This Regulation lays down rules relating to the protection of natural persons regarding the processing of personal data and rules relating to the free movement of personal data when using our website. Personal data is all data which refer to you in person (e.g. name, address, e-mail address, user behaviour, IP address).
Name and contact data of the processor as well as the operative data protection officer according to article 4 paragraph 7 GDPR
This data protection information is valid for the data processing by:
Data security officer
Geschäftsführer der ASWR Digitalberatung GmbH & Co.KG
Safety and protection of your personal data
It is our foremost aim and duty to protect your personal data with which you entrusted us and to protect you from unauthorized access. Therefore, we are very careful and use the most modern safety standards in order to guarantee maximal protection of your personal data.
As a private-law company, we are subject to the regulations of the European GDPR and the regulations of the federal data protection law (BDSG). We have applied technical and organizational measures which ensure that the data protection regulations are observed by us and also by our external service providers.
Our Legislature demands that personal data is processed according to law, in good faith and in a comprehensible manner for the person in question ("lawfulness, processing in good faith, transparency"). In order to guarantee this, we inform you of the single legal terminologies that are also used in this GDPR:
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
restriction of processing
‘restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.
‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
‘pseudonymization’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
‘filing system’ means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Lawfulness of processing
Processing shall be lawful only if there is a legal basis for processing and to the extent that at least one of the following applies (according to article 6 1 lit a-f GDPR):
- the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Information on the collection of personal data
(1) In the following, we inform you of the collection of personal data when using our website. We collect, store, use, transfer or delete the following personal data:
- Persons interested in our website and patients of our practice, who are natural persons
- all other natural persons who are in contact with our practice (e.g. agents of patients, legal guardians of patients, employees of legal entities, visitors of our website)
Personal data are e.g. name, address, e-mail address, user behaviour. We process personal data only if this is necessary for the allocation of this website as well as that of the contents and services we offer.
(2) If you contact us by telephone, e-mail or contact form, we store the provided data (your e-mail address, if necessary name and telephone number) in order to answer your questions. Data in this connection is deleted when storing is no longer necessary or processing is limited if there are legal record retentions. For third parties, this data is not made accessible.
(3) Data of children is only collected if these children are presented in our practice by their legal guardians.
(4) If we intend to revert to assigned service provider for single functions on our website or if we intend to use your data for marketing purposes, we will inform you of the procedure in detailed manner below.
Collection of personal data when visiting our website
If you just visit our website in order get information (if you do not register or transfer information in any other way), we only collect the data that is transferred to our server by your browser. If you just want to have a look at our website, we only collect the data that are technically necessary in order for us to show you our website and to guarantee stability and safety (legal basis article 6, paragraph 1. p 1 lit f GDPR)
- IP address
- Date and time of query
- Time zone difference to Greenwich Mean Time (GMT)
- Contents of query (specific webpage)
- Status of access / HTTP status code
- Data quantity transferred
- Website from which the query comes from
- System software and its surface
- Language and browser software version
You have the following rights with regard to your data stored by us:
- Right to rectification and erasure
- Right to information
- Right to restriction of processing
- Right to data portability
- Right to object to processing
You have the ability to file a complaint in connection with data processing to the data protection authority responsible for us:
Der Bayerische Landesbeauftragte für den Datenschutz
Dr. Thomas Petri
Postfach 22 12 19
Rights of the data subject
(1) The data subject shall have the right to obtain confirmation as to whether or not personal data concerning him or her are being processed, and further information and a copy of the data according to Art. 15 GDPR
(2) The data subject shall have the right according to Art. 16 GDPR to completion of the personal data concerning him or her or the rectification of inaccurate personal data concerning him or her
(3) The data subject shall have the right according to Art 17 to erasure of the data concerning him or her without delay and/or to demand restriction of processing the data according to Art. 18 GDPR
(4) The data subject shall have the right to access the data concerning him or her disclosed to us according to Art. 20 GDPR and to demand transfer thereof to other controllers.
(5) The data subject shall have the right to file a complaint with the responsible supervising authority
Right of cancellation
The data subject shall have the right to cancel his or her consent according to Art 7 GDPR, effective for the future
Right of objection
According to Art. 21 GDPR, the data subject shall have the right to object to future processing data concerning him or her at any time. This objection may be carried out particularly against processing for direct marketing purposes.
(1) In addition to the data mentioned above, cookies are also stored on your computer when using our website. Cookies are little text data files that are stored on your hard disk attributed to the browser you use and by which the place which set the cookie is provided with certain information. Cookies cannot execute programmes or transfer virus onto your computer. They are simply for making the internet offer more user-friendly and more efficient as a whole.
(2) This website uses the following kinds of cookies which are explained by extent and functioning as follows:
- transient cookies (see 1.)
- persistent cookies (see 2.)
- transient cookies are automatically deleted if you shut the browser. Here, these are so-called session cookies in particular. These store a so-called session ID with which various queries of your browser may be assigned to the common session. By this, your computer may be recognized when you return to our website. Session cookies are deleted when you log out or shut the browser.
- persistent cookies are automatically deleted after a given period of time, which may vary from cookie to cookie. You may delete the cookies in the security settings of your browser any time.
You may configure your browser settings according to your requirements and, e. g., deny the acceptance of third party cookies or all cookies. So-called “third party cookies” are those which were set by a third party, so not by the actual website that you are currently on. We inform you that by deactivating cookies, you may not be able to make full use of this website’s functions.
Server log files
The provider of the website automatically collects and stores information in so-called server log files which your browser automatically transfers to us. These are the following:
- browser type and version
- operating system used
- referrer URL
- host name of the accessing computer
- time of server query
This data cannot be assigned to certain persons. This data will not be connected with other data sources. We reserve the right to check this data later, if we have concrete indication for an illegal use.
This website uses SSL for security reasons and for the protection of confident content transfer, such as queries you send us as website provider. You may recognize an SSL connection that the address line of the browser changes from http:// to https:// and from the lock symbol in your browser line.
If SSL is activated, third parties cannot read data that you send us.
Using Google Analytics
(1) This website uses Google Analytics, a web analyst service of Google Inc. (“Goggle”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable analysis of your use of the website. Information on your use of this website obtained via this cookie are usually transferred to a Google server in the US and stored. In case IP anonymization is activated on this website, your IP address is condensed within the Member States of the EU and other contractual States of the European Economic Area by Google. Only in exceptional cases is the full IP address transferred to a Google server in the US and condensed there. By order of the operator of this website, Google uses this information in order to assess your use of the website, to compose reports on the website activities and to offer further services in connection with the website and internet use concerning the website operator.
(2) The IP address transferred by your browser from Google Analytics is not connected to other Google data.
(3) You may prevent storage of cookies by corresponding settings of your browser software; however, we inform you that in this case, you may not be able to make full use of all functions of this website. Moreover, you may prevent Google’s collection of data created by cookies and referring to your use of the website (incl. your IP address) as well as Google’s processing thereof by downloading and installing the following browser plug-in link: http://tools.google.com/dlpage/gaoptout?hl=de.
(4) This website uses Google Analytics with the extensions “_anonymizelp()”, by which IP addresses are processed in condensed form, any personal reference is excluded. So if there is a personal reference by data collected from you, it is immediately removed and the personal data is deleted without delay.
(5) We use Google Analytics in order to analyze and improve the use of our website regularly. By these statistics, we are able to improve our offer and to design it in a more interesting manner for you as user. In exceptional cases in which personal data is transferred to the US, Google is subject to EU-US privacy shield https://www.privacyshield.gov/EU-US-Framework. Legal basis for the use of Google Analytics is Art. 6 paragraph 1 lit f GDPR.
(6) Information on third party provider: Google Dublin, Google Ireland Ltd. Gordon House, Barrow Street, Dublin 4, Ireland, Fax +353 1 436 1001.
Overview on data protection:
As well as the data privacy declaration: http://www.google.de/intl/de/policies/privacy.
(7) We have concluded a contract with Google on the processing of order data
(8) In addition, this website uses Google Analytics for a comprehensive analysis of visitor streams which is conducted by a user ID. You may deactivate this analysis of your use in your customer account “my data”, “personal data”.
Google Web Fonts
On our website, we use “Google Web Fonts”, a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: “Google”). Google Web Fonts allows us to use external fonts, so-called Google Fonts. Here, calling on our website leads to loading the required Google Font from your web browser into the browser cache, which is necessary for your browser to show an optically improved version of our texts. If your browser does not support this function, your computer uses a standard font. Implementation of these Web Fonts is conducted by calling on a server, usually a Google server in the US. The server receives the information about which internet pages you have visited. We have no influence on the extent and further use of data which is collected by implementing Google Web Fonts and processed by Google.
We use Google Web Fonts for optimizing purposes, in particular in order to improve your use of our website and to make its form more user-friendly. We have justified interest in this fact.
Google is subject to The Privacy Shield Agreement between the EU and the US and is certified, by which Google is obliged to comply with standards and regulations of the European data protection law. Further information can be obtained here:
Information on the third party provider: Google Dublin, Google Ireland Ltd. Gordon House, Barrow Street, Dublin 4, Ireland, Fax +353 (1) 436 1001. Further information on data protection can be obtained from the following Google websites:
Further information on Google Web Fonts can be obtained here:https://www.google.com/fonts#AboutPlace:about
Integration of Google Maps
(1) On our website, we use Google maps offer. By this, we are able to show interactive maps directly on our website and enable comfortable use of the map function.
(2) By visiting our website, Google receives the information that you called on a corresponding sub page of our website. Furthermore, the data mentioned in §3 of this declaration is transferred, regardless of whether Google allocates a user account by which you are logged in or if there is no user account. If you are logged in with Google, your data is directly assigned to your account. If you do not wish this, you have to log out before activating the button. Google stores your data as user profile and uses it for marketing purposes. Such an assessment is particularly conducted (even for users that are not logged in) for contributing tailor-made marketing and in order to inform other users of the social network on your activities on our website. You have the right to object to the formation of these user profiles, however, for this, you have to address to Google.
