Patient information about data protection
The EU General Data Protection Regulation (EU GDPR) requires us to inform you about the purposes for which our medical practice collects, stores or shares data. This information also tells you about the rights you have in relation to data protection.
Responsibility for data processing
Darmstadt Orthopaedic Centre (OZD)
Luisenplatz 1, 64283 Darmstadt
Tel.: 06151/606720, email: email@example.com
The competent Data Protection Officer can be contacted as follows:
Luisenplatz 1, 64283 Darmstadt
Tel: +49 6151/606720
Purpose of data processing
Data processing is conducted according to statutory regulations to fulfil the contract of treatment and its associated obligations as agreed between you and your doctor. To do so, we process your personal data and your health-related data in particular. This data includes your medical history, diagnoses, recommendations for treatment and findings, as prepared by ourselves or other doctors. For these purposes, other doctors or psychiatrists from whom you are currently receiving treatment may also provide us with data (e.g. in medical reports). Health data has to be collected in order to provide you with treatment. If the necessary information is not provided, then an appropriate course of treatment cannot be provided.
Recipients of your data
We only share your personal data with third parties if this is allowed by law or if you have given us permission to do so. Recipients of your personal data may include doctors/psychiatrists and health insurance associations in particular, as well as health insurers, the Medical Review Board of the Statutory Health Insurance Funds (MDK), medical councils and settlement agents employed by private practice. This data is transferred primarily for the purposes of settling the accounts for the services provided to you, and to clarify medical questions and any matters relating to your insurance status. In individual cases, your data may be shared with other legitimate recipients.
Storage of your data
We store your personal data only for as long as is necessary in order to complete your course of treatment. Legal requirements make it necessary for us to keep this data on file for at least 10 years after the completion of your treatment. Longer retention periods may also apply as a result of specific regulations: for example, German law on the use of X-rays requires X-ray records to be kept for 30 years.
Most of the cookies that we use are the type known as ‘session cookies’: these are deleted automatically after you leave our website. Other types of cookies remain stored on your device until you delete them: we use these cookies to recognise your browser when you visit our website again.
You can configure your browser to notify you before cookies are set, to allow cookies only on a case-by-case basis, or you can permit cookies to be set only in certain situations or stop cookies being set at all. You can also have your browser delete cookies automatically when it is being closed. Please note that disabling cookies may restrict the functionality of this website.
When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.
Data processing agreement
We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.
Server log files
Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
- Your consent status or the withdrawal of consent
- Your anonymised IP address
- Information about your Browser
- Information about your Device
- The date and time you have visited our website
- The webpage url where you saved or updated your consent preferences
- The approximate location of the user that saved their consent preference
- A universally unique identifier (UUID) of the website visitor that clicked the cookie banner
This data is not personally identifiable information. In addition, this data is not aggregated with data from other sources. We reserve the right to analyse this data at a later point in time if we have reasonable grounds for suspecting a legal infringement.
If you send us an enquiry via our contact form, the information you specify in the enquiry form, including your personal contact details, will be stored in order to allow us to process your enquiry and any follow-up questions to your enquiry. We will not share this information without your consent.
For security reasons and to protect the transfer of confidential data, such as the enquiries that you send to us as the site operator, this website utilises SSL encryption. You can identify an encrypted internet connection by the presence of a padlock icon on your browser’s address bar and the prefix ‘https://’ instead of ‘http://’.
When SSL encryption is activated, the data that you send to us cannot be intercepted and read by a third party.
Right to access, erasure and restriction
You have the right to request information about your stored personal data, its origin and destination and the purpose of data processing, as well as a right to rectify, restrict or erase this data, at all times and at no extra cost. Please feel free to contact us about this topic or any other issues concerning personal data by using the address provided in the Legal Notice.
Use of OpenStreetMap
We use the map service of OpenStreetMap (OSM). The provider is the Open Street Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.
When you visit a website that utilizes OpenStreetMap, your IP address and other information about your usage of this website will be forwarded to OSMF. OpenStreetMap may store cookies in your browser. These are text files which are stored on your computer and allow an analysis of your use of the website. You can prevent the storage of cookies by adjusting the settings of your browser. We however point out that you may then perhaps not be able to fully use all the functions of this website.
The use of OpenStreetMap provides you with an appealing presentation of our online offers and assists you in easily finding the places we specify on the site. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If such consent has been requested (eg consent to the storage of cookies), processing will be based exclusively on Article 6 (1) lit. a GDPR; the consent is revocable at any time.
Use of Vimeo components
We use components from the provider Vimeo on our website. Vimeo is a service provided by Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA. On each occasion that a page on our website equipped with a component of this kind is accessed, this component causes the browser you are using to download an appropriate presentation of this component from Vimeo. If you access our website when you are already logged into Vimeo, Vimeo can use the information collected by the component to identify the specific page that you are visiting and can associate this information with your personal Vimeo account. If you click the ‘Play’ button, for example, or post a corresponding comment, then this information is transferred to and stored in your personal Vimeo user account. The information that you have visited our website is also shared with Vimeo. This happens whether or not you click the component or leave a corresponding comment (for example).
The legal basis for the processing of your data is point (h) of Art. 9(2) of the EU GDPR, in conjunction with point (b) of Art. 22(1) no. 1 of the German Federal Data Protection Act (BDSG). Please feel free to contact us if you have any questions.
Your practice team