logo d_uribe holmgren

Privacy Policy

Name and address of person in charge

The responsible party according to the General Data Protection Regulation is:
Mrs. Daniela Uribe Holmgren
Marktstraße 8

36037 Fulda

Scope and purpose of personal data processing

We collect and process personal data from our users only to the extent necessary to provide a functional website or to fulfill a contract, if there is consent or if we have a legitimate interest in the processing.

a. Website visit and log file creation.

Each time our website is accessed, our system automatically collects data and information from the calling computer’s computer system. The following data are collected:

  • Information on browser type and version used
  • The user’s operating system
  • The user’s Internet service provider
  • The user’s IP address
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Web pages that the user’s system calls through our web pages.

The data is also stored in our system log files. This data is not stored or associated with other personal data of the user, unless specified in this privacy policy.

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f RGPD.

The temporary storage of the IP address by the system is necessary to enable the delivery of web pages to the user’s computer. To do this, the user’s IP address must be stored for the duration of the session. Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our computer systems. Therefore, the user does not have the possibility to object. The collection and storage of data in log files can be prevented by not visiting this website.

b. Use of cookies

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that allows a unique identification of the browser when revisiting the website.

The following data is stored and transmitted in cookies:

  • Login information
  • Language settings
  • Session ID

The legal basis for the processing of personal data through the use of technically unnecessary cookies is Art. 6 para. 1 lit. a RGPD, § 25 paragraph 1 TTDSG.

The legal basis for the processing of technically necessary cookies is Art. 6 para. 1 lit. f RGPD, § 25 paragraph 2 TTDSG.
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features of our website cannot be provided without the use of cookies. For this, it is necessary that the browser is recognized again even after changing pages.

As a user, you also have full control over the use of cookies. By changing the settings of your Internet browser, you can disable or restrict the transmission of cookies. Previously stored cookies can be deleted at any time using the “Delete all cookies” function. If you disable cookies for our website, you may not be able to use all features of the website to their full extent.

c. Use of so-called “social plugins” from Facebook, Google+ and/or Twitter, among others.

On our websites we use so-called “social plugins” (“plugins”) from various social media companies (“providers”) with the so-called “2-click solution”.

2-click solution:

To increase the protection of your data during your visit to our website, the plugins are integrated into the page by means of a so-called “2-click solution”. This integration ensures that no connection is established with the provider’s servers when accessing a page on our website that contains such plugins. Only when you activate the plugins, you consent to the transmission of data. Your browser then establishes a direct connection to the servers of the operators of the respective social media platform. The content of the respective plugin is transmitted directly from the respective provider to your browser and integrated into the page. By integrating plugins, providers receive the information that your browser has accessed our website, even if you do not have a profile with the respective provider or if you are not logged in at the time. This information (including your IP address) is transmitted directly from your browser to a server of the respective provider in the USA and stored there. If you are also logged into an account of the respective providers or log in later, the providers can assign the visit to our website directly to your profile there. When you interact with the plugins, for example by clicking the “Like” button, the “+1” button or the “Tweet” button, the corresponding information is also transmitted directly to a server of the provider and stored there. The information can also be published on the social network and shown to your contacts. For more information about the purpose and scope of data collection and the further processing and use of data by the providers, as well as your rights and settings options to protect your privacy, please refer to the providers’ privacy policies.

The legal basis for the processing of personal data through the use of social media plugins is Art. 6 para. 1 sentence 1 lit. f RGPD.

We use social plugins for the purpose of publicizing our website and services on the respective platforms. If you do not want providers to directly associate data collected through our website with your profile on the relevant service, you should not activate it.

The purpose and scope of data processing by the respective providers, as well as your rights and settings options to protect your privacy, are detailed in the privacy policies linked below.

Facebook (Meta)

Facebook is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. California Ave, Palo Alto, CA 94304, U.S.A. An overview of Facebook plugins and their appearance can be found here: https://developers.facebook.com/docs/plugins Facebook’s privacy policies can be found here: https://www.facebook.com/policy.php.

Twitter

Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, U.S.A. An overview of Twitter buttons and their appearance can be found here: https://about.twitter.com/en_us/company/brand-resources.html. Twitter’s privacy policies can be found here: https://twitter.com/privacy.

Instagram

Instagram is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, U.S.A. The plugins are marked with an Instagram logo, e.g., in the form of “Instagram camera”. Instagram’s privacy policies can be found here: https://help.instagram.com/155833707900388

YouTube

YouTube is operated by YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA. The plugins are marked with a white arrow on a red background with or without the addition “YouTube”. YouTube’s privacy policies can be found here: https://www.youtube.com/intl/ALL_de/howyoutubeworks/user-settings/privacy/.

