The following information will give you an overview of what happens to your personal data when you visit this website.
“Personal data” means any information relating to an identified or identifiable natural person (“data subject” in the following). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more characteristics specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. (Article 4(1) of the GDPR).
“Processing” means any operation or set of operations performed upon personal data (whether or not by automatic means) such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, reconciliation or linking, restriction, deletion or destruction of personal data (Article 4(2) of the GDPR).
Data collection on this website
Who is responsible for data collection on this website?
How do we record your data?
On the one hand, your data is collected by you providing it to us. This can be information that you enter in a contact form, for example.
Other data is collected automatically or with your consent by our IT systems when visiting the website. This is mainly technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you visit this website.
What do we use your data for?
Part of the data is collected to ensure that the website is made available without errors. Other data may be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right to receive information free of charge about the origin, destination and purpose of your stored personal data at any time. You also have the right to request the correction or deletion of this data. Should you have given us consent to process your data, you can revoke this consent at any time. In addition, you have the right to request the restriction of the processing of your personal data under certain conditions. Furthermore, there is a right to data portability. Moreover, you have the right to object to the processing of your personal data with effect for the future.
Additionally, you have the right to lodge a complaint with the responsible regulatory authority.
If you have any questions about this or anything else regarding data protection, please feel free to contact us at any time.
Analysis tools and tools from third party-providers
When visiting this website, your browsing behaviour may be statistically analysed. This is done mainly with the help of analysis programs.
2. General information and mandatory information
Please be advised that the transmission of data over the internet (e.g. communication via email) cannot be entirely secure. It is not possible to protect this data completely from access by third parties.
Information on the responsible authority
The responsible authority within the meaning of the General Data Protection Regulation (GDPR) for fulfilling the requirements in accordance with Articles 13 and 14 of the GDPR (information obligations) or the responsible body for data processing on this website is:
Dr med. dent. Michael Kratschmayr
Dr med. dent. Zeynep Cerman
Lichtentaler Straße 35, D-76530 Baden-Baden
Secondary place of operation: Hauptstraße 213, D-77866 Rheinau
Partnership registered with the District Court of Mannheim,
Partnership number: PR 700449
Authorised representative partners: Dr Michael Kratschmayr and Dr Zeynep Cerman
Principal place of operation: Lichtentaler Straße 35, D-76530 Baden-Baden
Telephone: +49 (0)7221 / 970 947 0
Fax: +49 (0)7221 / 970 947 11
Secondary place of operation: Hauptstraße 213, D-77866 Rheinau
Telephone: +49 (0)7844 / 889 400 0
Fax: +49 (0)7844 / 889 400 1
“Responsible authority” means a natural or legal person, public authority, agency or other body that alone or in conjunction with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the responsible authority or the specific criteria for its designation may be provided for under Union or Member State law.
GENERAL INFORMATION ON THE LEGAL BASES FOR DATA PROCESSING ON THIS WEBSITE
Legally required Data Protection Officer
We have appointed a Data Protection Officer in accordance with §37 of the GDPR. You can reach our Data Protection Officer, Andreas Mayer, via the following contact details:
zMVZ Drs Michael Kratschmayr & Zeynep Cermen
FAO Data Protection Officer Andreas Mayer
Lichtentaler Straße 35, D-76530 Baden-Baden
INFORMATION ON DATA TRANSFER TO THE USA AND OTHER THIRD COUNTRIES
Among other things, we use tools provided by companies based in the USA or in other third countries that are not secure when it comes to data protection. When these tools are active, your personal data could be transmitted to these countries and processed there. Please note that these countries cannot guarantee data protection at the same level as the EU. For example, US companies are obliged to hand over personal data to security agencies and you, as the data subject, cannot take any legal action against this. Therefore, it cannot be excluded that US agencies (e.g. intelligence services) could process, evaluate and permanently save your personal data found on US servers, for monitoring purposes. We have no influence upon these processing activities.
This website uses SSL and TLS encryption for reasons of security and in order to safeguard the transmission of confidential content such as orders or inquiries that you send to us as the operator of the website. You can identify an encrypted connection by the fact that the address bar in your browser changes from “http://” to “https://” and displays a padlock symbol.
When SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Rights as a data subject / your rights under data protection law
Right to information in accordance with Article 15 of the GDPR:
In particular, you have the right to request information on your personal data that is processed by us, the processing purposes, the category of personal data, the recipients or categories of recipients to whom your data has been or will be disclosed, the scheduled retention period or the criteria for defining the retention period, the right to rectification, cancellation or limitation of processing, objection to processing, lodging a complaint with a regulatory authority, the source of your data if not collected from us and the existence of automated decision-making including profiling and, if appropriate, meaningful information about the logic involved and the implications for you and the intended effects of such processing. You also have the right to request information on whether the personal data concerning you is transferred to a third country. In this context, you can request to be informed about the appropriate safeguards according to Article 46 of the GDPR in relation to the transfer.
Right to data rectification in accordance with Article 16 of the GDPR:
You have the right to correct any incorrect data relating to you and/or to complete any incomplete data we hold about you. The responsible authority shall make the correction without delay.
Right to deletion in accordance with Article 17 of the GDPR:
You have the right to request the deletion of your personal data stored by us, unless the processing is necessary for the purpose of exercising the right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
Right to restriction of processing in accordance with Article 18 of the GDPR:
You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data that you dispute is under review, if you refuse the deletion of your data due to unlawful data processing and instead request the restriction of the processing of your data, if you require your data for the assertion, exercise or defence of legal claims if we no longer need this data after the purpose has been achieved or if you have lodged an objection on the grounds of your particular situation, provided that it has not yet been determined whether our legitimate grounds prevail.
If the processing of personal data relating to you has been restricted, this data may only be processed – with the exception of its storage – with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or of a Member State. If the restriction of processing was restricted in accordance with the above conditions, you will be informed by the responsible authority before the restriction is lifted.
Right to data portability in accordance with Article 20 of the GDPR:
You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request forwarding to another responsible authority, as long as this is technically feasible.
Right to withdraw a granted declaration of consent (Article 7(3) of the GDPR):
You have the right to revoke any consent granted with effect for the future at any time. The consequence of this is that we may no longer continue the data processing based upon this consent. In the event of such revocation, the data concerned shall be deleted without delay, provided that further processing cannot be based upon a legal basis for processing without consent. The revocation of consent shall not affect the legal validity of the processing carried out based upon this consent up to the revocation.
Right to lodge a complaint in accordance with Article 77 of the GDPR:
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the GDPR. You can generally contact the regulatory authority of your usual place of residence or workplace or the place of the alleged infringement for this purpose.
Right to object in accordance with Article 21 of the GDPR:
Insofar as your personal data is processed on the basis of legitimate interests in accordance with Article 6(1)(1)(f) of the GDPR, you have the right to object to the processing of your personal data with future effect at any time in accordance with Article 21 of the GDPR as long as there are reasons relating to your particular situation.
If you exercise your right to object, the processing of the data concerned will be terminated unless we can demonstrate compelling and legitimate reasons for processing warranting protection that outweigh your interests, fundamental rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing. If you exercise your right to object, we will cease processing the data concerned for direct marketing purposes.
Collection of personal data when you visit our website
When use of our website is for information purposes only, i.e. you do not register or otherwise transfer information to us, we collect only the personal data transferred by your browser to our server. Should you wish to look at our website, we collect the following data for technical purposes to be able to present our website to you and guarantee its stability and security (the legal basis for this is Article 6(1)(1)(f) of the GDPR):
- IP address
- Date and time of your request / your visit to the website (the app)
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (information on the specific page that you accessed)
- Access status / HTTP status code
- Relevant volume of data transferred
- Website responsible for the request
- Browser (information on the browser you are using)
- Operating system and its interface (operating system of the computer you are using to access the website or app)
- Language and version of the browser software
The website cannot be accessed or provided to the users without using this data. There is thus a legitimate interest in enabling the technical access and use of the website.
Transmission of data
There will be no transfer of your personal data to third parties for reasons other than those listed below. Under no circumstances will your data be sold.
We will only transmit your personal data to third parties if:
- you have given your express permission for us to do so, in accordance with Article 6(1)(1)(a) of the GDPR;
- the transfer of data is necessary for the establishment, exercise or defence of legal claims in accordance with Article 6(1)(1)(f) of the GDPR, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data;
- there is a legal obligation for the transfer of data, in accordance with Article 6(1)(1)(c) of the GDPR;
- this is legally permissible and necessary for the settlement of the terms of the contract with you, in accordance with Article 6(1)(1)(b) of the GDPR.