted by Union or Member State law to which the controller is subject, and this law contains appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, or is made with your explicit consent.
- However, these decisions must not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) GDPR applies and appropriate measures to protect your rights and freedoms as well as your legitimate interests have been taken.
- Complaint to a supervisory authority: S According to Art. 77 GDPR, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or of our company headquarters.