Name and address of the data controller

Mrs. Dr. med. Shamim Shahab

Pariser Str. 89

40549 Düsseldorf

Contact:

Phone: + 49(0)211 959 54 800

E-mail: kardiologie-angiologie@rkm740-klinik.de

The controller of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Data collection/legal basis of processing

You are hereby informed about the data collection of personal data collected, used and processed on this website. An explanation of your rights follows.

Collection of general data and information

When calling up this website, your end device automatically sends information to our website server via the browser used, which is temporarily stored in a log file. The information collected and stored includes:

• Date of access
• IP address (PC/end device)
• URL (of the file accessed),
• Referrer URL
• Browser / operating system / access provider

Purpose:

• Connection and technical use of the website,
• administration and system security

The legal basis is: Art. 6 para. 1, p. 1, f) DSGVO.

This website uses SSL or TLS encryption.

Data collection in case of contact

In the event of contact being made via the contact form or by e-mail or by telephone, your personal data will be processed for the purpose of processing your inquiry.

The personal data provided by the data subject is collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the transfer to one or more processors, who will also use the personal data exclusively for an internal use attributable to the controller.

In the event that you contact us, the following data will be collected from you and then stored by us:

• Name and address
• E-mail address
• Telephone number
• Insurance data
  

The purpose of the data collection and storage is:

• Quotation preparation
• Patient identification
• Appointment making
• OP planning
• Processing and handling of the order for correspondence with you
• invoicing
• to the completion of possibly existing liability claims, as well as the asserting of possible claims against you
• technical administration of the website
• administration

Your consent will be obtained from you in the ordering process before this data is processed.

Legal basis:

Art. 6 para. 1, p. 1, f) DSGVO.

Art. 6 para. 1, p.1, b) DSGVO (conclusion of contract).

Art. 6 para. 1, p. 1, a) DSGVO (consent).

Newsletter

If you voluntarily subscribe to our newsletter (regular promotional information e-mail about our medical services and offers or other information from our company), the data you provide will be used exclusively for this purpose and will not be passed on to third parties.

This includes information relevant to the service or registration. The validity of the email address is checked using the so-called “double-opt-in” procedure. For this purpose, the order of the newsletter is checked by sending a confirmation email and the reply. No further data is collected.

Unsubscribing from the newsletter (revocation of consent) is possible at any time and can be done either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. You will not incur any additional costs for the cancellation beyond the regular promotion costs (e.g. costs for a telephone call). The data processing based on your consent is carried out in accordance with Art. 6 para. 1, p. 1, a) DSGVO.

Dispatch of the newsletter

Existing patients

We reserve the right to send you regular information about our medical services and offers by e-mail. For this purpose, we do not need to obtain separate consent from you in accordance with Section 7 (3) of the German Unfair Competition Act (UWG). In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 para. 1, p. 1, f) DSGVO. If you have initially objected to the use of your e-mail address for this purpose, no e-mails will be sent by us. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. For this, you will only incur transmission costs according to the prime rates. After receipt of your objection, your email address will be removed from the distribution list.

Storage period

Personal data collected and transmitted in connection with the processing of your inquiry or treatment will be stored until the expiry of the statutory retention period. After expiration of the legal obligation to retain data, all data will be deleted, unless a longer storage is obligatory according to Article 6 para. 1, p. 1, c) DSGVO due to tax and commercial law retention and documentation obligations (from HGB, StGB or AO (e.g. 10 years for tax-relevant documents or 6 years for other business letters)) or you have consented to an additional storage according to Article 6 para. 1, p. 1, a) DSGVO.

Obligation to provide

The provision of personal data is partly required by law (tax law) or may result from contractual regulations (transparency of the contractual partner). Failure to provide personal data would be contrary to the conclusion of a contract and therefore does not take place. Any information on the legally or contractually required provision of personal data can be obtained from the person responsible.

