We also provide information about the purpose and the legal basis of processing data and the rights you – as a visitor of this website – have got in relation to the personal data we hold about you.
This policy is intended to be communicated to you in a concise, transparent, intelligible and easily accessible manner, but we appreciate that you may have queries or want to seek clarification as to its terms. If so, please contact us.
Our contact details can be found at the end of this document.
NOTE: In this notice, terms defined in the EU-GDPR (EU General Data Protection Regulation 2016/679) including “Verantwortlicher” – responsible party, “Betroffener” – person concerned, “personenbezogene Daten” – personal data, “Verarbeitung” – processing have the same meaning when used in this notice.
The full test of the EU-GDPR can be found for example under https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:02016R0679-20160504.
Processing of personal data
One aim of our web site is to inform you about our range of services, to ensure that you can easily contact us and to give you access to our services. In addition we may process personal data as part of our online service for other purposes, which will be stated in this declaration of data protection.
Accessing our online service
To ensure that contents retrieved by you from our online service (i.e. pictures, text, documents) are transferred to your computer, we record and save the IP address assigned to your computer at the time of retrieval. The legal basis for this is Art. 6, para. 1 EU-GDPR. We also use the data for protection against improper use and for the investigation of associated criminal offences and refer in this case to Art. 6, para. 1 lit f. (Our legitimate interest in this case: the guarantee of a proper processing of data and the availability of our online service).
Other purposesIf you give us personal data (names, addresses, contact data) as part of an inquiry, a booking or an order, they will be used exclusively for the processing of this inquiry, to give you an offer you requested or to complete a resulting contractual relation. The legal basis for this processing is Art. 6, para. 1 lit b EU-GDPR. Without the availability and the processing of such data, dealing with your inquiry, booking or order would not be possible.
Nevertheless you can withdraw the consent of the processing of your data if in an individual case processing is based on your consent (Art. 6, para. 1 lit a EU-GDPR). The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Date transfer to third parties
We only transfer your personal data to other persons or companies (processors or third parties) or allow them access to your data on the basis of a legal permission. This may be due to the fulfilment of a contract (Art. 6, para. 1 lit b EU-GDPR), a permission given by you (Art. 6, para. 1 lit a EU-GDPR), a legal obligation (Art. 6 para. 1 lit c EU-GDPR) or our legitimate interest (Art. 6, para. 1 lit f EU-GDPR). Examples would be companies providing web hosting services, email-marketing, software design or companies providing customer services or process orders.
If we instruct third parties to process your data, it will be on the basis of a contract to process orders based on Art. 28 EU-GDPR. We choose such service companies with care and verify their compliance with data protection regularly. When transferring data we take precautions to ensure that no-one except the service provider commissioned by us receives your personal data. Such providers are bound by their contract to use your data exclusively according to instructions and the current version of privacy standard. It is prohibited that they use your data in any other way.
We do not sell your data to third parties and do not commercialise them.
Transmissions of data to third countries
If we process data in a third country (that is outside the European Union or the European Economic Area) or if this happens in the context of using service providers or of disclosure or transmission of data to third parties, we ensure that it happens solely within the scope of the above mentioned legal permissions. This will usually be the case when (pre-)contractual obligations have to be fulfilled, on the basis of your permission, because of a legal obligation or on the basis of our legitimate interest.
We also make sure that we process personal data in a third country only when certain conditions are guaranteed according to Art. 44 ff EU-GDPR, particularly special guarantees, such as the ascertainment that the level of data protection corresponds to the standard of the European Union. This also includes the compliance with officially recognized contractual obligations (standard contract clauses of the European Union).
Security of data processing
We use technical and organizational security measures to ensure that the personal data you provided are protected against accidental or intentional manipulation, loss, destruction or unauthorised access by third parties. We demand the same precautions on a contractual basis of our service providers, who may have or get into contact with your personal data.
Insofar as our online services permit you to provide us with personal data (e.g. contact form), transmission takes place using strong encryption.
Standard periods for deletion of data
We routinely delete personal data when legal obligations to retain data have expired. If your personal data are not affected by such obligations, they will be deleted or anonymised when the purpose necessary for storage according to this privacy statement ceases to apply. If this privacy statement does not contain other and different provisions concerning the storage of data, data collected by us will be retained for the time it is necessary to process the required purposes.
Recognition and prosecution of misuse
Information to detect and prosecute misuse, especially your IP-address that is collected when you access information from our online services, will be stored for a maximum of seven days, based on Art. 6, para. 1 lit. f EU-GDPR. Our legitimate interest here is the flawless operation of our online services and the defence against misuse and attacks on our online services.
Temporal cookies (so-called session cookies) are in general of fundamental importance for the function of this web site. Examples include the allocation of anonymous session-IDs to bundle several enquiries to a web server or the error-free function of registrations and ordering. Such temporal cookies are automatically deleted after each visit. Other (persistent) cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser the next time you visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases or generally exclude them as well as the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
If you do not wish for cookies to be stored on your device, the toolbar on your browser will have a feature to tell you how to stop accepting new cookies and how to disable any existing cookies.
Your rights regarding the processing of personal data
Right of access
You have the right to enquire whether we process any of your personal data. If so, we have to inform you in accordance with Art. 15, para. 1 EU-GDPR about
- the intended purpose of the processing
- the categories of personal data, that we process
- the recipient or categories of recipients to whom personal data were disclosed or will be disclosed, especially with recipients in third countries or international organisations
- if possible the planned duration we intend to keep your personal data or, if that is not possible, the criteria of determining the duration
- the existence of a right of correction or deletion of your personal data or of restriction of further use by the responsible party or a right to object to this use.
- The existence of a right of appeal to a supervisory authority
- If personal data have not been collected from you, all available information about the source the information came from
- The existence of a automatic decision-making including profiling in accordance with Art. 22, para 1 and 4 EU-GDPR and – at least in these cases – conclusive information about the logic involved and the significance and the desired effect of this processing for you as the party involved.
The information has to be provided by us within one month of receiving your request. Please note that we may need proof of your identity to be able to fulfil your right to information.
Right to correction of incorrect data
Should the personal data concerning you be incorrect, you have the right that we correct it immediately (Art. 16 EU-GDPR).
Right of deletion
In certain cases you have the right to immediate deletion of your personal data. This would be the case for example, if the personal data are no longer necessary for the purpose they have been collected, if you have withdrawn a consent necessary for the processing of such data or when other reasons exist, so that there is no necessary legal basis for the processing of your personal data.
Insofar that you have raised objections against the processing of personal data and no primary reasons for processing your personal data exist, the data also have to be deleted.
In case of direct advertising the data have to be deleted in any case, if you have raised objections against the processing. Further details follow from Art. 17 EU-GDPR.
Right to request a restriction of processing
In certain circumstances you have the right to request a restriction of processing of your personal data (Art. 18 EU-GDPR). An example would be if the processing of your data by us is not lawful, but you do not want your data erased and request instead a restriction of their use. Processing will also be restricted while we investigate whether our legitimate interests for processing outweigh your opposition.
Right to data transmission
According to Art. 20 EU-GDPR you have the right to access your data processed by us based on your consent in a standard, structured, machine-readable format or to transfer them to a third party, e.g. another service provider. This requires however, that the processing of data is based on a consent or a contract and is done by an automated procedure.
Right of objection
According to Art 21 EU-GDPR you have the right to file an objection regarding the processing of your personal data, if reasons exist from your particular situation, as far as data are concerned that are based on Art. 6, para. 1 lit e or f EU-GDPR. This applies also to profiling which is based on the above mentioned regulations. In this case we will stop processing your data, as long as we cannot prove that we have compelling and overriding reasons for the processing, which outweigh your interests, rights and liberties, or when processing is necessary for assertion, execution or the defence of legal claims.
If you would like to contact us regarding your existing rights you can contact us in writing or by email. Our address can be found at the end of this document.
