OsteoFit
Naturopathic practice for osteopathy,
Acupuncture and Pain management
DATA PROTECTION
Data protection
This data protection declaration informs you about the collection of personal data when using this website. The data protection declaration serves to fulfill the legal information requirements of Articles 13 and 14 of the European General Data Protection Regulation (GDPR for short).
General
First we want to inform you about the most important contact details and briefly explain the most important terms. Following this, we will show you the essential data processing operations. You will then find out more information about your rights.
Responsible body
Responsible body within the meaning of Art. 4 Clause 7 GDPR and operator of this website is:
Alex Clara
Richard-Strauss-Strasse 21
81677 Munich
info (at) osteofit-muenchen.de
Definition of terms: personal data
Personal data contain all information that relates to an identified or identifiable natural person (hereinafter "data subject"); A natural person who can be identified directly or indirectly is regarded as identifiable. An assignment to an identifier such as a name or pseudonym, to an identification number, to location data or to an online identifier is sufficient. However, special characteristics are also sufficient for identification, such as the expression of physical, physiological, genetic, psychological, economic, cultural or social identity.
This includes, for example, name, address, telephone number, e-mail address, but also the IP address, even if this is only indirectly or temporarily assigned to a specific person.
A distinction is also made between personal data that are required for the establishment and content design or change of the legal relationship (inventory data) and personal data about the use of Internet pages (usage data).
Definition of terms: hyperlinks and external references
Hyperlinks [colloquial link, in German roughly: reference or link] represent a cross-reference in a document and correspond in principle to sources in a printed document; However, unlike in a book, you can call up these cross-references by clicking on the reference. References in a web document like this are typical. The references can link several documents and websites from different providers. In their entirety, these references reflect the World Wide Web (WWW).
A distinction is made between internal references and external references. Internal references link several text passages or documents under one domain, external references lead to domains, websites and servers of other providers.
Different data protection regulations may apply to other web servers. A closer look at the link shows whether there is a reference to an external website. You can display the destination of the link through your browser. Please inform yourself about this in the instructions of your browser; In many web browsers, it is sufficient for an ad to be displayed if you move the mouse over the link without clicking it. With us, external links are marked by an additional symbol immediately after the link.
Visit the website
When you visit our website for the first time, your web browser transfers usage data to our web server. This is the only way our web server can display the website to your web browser. This usage data is available in the HTTP / S header, is automatically sent by you and used for the duration of the page view. They include, among other things:
the name of the website or file accessed
the date and time of the call
the time zone difference to Greenwich Mean Time (GMT),
the amount of data transferred,
a message about the successful retrieval (access status / HTTP status code)
the browser type including the version and language as well as the operating system
the referrer URL (previously visited page),
the IP address and the requesting provider.
Further information about the HTTP header can be found on Wikipedia as well as in the specification RFC 2616, there in chapter 14.
The aforementioned data serve the following purpose:
Technical connection establishment of the website
Evaluation of system security and stability
Administrative purposes
As of May 25, 2018, the legal basis for this data processing is Article 6 Paragraph 1 Clause 1 lit.f) GDPR. Our legitimate interest follows from the purpose of data collection listed above. We do not use the collected data to draw conclusions about your person.
contact
You can contact us via our website form, but also by phone, fax, e-mail and other means of communication. Your information is voluntary. With your information, we also process the time of the request and, for technical reasons, your data sent in connection with the means of communication, such as telephone number or e-mail address.
We process the data of your request in accordance with Article 6 Paragraph 1 Clause 1 lit. A) or f) on the basis of your voluntarily given consent.
We use the collected data for individual communication with you, for contract initiation and implementation. The personal data collected by us for the use of the contact form will be deleted after your request has been dealt with, at the latest after the statutory retention requirements have expired.
Please note in connection with e-mails: Despite our extensive technical and organizational measures to protect your data, communication by e-mail has security gaps. If you want to transmit confidential information, we advise you to use encrypted transmission.
Cookies
A cookie is a small data file that contains a string of characters and that is generated and stored on your device (e.g. desktop PC, smartphone or tablet) when you visit our website. A cookie can only contain the information that we send to your client; Further data on your device cannot be read out with it. With the help of these cookies, your device can be recognized - but not its user.
So-called session cookies contain a randomly generated, unique identification number. On the basis of this, our server can recognize which pages of the website the user has already visited during the respective "session". They are usually automatically deleted after the session has ended. Alternatively, the session ID can be saved on the server or transmitted in the Uniform Resource Identifier (URI). In contrast to session cookies, temporary cookies are stored on the client for a specific period of time. A previous visit to the website is recognized by the temporary cookie and the previous settings are retained.
Cookies serve the purpose of customizing the use of the website and the user profile. This means that settings that have already been made do not have to be re-entered when you visit the site again. However, they can also be used to statistically record the use of the website and to evaluate it for the purpose of optimization. The number of visitors to our website and the frequency with which the individual pages are accessed tell us whether there might be interest in further contributions of a similar type in the future.
The legal basis is Article 6 Paragraph 1 Clause 1 lit.f) GDPR. The data processed by cookies are necessary for the user-specific design of the website and for its optimization. Overriding interests or fundamental rights and freedoms of third parties are not evident. The use of cookies can be restricted and completely prevented in the security settings of your browser (such as Chrome, Firefox, Safari). Cookies can be deleted at any time. You can find information on this in the browser's accessibility features.
Analysis tools / tracking with Google Analytics 4
Our tracking measures are based on Art. 6 Para. 1 S. 1 lit. f GDPR. They serve the statistical recording of website visits and thus the needs-based design and continuous optimization of the website.
