This privacy policy is intended to inform you as a user of the website about the nature, scope and purpose of the collection and use of personal data.

General information

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Dr. Kurt Hohenstein, hereinafter referred to as the website operator. The website operator treats your personal data confidentially and in accordance with the statutory provisions. As the constant further development of the website may necessitate changes to this data protection declaration, we recommend that you read the data protection declaration again at regular intervals. Definitions of the terms used (e.g. “personal data” or “processing”) can be found in Art. 4 GDPR.

Web hosting and encryption

To provide this online service, we use storage space, computing capacity and software provided by an external service provider (server provider or web host). The legal basis for order processing by the server provider is the legitimate interest in a secure, fast and efficient provision of this website by a professional provider in accordance with Art. 6 para. 1 lit. f GDPR.

This website uses SSL encryption to protect data transmission. You can recognize an encrypted connection by the character string “https://” and a lock symbol in the address bar of your browser. Entries in the order forms for prescriptions and referrals are protected by PGP encryption and can only be decrypted and viewed on specially authorized end devices of the website operator.

Access data

If you use this website purely for information purposes, i.e. if you do not actively transmit any information (e.g. by filling in forms), we only collect the data that your browser automatically transmits to the server and store it there in so-called “server log files”. The following data, which is technically required to display the website correctly, is logged in this way:

• Subpage visited
• Time at the time of access
• Amount of data sent in bytes
• Source/reference from which you reached the page
• Browser used
• Operating system used
• IP address (anonymized)

The legal basis for the processing of this data is legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR in order to generally enable the presentation of the website and to improve its stability and functionality. This data is not merged with other data sources. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

Cookies and web analysis services

Cookies are small text files that can be stored on the end device of a website user, for example to store settings and logins or to analyze user behavior. This website does not integrate analysis services or so-called tracking cookies. Only a technically necessary cookie is used to store the language setting. According to a judgment of the ECJ on 01.10.2019 (C-673/17), such technically necessary cookies (also called essential cookies) may be used without the active and informed consent of the website visitor.

Dealing with inquiries & contact details

If you contact us via the contact options offered (e.g. by telephone, via the order forms for prescriptions and referrals or by e-mail), your request, including all personal data resulting from it (e.g. name, address, e-mail address), will be stored and processed by us exclusively for the purpose of processing your request or for contacting you and the associated technical administration. This may involve a comparison with your patient data stored by us. We will not pass this data on to third parties without your express consent.

The legal basis for the processing of the data is our legitimate interest in processing your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract or is related to the fulfillment of a contract, Art. 6 para. 1 lit. b GDPR is an additional legal basis for the processing. The data you send to us in the context of contact requests will remain with us until you request us to delete it. Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Rights of the user

As a user, you have the right to request information free of charge about what personal data has been stored about you. You also have the right to have incorrect data corrected and to have the processing of your personal data restricted or deleted. If applicable, you can also assert your right to data portability. If you believe that your data has been processed unlawfully, you can lodge a complaint with the competent supervisory authority.

Deletion of data

Unless your request conflicts with a legal obligation to retain data (e.g. accounting obligation), you have the right to have your data erased. If deletion cannot be carried out because the data is required for permissible legal purposes, data processing will be restricted. In this case, the data will be blocked and not processed for other purposes.

Right to object

Users of this website can exercise their right to object to the processing of their personal data at any time. If you would like a correction, blocking, deletion or information about the personal data stored about you or if you have questions regarding the collection, processing or use of your personal data or if you would like to revoke your consent, please contact the following e-mail address: info@allgemeinarztpraxis-hohenstein.de