Radiology Practice

Dresden – Radebeul

Privacy Policy

The legally binding version of the privacy policy is the German text.

1. Content responsible

Radiology Practice Dresden – Radebeul

Address: Wurzener Str. 5, 01127 Dresden
Telephone: 0351/811550
E-Mail: praxis@radiologie-radebeul-dresden.de

Shareholders: Dr. med. Lutz Schauerhammer, Dr. med. Peter Aikele, Dr. med. Steffen Haupt, Dr. med. Sabine Binder, Dr. med. Jost Kopp

2. Data Protection Officer

TT Datenschutz GmbH

Thomas Töpfer
Address: Karl-May-Str. 12, 01445 Radebeul
E-Mail: kontakt@tt-datenschutz.de,

3. Introduction and Purposes of Processing

Data processing is carried out in accordance with legal requirements in order to fulfill the treatment contract between you and your physician, as well as the associated obligations. For this purpose, we process your personal data (including address information, telephone numbers, and, if applicable, email addresses), in particular your health data. This includes medical histories, diagnoses, therapy recommendations, and diagnostic reports collected by us or other physicians. Other physicians or psychotherapists involved in your care may also provide us with data for these purposes (e.g., in referral letters). The collection of health data is a prerequisite for your treatment. If the necessary information is not provided, proper and careful medical care cannot be ensured.

4. Legal Basis for Processing

The legal basis for processing your data is Article 9(2)(h) of the GDPR in conjunction with Section 22(1)(1)(b) of the German Federal Data Protection Act (BDSG), available online at https://dejure.org/gesetze/DSGVO

5. Categories of Recipients

We only transmit your personal data to third parties if this is legally permitted or if you have given your consent. Recipients of your personal data may include other physicians or psychotherapists, Associations of Statutory Health Insurance Physicians, health insurance funds, the Medical Service of Health Insurance, medical associations, private billing offices, and professional associations (e.g., Berufsgenossenschaften). Data transmission primarily occurs for the purpose of billing services rendered, clarifying medical issues, or questions arising from your insurance coverage. In individual cases, data may also be transmitted to other authorized recipients.

6. Storage Period

We retain your personal data only for as long as is necessary to carry out your treatment.
Due to legal requirements, we are obliged to retain this data for a minimum of 10 years following the completion of treatment. Other regulations may require longer retention periods, for example, 30 years for radiological records in accordance with Section 28(3) of the German X-Ray Ordinance.

7. Your Rights

You have the right to obtain information about the personal data concerning you and to request the correction of any inaccurate data. In cases where personal data is processed for the performance of tasks carried out in the public interest (Art. 6(1)(1)(e) GDPR) or for the pursuit of legitimate interests (Art. 6(1)(1)(f) GDPR), you may object to the processing of your personal data at any time with effect for the future (Art. 21 GDPR). In the event of such an objection, we will cease any further processing of your data for the stated purposes unless there are compelling legitimate grounds for processing that override your interests, rights, and freedoms, or unless processing is necessary for the establishment, exercise, or defense of legal claims. If you have given consent to the processing of your personal data, you may withdraw this consent at any time with effect for the future (Art. 7(3) GDPR). Such a withdrawal will only affect processing from that point onward; any processing that has already taken place prior to the withdrawal remains unaffected.

8. Consent for Data Processing

If the processing of your data is based on your consent, you may withdraw this consent at any time with effect for the future (Art. 7(3) GDPR).

9. Right to Lodge a Complaint

You have the right to lodge a complaint with the competent data protection supervisory authority if you believe that the processing of your personal data does not comply with the GDPR. The responsible supervisory authority is: Saxon Data Protection Officer.

10. Requirements for Data Provision

We only provide your data to other healthcare providers or persons designated by you in writing, or as required by law, for example, for transmission to professional associations or health insurance funds, based on your explicit authorization.

11. Automated Decision-Making

No automated decision-making takes place.

12. Homepage

The website serves informational purposes. Your IP address is transmitted during your visit and can be traced; however, no personal data is processed in connection with the website. We do not use our own cookies, and no logging or recording of access takes place.

We use Google Maps to display our locations. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you use this service, your IP address is transmitted to Google and a cookie is stored as soon as you access Google Maps. If you wish to object to the processing of your data by Google, this is possible at http://www.google.de/intl/de/policies/privacy

13. Hosting

We host our website with our service provider 1&1 IONOS, 1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.

Connection data is processed for the purpose of providing and delivering the website. For the sole purpose of delivering and providing the website, the data is not stored beyond the duration of the access.

The legal basis for processing this data is our legitimate interest (absolute technical necessity to provide and deliver the service “Website” explicitly requested by you) in accordance with Art. 6(1)(f) GDPR.

For the operation of the website, connection data and other personal data are additionally processed as part of various other functions or services. Details regarding this processing are provided within this privacy policy for each specific function or service.

14. Server Log Files

Connection data is processed for the purpose of monitoring technical functionality and enhancing the operational security of our web host. The retention period for this data is limited to 60 days.

The legal basis for processing this data is our legitimate interest (absolute technical necessity of server log files as a fundamental data basis for error analysis and security measures in connection with the service “Website” explicitly requested by you) in accordance with Art. 6(1)(f) GDPR.

15. Contact Form / Appointment Scheduling

Our website provides the option to contact us directly via a contact form. Upon submission of the form, the personal data you provide is processed by the controller for the purpose of handling your inquiry, based on the consent you have given by submitting the form in accordance with Art. 6(1)(a) GDPR, until such consent is revoked. There is no legal or contractual obligation to provide personal data. Failure to provide the requested data will only result in your inquiry not being transmitted and therefore not being processed.

16. Security Services

On this website, we use security services such as CAPTCHA to prevent non-human and automated inputs.

Google reCAPTCHA

If you have given your consent, we process your personal data together with the service Google reCAPTCHA, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as joint controllers, for the purpose of preventing non-human and automated inputs. In this process, we enable the service to set cookies, collect connection data and data from your web browser, and calculate a user ID to uniquely identify the user within the Google advertising network. Data is stored on your device for up to two years.

The legal basis for processing this data is your consent in accordance with Art. 6(1)(a) GDPR. If you do not provide consent, the use of reCAPTCHA and the associated forms will not be possible.

You can withdraw any consent you have previously given by adjusting your privacy settings.

The Google Group transfers your personal data to the USA. The legal basis for this data transfer is your consent in accordance with Art. 49(1)(a) in conjunction with Art. 6(1)(a) GDPR and §25 TTDSG. You were informed prior to giving your consent that the USA does not provide a level of data protection equivalent to EU standards. In particular, U.S. intelligence agencies may access your data without being required to inform you and without you being able to take legal action. For this reason, the European Court of Justice has declared the former adequacy decision (Privacy Shield) invalid.

17. Web Fonts

Adobe Fonts

We process connection and browser data with our service provider Adobe Fonts, Adobe Systems Software Ireland Limited, Citywest Business Campus, Dublin 24, Ireland, for the purpose of providing the fonts required by the web browser to display the website. This data is processed only for the duration necessary to select and deliver the fonts.

The legal basis for processing this data is our legitimate interest (absolute technical necessity to provide and deliver the service “Website” explicitly requested by you) in accordance with Art. 6(1)(f) GDPR.

To the extent that Adobe Fonts independently processes data beyond this, Adobe Fonts is solely responsible. Details can be found in the Adobe Fonts privacy policy.

Font Awesome

We process connection and browser data with our service provider Font Awesome, Fonticons, Inc., 6 Porter Road, Apartment 3R, Cambridge, MA 02140, USA, for the purpose of providing the fonts required by the web browser to display the website. This data is processed only for the duration necessary to select and deliver the fonts.
The legal basis for processing this data is our legitimate interest (absolute technical necessity to provide and deliver the service “Website” explicitly requested by you) in accordance with Art. 6(1)(f) GDPR.

To the extent that Font Awesome independently processes data beyond this, Font Awesome is solely responsible. Details can be found in the Font Awesome privacy policy.

Fonts.com

We process connection and browser data with our service provider Fonts.com, Monotype GmbH, Werner-Reimers-Straße 2–4, 61352 Bad Homburg, Germany, for the purpose of providing the fonts required by the web browser to display the website. This data is processed only for the duration necessary to select and deliver the fonts.

The legal basis for processing this data is our legitimate interest (absolute technical necessity to provide and deliver the service “Website” explicitly requested by you) in accordance with Art. 6(1)(f) GDPR.

To the extent that Fonts.com independently processes data beyond this, Fonts.com is solely responsible. Details can be found in the Fonts.com privacy policy.

18. Right of Withdrawal

You have the right to withdraw any consent you have previously given at any time.

In the case of consent to receive electronic advertising, you can withdraw your consent by clicking the unsubscribe link. In this case, processing will be stopped, provided no other legal basis for processing exists.

The lawfulness of the data processed prior to the withdrawal is not affected by the withdrawal.

19. Data Subject Rights

You also have the right to access, rectify, erase, and restrict the processing of your personal data.

If the legal basis for processing your personal data is your consent or a contract concluded with you, you also have the right to data portability.

You also have the right to lodge a complaint with the supervisory authority. Further information on supervisory authorities in the European Union can be found here.

Your Practice Team