For this purpose, this website uses Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheater Parkway Mountain View CA 94043, USA (“Google”). This works by means of pseudonymised usage profiles and cookies. The latter contain information about your use of this website including
Browser type / version
operating system
Referrer URL (address of the previously visited website)
Host name of the accessing computer (IP address)
Time of the server request
This information about the use of the website is transmitted to a Google server in the USA and stored there. This allows the use of the website to be evaluated for the purposes of market research and needs-based design. The information is transferred to third parties if this is required by law or if third parties process this data on behalf of us. The IP address will not be merged with other Google data. For this purpose, the IP addresses are anonymized so that an assignment is not possible (IP masking).
The storage of cookies can be prevented by setting the browser. The collection of the data generated by the cookie and related to the use of the website (including the IP address) to Google as well as the processing of this data by Google can be done using the link below (https://tools.google.com/dlpage / gaoptout? hl = de) retrievable plugin can be prevented.
The collection by Google Analytics can also be prevented by clicking on the link below. An opt-out cookie is set to prevent the future collection of data when you visit the website on this terminal device, as long as the cookie is available on the terminal device; If you want to delete the cookie and continue to prevent Google Analytics, you have to set it again: https://tools.google.com/dlpage/gaoptout?hl=de
You can find more information on the terms of use and data protection at Google at: https://www.google.com/analytics/terms/de.html or at: https://www.google.com/analytics/learn/privacy.html .
We have concluded an order processing contract with Google. We implement the recommendations of the data protection authorities on the use of Google Analytics.
Rights as a data subject
Affected persons have the right
To request information about the personal data processed by us, Art. 15 GDPR. This includes information about the processing purposes, the category of personal data, the categories of recipients to whom data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal , the origin of the data, if they were not collected from us. You can also request information about the existence of automated decision-making including profiling and, if necessary, meaningful information on their details;
to immediately request the correction of incorrect or incomplete personal data stored by us, Art. 16 GDPR
to request the deletion of the personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims, Art. 17 GDPR;
to request the restriction of the processing of personal data if the accuracy of the data is contested, the processing is unlawful, but the person concerned refuses to delete it and we no longer need the data, but he or she needs it to assert, exercise or defend legal claims has lodged an objection to the processing in accordance with Art. 21 GDPR, Art. 18 GDPR;
to receive the personal data that the data subjects have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible, Art. 20 GDPR.
to revoke the consent given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent in the future, Art. 7 Para. 3 GDPR and
to complain to a supervisory authority, Art. 77 GDPR. As a rule, those affected can contact the supervisory authority of their usual place of residence or work or our office. The responsible supervisory authority is the state data protection officer of the federal state in which we are based. You can find their contact details under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
In the case of the processing of personal data on the basis of legitimate interests (Art. 6 Para. 1 Clause 1 lit. f) GDPR), data subjects have a right of objection. You can object to the processing of your personal data. There must be reasons that arise from their particular situation or the objection must be directed against direct mail, Art. 21 GDPR. In the latter case, data subjects have a general right of objection, which must be implemented without specifying a particular situation. An email to us is sufficient to exercise this right.
Data retrieval security
We use so-called TLS / SSL encryption for the security of data transmission. TLS stands for Transport Layer Security; it is also known by the acronym SSL for Secure Sockets Layer. You can access the website in encrypted form by placing the abbreviation https: // in front of the domain, such as https://staufer.de. You can recognize the encryption in most browsers by a symbolized lock in the browser bar. Please consult the documentation for your web browser.
The Hypertext Transfer Protocol Secure (https) stands in the English translation for "secure hypertext transfer protocol"; it is a technical communication protocol on the Internet for the use of the World Wide Web (www) or even just the web. This is used to call up electronic hypertext documents, the so-called websites.
Data protection declaration for the use of Facebook plugins (Like button) and Instagram
Plugins from the social network Facebook and Instagram (Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA) are integrated on our website. You can recognize the Facebook / Instagram plugins by the logo or the “Like” button on our website. You can find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/.
When you visit our website, the plug-in establishes a direct connection between your browser and the Facebook server or Instagram server. Facebook / Instagram receives the information that you have visited our site with your IP address. If you click the Facebook / Instagram “Like” button while you are logged into your account, you can link the content of our pages to your Facebook / Instagram profile. This enables Facebook and Instagram to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Facebook or Instagram. You can find more information on this in Facebook's data protection declaration at http://de-de.facebook.com/policy.php
If you do not want Facebook to be able to assign your visit to our website to your Facebook user account, please log out of your Facebook user account; the same applies to Instagram.
Google Maps
This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored by Google on servers in the United States. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit.f GDPR.
You can find more information on handling user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.
Google reCAPTCHA
I use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
The purpose of reCAPTCHA is to check whether data is entered on our website (e.g. in a contact form) by a person or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, length of stay of the website visitor on the website or mouse movements made by the user). The data collected during the analysis are forwarded to Google.
The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.
The data processing takes place on the basis of Art. 6 Para. 1 lit.f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.
For more information on Google reCAPTCHA and Google's privacy policy, see the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html .
Make an appointment online via Lemniscus
We offer patients the opportunity to book an appointment for our consultation hour online via our website and a portal. For this we use the service of the company eTermin (www.lemniscus.de)
In order to be able to use the service, it is necessary that you enter certain personal data and agree to Lemniscus' current privacy policy in the course of booking an appointment.
Important is:
The data you enter in the form will only be forwarded to Lemniscus for the purpose of making an appointment and for the transmission of information relevant to the appointment (e.g. an appointment reminder), where it will be processed and automatically transmitted to us.
A transfer of the data by eTermin to third parties for advertising or other commercial purposes is excluded. Please also note the Lemniscus privacy policy.