Good Clinical Practice
Data Privacy Statement
We would like to begin with a quotation from https://gdpr-info.eu/art-12-gdpr/, Article 12, paragraph 1 of the Data Protection Regulation (GDPR). The controller in this case is us:
The controller shall take appropriate measures to provide any information [...] and any communication [...], relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language;
Even though this is a rather complex matter, we hope we have achieved this aim as best we can. If you have further questions or are in doubt about any aspect of this statement, please contact us.
The collection, processing or storing of your data by us or on our behalf by third parties, is done because we have a "legitimate interest" within the meaning of the GDPR in this collecting, processing or storing or because you have agreed to it. It is our aim to collect, process or use as little personal data as possible and to store and handle these in a way that is safe and comprehensible.
Basic Data Protection Ordinance (DSGVO) online:
Legality of processing: in the GDPR:
Federal Data Protection Act (BDSG) online:
Your current IP address may also fall under the concept of Personal Data, but does not have to. If, for example, you access the Internet from within an internal network of an international corporation, the IP address will only be able to refer to this particular group.
Due to the shortage of IPv4 address space, many access providers (Telekom, Vodafone, etc.) no longer give users public IP addresses but instead distribute individual IP addresses to multiple users via "Network Address Port Translation" (NAPT). Again, a personal reference to the IP address is regularly not given. Nevertheless, as far as technically possible, we do not or only pass on your current IP in an abbreviated, anonymous form.
Definition of Personal Data of the GDPR:
IP address on Wikipedia:
Storage on our systems
If you contact us, whether via our website, by e-mail, telephone or letter, this will leave data on our end. Your e-mail address will be stored in our e-mail programs and among other things, we may also enter your data into programs that fall under the keywords address management, economics, ERP (Enterprise Resource Planning) or CRM (Customer Relationship Management).
Our systems may be local systems within our premises but may also be hosted web servers or cloud storages. In that case, a data processing contract has been concluded with their technical operators, in which they commit themselves to treat the data in accordance with the GDPR.
Use of the data for advertising purposes
We reserve the right to use the collected data for our own advertising purposes. Under certain circumstances, we may pass on the data to service providers commissioned by us, who for example, organize the mailing of letters or newsletters for us. You may object to the use of your personal data for these purposes at any time.
Duty of disclosure, correction and deletion of data
You may at any time request information about which data of yours we have stored and if necessary, also have these corrected.
If you wish to delete your personal data, we are happy to do so unless compulsory legal regulations require otherwise. Worth noting are for example, tax laws and subsequently, the principles of proper bookkeeping.
In addition, we would like to point out that the regulations concerning deletion of data set out in the GDPR are applied.
Right for deletion in the GDPR:
Data transfer for contract performance or during ongoing business
We use the services of third parties for certain activities. For example, this applies to the forwarding and dispatching of goods, letters, packages and newsletters, as to the processing of payments (credit card, direct debit, etc.), and to bookkeeping and tax advice or other comparable services that we regularly use in order to maintain our business operations.
In cases like this, information such as your postal or e-mail address will be shared with these companies in order to enable the requested service. In general, these companies are all legally obliged to handle data discrete, safe and with care (post office, tax advisor, bank) or have contracted to process data in accordance with the GDPR.
Disclosure of data to any other companies or individuals will not be conducted without cause or without prior explicit consent.
Processor within the GDPR:
Data Protection Officer
We are not subject to the duty of a Data Protection Officer according to GDPR. If you would like to request more information regarding Data Protection or if you have further questions, please contact (the managing director):
Dr. Renate Materna
phone: +49 (0) 7624 - 98822-88
Appointment of a Data Protection Officer in the GDPR:
Appointment of a data protection officer in the FDPA:
Complaints offices and supervisory authorities
Responsible for compliance with the data protection regulations is the respective Land authorities, where the operator of the website is located. In our case so the from Niedersachsen.
The State Representative Niedersachsen:
The list on Wikipedia:
The list on the website of the Federal Government:
Your data within the operation of our website
Server hosting and log files on our web server
Our website is hosted at STRATO AG, Pascalstraße 10, 10587 Berlin, Germany. We have concluded a data processing contract with this provider pursuant to General Data Protection Regulation. The server configuration is set to not create log files.
Our web host:
Webhosting on Wikipedia: