Email

Info@schmerztherapie-bad-toelz.de

Telefon

(+49) 8041-796 7067

Make an appointment

Privacy

  • Data Protection at a Glance General Information

    The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to any data that can personally identify you. Detailed information on data protection can be found in our privacy policy listed below.

    Data Collection on this Website Who is responsible for the data collection on this website?

    The data processing on this website is carried out by the website operator. You can find their contact information in the “Notice on the Responsible Party” section of this privacy policy.

    How do we collect your data?

    Your data is collected in two ways. Firstly, you provide the data to us, for example, by entering information in a contact form. Other data is collected automatically or with your consent by our IT systems when you visit the website. This primarily includes technical data (e.g., internet browser, operating system, or the time of the page visit). The collection of this data happens automatically as soon as you access this website.

    What do we use your data for?

    Some of the data is collected to ensure the proper functioning of the website. Other data may be used to analyze your user behavior.

    What rights do you have regarding your data?

    You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. Additionally, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to file a complaint with the competent supervisory authority.

    You can contact us at any time regarding any questions on the topic of data protection.

    Analysis Tools and Third-Party Tools

    When visiting this website, your browsing behavior may be statistically analyzed. This is mainly done through so-called analysis programs. Detailed information on these analysis programs can be found in the following privacy policy.

  • Hosting

    We host the contents of our website with the following provider:

    External Hosting

    This website is hosted externally. The personal data collected on this website is stored on the servers of the hosting provider. This may include IP addresses, contact inquiries, metadata, communication data, contract data, contact details, names, website access, and other data generated via a website.

    External hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). If consent has been requested, processing is based solely on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, to the extent that the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting). Consent can be revoked at any time.

    Our hosting provider will process your data only to the extent necessary to fulfill their service obligations and follow our instructions regarding this data.

    We use the following hosting provider:

    netcup GmbH Daimlerstraße 25
    D-76185 Karlsruhe

    Data Processing Agreement

    We have concluded a data processing agreement (DPA) to use the aforementioned service. This is a legally required contract that ensures the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

  • General Information and Mandatory Information Data Protection

    The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

    When you use this website, various personal data is collected. Personal data is any information that can identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this occurs.

    Please note that data transmission over the internet (e.g., via email communication) can have security vulnerabilities. Complete protection of the data from third-party access is not possible.

    Notice on the Responsible Party

    The responsible party for data processing on this website is:

    Christine Leahy
    Benedikt-Erhard-Str. 1a, 83646 Bad Tölz
    Phone: 08041-796 7067
    Email: info@schmerztherapie-bad-toelz.de

    The responsible party is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

    Storage Period

    Unless a more specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you make a legitimate request for deletion or revoke your consent for data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in such cases, the deletion will take place after these reasons cease to apply.

    General Information on the Legal Basis for Data Processing on this Website

    If you have given your consent to data processing, we process your personal data based on Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR if special categories of data are processed under Art. 9 para. 1 GDPR. In the event of explicit consent to the transfer of personal data to third countries, data processing is also based on Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or the access to information in your device (e.g., via device fingerprinting), data processing is additionally based on § 25 para. 1 TDDDG. Consent can be revoked at any time. If your data is necessary for the fulfillment of a contract or pre-contractual measures, we process your data based on Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data to fulfill a legal obligation based on Art. 6 para. 1 lit. c GDPR. Data processing may also be based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR. Specific legal bases are provided in the following sections of this privacy policy.

    Notice Regarding Data Transfers to Insecure Third Countries and US Companies Not Certified under the DPF

    We use tools from companies located in third countries that are not considered secure under data protection laws, as well as US-based tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to these countries and processed there. We note that there is no data protection level in such third countries comparable to that in the EU.

    However, the USA is generally regarded as a safe third country with a comparable level of data protection to the EU. Data transfers to the USA are therefore permissible if the recipient is certified under the “EU-US Data Privacy Framework” (DPF) or provides suitable additional guarantees. Information on data transfers to third countries, including the recipients of the data, can be found in this privacy policy.