Transfer of data

A transfer of your personal data to third parties for purposes other than those listed below does not take place. A transfer requires:

• Express consent Art. 6 para. 1, p. 1, a) DSGVO, or.
• Necessity of disclosure according to Art. 6 para. 1, p. 1, f) DSGVO for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data, or
• Legal obligation according to Art. 6 para. 1, p. 1, c) DSGVO, or
• Necessity for the processing of the mandate relationship according to Art. 6 para. 1, p. 1, b) DSGVO.
• Routine deletion and blocking of personal data.
• Once the storage period has expired, the personal data will be routinely deleted. 

Your rights as a data subject affected by the data collection:

• 15 DSGVO To request confirmation as to whether personal data in question is being processed and to request information about your personal data processed by us.
• 16 DSGVO To request correction of inaccurate or completion of your stored personal data.
• 17 GDPR to request erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.
• 18 DSGVO to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Article 21 DSGVO;
• 20 DSGVO receipt of the personal data provided, in a machine-readable format.
• 7 para. 3 DSGVO Consent can be revoked at any time
• 77 DSGVO Complaint to the supervisory authority

Cookies: use, legal basis and purpose

So that we can optimally design the functional scope as well as the technical presentation of our website and also further optimize it, we use so-called “cookies”. These are small text files that are stored on your terminal device. With the help of these “cookies”, data can be stored on your computer when you call up our website. We also use cookies on our website that enable an analysis of the user’s surfing behavior. When calling up our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of personal data used in this context is obtained. In this context, a reference to this privacy policy is also made.

The legal basis is Art. 6 para. 1, p.1, f) DSGVO.

The legal basis in the case of consent given by the user is Art. 6 para. 1, p.1. a) DSGVO.

The purpose of the use of technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change. We require cookies for the following applications: Acceptance of language settings. The user data collected by technically necessary cookies are not used to create user profiles.

Analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer.

Duration of storage, possibility of objection and removal

Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all website functions to their full extent.

Social media

Data processing in social media

Various social media are used. In the context of communication with users, user data may be processed outside the European Union, which may result in risks by making it more difficult to enforce rights. Regarding US providers certified under the Privacy Shield, we point out that they thereby undertake to comply with EU data protection standards.

As a rule, user data is processed for advertising and market research purposes in order to be able to create usage profiles from usage behavior. The usage profiles can be used, for example, for the targeted placement of advertisements. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored.

Facebook

Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). At https://de-de.facebook.com/about/privacy/, it is explained which setting options Facebook offers to protect the privacy of the data subject.

The legal basis is Art. 6 para. 1, p. 1, f) DSGVO

Instagram

Part of our website is the integration of the so-called social plugin (“plugins”) of Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. You can find an overview of the Instagram plugins and their appearance here: 

http://blog.instagram.com/post/36222022872/introducing-instagram-badges 

When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the servers of Instagram. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged into Instagram. This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. If you interact with the plugins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly assign the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent the loading of Instagram plugins with add-ons for your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).

Further information and the applicable privacy policy of Instagram can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

Google Maps

We use on our website the function for embedding GoogleMaps maps of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).

The function enables the visual display of geographical information and interactive maps.

Google also collects, processes and uses data from visitors to the pages in which GoogleMaps maps are integrated. More information on the collection and use of data by Google can be found in the privacy policy of Google at https://www.google.com/privacypolicy.html. There you also have the option in the Privacy Center to change your settings so that you can manage and protect your data processed by Google.

Your data may also be transferred to the USA. An adequacy decision of the European Commission is available for data transfers to the USA.

You have the right to object at any time to this processing of personal data relating to you based on Art. 6 (1) f DSGVO for reasons arising from your particular situation.

To do so, you must switch off the JavaScript application in your browser. However, we would like to point out that in this case you may not be able to use all functions of this website, such as the interactive map display, to their full extent.

Google AdSense

This website uses Google AdSense, a web advertising service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google AdSense uses so-called “DoubleClick DART cookies” (“cookies”). These are text files that are stored on your computer and enable an analysis of your use of the website. In addition, Google AdSense also uses so-called “web beacons” (small invisible graphics) to collect information, through the use of which simple actions such as visitor traffic on the website can be recorded, collected and analyzed. The information generated by the cookie and/ or web beacon (including your IP address) about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google uses the information thus obtained to carry out an evaluation of your usage behavior with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense will not be merged with other data from Google. The information collected by Google may be transferred to third parties if required by law and/ or if third parties process this data on behalf of Google.

The described processing of data is carried out in accordance with Art. 6 (1) lit. f DSGVO for the purpose of targeted advertising addressing of the user by advertising third parties, whose ads are displayed on this website based on the evaluated user behavior. At the same time, the processing serves our financial interest in exploiting the economic potential of our website by displaying personalized third-party advertising content for a fee.

You can obtain more information about Google’s data protection policy at the following Internet address: 

http://www.google.de/policies/privacy/.

You can permanently disable cookies for advertising preferences by preventing them by changing the settings of your browser software or by downloading and installing the browser plug-in available at the following link:

http://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may not be available or may be restricted if you have deactivated the use of cookies.

The legal basis is Art. 6 para. 1, p. 1, f) DSGVO.

Google AdWords

Part of our website is the integration of the so-called service Google AdWords. This is a service for Internet advertising, which allows advertisers to place ads in the search engine results of Google as well as in the Google advertising network. Google AdWords allows an advertiser to specify certain keywords in advance, by means of which an ad is displayed in Google’s search engine results exclusively when the user retrieves a keyword-relevant search result using the search engine. In the Google advertising network, the ads are distributed on topic-relevant websites by means of an automatic algorithm and in compliance with the previously defined keywords.

The operating company of the Google AdWords services is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of Google AdWords is to advertise our website by displaying interest-relevant advertisements on the websites of third-party companies and in the search engine results of the Google search engine and to display third-party advertisements on our website. The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a conversion cookie on the information technology system of the data subject. In addition, a cookie already set by Google AdWords can be deleted at any time via the Internet browser or other software programs.

Furthermore, the data subject has the option to object to interest-based advertising by Google. To do this, the data subject must call up the link www.google.de/settings/ads from any of the internet browsers he or she uses and make the desired settings there. Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/.

The legal basis is Art. 6 para. 1, p. 1, f) DSGVO.

Google Analytics (with anonymization function)

Part of our website is the integration of the so-called service Google Analytics. This is a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”. These are small text files that are stored on your terminal device and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use the information obtained on behalf of the website operator to compile reports on website activity and to provide other services to the website operator relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link:

http://tools.google.com/dlpage/gaoptout?hl=de.

Further information and the applicable privacy policy of Google can be found at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link https://www.google.com/intl/de_de/analytics.

The legal basis is Art. 6 para. 1, p. 1, f) DSGVO.

Online appointments via Doctolib

For optimal appointment management, Doctolib GmbH, Mehringdamm 51, 10961 Berlin is used as a so-called order processor. With the help of Doctolib’s calendar system, patients can make appointments with us online. In order to make an appointment via Doctolib, you must first register with Doctolib.

Doctolib acts as a data protection controller within the meaning of Art. 4 No. 7 DSGVO.

Any appointment requests via Doctolib will be forwarded to us with date and time, as well as your name, first name, telephone number and email address. The data is stored for appointment management and organization of the practice workflow. With regard to this data processing, we are responsible in the sense of data protection law; in this respect, Doctolib acts as an order processor, is obligated in accordance with data protection law and may not use the data for any other purpose.

We send – if you have consented – reminder SMS or e-mails via Doctolib appointment management software. Doctolib acts here as our order processor. Reminder messages are therefore sent even if no original appointment booking has been made via www.doctolib.de. Your consent can be revoked at any time with effect for the future.

You can find more information at www.doctolib.de.

The legal basis is Art. 6 para. 1, p. 1, b) DSGVO.

Purposes:

Appointment management

Management of the course of treatment (appointment notification, appointment changes, cancellations).

Which personal data are processed?

