With this information and declaration on data protection, MVZ Medizin Center Bonn GmbH (hereafter referred to as “MCBonn”, “we”, “us”) informs site visitors of the fair and transparent processing of personal data related to the use of our Internet pages (https://mcbonn.de/ ; https://mcbonn.de/en).
The entity responsible for these Internet pages is the
MVZ Medizin Center Bonn GmbH
Münsterstraße 20, 53111 Bonn
– represented by Prof. Dr. Dr. med. Jürgen Ruhlmann, Arthur Vogt and Fabian Groß.
Data Protection Officer
You can contact our external data protection officer either by postal letter addressed to:
MVZ Medizin Center Bonn GmbH
DSB Herr Limbach
Münsterstraße 20, 53111 Bonn
or by email at firstname.lastname@example.org.
You can contact the data protection officer regarding any questions relating to data privacy and any reports of data privacy violations. For sensitive questions or notifications, we recommend that you contact us by mail.
What data is processed?
When you visit our Internet pages, personal data is also processed. In order for the pages to be displayed in your browser, the IP address of the terminal device you are using must be processed. In addition, there is information about the browser used by your end device. We are obliged by data protection law to guarantee the confidentiality, integrity and availability of the personal data processed with our IT systems. For this purpose, the following data is logged on our web server:
- IP address of the calling computer (anonymized)
- Operating system of the calling computer
- Browser version of the calling computer
- Name of the retrieved file
- Date and time of the retrieval
- Amount of data transferred
- Referring URL
- HTTP status codes (example: successful request or error during request)
The IP address is anonymized – we can no longer establish a personal reference from the remaining data. The data is also used to correct errors on the website. The legal basis for this data processing is Art. 6 para. 1 lit. f) DSGVO. Our “interest” within the meaning of Art. 6 (1) (f) is the operation of this website, the implementation of the confidentialiy protection goals, integrity and availability of data.
We include map material from OpenStreetMap on our website. OpenStreetMap is a project of the OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands B72 1JU, United Kingdom, which collects freely usable geodata and stores it in a database for free use.
When you access the website, no connection is initially established to the OpenStreetMap servers. Instead of the embedded map, you will initially only be shown a preview image that we retrieve from our web server.
Any subsequent interactions on this website (such as searching by institute, region, continent, organizational unit) will connect to the OpenStreetMap Foundation servers and transfer data to the OpenStreetMap Foundation to display embedded maps. For more information about privacy in connection with OpenStreet Map, see the OpenStreetMap Foundation’s privacy information.
When connecting to view the maps, the following data is transmitted to OpenStreetMap servers:
- IP address
- Browser and device used
- Operating system
- Web page from which you were redirected to the OpenStreetMap Foundation site (referring web page)
- Date and time of your visit to the website
If you have a user account with OpenStreetMap and are logged in on it when visiting our website, the following additional data will be transmitted to the OpenStreetMap servers:
- User ID
- Email address associated with the account and
- User blocked content and associated messages.
This integration is based on Art. 6 para. 1 p. 1 lit. f) DSGVO. It is done in order to make our website more user-friendly and interesting. This constitutes a legitimate interest within the meaning of the aforementioned provision.
You can find more information about data protection in connection with OpenStreetMap here.
- Cookie name: PHPSESSID
Purpose: This is an internal cookie to control the active session. (visiting the website and navigating among pages).
Storage duration: until the end of the session.
Type of cookie: session cookie
- Cookie name: cookieconsent_status
Purpose: Cookie notice consent – this cookie indicates that the cookie notice was displayed to the user, so it will not be displayed again on the next visit.
Storage period: 1 year
Type of cookie: Permanent log cookie
Processing security (encryption)
This website uses SSL or TLS encryption to protect the transmission of personal data. You can recognize an encrypted connection by the fact that the address line in the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. This encryption is enforced on the server side, so we guarantee that even page requests without encryption are still encrypted.
Purposes of the processing of personal data
We process the aforementioned data for the operation of our website and to fulfill contractual and pre-contractual obligations towards our patients and interested parties. In the case of inquiries from you outside of a patient relationship, we process the data for purposes of consultation.
Insofar as you voluntarily provide data to us, e.g. by completing forms, and this data is not required for the fulfillment of our contractual obligations, we process this data under the assumption that its processing and use is in your interest. You are free to decide at any time whether you wish to complete a form or not.
Recipient/disclosure of data
Data that you provide to us will not be disclosed to third parties as a matter of principle. In particular, your data will not be disclosed to third parties for their advertising purposes. However, we use service providers for the operation of these Internet pages, and it is a possibility that a service provider obtains knowledge of personal data. We select our service providers carefully – especially with regard to data protection and data security – and take all measures required by data protection law for permissible data processing.
Data processing outside the European Union
We do not process your personal data in a third country outside the European Union. With regard to the use of Google products, it should be noted that the appropriate level of data protection is guaranteed by Google as part of its participation in the “Privacy Shield” and by the measures taken by Google for data protection and data security. More information on the “Privacy Shield” can be found at: https://www.privacyshield.gov/.
Your rights as a data subject and visitor to our website
You have the right to obtain information about personal data concerning you. You can contact our data protection officer or us directly for information at any time. In the case of a request for information that is not made in writing, we ask for your understanding that we may then require proof from you that you are the person you claim to be. Furthermore, you have a right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law. Furthermore, you have a right to object to processing within the scope of the law. The same applies to a right to data portability.
If we process your personal data on the basis of consent, you have the right to revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
Right of complaint to a supervisory authority
Furthermore, you have the right to complain about the processing of personal data by us to a supervisory authority for data protection. You can do this, for example, at the supervisory authority responsible for us: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW). Website and contact details of the LDI NRW at: https://www.ldi.nrw.de/
Amendment of this privacy notice
As of: 17.03.2022