Privacy Policy
1.Introduction
This website is operated by: Emergency Radiology Services GmbH.
It is very important to us to handle the data of our website visitors with confidence and to protect them in the best possible way. For this reason, we make every effort to comply with the requirements of the GDPR.
In the following, we explain how we process your data on our website. To do this, we use the clearest and most transparent language possible so that you really understand what happens with your data.
2.General information
2.1Processing of personal data and other terms
Data protection applies to the processing of personal data. Personal means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) in front of which you are currently sitting. Such data is processed when ‘something happens to it’. Here, for example, the IP is transmitted from the browser to our provider and stored there automatically. This is then a processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR).
These and other legal definitions can be found in Art. 4 GDPR.
2.2Applicable regulations/laws – GDPR, BDSG and TDDDG
The scope of data protection is regulated by laws. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law.
In addition, the TDDDG supplements the provisions of the GDPR as far as the use of cookies is concerned.
2.3The person in charge
The person responsible for data processing on this website is the controller within the meaning of the GDPR. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
You can reach the person in charge at:
Emergency Radiology Services GmbH
Raiffeisenstrasse 58 47259 Duisburg HRB 36484
office@radailogy.com
2.4This is how data is basically processed on this website
As we have already established, there is data (e.g. IP address) that is collected automatically. This data is mainly required for the technical provision of the website. If we also use personal data or collect other data, we will inform you of this or ask for your consent.
Other personal data you share with us knowingly.
Detailed information on this can be found below.
2.5Your Right
The GDPR provides you with comprehensive rights. These are, for example, the free information about the origin, recipient and purpose of your stored personal data. In addition, you can request the correction, blocking or deletion of this data or complain to the competent data protection supervisory authority. You can revoke any consent you have given at any time.
You can find out in detail what these rights are and how to exercise them in the last section of this Privacy Policy.
2.6Data protection – Our view
Data protection is more than just a chore for us! Personal data is of great value and careful handling of this data should be a matter of course in our digitalized world. In addition, you as a website visitor should be able to decide for yourself what “happens” to your data, when and by whom. We therefore undertake to comply with all legal provisions, collect only the data that is necessary for us and, of course, treat it confidentially.
2.7Disclosure and deletion
The transfer and deletion of data are also important and sensitive topics. Therefore, we would like to briefly inform you in advance about our general approach to this.
A transfer of data only takes place on the basis of a legal basis and only if this is unavoidable. This may be the case in particular if it is a so-called Data Processor and a Data Processing Agreement has been concluded in accordance with Art. 28 GDPR.
We delete your data when the purpose and the legal basis for processing cease to apply and the deletion does not conflict with any other legal obligations. A ‘good’ overview of this is also provided by Art. 17 GDPR.
For all further information, please refer to this Privacy Policy and contact the responsible person if you have any specific questions.
2.8Hosting
This website is hosted externally. The personal data collected on this website is stored on the host’s servers. This includes the automatically collected and stored log files (see below for more details), as well as all other data provided by website visitors.
External hosting is used for the purpose of secure, fast and reliable provision of our website and in this context serves to fulfill the contract with our potential and existing customers.
The legal basis for the processing is Art. 6 para. 1 lit. a, b and f GDPR, as well as § 25 para. 1 TDDDG, insofar as consent includes the storage of cookies or access to information in the terminal device of the website visitor or user within the meaning of the TDDDG.
Our hoster only processes data that is necessary for the fulfillment of its service obligation and acts as our Data Processor, which means that it is subject to our instructions. We have concluded a corresponding Data Processing Agreement with our hoster.
We use the following hoster:
WordPress
Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, United States of America
https://wordpress.org/about/privacy/.
2.9Legal basis
The processing of personal data always requires a legal basis. The GDPR provides for the following possibilities in Art. 6 (1) Sentence 1:
a)The data subject has given his/her consent to the processing of personal data concerning him/her for one or more specific purposes;
b)the processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject’s request;
c)processing is necessary for compliance with a legal obligation to whichthe person responsible is subject to;
d)the processing is necessary in order to protect the vital interests of the data subject or another natural person;
e)processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested inthe person in charge was transferred;
f)processing is necessary for the purposes of safeguarding the legitimate interests ofof the responsible person(s) orof a/an third party necessary, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data override this, in particular where the data subject is a child.
In the following sections, we will provide you with the specific legal basis for the respective processing.
3.What happens on our website
By visiting our website, we process personal data from you.
To protect this data as best as possible against unauthorized access by third parties, we use SSL or TLS encryption. You can recognize this encrypted connection by the fact that a https:// or a lock symbol is displayed in the address bar of your browser.
In the following, you will learn what data is collected when you visit our website, for what purpose this is done and on what legal basis.
3.1Data collection when calling up the website
By calling up the website, information is automatically stored in so-called server log files. This is the following information:
-Browser type and version
-Operating system used
-Referrer URL
-Host name of the accessing computer
-Time of the server request
-IP address
This data is temporarily required in order to be able to display our website to you permanently and without problems. In particular, this data thus serves the following purposes:
-System security of the website
-System stability of the website
-Website troubleshooting
-Connecting to the website
-Website presentation
The data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in the processing of this data, in particular the interest in the functionality of the website as well as its security.
