We, the operators of www.hno-berlin-dahlem.de, take the protection of your personal data very seriously and adhere strictly to the rules of data protection laws. Personal information is only collected on this website where technically necessary. At no time is the collected personal information sold or given out to third parties for any other reasons.

The practice owner is responsible for the collection and storage of the data. The operator's contact details can be found in the website's required legal notice.

The following statement provides an overview of how we guarantee this protection, what kind of data is collected, and for what purpose.

Definitions

The data protection declaration of the HNO-Facharztpraxis Daniel Osterland is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.

We use the following terms, among others, in this data protection policy:

• Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is anyone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Affected person:⁠A data subject is any identified or identifiable natural person whose personal data are processed by the controller.
• Processing: Any operation, or set of operations, which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• Restriction of processing: Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.
• Pseudonymisation:⁠Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
• Data controller or person responsible for processing: The data controller or the person responsible for processing means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by European Union or Member State law, the data controller or the specific criteria for its nomination may be provided for by EU or Member State law.
• Processor: A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller.
• Recipient: The recipient means a natural or legal person, public authority, agency or another body to which the personal data is disclosed, whether a third party or not. Public authorities which may receive personal data in the framework of a particular enquiry in accordance with EU or Member State law shall not be regarded as recipients.
• Third party: Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
• Consent: Consent is any statement of intent voluntarily and unambiguously given by the data subject in an informed and unambiguous manner in the form of a statement or other unambiguous confirming act that indicates to the data subject that they have consented to the processing of their personal data.

Data Processing on this Webpage.

Our website is used exclusively to provide information about our practice, our range of treatments and therapeutic options for various diseases. When you visit our website, only the data transmitted by your browser to our server is collected. This data is necessary so that you can view our website and navigate on it. The legal basis for the collection of the aforementioned data is Art. 6. 1 f) EU General Data Protection Regulation. In particular, the following data is collected when you visit our website:

• used browser types and versions,
• the operating system used by the accessing system,
• the website from which an accessing system reaches our website (known as a referrer),
• the subpages, which are accessed via an accessing system on our website,
• the date and time of access of the website,
• an Internet protocol address (IP address),
• the Internet service provider of the accessing system,
• other similar data and information used in the event of attacks on our information technology systems.

This general data and information does not allow us to draw any conclusions about the data subject. Rather, this information is needed

• to display the contents of our website correctly,
• to ensure the continuing functionality of our information technology systems and the technology of our website, as well as
• to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack.

This anonymously collected data and information is therefore evaluated by it statistically with the aim of increasing data protection and data security in our company, in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files is stored separately from all personal data provided by a data subject.

Legal or contractual requirements to provide personal data; necessity for the conclusion of the contract; obligation of the data subject to provide personal data; possible consequences of non-provision

We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information about the contract partner). In order to conclude a contract, it may sometimes be necessary for a data subject to provide us with personal data that we subsequently have to process. For example, the data subject is obliged to provide us with personal data when our company concludes a contract with them. Failure to provide personal data would mean the contract with the data subject could not be concluded.

Rights of Data Subjects

Every data subject has the right, granted by the European Directive and Regulations body, to demand confirmation of whether their personal data is being processed. If they wish to exercise this right, they may contact our data protection officer or any other employee tasked with the processing of such data at any time.

Every data subject has the right, granted by the European Directive and Regulations body, to obtain, at any time and free of charge, information from the data controller concerning any stored personal data relating to them as well as a copy of that information. Furthermore, the European regulator has granted the data subject the following information:

• he purpose of the processing
• the categories of personal data being processed
• the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organisations
• where possible, the planned period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
• the existence of a right to correct or delete the personal data concerning you or restrict its processing by the data controller or object to such processing
• the right to lodge a complaint with a supervisory authority
• if the personal data is not collected from the data subject: any available information about its source

Furthermore, as a data subject, you have a right to information as to whether your personal data has been transferred to a third party or to an international organisation. If this is the case, then data subjects have the right to obtain information about the security guarantees made in connection with the transfer.

If a data subject wishes to exercise this right to obtain information, they can contact any employee of the controller at any time.

Every data subject has the right, granted by the European Directive and Regulations body, to request the immediate correction of inaccurate personal data. Furthermore, taking into account the purposes of the processing, data subjects have the right to request that incomplete personal data be completed, including by means of a supplementary declaration.

If a data subject wishes to exercise this right to rectification, they may contact any employee of the controller at any time.

