Data privacy statement
In this form, the amedes Group offers unique interdisciplinary medical-diagnostic services for patients, general practitioners and clinics. Dealing with sensitive data is therefore second nature to us. For this reason, adhering to data protection laws and thus protecting your personal data is an important concern to us. In the following, we would like to explain to you what data we collect if you use the internet service of the amedes Group, and what we do to protect your data.
1 What data we process, for how long and for what purpose
1.1 Informational use of the website
Scope of processing. With the mere informational use of our website – in other words if you do not transfer any other information – we only collect your personal data which your browser transfers to our server. If you access our website, we collect the following data: IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT, content of the request (specific page), access status/HTTP status code, respective transferred data amount, website which the request comes from, browser, operating system and its interface, language and version of the browser software.
Purpose and legal basis. The purpose of processing is to make it technically possible to access a website and to ensure stability and security. The legal basis of processing is to maintain our legitimate interests. <For the purposes just mentioned, our legitimate interest is data processing.
Duration of data retention. Data is deleted as soon as it has been used to achieve the intended purposes of its collection. When collecting data for providing the website, this is the case when the respective session is completed. We store IP addresses for seven days to keep track of misuse.
1.2 Contact form
Scope of processing. On our webpage, we offer you a form via which you can get in touch with us electronically. In this case, the data entered into the input screen is transferred to us and processed.
This data includes: name, first name, date of birth, email address, telephone number and your details in free text field and optionally name from your partner, date of birth from your partner and the address.
Fields marked with a star refer to mandatory information. If the message is sent via the contact form, the following data is processed: user IP address, data and time. Before sending, consent for the processing of data is obtained, and thus a reference is made to this data privacy statement. You can of course also communicate with us via the email provided. In this case, the personal data transmitted via email is processed.
Purpose and legal basis. The data is used for the sole purpose of processing your request. Your consent is the legal basis for the processing of your data. The data which is transferred during the sending of an email is processed on the basis of our legitimate interest. If you get in touch with us in order to conclude a contract, the processing is necessary for carrying out pre-contractual measures.
Duration of data retention. The data mentioned in this subclause is deleted as soon as its collection is no longer necessary. This is the case when the respective contact has been made. The contact is complete if your concern has been addressed, e.g. by answering your questions.
1.6 Integration of Google Maps
Scope of processing. We integrate Google Maps into our webpage, which is a map service of Google Inc.
By visiting the website, Google is notified that you have accessed the page to which the map is integrated. In addition, the data mentioned under 1.1 is transferred. It is irrelevant whether or not you have a Google user account. However, if you are logged into your Google user account, you data is assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button.
For the purpose of the legal basis. Google stores your data as a user profile and uses it for purposes of advertising and market research. In particular, such an evaluation is made (even for users who are not logged in) to provide on-demand advertising and to inform other Google users about your activity on our website. Further details about the purpose and scope of data collection and its processing by Google can be found in the data privacy statement by Google. Here, you will find more information about your rights and setting options for protecting your privacy:http://www.google.de/intl/de/policies/privacy. Your consent is the legal basis for the processing.
Recipient/transferral to third countries. Google Inc. in the USA is the recipient of the data.
Once the European Commission for the USA assumes that there is an inadequate level of data protection, this is established for Google Inc. on the basis of the EU-US Privacy Shield.
Special rights of those affected: You have a right to object to the formation of the user profiles; to do so, you need to contact Google: https://adssettings.google.com/authenticated
1.9 Registration for events
Scope of processing. If you register for an event, we may need specific information from you, depending on the nature of the event. In the registration form, the mandatory and optional fields are marked respectively. Your data is not shared with third parties. Any exceptions (for example, at cooperation events) are clearly communicated at the time of registration.
Purpose and legal basis. We only use your data for the event and to send you information about similar events, as well as to substantiate that we are allowed to send you this information based on your previous registration and for customer service. If participation in the event is subject to charge, we must also store your registration data and, if necessary, payment data for tax and commercial reasons. We therefore process your data to fulfil a contract. Processing for the purpose of providing information on your request is based on our legitimate interest. Tax and commercial regulations are the basis for storing commercial or business letters or accounting documents (§ 147 of the General Fiscal Law (AO), 257 of the German Commercial Code (HGB)). Legitimate interests include the fulfilment of your requests, the promotion of the sale of our products and services through appropriate advertising, the assertion or exercise of legal claims and defence against legal claims.
Duration of data retention. We will erase your data for business letters and other tax-relevant documents by 31 March of the seventh calendar year after their occurrence; for accounting documents, this occurs after the eleventh calendar year. For event purposes, we will delete your data three months after the end of the event; for the purpose of sending information as soon as you object or when we finally stop sending information; for the purpose of customer service as soon as you object or until 31 March of the fifth calendar year after the end of the last event you registered or participated in, or after you otherwise expressed your interest; and for the purpose of providing information on your registration by 31 March of the fourth calendar year following the last provision of information.
