Privacy policy
Datenschutzerklärung
Thank you for visiting our website. The protection and security of your personal information when you use our website is very important to us. We would therefore like to inform you at this point about which items of your personal data we collect when you visit our website and for what purpose they are used.
Who is responsible and how do I get in contact with them?
Person responsible
for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
MindVisions
Dr. med. Antonia v. Trotha
Wolfsgangstr. 153
60322 Frankfurt/M.
Telefon: +49-69-979 485 82
E-Mail: praxis@mind-visions.de
What is it all about?
This data privacy policy meets the legal requirements for transparency in the processing of personal data. Personal data is all information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, phone number, date of birth, email address, IP address or user behaviour when visiting a website. Information that we cannot (or only with disproportionate effort) link to your person, e.g. by anonymisation, is not personal data. Processing personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.
Stored personal data must be erased as soon as the purpose of the processing has been achieved and there are no legal grounds for further storage of the data. We will inform you in the individual processing operations about the specific storage periods or criteria for storage. Irrespective of this, we will store your personal data in individual cases for the establishment, exercise or defence of legal claims and if there are statutory storage requirements.
Who gets my data?
We only disclose your data processed by us on our website to third parties if this is necessary for the fulfilment of the purposes and is covered by the legal basis (e.g. consent or preserving legitimate interests) in individual cases. In addition, in individual cases, we will disclose personal data to third parties if this is for the purpose of the establishment, exercise or defence of legal claims. Possible recipients may then be law enforcement agencies, lawyers, auditors, courts etc.
Where, for the operation of our website, we use service providers who process personal data under Article 28 GDPR within the scope of order processing on our behalf, these service providers may be recipients of your data. You can obtain more information on the use of data processing service providers and web services in the overview of the individual processing operations.
How do you use cookies?
Cookies are small text files that are sent by us to the browser of your terminal device and stored there during your visit to our website. As an alternative to the use of cookies, information can also be stored in the local memory (local storage) of your browser. Some features on our website will not be available without the use of cookies or local storage (technically necessary cookies). On the other hand, other cookies enable us to conduct various analyses so that we are able, for example, to recognise the browser you are using when you visit our website again and to send us various types of information (non-essential cookies). Cookies help us to design our website to be more user-friendly and effective for you, for example, by tracking your use of our website and identifying your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not harm your computer. They cannot run programs or contain viruses.
We provide information about the respective services for which we use cookies in the individual processing procedures. Detailed information on the cookies used can be found in the cookie settings of this Privacy Policy.
What rights do I have?
Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act, you have the following rights as the data subject:
- Information under Article 15 GDPR, § 34 Federal Data Protection Act about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
- Rectification under Article 16 GDPR of incorrect or incomplete data stored by us;
- Erasure under Article 17 GDPR of the data stored by us, where the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for public interest reasons, or for the establishment, exercise or defence of legal claims;
- Restriction of processing under Article 18 GDPR, if the accuracy of the data is disputed, processing is unlawful, we no longer need the data and you refuse erasure because you need it for the establishment, exercise or defence of legal claims or you have objected to processing under Article 21 GDPR.
- Data portability under Article 20 GDPR, where you have provided us with personal data as part of consent under Article 6(1)(a) GDPR or on the basis of a contract under Article 6(1)(b) GDPR and it has been processed by us using automated procedures. You will receive your data in a structured, commonly used and machine-readable format or we will transfer the data directly to another data controller where this is technically feasible.
- Objection under Article 21 GDPR to the processing of your personal data where this takes place on the basis of Article 6(1)(e, f) GDPR and there are grounds for this arising from your particular situation or the objection is directed against direct advertising. There is no right to object if overriding compelling legitimate grounds for processing can be demonstrated or the processing is carried out for the establishment, exercise or defence of legal claims. If there is no right to object for individual processing operations, this is indicated there.
- Withdrawal of consent you have given under Article 7(3) GDPR with future effect.
- Lodging a complaint under Article 77 GDPR with a supervisory authority, if you believe that the processing of your personal data breaches the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our head office.
How is my data processed in detail?
We inform you below about the individual processing procedures, the scope and purpose of the data processing, the legal basis, the requirement to provide your data and the respective storage duration. Automated decision making in individual cases, including profiling does not take place.
Provision of the website
Nature and scope of processing
When you access and use our website, we collect personal data, which your browser automatically transmits to our server. The following information is temporarily stored in a “log file”:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the file accessed
- Website from which access takes place (referrer URL)
- Browser used and, if applicable, the operating system of your computer and the name of your access provider
We do not host our own website; it is hosted by a service provider who, for the purpose of providing the website, processes the above data on our behalf under Article 28 GDPR.