Every data subject has the right, granted by the European Directive and Regulations body, to demand the deletion of personal data without undue delay from the data controller, and the data controller shall have the obligation to delete this personal data without undue delay where one of the following grounds applies and so long as processing is not necessary:

• the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
• the data subject withdraws their consent to the processing in accordance with Art. 6 para. 1, point a) GDPR or Article 9, par. 2 point a) GDPR, and there is no other legal basis for such processing.
• The data subject shall, in accordance with Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for its continued processing or the data subject is entitled to submit an objection pursuant to Art. 21 para. 2 GDPR.
• Personal data has been unlawfully processed.
• The deletion of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
• The personal data has been collected in relation to services offered by an information collection company according to Art. 8 para. 1 GDPR.

If one of the above-mentioned reasons applies and a data subject wishes to have their personal data stored at HNO-Facharztpraxis Daniel Osterland deleted, they may contact our data controller or an employee of the data controller at any time. The data protection officer of the HNO-Facharztpraxis Daniel Osterland or another employee shall promptly ensure that the deletion request is complied with immediately.

If the personal data has been made public by the HNO-Facharztpraxis Daniel Osterland and if our company is responsible according to Art. 17 para. 1 GDPR for the deletion of personal data, the HNO-Facharztpraxis Daniel Osterland shall take appropriate measures, also of a technical nature, taking into account the available technology and the implementation costs, to inform other data processors who process the published personal data that the data subject has requested the deletion of all links to this personal data or of copies or replications of this personal data from these other data processors, insofar as the processing is not necessary. An employees of the HNO-Facharztpraxis Daniel Osterland will arrange the necessary measures in individual cases.

Every data subject has the right, granted by the European Directive and Regulations body, to demand the restriction of processing if one of the following conditions is met:

• the accuracy of the personal data is contested by the data subject, for a period enabling the data controller to verify the accuracy of the personal data.
• the processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead;
• The data controller no longer needs the personal data for the purposes of the processing, but they are required to by the data subject for the establishment, exercise or defense of legal claims.
• the data subject has objected to the processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the data controller outweigh those of the data subject.

If any one of the above mentioned conditions is fulfilled and a data subject wishes to request the restriction of personal data stored by HNO-Facharztpraxis Daniel Osterland, they can contact our data controller or an employee of the data controller at any time. The data protection officer of the HNO-Facharztpraxis Daniel Osterland or another employee will arrange the restriction of the processing. Every data subject has the right, granted by the European directive and regulations body, to receive personal data relating to them, and provided by them to a data controller, in a structured, current and machine-readable format. They also have the right to transmit this data to another party without hindrance from the data controller to whom the personal data was originally provided, provided that the processing is based on the consent provided for in Art. 6 para. 1, point a) GDPR or Article 9, par. 2 point a) GDPR or on the basis of a contract in accordance with Art. 6 para. 1 point b) GDPR and processing is carried out by means of automated procedures, except where such processing is necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the controller.

Furthermore, in exercising their right to data portability according to Art. 20 para. 1 GDPR, the data subject has the right to require that the personal data be transmitted directly from one controller to another as far as this is technically feasible and provided that this does not affect the rights and freedoms of others.

In order to assert the right to data portability, the data subject may at any time contact the data protection officer designated by the HNO-Facharztpraxis Daniel Osterland or another employee. Every data subject has the right, granted by the European directive and regulations body, to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out on the basis of Article 6, para. 1 point e) of f) GDPR for reasons that arise from your particular situation. The HNO-Facharztpraxis Daniel Osterland shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.

Every data subject has the right, granted by the European directive and regulations body, to withdraw his or her consent to the processing of his or her personal data at any time.

If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of the company.

Use of Cookies

In order to make your visit to our website more pleasant, and to enable you to use certain functions, we use cookies on certain pages. These are small text programs that are stored on your computer (in your browser) after visiting our website. If you subsequently visit our website again, the browser you use sends the information stored in the cookie to our website and can thus facilitate navigation, for example, because default settings are adopted. Cookies are not viruses and cannot install malware on the computer. They are only short texts that are exchanged between the web server and the browser. The following is a list of the types cookies used on this website:

• Transient cookies (temporary cookies)

  These cookies are only stored for the duration of the use of your browser. These store a session ID which assigns the various requests made by your browser during the joint session. This allows your computer to be recognised when you return to the website. As soon as you close the browser, these cookies are also automatically deleted.
• Persistent cookies (temporary cookies)
  These cookies differ from the transient cookies only in that they are not automatically deleted when the browser is closed, but only after a preset time. However, you can delete these cookies at any time via the settings of your browser.

In principle, they can configure the settings of their browser so that cookies are not accepted and stored at all or only to a limited extent by it. However, if you make use of this option, there may be restrictions on the use of our website.

COOKIE SETTINGS

Publication of amendments

Changes to the law or changes to our internal processes may necessitate an adaptation of this data protection statement. In the event of such a change, we will inform you at the latest six weeks before its entry into force. In general, you have a right of withdrawal with regard to your granted consent.

Please note that (unless you use your right of revocation) the current version of the data protection statement is the valid one.

