1. Anonymous data collection and data processing
Likewise, we also have the option of identifying the website, from where you reach us and the pages you visit during your visit on our website. This information can be evaluated for statistical reasons, whereby, of course, the individual user remains anonymous.
Every time the Asklepios Kliniken GmbH & Co. KGaA website is accessed, i.e. every time a file is opened or an attempt is made to open a file on this server, data is stored in a log file.
The following data is stored for every request:
- IP address
- Name of the opened file
- Date and time of request
- Transferred data volume
- Message whether the request was successful
- Message why the request failed
- Operating system and browser software of your computer
- Screen resolution
- Website from which you visited us
The legal foundation for data processing is set out in Art. 6 (1)(1)(f) GDPR. Our legitimate interest is inferred from the purposes of data collection as listed above. On no accounts will we use the data we collect to draw conclusions about you personally.
2. Collection and processing of personal data
As a general rule, we acquire personal data only if it is provided by you voluntarily. This may happen for instance if you have given your personal information during a survey, at the time of registration for personal services, during an enquiry for information material etc. The data voluntarily provided by you will be stored and processed only within Germany and only for the objectives specified in pt. 3.
Use of our contact form
We give you the option to use the form provided on our website to make contact with us if you have any questions. To use this form, you must provide a valid e-mail address so that we are aware by whom the enquiry was sent and to whom we should address our response. You may volunteer additional information as well. Data processing for the purpose of contacting us takes place according to Art. 6 (1)(1)(a) GDPR and on the basis of the consent provided by you voluntarily. We will erase the personal data collected from your use of the contact form as soon as we have completed the matter addressed in your enquiry.
3. Usage and transfer of your personal data
Transfer of your personal data to third parties for purposes other than those listed in the following does not take place.
We only transfer your data to third parties where:
- you have provided your explicit consent in this regard according to Art. 6 (1)(1)(a) GDPR;
- it is necessary according to Art. 6 (1)(1)(f) GDPR for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest that your data is not transferred;
- it is necessary for compliance with a legal obligation according to Art. 6 (1)(1)(c) GDPR.
- it is lawfully permitted and necessary for the performance of a contract with you according to Art. 6 (1)(1)(b) GDPR.
4. Links to third-party websites
If, by way of exception, we want to store personal data in a cookie, e.g. a username, you will be informed specifically.
Most browsers accept cookies automatically. You may deactivate the storage of cookies by adjusting your browser settings. If you do not accept cookies, the functionality on our website may be restricted.
The information generated by the cookie in regard to your use of the website is
- browser type/version;
- operating system used;
- referrer URL (previously visited page);
- host name of the requesting computer (IP address); and
- time of server enquiry.
This information is used to evaluate use of the website, to compile reports on website activities and to provide other services associated with use of the website and the Internet for the purposes of market research and needs-based design on these Internet pages.
This information may also be passed on to third parties if this is legally required or if third parties process this information as contract processors.
On no account will your IP address be associated with other data. The IP addresses are anonymised so that association is not possible (IP masking).
6. Rights of data subjects
You have the right:
- according to Art. 15 GDPR to demand information about the personal data we process. In particular, you may demand information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged period in which the data will be stored, the existence of the right to demand rectification, erasure, restriction in processing or objection, as well as the right to lodge a complaint, to know where the data was collected if not by us, and the existence of automated decision-making, including profiling and meaningful information about the logic involved;
- according to Art. 16 GDPR to demand rectification or completion of the personal data stored with us without undue delay;
- according to Art. 17 GDPR to demand erasure of the personal data stored with us, except where it is necessary for exercising the right of freedom of expression and information; for compliance with a legal obligation; for reasons of public interest; or for the establishment, exercise or defence of legal claims;
- according to Art. 18 GDPR to demand restriction in processing of your personal data, where the accuracy of the personal data is contested by you; the processing is unlawful and you oppose the erasure of the personal data and we no longer need the personal data, but they are required by you for the establishment, exercise or defence of legal claims; or you have objected to processing pursuant to Article 21.
- according to Art. 20 GDPR to obtain the personal data that you have submitted to us, in a structured, commonly used and machine-readable format or to transmit this data to another controller;
- according to Art. 7 (3) GDPR to revoke your consent that you have given to us at any time. This has the consequence that we will desist from processing the data to which your consent had referred, effective for the future; and
- according to Art. 77 GDPR to lodge a complaint with a supervisory authority. In most cases you will be able to contact the supervisory authority responsible for your habitual place of residence or work.
7. Right to object
Insofar as your data is processed based on legitimate interests according to Art. 6 (1)(1)(f) GDPR, you are entitled pursuant to Art. 21 GDPR to object to the processing of personal data concerning you, provided there are grounds relating to your particular situation or where personal data is processed for direct marketing purposes. You are always entitled to object in the latter case; we will comply with this objection without requiring that you provide particular circumstances.
To enforce your right of revocation or objection, we request that you simply send an e-mail to firstname.lastname@example.org .
8. Data security
When you visit our website, we use the standard SSL method (Secure Socket Layer) in connection with the highest encryption setting supported by your browser in each case. This will usually be 256-bit encryption. We revert to 128-bit v3 encryption if your browser does not support 256-bit technology. The closed key or lock icon in the upper task bar of your browser indicates whether the individual page in our website is transmitted in an encrypted form.
We otherwise use suitable technical and organisational security measures to protect your data from accidental or deliberate manipulation, partial or complete loss, destruction, and from unauthorised access by third parties. Our security measures are revised continuously according to the state of the art.