1.10 Cookies
Scope of processing. Our website uses cookies. Cookies are text files which are stored by the internet browser on your computer. This cookie comprises a string which allows you to uniquely identify your browser when you visit the site again. We also use cookies to make our website more user-friendly
Some elements of our website require that the accessing browser be identified even after a page break.
In these cookies, data for identifying the user is stored and transmitted. When accessing our website, the user is informed about the use of cookies for analysis purposes, and their consent to the processing of personal data used in this context is obtained. Here, reference is also made to this data privacy statement.
Purpose and legal basis. We use cookies to simplify the use of our website. Other cookies are used for analysis purposes, in particular to improve the quality of our website and to identify interesting topics.
Cookies are used on the basis of your consent; however, cookies which are technically necessary are used on the basis of our legitimate interest. Our legitimate interest lies in the purpose described here.
Duration of data retention. Cookies are stored on your computer. The duration of the storage can be found in the overview in the cookie settings of your browser. By changing settings in your browser, you can prevent or restrict the transmission of cookies. Pre-stored cookies can be deleted at any time. This can also be automated, such as when you close your browser. If cookies are disabled for our website, it may not be possible to fully use all the functions of the website.
1.13 Google Analytics (soon to be: Google Marketing Platform)
Scope of processing. This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses cookies (see Figure 1.9). By using these cookies, it is possible to analyse a user’s activity independently of the use of different devices by assigning a user ID to Google. Information generated by the cookie through the use of our website is transferred to a Google server in the USA and stored there. IP anonymisation has been activated on this website so that the IP address of the Google users within member states of the European Union or in other contracting states of the Agreement on the European Economic Area is shortened beforehand. Only in exceptional cases will the full IP address only be transferred to a Google server in the US and shortened there.
Purpose and legal basis. Google will use the data on our behalf to analyse the use of our website and to compile reports on usage for us. If necessary, the data will also be used to provide paid services to us. Your consent is the legal basis for the use of Google Analytics.
Duration of data retention. The data (i.e. the data associated with the cookies, user IDs or promotional IDs and the data itself) is automatically deleted after 14 months.
Recipient/transferral to third countries. Google Inc. in the USA is the recipient of the data. Once the European Commission for the USA assumes that there is an inadequate level of data protection, this is established for Google Inc. on the basis of the EU-US Privacy Shield.
Special rights of those affected: you can stop Google Analytics’ tracking at any time by clicking on the opt-out option below. In this case, an opt-out cookie will be used on your account. This will cause Google Analytics to stop collecting session data from this point in time. Opt-out: Deactivate Google Analytics
In addition, you can permanently prevent the collection of your data by installing the following browser plug-in:https://tools.google.com/dlpage/gaoptout?hl=de. You can find more information on how to handle user data with Google Analytics in the Google data privacy statement: https://support.google.com/analytics/answer/6004245?hl=de.
Opt-Out: Disable Google Analytics
1.14 Google Fonts
This website uses so-called web fonts provided by Google to display fonts. Google Fonts is a service of Google Inc. (“Google”). These web fonts are integrated using a Google server call which is usually located in the USA. This call transmits, among others, the IP address, the browser used and the visitor’s device to Google.
More details can be found in Google’s data privacy notice: https://www.google.com/policies/privacy/
More information on Google Web Fonts: https://developers.google.com/fonts/faq
2 Rights of those affected
Your rights as a victim are fully guaranteed by us. In the following, we will briefly explain what these rights are:
2.1 Contradictions in advertising
You may at any time object to the use of your data for promotional purposes – with effect for the future.
2.2 Revocation of consent
You may also at any time withdraw your consent to the processing of personal data – with effect for the future. If needed, details on this can be found under Figure 1.
2.3 Further rights
If we process personal data about you, you have a right to the following under the respective legal requirements with regard to personal data relating to you:
- information, rectification or deletion, as well as
- restriction of processing, objection to processing, and data portability.
You also have the right to complain to us about the processing of your personal data by us at a data protection supervisory authority – for example at the supervisory authority responsible for us: the Hamburg Commissioner for Data Protection and Freedom of Information.
3 Security
If you send personal information to us, amedes will give you the option to transfer the information encrypted. This encryption protects the confidentiality of the data exchange between you and our web server and helps prevent misuse of the data, e.g. to prevent wiretapping. We use SSL (Secure Socket Layer) as encryption technology. This is a recognised and widely used technique.
4 Contact
The responsible party for the General Data Protection Regulation is:
amedes Holding GmbH
Haferweg 40
22769 Hamburg
Telephone: 0800.58 91 669
info@amedes-group.com
www.amedes-group.com
If you have specific questions on data protection, please contact our data protection officer:
amedes Medizinische Dienstleistungen GmbH
Herbert Klages
Haferweg 40
22769 Hamburg
Telephone: 040.33 44 11-9922
Email: datenschutz@amedes-group.com
We will process your requests immediately and let you know what measures we have taken.