In this form, the amedes Group offers unique interdisciplinary medical-diagnostic services for patients, general practitioners and clinics. Dealing with sensitive data is therefore second nature to us. For this reason, adhering to data protection laws and thus protecting your personal data is an important concern to us. In the following, we would like to explain to you what data we collect if you use the internet service of the amedes Group, and what we do to protect your data.
1 What data we process, for how long and for what purpose
1.1 Informational use of the website
Scope of processing. With the mere informational use of our website – in other words if you do not transfer any other information – we only collect your personal data which your browser transfers to our server. If you access our website, we collect the following data: IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT, content of the request (specific page), access status/HTTP status code, respective transferred data amount, website which the request comes from, browser, operating system and its interface, language and version of the browser software.
Purpose and legal basis. The purpose of processing is to make it technically possible to access a website and to ensure stability and security. The legal basis of processing is to maintain our legitimate interests. <For the purposes just mentioned, our legitimate interest is data processing.
Duration of data retention. Data is deleted as soon as it has been used to achieve the intended purposes of its collection. When collecting data for providing the website, this is the case when the respective session is completed. We store IP addresses for seven days to keep track of misuse.
1.2 Contact form
This data includes: name, first name, date of birth, email address, telephone number and your details in free text field and optionally name from your partner, date of birth from your partner and the address.
Fields marked with a star refer to mandatory information. If the message is sent via the contact form, the following data is processed: user IP address, data and time. Before sending, consent for the processing of data is obtained, and thus a reference is made to this data privacy statement. You can of course also communicate with us via the email provided. In this case, the personal data transmitted via email is processed.
Purpose and legal basis. The data is used for the sole purpose of processing your request. <Your consent is the legal basis for the processing of your data. The data which is transferred during the sending of an email is processed on the basis of our legitimate interest. If you get in touch with us in order to conclude a contract, the processing is necessary for carrying out pre-contractual measures.
Duration of data retention. The data mentioned in this subclause is deleted as soon as its collection is no longer necessary. This is the case when the respective contact has been made. The contact is complete if your concern has been addressed, e.g. by answering your questions.
1.6 Integration of Google Maps
Scope of processing. We integrate Google Maps into our webpage, which is a map service of Google Inc.
By visiting the website, Google is notified that you have accessed the page to which the map is integrated. In addition, the data mentioned under 1.1 is transferred. It is irrelevant whether or not you have a Google user account. However, if you are logged into your Google user account, you data is assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button.
For the purpose of the legal basis. Google stores your data as a user profile and uses it for purposes of advertising and market research. In particular, such an evaluation is made (even for users who are not logged in) to provide on-demand advertising and to inform other Google users about your activity on our website. Further details about the purpose and scope of data collection and its processing by Google can be found in the data privacy statement by Google. Here, you will find more information about your rights and setting options for protecting your privacy: http://www.google.de/intl/de/policies/privacy. Your consent is the legal basis for the processing.
Recipient/transferral to third countries. Google Inc. in the USA is the recipient of the data.
Once the European Commission for the USA assumes that there is an inadequate level of data protection, this is established for Google Inc. on the basis of the EU-US Privacy Shield.
Special rights of those affected: You have a right to object to the formation of the user profiles; to do so, you need to contact Google: https://adssettings.google.com/authenticated
1.9 Registration for events
Scope of processing. If you register for an event, we may need specific information from you, depending on the nature of the event. In the registration form, the mandatory and optional fields are marked respectively. Your data is not shared with third parties. Any exceptions (for example, at cooperation events) are clearly communicated at the time of registration.
Purpose and legal basis. We only use your data for the event and to send you information about similar events, as well as to substantiate that we are allowed to send you this information based on your previous registration and for customer service. If participation in the event is subject to charge, we must also store your registration data and, if necessary, payment data for tax and commercial reasons. We therefore process your data to fulfil a contract. Processing for the purpose of providing information on your request is based on our legitimate interest. Tax and commercial regulations are the basis for storing commercial or business letters or accounting documents (§ 147 of the General Fiscal Law (AO), 257 of the German Commercial Code (HGB)). Legitimate interests include the fulfilment of your requests, the promotion of the sale of our products and services through appropriate advertising, the assertion or exercise of legal claims and defence against legal claims.
Duration of data retention. We will erase your data for business letters and other tax-relevant documents by 31 March of the seventh calendar year after their occurrence; for accounting documents, this occurs after the eleventh calendar year. For event purposes, we will delete your data three months after the end of the event; for the purpose of sending information as soon as you object or when we finally stop sending information; for the purpose of customer service as soon as you object or until 31 March of the fifth calendar year after the end of the last event you registered or participated in, or after you otherwise expressed your interest; and for the purpose of providing information on your registration by 31 March of the fourth calendar year following the last provision of information.
Some elements of our website require that the accessing browser be identified even after a page break.
Cookies are used on the basis of your consent; however, cookies which are technically necessary are used on the basis of our legitimate interest. Our legitimate interest lies in the purpose described here.
Duration of data retention. Cookies are stored on your computer. The duration of the storage can be found in the overview in the cookie settings of your browser. By changing settings in your browser, you can prevent or restrict the transmission of cookies. Pre-stored cookies can be deleted at any time. This can also be automated, such as when you close your browser. If cookies are disabled for our website, it may not be possible to fully use all the functions of the website.
1.13 Google Analytics (soon to be: Google Marketing Platform)
Purpose and legal basis. Google will use the data on our behalf to analyse the use of our website and to compile reports on usage for us. If necessary, the data will also be used to provide paid services to us. Your consent is the legal basis for the use of Google Analytics.
Duration of data retention. The data (i.e. the data associated with the cookies, user IDs or promotional IDs and the data itself) is automatically deleted after 14 months.
Recipient/transferral to third countries. Google Inc. in the USA is the recipient of the data. Once the European Commission for the USA assumes that there is an inadequate level of data protection, this is established for Google Inc. on the basis of the EU-US Privacy Shield.
Special rights of those affected: you can stop Google Analytics’ tracking at any time by clicking on the opt-out option below. In this case, an opt-out cookie will be used on your account. <This will cause Google Analytics to stop collecting session data from this point in time. Opt-out: Deactivate Google Analytics
In addition, you can permanently prevent the collection of your data by installing the following browser plug-in: https://tools.google.com/dlpage/gaoptout?hl=de. You can find more information on how to handle user data with Google Analytics in the Google data privacy statement: https://support.google.com/analytics/answer/6004245?hl=de.
Opt-Out: Disable Google Analytics
1.14 Google Fonts
This website uses so-called web fonts provided by Google to display fonts. Google Fonts is a service of Google Inc. (“Google”). These web fonts are integrated using a Google server call which is usually located in the USA. This call transmits, among others, the IP address, the browser used and the visitor’s device to Google.
2 Rights of those affected
Your rights as a victim are fully guaranteed by us. In the following, we will briefly explain what these rights are:
2.1 Contradictions in advertising
You may at any time object to the use of your data for promotional purposes – with effect for the future.
2.2 Revocation of consent
You may also at any time withdraw your consent to the processing of personal data – with effect for the future. If needed, details on this can be found under Figure 1.
2.3 Further rights
If we process personal data about you, you have a right to the following under the respective legal requirements with regard to personal data relating to you:
You also have the right to complain to us about the processing of your personal data by us at a data protection supervisory authority – for example at the supervisory authority responsible for us: the Hamburg Commissioner for Data Protection and Freedom of Information.
If you send personal information to us, amedes will give you the option to transfer the information encrypted. This encryption protects the confidentiality of the data exchange between you and our web server and helps prevent misuse of the data, e.g. to prevent wiretapping. We use SSL (Secure Socket Layer) as encryption technology. This is a recognised and widely used technique.
The responsible party for the General Data Protection Regulation is:
If you have specific questions on data protection, please contact our data protection officer:
amedes Medizinische Dienstleistungen GmbH
Telephone: 040.33 44 11-9922
We will process your requests immediately and let you know what measures we have taken.