GDPR privacy statement

Privacy Statement

The protection of your personal data is important to us. According to the EU General Data Protection Regulation (GDPR), we are obliged to inform you of the purpose for which our dental practice collects, stores or forwards data. You can also find out the rights you have in terms of data protection from the information provided.

Content

1. Person responsible

2. Data protection in connection with our website

3. Data protection in our dental practice

1. Person responsible

The person responsible for data processing is:

Dr. med. dent. Herbert Bruckbauer
Josef-Zauser-Weg 4 b
D-85375 Neufahrn

Phone: (0 81 65) 6 55 88
Fax: (0 81 65) 6 59 88
Email: praxis@za-drbruckbauer.de
Internet: www.zahnarztneufahrn.de

2. Data protection in connection with our website

As a basic rule, we collect and use the personal data of our users only to the extent necessary to provide a functional website, our content and our services. The personal data of our users is collected and used only with the user’s consent in each case. An exception applies in those cases in which prior consent cannot be obtained for factual reasons and the processing of the data is permitted by statutory provisions.

2.1 Server log files

This website is provided by www.1und1.de as a technical service provider through commissioned data processing. The website provider automatically collects and stores information in so-called server log files that your browser automatically transmits to us. These contain:

⇒ browser information such as browser type, browser version, language, etc.

⇒ operating system used

⇒ webpage/URL from which the file was requested

⇒ date and time of the server request

⇒ access status (e.g. file transferred, file not found)

⇒ data volume transferred

⇒ host name of the accessing computer

⇒ IP address in anonymous form

This data cannot be assigned to specific persons. It will not be merged with other data sources. We reserve the right to subsequently review this data if we become aware of any specific indication of illegal use.

The legal basis for the temporary storage of data is a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was provided.

2.2 Cookies

Some webpages use cookies. Cookies serve to make our website more user-friendly, more effective and more secure. Cookies are small text files that are placed on your computer and stored by your browser.
Some cookies are so-called „session cookies“. They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal device until their expiry date or until you delete them. These cookies enable us to recognise your browser on your next visit.
You can set your browser so that you are informed of the setting of cookies and only allow cookies on a case-by-case basis, accept cookies in certain cases or generally block them and activate the automatic deletion of cookies when you close your browser. The deactivation of cookies might restrict the functionality of this website.

2.3 Links to other websites

Our website contains references to the contents of other providers. These can be identified by explicit links (e.g. www.internetseite.de), by corresponding references in the text or by the underlining of a text. Furthermore, external links are opened in a separate browser window. The use of these external contents may be subject to specifications other than those presented here.

2.4 Web fonts

This website uses so-called web fonts provided by Google for the uniform display of fonts. When a page is opened, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, the browser you are using must connect up to Google servers. Google thus gains knowledge that our website has been accessed from your IP address. Google web fonts are used in the interests of a uniform and appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If your browser does not support web fonts, your computer will use a standard font. More information on Google web fonts can be found at https://developers.google.com/fonts/faq and in the Google privacy policy: https://www.google.com/policies/privacy/.

2.5 Google Maps

Our website uses the Google Maps map service via an API.  This service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Your IP address must be stored so that Google Maps functions can be used. This information is usually transferred to a Google server in the USA and stored there. The provider of this website has no influence on this data transfer. Google Maps is used to ensure that our online offerings are presented in an appealing way and the places we refer to on the website can be easily found. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

More information on the handling of user data is provided in the Google privacy policy: https://www.google.de/intl/de/policies/privacy/.

2.6 Your rights as a data subject under the GDPR

As a person affected by data processing (data subject), you can assert the following claims:

You have a right vis-à-vis our dental practice to receive information as to exactly what personal data of yours we process. You also have the right to the rectification, deletion and restriction of data processing as well as the right to object to data processing and a right to data portability.

If the data processing is based on your consent, you have the right to revoke this consent.

You may file a complaint with the data protection supervisory authority responsible if you see a reason to do so in connection with the processing of your data. The data protection supervisory authority responsible for our dental practice is the Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach.

Please note that the data will only be processed for the purpose mentioned above. Should the personal data collected on you be further processed for some other purpose, we will inform you of this separately and inform you of this change in purpose.

3. Data protection in our dental practice

In the course of treating patients in our practice, we collect personal data on you, your insurance status and your state of health. This data will be treated in compliance with data protection regulations.

The information below provides an overview of the data that is collected and what we do with it. Please do not hesitate to contact us if you have any questions in this connection.

3.1 Type of data collected

We collect, store and use the personal data of the following persons:

⇒ interested parties and patients of our dental practice who are natural persons

⇒ all other natural persons with whom our dental practice has contact (e.g. authorised representatives of patients, legal guardians of patients)

We collect personal data on you when you contact us e.g. by email or telephone and wish to make an appointment for treatment. If you appear for treatment in our practice, we will collect data on your insurance status, your state of health and the therapy you have undergone. In addition, the data is processed for the purpose of billing the services rendered.

We process the following personal data:

⇒ personal details (e.g. first and last name, address, date of birth, email address, phone/fax number, occupation, requests regarding your treatment, insurance status)

⇒ health data (e.g. anamnesis, findings, therapies)

3.2 Purposes of data processing and legal basis for data processing

If a patient or interested party contacts the dental practice, the personal data provided (e.g. name, address, phone number, email address) will be stored by the practice in order to contact the patient or interested party and allocate an appointment to that person or answer their enquiry.

Legal basis: Performance of a contract or in order to take steps prior to entering into a contract, Art. 6 para. 1 lit. b GDPR.

To bill the Kassenzahnärztliche Vereinigung Bayerns (KZVB) for the services provided within the scope of contractual dental care, it is necessary to process the patient’s personal data and health data.

Legal basis: Performance of a contract, Art. 6 para. 1 lit. b GDPR, fulfilment of legal documentation requirements, Art. 6 para. 1 lit. c GDPR.

To bill the patient for the services provided in the course of private dental treatment, it is necessary to process the patient’s personal data and health data.

Legal basis: Performance of a contract, Art. 6 para. 1 lit. b GDPR, fulfilment of legal documentation requirements, Art. 6 para. 1 lit. c GDPR.

3.3 Recipient of the data

When billing the treatment services provided by contracted dentists, the KZVB and the statutory health insurance fund receive the necessary treatment data.

When billing private dental services, the PVS dental billing company receives the necessary treatment data. For this purpose, we have obtained a written declaration of consent from you in advance.

3.4 Duration of data storage or deletion periods

The data collected in connection with contacting patients and interested parties will be deleted after it no longer needs to be stored for this purpose and provided there are no legal retention periods.

The data collected in connection with treatment will be stored for at least 10 years after completion of treatment in accordance with the legal requirements under the Patient Rights Act (Section 630 f of the German Civil Code), the Professional Code and the Tax Code (AO). The retention of evidence for legal disputes in line with statutory limitation periods may entail a retention period of more than 10 years as civil law specifies limitation periods of up to 30 years.

3.5 Your rights as a data subject under the GDPR

As a data subject, you can assert the following claims:

You have a right vis-à-vis our dental practice to receive information as to which of your personal data is processed by us. You also have the right to rectification, deletion and restriction of data processing as well as the right to object to data processing and a right to data portability.

If the data processing is based on your consent, you have the right to revoke this consent.

You may file a complaint with the competent data protection supervisory authority if you see a reason to do so in connection with the processing of your data. The data protection supervisory authority responsible for our dental practice is the Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach.

Please note that the data will only be processed for the purpose mentioned above. Should the personal data collected on you be further processed for some other purpose, we will inform you of this separately and inform you of this change in purpose.