TikTok

TikTok is operated by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. TikTok’s privacy policies can be found here: https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE.

d. Newsletter

If you subscribe to our newsletter, we need your e-mail address and your confirmation that you are the owner of the e-mail address provided and that you agree to receive the newsletter. We receive this confirmation from you when you reply to our confirmation e-mail, which we send immediately after registration, by clicking on the link included in it (double confirmation procedure).
In addition to your e-mail address, we store your IP address and the time of newsletter registration as well as the time of confirmation. The data is collected only for the purpose of sending you the newsletter and documenting our authorization.

This is also where our legitimate interest lies. The legal basis for the prosecution is Art. 6 para. 1 sentence 1 lit. a) GDPR.
We send our newsletters generally on a monthly basis. In our newsletters we promote the services we offer. When you register for the newsletter, your e-mail address will be processed for our own advertising purposes until you unsubscribe from the newsletter. You can revoke your subscription to the newsletter and your consent to the storage of the e-mail address at any time. You can also unsubscribe from the newsletter at any time by clicking on the link at the bottom of each newsletter.

The aforementioned data will be deleted as soon as they are no longer needed to achieve the aforementioned purposes. Therefore, we store your data mentioned above for as long as you are subscribed to the newsletter. After unsubscribing from the newsletter, we store the above-mentioned data in a purely statistical and anonymous manner.
In connection with data processing for sending the newsletter, the e-mail address is disclosed to our service providers MailChimp (see section e).

We inform you that we evaluate your user behavior when sending the newsletter. The newsletters we send contain a so-called “Web-Beacon” or “Tracking-Pixel”. This is a single pixel image file stored on our website. The data mentioned in this section and the Web-Beacons are linked to your e-mail address and an individual ID for evaluation. The links contained in the newsletter also contain this ID. We create a user profile based on the data mentioned above. In this process, we record when you read the newsletter and which links you click on. From this we can deduce their personal interests. We link this data to your user behavior on our website.

The purpose of this data processing is to adapt the newsletter to your individual interests, to optimize our offer and to make it more interesting as a whole. It also lies in our legitimate interest. If you have given us your consent, the legal basis for the processing is Art. 6 para. 1 lit. a) GDPR. If the processing is based on other legitimate interests of ours, the legal basis is Art. 6 para. 1 lit. f) RGPD. If you have given us your consent to process the above-mentioned data, you may revoke it at any time. You can object to this evaluation of your user behavior at any time by clicking on the separate link included in each newsletter. In addition, you can avoid this evaluation of your user behavior if you have disabled the display of images in your e-mail program by default. Please note that, in this case, you may not be able to see the entire newsletter and therefore may not be able to use all of the newsletter’s features. If you manually activate the display of images, the evaluation of your user behavior described above will be performed again.

e. MailChimp

The newsletters are sent through “MailChimp”, a newsletter service provider of the U.S. provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The email addresses of our newsletter subscribers, as well as other data mentioned in these guidelines, are stored on MailChimp’s servers in the USA. The legal basis for the transfer of data to the USA is the adequacy decision in accordance with Art. 45 para. 1 GDPR of the European Commission of 10.07.2023 and the fact that Google has joined the EU-US data protection framework. (Data Privacy Framework Program) (https://www.dataprivacyframework.gov/s/). MailChimp uses this information to send and evaluate newsletters on our behalf. In addition, based on its own information, MailChimp may use this data to optimize or improve its own services.

Insofar as you have given us your consent, the legal basis for processing is Art. 6 para. 1 lit. a) GDPR. Insofar as the processing is based on other legitimate interests of ours, the legal basis is Art. 6 para. 1 lit. f) RGPD.
We rely on MailChimp’s reliability and data security. We have entered into an on-demand processing agreement with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection provisions and, in particular, not to disclose it to third parties. You can view MailChimp’s data protection provisions at the following link: https://www.intuit.com/privacy/statement/.

f. Contact form / E-mail

If you send a message using our contact form on our website, you can optionally provide your name or a pseudonym for the greeting. We need this information to personalize the greeting. The gender can also be optionally provided. In addition, a valid e-mail address or, optionally, a telephone number is required for responses. If both an e-mail address and a telephone number are provided, we may use both to respond to the inquiry. If, in addition to using the contact form, you subscribe to our newsletter, we use your name and gender for an appropriate greeting.
The legal basis for this, when using our contact form, is Art. 6 para. 1 lit. a) GDPR. If you send us an e-mail, the legal basis for processing is Art. 6 para. 1 lit. b) GDPR.

The sole purpose of the collection is to establish contact or respond to the inquiry. The data will be deleted once this purpose has been achieved. We reserve the right to delete messages sent through the contact form or by e-mail, even without reply, immediately and irreversibly.

You can object to the storage of your personal data at any time. However, we inform you that, in this case, we will not be able to process your inquiry.

g. Doctolib

Our clinic uses the Doctolib appointment management system in order to optimize appointment management. By pressing a corresponding button, such as “Book appointment now”, a new tab will open and you will be redirected to our account on the doctolib.de website. Responsible for the content of the Doctolib website is Doctolib GmbH, Mehringdamm 51, 10961 Berlin (hereinafter referred to as “Doctolib”).

We use a Doctolib calendar for all our patients to manage appointments in a uniform way. When you book an appointment with us through Doctolib, the following information, among others, will be entered into our Doctolib calendar: first name, last name, date of birth, address, telephone number, e-mail address, primary care physician, insurance status, referring physician, reason for visit and appointment history. You can consult Doctolib’s privacy policy here: https://doctolib.legal/privacy-policy-B2C-DE. We have entered into a contract processing agreement with Doctolib. The purpose of data processing is the scheduling and preparation of appointments (“appointment management”).

The legal basis for data processing is Art. 6 paragraph 1 lit. b, Art. 6 paragraph 1 lit. a RGPD, Art. 9 para. 2 lit. h RGPD.
To avoid cancellation of appointments, with your consent, we will remind you of your appointment through the Doctolib calendar system via SMS and/or email. If you no longer wish to receive reminders, you can inform us or Doctolib at any time and the reminder function will be deactivated.

h. Advertising and analysis tools with Matomo

This website uses the open source web analytics service Matomo. Matomo is hosted by ourselves and runs on our servers. No personal data is transmitted to third parties. Our Matomo configuration does not use cookies.
With the help of Matomo, we may collect and analyze data about visitors’ use of our website. This allows us, among other things, to determine when the pages were visited and from which region they originate. In addition, we collect various logs (e.g., IP address, sender, browsers and operating systems used) and can measure whether our visitors perform specific actions (e.g., clicks).

The use of this analysis tool is based on Art. 6 paragraph 1 lit. f of the RGPD. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offer and its advertising. If a corresponding consent is requested, the processing will be carried out exclusively on the basis of Art. 6 para. 1 lit. a of the GDPR and § 25 paragraph 1 of the TTDSG. Consent may be revoked at any time.

In the analysis with Matomo, we use IP anonymization. In this case, your IP address is shortened before analysis, so that you can no longer be uniquely identified. Matomo is hosted exclusively on our own servers, so all analysis data remains with us and is not disclosed.

Data security

In the operation of our website, we use the SSL (Secure Socket Layer) procedure in combination with the highest level of encryption supported by your browser. This usually involves 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognize whether an individual page of our website is transmitted in encrypted form by the closed representation of the padlock symbol in the lower status bar of your browser.
In addition, we use appropriate technical and organizational measures (TOMs) to protect your data against accidental or deliberate manipulation, partial or total loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Data deletion and storage period

Collected data are in principle deleted as soon as they are no longer needed to achieve the purpose of their collection. In the case of data storage in log files, this occurs after a maximum of fourteen days. Additional storage is possible. In this case, the IP addresses of the users are deleted or hidden, so that it is no longer possible to assign the customer who made the call. Disposal takes place at the latest upon expiration of the applicable legal retention periods.

Your rights

If personal data about you is processed, you are a data subject within the meaning of the GDPR and have the following rights vis-à-vis the controller:

  • Right to obtain information about stored personal data.
  • Right to rectification.
  • Right to limitation of processing.
  • Right to elimination.
  • Right to withdraw consent.
  • Right to data portability.
  • Right to file a complaint with a supervisory authority.
  • The right to obtain information about the existence of automated decision-making, including profiling, and, where appropriate, meaningful information about the logic involved, as well as the scope and intended consequences of such processing for the individual concerned.

Changes in the data protection guidelines

Due to the ongoing development of this website or changes in data protection regulations, it may become necessary to amend this data protection declaration, even at short notice. The current data protection declaration is always available on our website for consultation.

Questions/Suggestions

If you have any questions or suggestions, please contact us by e-mail: post@hautarzt-uribe-holmgren.de.

Subscribe to our Newsletter

Be among the first to receive the latest news with our Newsletter

agenda-tu-cita