We appreciate your interest in our practice website. Protecting your personal data is of particular importance to us. The use of our website is generally possible without providing any personal data. However, if you wish to use certain services offered on our website, processing of personal data may become necessary. If there is no legal basis for such processing, we will obtain your consent in advance.
The processing of personal data, such as name, address, e-mail address, or telephone number, is always carried out in accordance with the General Data Protection Regulation (GDPR) and the data protection laws applicable in the state of Hesse. With this privacy policy, we aim to inform the public about the nature, scope, and purpose of the personal data we collect and process. We also inform you about your rights in this regard.
Our practice has implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed through our website. Nevertheless, internet-based data transmissions can always present security risks, so absolute protection cannot be guaranteed. You may also choose to transmit personal data to us through alternative means, such as by telephone.
1. Definitions
This privacy policy is based on the terminology used by the GDPR. For better understanding, we explain the key terms below:
- Personal data: Any information relating to an identified or identifiable natural person.
- Data subject: Any individual whose personal data are processed.
- Processing: Any operation performed on personal data, such as collection, storage, use, or deletion.
- Restriction of processing: Marking stored data to limit their future processing.
- Profiling: Automated processing of personal data to evaluate certain personal aspects.
- Pseudonymization: Processing of data in such a manner that they can no longer be attributed to a specific person without additional information.
- Controller: The person or entity determining the purposes and means of processing personal data.
- Processor: A person or entity processing data on behalf of the controller.
- Recipient: A person or entity to whom personal data are disclosed.
- Third party: Any person or entity other than the data subject, controller, processor, or their employees.
- Consent: A freely given, specific, informed, and unambiguous indication of the data subject’s agreement to the processing of their personal data.
2. Controller
General Medicine Dorina Lisha
Dreiherrnsteinplatz 16, 63263 Neu Isenburg
Tel.: 0610253735
E-mail: praxis-lisha@gmx.de
Controller according to the GDPR: Ms. Dorina Lisha
3. Collection of general data
When our website is accessed, general data are automatically collected, such as:
- Browser type and version
- Operating system
- Accessed subpages
- Date and time of access
- IP address
- Internet service provider
These data are stored in log files, analyzed anonymously, and not combined with personal data. They serve to ensure the proper functioning of the website, optimize content, ensure security, and assist law enforcement in case of cyberattacks.
4. Google Maps
We use Google Maps to display our practice location. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
When the map is loaded, a connection to Google’s servers is established. This may result in data such as your IP address being transmitted to Google.
Google may also transfer this data to the United States.
Further information: https://policies.google.com/privacy
5. Routine deletion and blocking of data
Personal data will be stored only for as long as necessary for the purpose for which they were collected or as required by law. After the relevant retention periods expire, the data will be deleted or blocked.
6. Rights of the data subject
You have, among others, the following rights:
- Confirmation as to whether personal data are being processed
- Access to stored personal data
- Rectification of inaccurate data
- Erasure (“right to be forgotten”)
- Restriction of processing
- Data portability
- Objection to processing or direct marketing
- Withdrawal of consent
To exercise these rights, please contact us at [Insert e-mail address].
7. Legal basis for processing
- Art. 6(1)(a) GDPR – Consent
- Art. 6(1)(b) GDPR – Contract performance
- Art. 6(1)(c) GDPR – Legal obligations
- Art. 6(1)(f) GDPR – Legitimate interests
8. Data protection authority
The Hessian Commissioner for Data Protection and Freedom of Information
P.O. Box 3163, 65021 Wiesbaden, Germany
Website: https://datenschutz.hessen.de
9. Changes
We may update this privacy policy from time to time. Please review the current version regularly on our website.