Right of appeal to a supervisory authority
In case of concerns or complaints about the processing of personal data, you have the right to appeal to the competent supervisory authority. The competent supervisory authority in our case is:
Die Landesbeauftragte für den Datenschutz Niedersachsen
Telefon: (0511) 120-4500
Telefax: (0511) 120-4599
When contacting us (via contact form, email, telephone or social media) the personal data you give us will be used to process and answer your contact request acc to Art 6, para. 1 lit b EU-GDPR.
There will be no transfer of personal data to third parties, unless this is necessary to process the request and therefore covered by permission according to Art. 6, para. 1, lit b EU-GDPR.
The collected customer data will be deleted when processing is no longer required, which we will re-evaluate every two years. Legal retention periods remain unaffected.
For the provision of our online services we use hosting services provided by an external service provider. In this connection we, i.e. our service provider, processes inventory data, contact data, context data, contract data, usage data, metadata and communication data provided by our customers, interested persons and visitors of our online services. This is done on the basis of our legitimate interest of an efficient and secure provision of our online services based on Art. 6, para. 1 lit f EU-GDPR.
We have made an agreement with our relevant service provider to process the contact data acc to Art. 28 EU-GDPR and therefore guarantee, that data protection will be implemented by the service provider, too.
Collection of access data and server log files
We or the host provider automatically collects protocols and statistics in so-called server log files, which your browser automatically transmits to us. These include: Name of the web site accessed, file, date and time of the request, transferred amount of data, report of successful request, browser type and version, the used operating system, Referrer URL, IP address and the requesting provider. The legal basis for this processing is Art. 6, para. 1 lit f EU-GDPR. Our legitimate interest is the fault-less provision of our online-service as well as to investigate fraudulent use and legal offence.
The aforementioned information will be stored for security reasons (e.g. to investigate misuse or fraudulent use) for a maximum of 7 days and will then be deleted or completely anonymised. Data that are required for evidentiary purposes are exempt from deletion until final clarification of the respective incident.
Online presence in social media
We are present on-line on social networks and platforms to be able to communicate with clients, interested persons and users and to present information about our services. When visiting the respective social networks and platforms their terms and conditions as well as their guidelines for data processing apply.
Integration of third party services and contents
Within our online-services we use content- or service offers of third party providers to integrate their contents or services e.g. videos or fonts. It is a necessary requirement to transfer the IP-address of visitors to our web site to those third party providers as it would otherwise be impossible for them to send those contents to our visitor´s browsers. To depict those contents the IP-address is therefore required. Legal basis for this transfer is our legitimate interest to analyse, optimise and operate our online services economically. According to Art. 6, para. 1 lit. f EU-GDPR.
We aim to use only contents, whose providers use the IP-address merely for the delivery of contents. Third party providers can – depending on offers – use so-called pixel-tags (invisible graphics) for statistical or marketing purposes. Through pixel-tags usage information regarding our online services will inevitable be also transferred. Pseudonymous information can furthermore be stored as cookie on the appliance used by you. Such cookies can contain among other information technical information of browser and software operating system used, referring websites, visiting time and further information on the use of our online services. They can also be linked with information from other sources at third party providers.
Arranging appointments via Terminland.de
Google Web Fonts
This site uses so-called Web Fonts for the uniform representation of fonts, provided by Google LLC, 1600 Amphitheatre Parkway Mountain View CA 94043, USA (“Google Fonts”). When you request a page, your browser loads the required web font into your browser cache to display texts and fonts correctly.
To do this, the browser you use must connect to Google´s servers. As a result, Google learns that our website has been accessed via your IP-address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6, para. 1 lit f, EU-GDPO.
If your browser does not support web fonts, a default font will be used by your computer.
Options to opt-out: https://adssettings.google.com/authenticated.
Tierarztpraxis Dr. Andrea Runge
Dr. Andrea Runge
Geismar Landstr. 68
Telefon: (0551) 30679960