With these instructions and explanation on data protection, the MVZ Medizin Center Bonn (hereinafter “MCBonn,” we “,” us “) would like to inform you about a fair and transparent processing of personal data in the context of using our websites (https://mcbonn.de ; https://mcbonn.com/; https://ru.mcbonn.com/; https://arab.mcbonn.com/).
Liable for these internet pages is the MVZ Medizin Center Bonn, Münsterstraße 20, 53111 Bonn, Telephone 0228 90 81 100, Fax 0228 90 81 150, email@example.com – represented by Prof. Dr. med. Dr. med. Jürgen Ruhlmann.
Data Protection Officer
You can contact our external data protection officer either by post letter to: MVZ Medizin Center Bonn, DSB Mr. Limbach, Münsterstraße 20, 53111 Bonn, or by e-mail to firstname.lastname@example.org. You can reach him for all privacy-related questions as well as for possible reports on data breaches. For “sensitive” questions or messages, we recommend that you contact us by post.
Which data is processed?
When you visit our website, some personal data is processed. In order for the pages to be displayed in your browser, the IP address and information about the browser of the device you are using must be processed. In terms of data protection, we are committed to ensure the confidentiality, integrity and availability of personal data processed using our IT systems. For this purpose, the following data is logged on our web server:
– IP address of the calling computer (anonymized)
– Operating system of the calling computer
– Browser version of the calling computer
– Name of the retrieved file
– Date and time of the call
– Transmitted amount of data
– Referring URL
– HTTP status codes (example: successful request or error in the request)
The IP address is anonymous – we can no longer create a personal reference from the remaining data. The data is also used to fix website errors. The legal basis for this data processing is Art. 6 para. 1 lit. f) GDPR. Our “interest” in the meaning of Art. 6 para. 1 lit. f) is the operation of this website and the implementation of the protection goals of confidentiality, integrity and availability of the data.
On our website we embed the maps from OpenStreetMap. OpenStreetMap is a project of the OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands B72 1JU, Great Britain, which collects public domain geodata and provides them in a database for free use.
When you visit the website, initially no connection to OpenStreetMap’s servers is made. Instead of the embedded maps, you are initially shown only a preview image that we retrieve from our web server.
When connection is established to display the maps, the following data are transmitted to OpenStreetMap’s servers:
- IP address,
- user’s browser and device,
- operating system,
- web page from which you were directed to the OpenStreetMap Foundation site (referring web page) and
- date and time the website was visited.
If you have a user account with OpenStreetMap and are logged in when you visit our website, the following additional data will be transmitted to OpenStreetMap’s servers:
- user ID,
- email address associated with your account and
- content blocked by the user and associated messages.
Embedding is done on the basis of Art. 6 (1) lit. f GDPR and with the purpose of making our website more user-friendly and interesting. This may be regarded as a legitimate interest within the meaning of the aforementioned provision.
Additional information on data protection in connection with OpenStreetMap may be found here.
c) Integration of Google fonts (Google Fonts)
Our websites use external fonts, Google fonts. Google Fonts is a service of Google Inc. The integration of these web fonts is done by a server call, which is usually a Google server in the US. This tells Google your IP address and which of our websites you have visited. You can find more information in the Privacy Center of google.de, which you can access here: https://www.google.com/intl/en/privacy/ (external link) The legal basis for this data processing is Article 6 (1) lit. f) GDPR. Our “interest” i.S.d. Art. 6 para. 1 lit. f) is the operation of this website and an appealing presentation of our website.
Name of the cookie: PHPSESSID
Purpose: This is an internal cookie for controlling the active session. (Access to the website and page change)
Duration of storage: Until the end of the session.
Type of cookie: session cookie
Name of the cookie: cookieconsent_status
Purpose: Acceptance of the cookie notice – this cookie indicates that the cookie user has already been notified so that the cookie will not be redisplayed on the next visit.
Storage duration: 1 year
Type of cookie: Permanent protocol cookie
Security of processing (encryption)
This website uses SSL or TLS encryption to protect the transfer of personal information. You can recognize an encrypted connection by the changing of the address line of the browser from “http: //” to “https: //” and the lock symbol in your browser line. If SSL or TLS encryption is enabled, the data you submit to us can not be read by third parties. This encryption is enforced on the server side to ensure that even non-encrypted page views are still encrypted.
Purposes of processing personal data
We process the aforementioned data for the operation of our website and for the fulfillment of contractual and pre-contractual obligations towards our patients and prospective customers. For requests from you outside a patient relationship, we process the data for consultation purposes.
As far as you have voluntarily provided data e.g. in forms and these are not required for the performance of our contractual obligations, we process these data on the basis that we assume that the processing and use of this data is in your interest. You can decide at any time whether you want to use a form or not.
Recipient / transfer of data
Data that you provide to us will generally not be disclosed to third parties. In particular, your data will not be disclosed to third parties for their advertising purposes. However, we use service providers for the operation of these Internet pages. Here it may happen that a service provider receives knowledge of personal data. We carefully select our service providers – in particular with regard to data protection and data security – and take all data protection measures necessary for permissible data processing.
Data processing outside the European Union
Except for the use of Google Maps and Google Fonts, we do not process your personal data in a so-called third country outside the European Union. With respect to the use of Google products, it should be noted that Google’s reasonable level of privacy is ensured by its participation in the Privacy Shield and Google’s privacy and data protection policies. More information on the Privacy Shield can be found at: https://www.privacyshield.gov/ (external link).
Your rights as a victim and visitor to our website
You have the right to information about personal data concerning you. You can contact our data protection officer or us directly for information at any time. In the case of a request for information that is not made in writing, we ask for your understanding that we may then request proof from you that you are the person whom you are claiming to be. Furthermore, you have the right to rectification or deletion or restriction of processing, as far as you are legally entitled. Furthermore, you have the right to object to the processing within the scope of the legal requirements. The same applies to a right to data portability.
If we process your personal data on the basis of a consent, you have the right to revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until the revocation.
Right of appeal to a supervisory authority
You have the right to complain to us about the processing of personal data by us at a data protection supervisory authority. You can do this, for example, at the supervisory authority responsible for us: Landesbeauftragte für Datenschutz und Informationsfreiheit North Rhine-Westphalia. Website and contact details of the LDI NRW at: https://www.ldi.nrw.de/ (external link).