1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of data processing, as well as a right to correction, blocking or deletion of this data.
You have the right to object to the processing of your personal data.
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information, mandatory information, patient information
We point out that data transmission over the Internet (eg communication by e-mail) security gaps. A complete protection of the data against access by third parties is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Dr. Erich Rembeck
Dr. Alexander Rauch
Prof. Dr. Hans Gollwitzer
Prof. Dr. Patrick Weber
PD Dr. Norbert Harrasser
Telefon: 089/92 333 940
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Purpose of data processing
Data processing is carried out on the basis of legal requirements in order to fulfill the treatment contract between you and your doctor and the associated obligations. For this purpose, we process your personal data, in particular your health data. This includes medical histories, diagnoses, therapy suggestions and findings that we or other doctors collect. For these purposes, other doctors or psychotherapists with whom you are receiving treatment may also provide us with data (e.g. in doctor’s letters). The collection of health data is a prerequisite for your treatment. If the necessary information is not provided, careful treatment cannot take place.
Recipients of your data
We only transfer your personal data to third parties if this is permitted or required by law (e.g. recurring X-ray examination based on radiation protection law and Art. 9(2) i) DSGVO / § 22(1) c) BDSG) or if you have consented. Recipients of your personal data may primarily be other physicians / psychotherapists, associations of panel doctors, health insurance companies, the medical service of the health insurance companies, medical associations, quality assurance bodies and private medical clearing offices. The transmission is mainly for the purpose of billing for the services provided to you, for clarifying medical questions and questions arising from your insurance relationship. In individual cases, data will be transmitted to other authorized recipients.
Storage of your data
We only keep your personal data for as long as is necessary to carry out the treatment. Due to legal requirements, we are obligated to retain this data for at least 10 years after completion of the treatment. According to other regulations, longer retention periods may apply, for example 30 years for X-ray records according to Section 28 (3) of the X-ray Ordinance.
Revocation of your consent to data processing
The processing of your data is based on legal regulations. Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to file complaints with regulatory authorities
In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the State Data Protection Commissioner of the federal state in which our company is based.
The address of the supervisory authority responsible for us is:
Bavarian State Office for Data Protection Supervision
Promenade 27 (Castle), 91522 Ansbach, Germany
Telephone: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “https://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
The legal basis for the processing of your data is Article 9 (2) h) DSGVO in conjunction with Section 22 (1) No. 1 b) Federal Data Protection Act.
3. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
kraussfirmengruppe GmbH & Co. KG
Streitheimer Straße 22
Telephone: 08294/511 480
4. Data collection on our website
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
5. Analytics and advertising
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
Outsourced data processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic data collection by Google Analytics
This website uses Google Analytics’ demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section “Refusal of data collection”.
6. Plugins and tools
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.
Links to social media are used on this website (e.g. Facebook, Instagram).
You can usually recognize the links by the respective social media logos. To ensure data protection on this website, the connection to the provider’s server is only established when you confirm that you wish to visit this page.