If possible, this data is stored pseudonymously and deleted after the respective purpose has been achieved.
Insofar as the server log files allow the identification of the person concerned, the data is stored for a maximum period of 14 days. An exception exists if a security-relevant event occurs. In this case, the server log files are stored until the elimination and final clarification of the security-relevant event.
For the rest, a consolidation with other data does not take place.
3.2Cookies
3.2.1General
This website uses so-called cookies. This is a data record, information that is stored in the browser of your terminal device and is related to our website.
By setting cookies, the navigation of the website in particular can be made easier for the visitor.
In our Cookie Consent Tool, you will find all information about the cookies that we have in use on our website (if applicable, after your consent).
3.2.2Reject cookies
You can manage all cookies that are not technically necessary directly via our cookie consent tool.
The setting of cookies can be prevented by adjusting the settings of your browser.
Here you can find the corresponding links to frequently used browsers:
Mozilla Firefox:https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=Cookies+l%C3%B6schen&redirectlocale=en
Google Chrome:https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de
Microsoft Edge:https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Safari:https://support.apple.com/de-de/guide/mdm/mdmf7d5714d4/web andhttps://support.apple.com/de-de/guide/safari/sfri11471/mac. As far asYou another browseruseit is recommended to use the nameYour browser and ‘delete and manage cookies’ in a search engine and follow the official link toyours browser to follow.
Alternativeyou can use your Cookie settings also underwww.aboutads.info/choices/ orwww.youronlinechoices.com manage.
However, we must inform you that comprehensive blocking/deletion of cookies may lead to impairments in the use of the website.
3.2.3Technically necessary cookies
We use technically necessary cookies on this website to ensure that our website functions without errors and in accordance with applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies.
The legal basis for this is, depending on the individual case, Art. 6 para. 1 lit. b, c and/or f GDPR.
3.2.4Technically unnecessary cookies
We also use cookies on our website that are not technically necessary. These cookies are used, among other things, to analyze the surfing behavior of the website visitor or to offer functions of the website that are not technically necessary.
The legal basis for this is your consent pursuant to Art. 6 para. 1 lit. a GDPR.
Technically unnecessary cookies are only set with your consent, which you can revoke at any time in the cookie consent tool.
3.3Data processing through user input
3.3.1Own data collection
We offer the following (service) on our website: Teleradiology.
For this purpose, we collect the following data:
Name
E-mail address
Address
Phone number
Date of birth
Health data
The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR.
The legal basis for the processing of special categories of personal data is consent pursuant to Art. 6 para. 1 lit. a in conjunction with Art. 9 para. 2 lit. a GDPR. Art. 9 para. 2 lit. a GDPR.
The data will be deleted as soon as the respective purpose ceases to apply and it is possible in accordance with the legal requirements.
3.3.2Contact
a)E-mail
When you contact us by email, we process your email address and any other data contained in the email. This data is stored on the mail server and in some cases on the respective end devices. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.
b) Phone
If you contact us by telephone, the call data may be stored pseudonymously on the respective terminal device and with the telecommunications provider used. Personal data collected during the telephone call will only be processed in order to handle your request. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose ceases to apply and it is possible according to the legal requirements.
3.4Cookie Consent Tool
3.4.1GDPR Cookie Compliance (WordPress Plugin)
To ensure that our website only sets cookies for which there is a legal basis, we use the Cookie Compliance Plugin for WordPress from Moove Agency, 35 Kingsland Road, London, E2 8AA, United Kingdom.
This service is used to obtain the consent of the website visitor to the storage of certain cookies in his/her browser or the use of certain technologies and to document this in accordance with data protection law.
When this website is accessed, the consent given by the website visitor or the revocation of consent is stored as a cookie in the browser of the website visitor in order to display the set cookie status again on future page views. A connection to the provider’s servers is established for this purpose.
The legal basis is Art. 6 para. 1 lit. c GDPR. GDPR Cookie Compliance is used to obtain the legally required consent for the use of cookies.
The data collected will be stored until the website visitor requests its deletion or Moove itself deletes it or the purpose for storing the data no longer applies. The mandatory statutory retention periods remain unaffected by this.
For more information on data handling, see the notes on GDPR Cookie Compliance on WordPress: https://wordpress.org/plugins/gdpr-cookie-compliance/.
More information about the handling of data of the provider:
https://www.mooveagency.com/privacy-policy/.
3.5Website Builder System
3.5.1Wordpress
We use WordPress to create our website. This is a service of Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, United States of America.
This service allows us to design our website according to our wishes and meet our goal of user-friendliness.
WordPress uses cookies, among other things, for browsing security and to prevent cross-site request forgery (session cookies), as well as for secure transactions.
The service is technically necessary to display our website. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR.
WordPress also processes data in the USA. We have entered into standard contractual clauses (SCCs) with WordPress.
More information:
https://wordpress.org/about/privacy/.
3.6Newsletter
3.6.1In-house development
We have developed the provision of our newsletter independently.