Legal basis of the treatment

Art. 6 para. 1 point a) GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case (e.g.) with processing required for the delivery of goods or the provision of other services or consideration, processing is based on Art. 6 1 point b) GDPR. The same applies to such processing processes that are necessary to carry out pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation requiring the processing of personal data, e.g. the fulfilment of tax obligations, processing is based on Art. 6 para. 1 point c) GDPR. In rare cases, the processing of personal data may become necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured at our company and their name, age, health insurance data or other vital information had to be passed on to a doctor, a hospital or other third parties. Then the processing would be based on Art. 6 para. 1 point d) GDPR. Ultimately, processing operations could be based on art. 6 para. 1 point f) GDPR. Processing not covered by any of the aforementioned legal bases is based on this provision insofar as processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not take priority. We are permitted to carry out such processing procedures because they have been specifically mentioned by the European legislator. In this respect, a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, clause 2, GDPR).

Legitimate interests in processing pursued by the controller or by a third party

If the processing of personal data is based on Art. 6 para. 1 point f) GDPR, our legitimate interest is to conduct our business for the benefit of all of our employees and our shareholders.

Duration for which the personal data will be stored

The criterion used to determine the period of storage of personal data is the respective statutory retention period. After the deadline, the corresponding data will be routinely deleted if it is no longer required to fulfil the contract or for initiating a contract.

The controller or your contact person

If you have questions about the collection, processing or use of your personal data, the disclosure, correction, blocking or deletion of data and if applicable revocation of permission granted, or objection to a particular use of the data. The operator's contact details can be found in the website's required legal notice.

Data protection for applications and in the application procedure

The controller collects and processes the personal data of applicants for the purpose of handling the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends corresponding application documents to the controller by electronic means, for example by e-mail or via a web form on the website. If the person responsible concludes an employment agreement with an applicant, the data transmitted shall be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the data controller does not conclude an employment contract with the applicant, the application documents shall be automatically deleted within two months, provided that no other legitimate interests of the data controller preclude deletion. Other legitimate interests in this sense are, for example, a burden of proof in proceedings under the German General Equal Treatment Act (AGG).

Additional information

Your trust is important to us. This means we are happy to talk to you at any time and answer questions relating to the processing of your personal data. If you have any questions about data protection that are not answered in this data protection statement or if you want more in-depth information, please contact the operator of this website. The operator's contact details can be found in the website's required legal notice.

Use of Google (Universal) Analytics for Web Analytics

This website uses Google Analytics, a web analysis service of Google Ireland Limited (“Google”). Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable the analysis of your use of the website. The information generated by the cookie about your use of the website will be generally transmitted to and stored by Google on a server located in the United States. IP anonymisation is activated on this website. Thus your IP address will be truncated by Google within the member states of the European Union or in other member states to the agreement, throughout the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage. More information:  HTTPS://SUPPORT.GOOGLE.COM/ANALYTICS/ANSWER/2763052?HL=DE..

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly. You can also prevent data generated by cookies, about your use of the website (incl. your IP address), from being transferred to Google, and the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent the collection of your data by Google Analytics by clicking on the following link. This sets an opt-out cookie which will prevent the future collection of your data when visiting this website:

Further and more detailed information on terms of use and data protection can be found at https://www.google.de/analytics/terms/de.html or at https://www.google.de/intl/de/policies/.

Please note that on this website, Google Analytics code is supplemented by “gat._anonymizeIp();” to ensure an anonymised collection of IP addresses (so called IP-masking).

Use of Google Maps

Our website uses Google Maps to display maps and directions to our locations.

Google Maps is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

By visiting the website, Google receives the information that you have accessed in the corresponding page of our website. This happens regardless of whether you are logged into Google or not. If you are logged into Google, the information you enter will be directly associated with your account. The data can be processed in the USA. If you do not want this, you must log out before using the service. By using this service, you consent to the collection, processing and use of the data automatically collected and the data you entered by Google, its agents or a third party. For the Terms of Service for Google Maps, see Nutzungsbedingungen für Google MapsDetailed details can be found at google.de: Transparency and choice as well as DatenschutzbestimmungenYou must exercise your right of objection directly with Google. Using your browser settings, you can disable the Google Maps service (disabling the JavaScript in the browser). They will then no longer be usable.

Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

When you call up a page of our website that contains a social plugin, your browser makes a direct connection with Google servers. Google is therefore aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and appealing presentation of our website. This constitutes a legitimate interest pursuant to Art. 6 para. 1 point f) of the GDPR.

If your browser does not support web fonts, a standard font is used by your computer.

Further information about the handling of user data can be found at https://developers.google.com/fonts/faq and in Google's privacy policy at: https://www.google.com/policies/privacy/.