(3) Further information on the purpose and extent of collecting data and processing thereof by the plug-in-provider may be obtained from the GDPR of the provider. There, you may also obtain further information on your respective rights and setting possibilities concerning the protection your privacy: http://google.de/intl/de/policies/privacy. Google also processes your data in the US and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Our website uses Google reCAPTCHA to check and prevent automated servers ("bots") from accessing and interacting with our website. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google).
Through certification according to the EU-US Privacy Shield
Google guarantees that it will follow the EU's data protection regulations when processing data in the United States.
This service allows Google to determine from which website your request has been sent and from which IP address the reCAPTCHA input box has been used. In addition to your IP address, Google may collect other information necessary to provide and guarantee this service.
The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar.
Google offers detailed information at
concerning the general handling of your user data.
Our website uses plug-ins of Jameda GmbH, St.-Cajetan-Str. 41, D-81669 Munich.
If you visit one of our sites furnished with a Jameda plug-in, a connection to the Jameda servers is created. The Jameda server is informed of the sites you have visited.
Jameda collects information on the use of www.jameda.de from single computers. By collecting this information, Jameda intends to individualize its online offer. If you interact with a plug-in, e.g. by pushing the “recommend” button or leave a comment, the corresponding information is directly transferred to Jameda and stored there.Purpose and extent of collecting data and processing and use of data by Jameda as well as your rights and setting options for the protection of your privacy sphere may be obtained from Jameda’s data privacy declaration https://www.jameda.de/datenschutz.php.
If you send your appointment wishes or queries via contact form, this data (e-mail address, name, telephone number) is stored in order to answer your questions. This data is deleted as soon as it is no longer needed and if there are no legal record retentions. This data is not made accessible to third parties.
On our website, we also offer you to register for our newsletter. By this newsletter, you will be informed by all activities and news of our practice. Registering for this newsletter is conducted by the so-called double-opt-in procedure. This means that you receive a confirmation e-mail sent to the e-mail address with which you have registered. There is a link in it. Only by clicking the link, is the registration concluded. If you do not click the link, your registration is invalid and all data is deleted. After confirmation, your e-mail address is stored for the purpose of sending the newsletter. Legal basis for this storing is article 6 paragraph 1 a) EU GDPR
Your IP address used at the point of registration and the time of registration as well as the confirmation are stored by us as proof of correct registration.
You may revoke the registration for the receipt of the newsletter at any time and unsubscribe from the newsletter. Revoking may be conducted by clicking the e-mail address in the newsletter or by sending a message to the contact data of the imprint.
On our website, we use social plug-ins of social networks Facebook, Twitter and Instagram according to Art. 6 paragraph 1 p. 1 lit f GDPR in order to popularize our practice even more. Marketing purposes behind this incorporate justified interest in line with GDPR.
The responsibility for the data conformance must be guaranteed by the respective operator. We insert plug-ins by using the so-called 2-click method in order to protect our website’s visitors as best as we can.
On our website, we use the social media plug-ins of Facebook in order to design their use in a more personal manner. Here, we use the button “like” or “share”. This is an offer of Facebook.
If you call on a page of our website that contains such a plug-in, your browser directly connects with Facebook servers. The contents of the plug-ins are directly transferred by Facebook to your browser, which directly embeds them in the website
By the embedding plug-ins, Facebook receives the information that your browser has called on the corresponding page of our website, even if you do not have a Facebook account or if you are currently not logged in at Facebook. This information (including your IP address) is directly transferred from your browser to a Facebook server in the US and stored there.
If you are logged in at Facebook, Facebook can directly assign the visit of our website to your Facebook account. If you interact with plug-ins, e.g. pushing the buttons “like” or “share”, the corresponding information is also transferred directly to a Facebook server and stored there. Furthermore, the information is published on Facebook and is visible for your friends.
Facebook may use this information for marketing, market research and tailor-made design of Facebook sites purposes. Here, Facebook user, interest and relation profiles are created, e.g. in order to assess your use of our website with regard to the ads on your Facebook site, to inform other Facebook users on your activities on our website and to collect further services in connection with use of Facebook.
If you do not want Facebook to assign your data collected by our website to your Facebook account, you must log-out at Facebook before you visit our website.
Purpose and extent of collecting data and processing and use of data by Facebook as well as your rights and setting options for the protection of your privacy sphere may be obtained from Facebook’s data privacy declaration https://www.facebook.com/about/privacy/.
Our website uses contents (video player and videos) of the Google-operated site YouTube. Operator of this site is YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
If you visit one of our sites furnished with a YouTube plug-in, a connection to the YouTube servers is created. The YouTube server is informed on which sites you have visited.
Currentness of data and amendment of this data protection declaration
This data protection declaration is currently valid, as of June 2018.
By further processing our website and our offers or requirements due to amendments in legislation and/or requirements by authorities, it may be necessary to change this data protection declaration. You may call on and print the respective up-to-date data protection declaration at any time here: https://www.dr-neubauer-biological-dentistry.com/data-policy.html