    Recipients of Personal Data

    In the course of our business operations, we work with various external parties. This may require the transfer of personal data to these external parties. We transfer personal data only if it is necessary for fulfilling a contract, if we are legally required to do so (e.g., transferring data to tax authorities), if we have a legitimate interest based on Art. 6 para. 1 lit. f GDPR, or if another legal basis allows the transfer. When using data processors, we only transfer personal data based on a valid data processing agreement. In the case of joint processing, a joint processing contract is concluded.

    Revocation of Your Consent to Data Processing

    Many data processing operations are only possible with your explicit consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected.

    Right to Object to Data Collection in Specific Cases and to Direct Advertising (Art. 21 GDPR)

    IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING IS FOR THE ASSERTION, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

    IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING AT ANY TIME; THIS ALSO APPLIES TO PROFILING TO THE EXTENT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

    Right to Lodge a Complaint with the Competent Supervisory Authority

    In the case of violations of the GDPR, affected individuals have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.

    Right to Data Portability

    You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to you or a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only occur to the extent technically feasible.

    Information, Deletion, and Rectification

    You have the right, within the framework of the applicable legal provisions, to request information about your stored personal data, its origin, and recipients, as well as the purpose of data processing, at any time, free of charge.

    4. Data Collection on This Website

    Cookies

    Our website uses “cookies.” Cookies are small data packets that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain on your device until you delete them or your browser automatically removes them.

    Cookies can originate from us (first-party cookies) or third-party companies (so-called third-party cookies). Third-party cookies allow the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).

    Cookies serve different functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or video display). Other cookies can be used to analyze user behavior or for advertising purposes.

    Cookies required for the electronic communication process, the provision of certain functions you desire (e.g., the shopping cart function), or the optimization of the website (e.g., cookies for measuring web audience) are stored based on Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure the error-free and optimized provision of its services. If consent to store cookies and similar recognition technologies has been requested, processing is done solely based on this consent (Art. 6(1)(a) GDPR and § 25(1) TDDG); consent can be revoked at any time.

    You can configure your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for specific cases or in general, and to enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

    You can find out which cookies and services are used on this website in this privacy policy.

    5. Social Media

    Social Media Elements with Shariff

    This website uses social media elements (e.g., Facebook, X, Instagram, Pinterest, XING, LinkedIn, Tumblr).

    You can usually recognize the social media elements by their respective social media logos. To ensure data privacy on this website, we use these elements only together with the so-called “Shariff” solution. This application prevents the social media elements integrated into this website from transmitting your personal data to the respective provider upon the first visit to the site.

    Only when you activate the respective social media element by clicking the associated button will a direct connection to the provider’s server be established (consent). Once the social media element is activated, the respective provider receives the information that you have visited this website with your IP address. If you are logged into your respective social media account (e.g., Facebook), the provider can associate your visit to this website with your user account.

    Activating the plugin constitutes consent under Art. 6(1)(a) GDPR and § 25(1) TDDG. You can revoke this consent at any time with future effect.

    The service is used to obtain the legally required consent for the use of certain technologies. The legal basis is Art. 6(1)(c) GDPR.

    Facebook

    This website integrates elements of the social network Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. However, according to Facebook, the collected data is also transmitted to the USA and other third countries.

    An overview of Facebook’s social media elements can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE.

    If the social media element is active, a direct connection is established between your device and Facebook’s server. Facebook thereby receives information that you have visited this website with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of this website to your Facebook profile. As a result, Facebook can associate your visit to this website with your user account. We would like to point out that we, as the website operator, do not receive any knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to Facebook’s privacy policy: https://de-de.facebook.com/privacy/explanation.

    The use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TDDG. Consent can be revoked at any time.

    If personal data is collected on our website with the help of the tool described here and transmitted to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of the data and its transmission to Facebook. The processing by Facebook after transmission is not part of joint responsibility. The obligations incumbent on us jointly have been stipulated in an agreement on joint processing. The wording of the agreement can be found here: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing privacy information when using the Facebook tool and for securely implementing the tool on our website. Facebook is responsible for the data security of Facebook products. Data subject rights (e.g., requests for information) regarding the data processed by Facebook can be asserted directly with Facebook. If you assert data subject rights with us, we are obligated to forward them to Facebook.

    The data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381, and https://www.facebook.com/policy.php.

    The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Each company certified under the DPF is obligated to comply with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/4452.

Close