Purpose and legal basis
Processing takes place to safeguard our overriding legitimate interest in the display of our website and to ensure security and stability on the basis of Article 6(1)(f) GDPR. The collection of data and storage in log files is absolutely essential for the operation of the website. There is no right to object to the processing based on the exception under Article 21(1) GDPR. To the extent that further storage of log files is required by law, processing is based on Article 6(1)(c) GDPR. There is no legal or contractual requirement to provide the data but it is technically impossible to access our website without doing so.
The above data will be stored for the duration of the display of the website and for technical reasons for a maximum of 30 days.
Contact form
On our website we offer you the option of contacting us using the form provided. The information collected from the mandatory fields is necessary to process the request. In addition, you may voluntarily provide additional information that you feel is necessary to process the contact request.
If you use the contact form, your personal data is not disclosed to third parties.
Purpose and legal basis
Depending on the type of enquiry, the legal basis for this processing is Article 6(1)(b) GDPR for enquiries that you yourself make as part of a pre-contractual measure or Article 6(1) p. 1 (f) GDPR if your enquiry is of a different nature. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without the information in the mandatory fields being provided. If you do not wish to provide this data, please contact us by other means.
Where you use the contact form on the basis of your consent, we will store the data collected for each request for a period of three years, starting with the completion of your request or until your consent is withdrawn.
Information for applicants
We publish job vacancies on our website for which you can apply by e-mail. If you decide to apply for a vacancy, we will process your personal data provided there and send to us solely for the purpose of carrying out the application process.
In the event of a rejection, we will delete your data as soon as a retention period of 6 months required by labour law has expired. The period begins with the dispatch of the rejection. If you have expressly consented to the further use of your data for subsequent contact regarding positions that may be of interest to you, we will continue to store your data in accordance with your consent. We will not pass on your personal data to third parties outside the specific application process without your express consent or without a legal basis.
Please note that applications sent to us by e-mail are transmitted unencrypted. In this respect, there is a risk that unauthorised persons can intercept and use this data. The legal basis for processing your personal data as part of the application process is Article 26(1) in conjunction with (2) Federal Data Protection Act.
Google Analytics
We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online provision. This includes, for example, the number of hits on our website, sub-pages visited and our visitors’ dwell time on our website.
Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.
This information is used to compile reports on website activity, among other things.
The use of Google Analytics is based on your consent in accordance with Article 6(1)(a) GDPR and § 25(1) Telecommunications-Telemedia Data Protection Act.
When you use the service, data is processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection to that existing in the EU cannot be guaranteed in all countries outside the EU. In this connection, there may be risks, for you as a user if the data transmitted is processed in so-called third countries with an inadequate level of data protection. This makes it difficult to enforce known user rights.
Storage period
The actual storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. For more information refer to the data protection declaration for Google Maps: https://policies.google.com/privacy.
Google Tag Manager
Nature and scope of processing
We use the Google Tag Manger of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is used to manage website tags through one interface and allows us to control the precise integration of services on our website.
This enables us to flexibly integrate additional services to evaluate user access to our website.
Purpose and legal basis
The use of Google Tag Manager is based on your consent in accordance with Article 6(1)(a) GDPR and § 25(1) Telecommunications-Telemedia Data Protection Act.
When you use the service, data is processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection to that existing in the EU cannot be guaranteed in all countries outside the EU. In this connection, there may be risks, for you as a user if the data transmitted is processed in so-called third countries with an inadequate level of data protection. This makes it difficult to enforce known user rights.
Storage period
The actual storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. For more information refer to the data protection declaration for the Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
Google Maps
Nature and scope of processing
We use the map service Google Maps for displaying travel directions. Google Maps, which displays a map on our website, is a service of Google Ireland Limited.
When you access this content of our website, you connect to servers at Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and your IP address and, if applicable, browser data such as your user agent is transmitted. This data is processed exclusively for the above mentioned purposes and to maintain the security and functionality of Google Maps.
Purpose and legal basis
The use of Google Maps is based on your consent in accordance with Article 6(1)(a) GDPR and § 25(1) Telecommunications-Telemedia Data Protection Act.
When you use the service, data is processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection to that existing in the EU cannot be guaranteed in all countries outside the EU. In this connection, there may be risks, for you as a user if the data transmitted is processed in so-called third countries with an inadequate level of data protection. This makes it difficult to enforce known user rights.