Privacy Policy
Introduction
We, Zahnarztpraxis Natalie Herzel, take the protection of user data on our website very seriously and are committed to protecting the information users provide to us in connection with the use of our website. Furthermore, we commit to protecting and using your data in accordance with applicable law.
This privacy policy explains our practices regarding the collection, use, and disclosure of your data through the use of our digital assets (the “Services”) when you access the Services via your devices.
Please read the privacy policy carefully and ensure that you fully understand our practices regarding your data before using our Services. If you have read and fully understood this policy and do not agree with our practices, you must discontinue the use of our digital assets and services. By using our services, you acknowledge the terms of this privacy policy. Your continued use of the services constitutes your consent to this privacy policy and any changes thereto.
In this privacy policy, you will learn about:
- How we collect data
- What data we collect
- Why we collect this data
- To whom we disclose the data
- Where the data is stored
- How long the data is retained
- How we protect the data
- How we deal with minors
- Updates or changes to the privacy policy
- Your rights as a data subject
What data do we collect?
Below is an overview of the data we may collect:
- Unidentified and non-identifiable information you provide during the registration process or collected through the use of our services (“non-personal data”). Non-personal data does not allow conclusions to be drawn about the person who provided it. Non-personal data we collect mainly consists of technical and aggregated usage information.
- Individually identifiable information, i.e., all information by which you can be identified or reasonably identified (“personal data”). Personal data we collect through our services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses, and more. When we combine personal data with non-personal data, they will be treated as personal data by us as long as they remain in combination.
How do we collect data?
Below are the main methods we use to collect data:
- We collect data when using our services. Therefore, when you visit our digital assets and use services, we may collect, record, and store usage, sessions, and related information.
- We collect data you provide to us yourself, such as when you contact us directly via a communication channel (e.g., an email with a comment or feedback).
- We may, as described below, collect data from third-party sources.
- We collect data you provide to us when you sign in to our services through a third party such as Facebook or Google.
Why do we collect this data?
We may use your data for the following purposes:
- to provide and operate our services;
- to develop, customize, and improve our services;
- to respond to your feedback, inquiries, and requests and to provide assistance;
- to analyze request and usage patterns;
- for other internal, statistical, and research purposes;
- to improve our data security and fraud prevention capabilities;
- to investigate violations and enforce our terms and policies and to comply with applicable laws, regulations, or governmental orders;
- to send you updates, news, promotional materials, and other information related to our services. You can choose whether to continue receiving these promotional emails. If not, simply click on the unsubscribe link in these emails.
To whom do we disclose this data?
We may disclose your data to our service providers to operate our services (e.g., storing data via third-party hosting services, providing technical support, etc.).
We may also disclose your data under the following circumstances: (i) to investigate, detect, prevent, or take action against illegal activities or other misconduct; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety as well as the safety of our users or the public; (iv) in the event of a change in control of us or one of our affiliates (e.g., through a merger, acquisition, or purchase (substantially) of all assets, etc.); (v) to collect, retain, and/or manage your data through authorized third-party providers (e.g., cloud service providers) as far as reasonably necessary for business purposes; (vi) to work jointly with third parties to improve your user experience. To avoid misunderstandings, we would like to point out that we may transmit or disclose non-personal data to third parties at our discretion or use them otherwise.
Please note that our services enable social interactions (e.g., posting content, information, and comments publicly and chatting with other users). We would like to inform you that all content or data you provide in these areas may be read, collected, and used by other individuals. We advise against posting or sharing information that you do not want to make public. If you upload content to our digital assets or otherwise provide it as part of using a service, you do so at your own risk. We cannot control the actions of other users or members of the public who have access to your data or content. You acknowledge and hereby confirm that copies of your data may remain accessible even after deletion on cached and archived pages or after a copy/storage of your content by third parties.
Cookies and similar technologies
When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, as well as other technologies and analytics services (“tracking technologies”). These tracking technologies may allow third parties to automatically collect your data to improve the navigation experience on our digital assets, optimize their performance, ensure a customized user experience, and for security and fraud prevention purposes.
To learn more, please read our Cookie Policy.
Without your consent, we will not disclose your email address or other personal data to advertising companies or ad networks.
Where do we store the data?
Personal data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and other jurisdictions as necessary for the proper provision of our services and/or as required by law (as further explained below).
How long will the data be retained?
Please note that we retain the data collected as long as necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements.
We may correct, supplement, or delete inaccurate or incomplete data at any time at our discretion.
How do we protect the data?
The hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data may be stored on secure servers, behind a firewall, and it provides secure HTTPS access to most areas of its services.
Despite the measures and efforts taken by us and our hosting provider, we cannot and will not guarantee absolute protection and security of the data you upload, publish, or otherwise provide to us or others.
For this reason, we ask you to set secure passwords and not to transmit confidential information to us or others if disclosure of such information could significantly or sustainably harm you. Since email and instant messaging are not considered secure forms of communication, we also ask you not to disclose confidential information via any of these communication channels.
How do we deal with minors?
Children may use our services. However, if they wish to access certain features, they may need to provide certain information. The collection of some data (including data collected through cookies, web beacons, and other similar technologies) may occur automatically. If we knowingly collect, use, or disclose data collected from a child, we will notify and obtain parental consent in accordance with applicable law. We do not condition a child’s participation in an online activity on providing more contact information than is reasonably necessary for participation in that activity. We only use the data we collect in connection with the services requested by the child.
We may also use a parent’s contact information to communicate about the child’s activities in the services. Parents may review data we have collected from their child, prohibit us from collecting further data from their child, and request that any data collected by us be deleted.
Please contact us to review, update, or delete your child’s data. To protect your child, we may ask you for proof of identity. We may deny you access to the data if we believe your identity is questionable. Please note that certain data cannot be deleted due to other legal obligations.
We only use your personal data for the purposes set forth in the privacy policy and only if we are convinced that:
- the use of your personal data is necessary to fulfill or conclude a contract (e.g., to provide the services themselves or customer support or technical support);
- the use of your personal data is necessary to comply with relevant legal or regulatory obligations, or
- the use of your personal data is necessary to support our legitimate business interests (provided that this is done at all times in a manner that is proportionate and respects your privacy rights).
As an EU resident, you can:
- request confirmation as to whether personal data concerning you is being processed and access your stored personal data as well as certain additional information;
- request the receipt of personal data you have provided to us in a structured, commonly used, and machine-readable format;
- request the correction of your personal data stored by us;
- request the deletion of your personal data;
- object to the processing of your personal data by us;
- request the restriction of the processing of your personal data, or
- submit a complaint to a supervisory authority.
Please note, however, that these rights are not unrestricted and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as indicated below.
In the course of providing the services, we may transfer data across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide. By using the services, you consent to the transfer of your data outside the EEA.
If you are located in the EEA, your personal data will only be transferred to locations outside the EEA if we are convinced that there is an adequate or comparable level of protection for personal data. We will take appropriate steps to ensure that we have appropriate contractual agreements with our third parties to ensure that appropriate security measures are taken to minimize the risk of unlawful use, alteration, deletion, loss, or theft of your personal data and that these third parties act at all times in accordance with applicable laws.
Rights under the California Consumer Privacy Act
If you use the services as a resident of California, you may be entitled under the California Consumer Privacy Act (“CCPA”) to access and delete your data.
To exercise your right of access and deletion of your data, please see below for how to contact us.
We do not sell users’ personal data for the purposes and objectives of the CCPA.
Updates or changes to the privacy policy
We may revise this privacy policy at our discretion from time to time, and the version posted on the website is always current (see “Status” statement). We ask you to regularly check this privacy policy for changes. In the event of significant changes, we will publish a notice on our website. If you continue to use the services after being notified of changes to our website, this constitutes your confirmation and consent to the changes to the privacy policy and your agreement to the terms of those changes.
Your rights as a data subject
To the extent that your personal data is processed by us, you as a data subject have the following rights:
Right to information about the processed personal data pursuant to Art. 15 GDPR.
Right to immediate correction of incorrect personal data pursuant to Art. 16 GDPR.
Right to immediate deletion of personal data pursuant to Art. 17 GDPR.
Right to demand processing under Art. 18 GDPR, – Right to data portability under Art. 20 GDPR.
Right to object to processing under Art. 21 GDPR if processing is based on a task carried out in the public interest or in the exercise of official authority pursuant to Art. 6(1) lit. e) GDPR or on a legitimate interest of the controller pursuant to Art. 6(1) lit. f) GDPR.
Right to revoke any consent given at any time pursuant to Art. 7(3) GDPR.
The limitations of §§ 34 and 35 BDSG apply to the right of information and the right of deletion.
To exercise the rights described above, you can contact one of the responsible offices or a data protection officer in writing at the business address.
Contact
If you have general questions about the services or the data we collect about you and how it is used, please contact us at:
Name:
Zahnarztpraxis Natalie Herzel
Address:
Hammer Landstraße 238,
20537 Hamburg
Email: