The responsible body within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Practice name: Praxisklinik Dr. Hasert
Name of practice manager: Dr. Raoul Hasert
Address practice: Friedrichstraße 113a, 10117 Berlin
Data Protection Officer
Name: Sonja Schaal
Work (Phone): 030/2817230
E-Mail (work): firstname.lastname@example.org
According to the GDPR, we are obliged to inform you about the purpose for which our practice collects, stores or forwards data.
Purposes: diagnostics, treatment/therapy, billing, studies, reports
Legal basis: Treatment contract, model professional code for doctors, Social Code Book V, GDPR Art. 6, GDPR Art. 9,
Categories of recipients: attending physicians, practice staff, accounting, health insurance, pension insurance, health authorities, supply authorities, professional associations, associations of statutory health insurance physicians, service providers for private billing (PVS), cooperation partners, laboratories for clinical chemistry (Labor28), histology, cytology (Buntrock)
Planned deletion periods: according to the legal requirements, at the latest after the end of the 30th year
Transmission to third countries or international organisations: only for student research projects with the patient’s written consent.
Your data subject rights
You can exercise the following rights at any time using the contact details provided for our data protection officer:
- Information about your data stored by us and their processing,
- rectification of inaccurate personal data,
- Deletion of your data stored with us,
- Restriction of data processing if we are not yet allowed to delete your data due to legal obligations,
- Objection to the processing of your data by us and
- Data transferability if you have consented to the data processing or have concluded a contract with us.
If you have given us your consent, you can revoke this at any time with effect for the future. You can contact the supervisory authority responsible for you at any time with a complaint. Your responsible supervisory authority depends on the state of your residence, your work or the alleged infringement. You can find a list of the supervisory authorities (for the non-public area) with their addresses at:https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
The protection of your personal data is important to us. The data processing takes place on the basis of legal requirements in order to fulfill the treatment contract between you and our practice and the associated obligations. For this purpose we process your personal data, in particular your health data. This includes anamnesis, diagnoses, therapy suggestions and findings that we or other doctors collect. For these purposes, other doctors who are treating you can also provide us with data (e.g. doctor’s letter). We only transfer your personal data to third parties if this is required by law or if you have given your consent. The collection of health data is a prerequisite for your treatment. If the necessary information is not provided, careful treatment cannot take place. You have the right to information about your personal data available in the practice. You can also request the correction of incorrect data. In addition, under certain conditions, you have the right to delete data, the right to restrict data processing and the right to data portability of your objective data. You can revoke the granted declaration of consent at any time in writing for future processing. You also have the right to complain to a data protection supervisory authority if you believe that the processing of your personal data has not been carried out lawfully.
Purposes of data processing by the responsible body and third parties
We only process your personal data for the purposes stated in this data protection declaration. Your personal data will not be transmitted to third parties for purposes other than those mentioned. We only pass on your personal data to third parties if:
- you have given your express consent,
- the processing is necessary for the execution of a contract with you,
- the processing is necessary to fulfill a legal obligation,
the processing is necessary to protect legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data.
Deletion or blocking of the data
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for by the various storage periods provided for by the legislature. After the respective purpose has ceased to exist or these periods have expired, the corresponding data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.
Collection of general information when visiting our website
When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes the type of web browser, the operating system used, the domain name of your internet service provider and similar. This is exclusively information that does not allow any conclusions to be drawn about your person. This information is technically necessary in order to correctly deliver the content you have requested from websites and is mandatory when using the Internet. In particular, they are processed for the following purposes:
- Ensuring a problem-free connection to the website,
- ensuring smooth use of our website,
- Evaluation of system security and stability as well
- for other administrative purposes.
The processing of your personal data is based on our legitimate interest in the aforementioned data collection purposes. We do not use your data to draw conclusions about your person. Recipients of the data are only the responsible body and, if necessary, the processor. Anonymous information of this type may be statistically evaluated by us in order to optimize our website and the technology behind it.
In order to protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.
If you contact us via e-mail or the contact form with questions of any kind, give us your voluntary consent for the purpose of establishing contact. This requires the specification of a valid e-mail address. This is used to allocate the request and then to answer it. Providing further data is optional. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. After the request you have made has been dealt with, personal data will be automatically deleted.
Use of script libraries (Google Webfonts)
Use of Google Maps
This website uses Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes and uses data about the use of the map functions by visitors. You can find more information about data processing by Google in the Google data protection information. There you can also change your personal data protection settings in the data protection center. Detailed instructions for managing your own data in connection with Google products can be found here.
We reserve the right to adapt this data protection declaration so that it always corresponds to the current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration will then apply to your next visit.
Questions to the data protection officer
If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organization directly: Dr. Raoul Hasert.