Surname (and maiden name), first name, date of birth

telephone number, e-mail address, postal address

Password

Reason for the appointment

attending physician

Date of appointment

Personal data will not be forwarded to commercial or advertising partners and will only be used for order fulfillment.

The legal basis is Art. 6 para. 1, p. 1, b) DSGVO.

Your rights as a person affected by the collection of data:

15 DSGVO To request confirmation as to whether personal data in question is being processed and to request information about your personal data processed by us.

16 DSGVO To request correction of inaccurate or completion of your stored personal data.

17 GDPR to request erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.

18 DSGVO to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Article 21 DSGVO;

20 DSGVO receipt of the personal data provided, in a machine-readable format.

7 para. 3 DSGVO Consent can be revoked at any time

77 DSGVO Complaint to the supervisory authority

Contact:  Doctotlib GmbH – Wilhelmstraße 118, Aufgang C, 10963 Berlin, Germany or datenschutz@doctolib.de.

Online appointments via tomedo

For optimal appointment management, zollsoft Praxissoftware GmbH is used as a so-called order processor.

As the manufacturer of the practice information system tomedo®, zollsoft GmbH offers an online service for booking an appointment between doctor and patient within the framework of order processing.

The use of the service as a patient is possible without prior registration. After selecting a reason for visit and an available appointment, the patient is asked to submit his or her details (e.g. name, date of birth, telephone number, e-mail address) in a contact form. In addition to the voluntary information and your message content, this information is required by the practice to process your request, identify you as a patient of the practice, send appointment reminders, and contact you if necessary (e.g., last-minute appointment cancellation). Your data is temporarily stored on the web server for proper use of the online appointment calendar and then transmitted to the local server of the practice information system in the doctor’s office. Beyond that, no further data of the patient will be stored. The physician is obliged to maintain confidentiality and to protect this information within the scope of his or her activities. The data entered is automatically deleted from the web server at the end of each calendar quarter at the latest and is then only stored in the physician’s local practice information system as appointment information. If you select the voluntary option “Remember entered data for next appointment”, the data you have entered will be stored locally in your browser until you actively empty the memory or uncheck the box when you next book an appointment.

Data Storage

All data that must be stored permanently or for a limited period of time in order to properly use the online appointment calendar is transmitted to a server in the data center and temporarily stored there in accordance with the provisions of the EU General Data Protection Regulation (DSGVO). Beyond that, no data will be passed on to third parties.

The technical provision of the server is carried out by:

Host Europe GmbH

Hansestrasse 111

51149 Cologne

Germany

You can find more information at https://zollsoft.de/datenschutz/

The legal basis is Art. 6 para. 1, p. 1, b) DSGVO.

Purposes:

• Appointment management
• Management of the treatment process (appointment notification, appointment changes, cancellations).

What personal data is processed?

• Surname (and maiden name), first name, date of birth
• telephone number, e-mail address, postal address
• Password
• Reason for the appointment
• attending physician
• Date of appointment

Personal data will not be forwarded to commercial or advertising partners and will only be used for order fulfillment.

The legal basis is Art. 6 para. 1, p. 1, b) DSGVO.

Your rights as a person affected by the collection of data:

• 15 DSGVO To request confirmation as to whether personal data in question is being processed and to request information about your personal data processed by us.
• 16 DSGVO To request correction of inaccurate or completion of your stored personal data.
• 17 GDPR to request erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.
• 18 DSGVO to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Article 21 DSGVO;
• 20 DSGVO receipt of the personal data provided, in a machine-readable format.
• 7 para. 3 DSGVO Consent can be revoked at any time
• 77 DSGVO Complaint to the supervisory authority

Contact: zollsoft Praxissoftware GmbH, Ernst-Haeckel-Platz 5/6, 07745 Jena, https://zollsoft.de/kontakt/

Created by:

DREGER IP LEGAL, Attorney at Law Mr. Dirk Dreger, Lindemannstr. 13, 40237 Düsseldorf, Germany, Phone 0211/69155122, Fax 0211/69155111, info@dregeriplegal.de, www.dregeriplegal.de