This allows us to organize and analyze our newsletter. The data entered to receive the newsletter is stored on our servers.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time by unsubscribing from the newsletter. The legality of the processing that has already taken place remains unaffected by any revocation.
The stored data can be made available at any time by e-mail or a request can be made to delete the data.
3.7Analysis and tracking tools
3.7.1Matomo
We use Matomo on this website. Matomo is an open source web analytics service provided by InnoCraft, 150 Willis ST, 6011 Wellington, New Zealand.
Matomo is a comprehensive, privacy-friendly web analytics platform that enables website operators to analyze and understand user behavior without relying on cookies or violating user privacy.
We have configured Matomo so that the service does not set cookies on our website, personal data is anonymized and is not recorded in URLs, page titles or other data.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in optimizing our services and the security of our website.
The data will be deleted as soon as they are no longer needed for the processing purposes.
More details:
https://matomo.org/privacy-policy/.
3.7.2Sentry
We integrate the Sentry service on our website. This is a service provided by Functional Software, Inc, Hawthorne St, San Francisco, CA 94107, USA.
Sentry collects and stores data created from anonymized usage profiles in order to improve the technical stability of our website by monitoring system stability and detecting code errors. According to the service, user data, such as information on the device or time of error, is collected anonymously and is not used for personal purposes and is subsequently deleted.
Sentry may set cookies to track the activity on our website and store certain information. These cookies help us operate the service, remember your preferences and keep our website secure.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as this consent includes access to information in the user’s terminal device or the storage of cookies within the meaning of the TDDDG.
Otherwise, the legal basis for the processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in anonymized analysis to ensure the technical stability of our website.
More information:
3.7.3Cloudflare Web Analytics
We integrate the Cloudflare Web Analytics service on our website. This is a service of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich.
Cloudflare Web Analytics allows us to get important statistics about website usage. It allows us to retrieve the most important hostnames, URLs, countries and other important metrics like status codes. Also, traffic spikes can be analyzed.
No client-side information, such as that collected using cookies or localStorage, is used by Cloudflare. Cloudflare Web Analytics does not set cookies, does not collect personal information and does not track visitors across different websites. The legal basis for the processing is Art. 6 (1) lit. f GDPR. We have a legitimate interest in the anonymized analysis to ensure the technical stability of our website. If data is transferred to the USA, the standard contractual clauses (SCC) of the EU Commission apply to ensure an appropriate level of data protection.
More information:
https://www.cloudflare.com/de-de/trust-hub/gdpr/.
3.8Third-party content
3.8.1Google Fonts
We have integrated Google Fonts locally on our server. Thus, despite the use, no data is transmitted to Google.
3.8.2Font Awesome
We have embedded Adobe fonts locally on our server. Thus, despite the use, no data is transmitted to Adobe.
3.8.3jQuery
We use functions of jQuery on our website, which is operated by the JS Foundation, 1 Letterman Drive, San Francisco, CA 94129, USA. jQuery is a JavaScript library that simplifies HTML document processing, event handling, animation and Ajax interactions for faster web development. The service processes technical data such as IP addresses and information about the device and browser used to ensure the functionality of the website. The purpose of data processing is to provide and improve the functionality of our website through the use of the jQuery library. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in providing a technically flawless and user-friendly website. jQuery does not set its own cookies. Data is transferred to the USA, whereby suitable guarantees such as standard contractual clauses (SCC) of the EU Commission are used. Data is not stored for longer than is necessary to provide the functionality. Further information on data processing can be found here: https://images.prismic.io/openjsf/ba00b254-685f-4e54-b1ca-17984b0f3e55_OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf.
3.8.4SwissID
We use the SwissID login function on our website. SwissID is operated by SwissSign Group AG, Sägereistrasse 25, 8152 Glattbrugg, Switzerland. SwissID makes it possible to log in to websites and applications securely and easily with a single identity. The data processed includes identification data such as names, e-mail addresses, telephone numbers and other authentication data provided. Technical data such as IP addresses and timestamps may also be collected. The purpose of data processing is to provide a secure and simplified login procedure to improve the user experience and ensure security. The legal basis for data processing is Art. 6 para. 1 lit. a GDPR, based on the consent of the data subjects, and Art. 6 para. 1 lit. b GDPR, as the processing is necessary for the provision of the login service. SwissID does not set cookies unless they are technically necessary for authentication. In this case, processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. Personal data is transferred to Switzerland. Switzerland is considered a safe third country in accordance with the EU Commission’s adequacy decision. The data is stored until the purpose of the processing no longer applies or statutory retention periods have expired. Further information on data processing can be found at https://www.swissid.ch/datenschutz.html.
3.8.5EPD – electronic patient dossier
We incorporate content from the Electronic Patient Record (EPR) on our website. The service is operated by eHealth Suisse, Competence and Coordination Center of the Confederation and the Cantons, Schwarzenburgstrasse 157, 3003 Bern, Switzerland. The Electronic Patient Record enables health data to be stored centrally and made accessible to authorized persons such as medical professionals or the persons concerned themselves. The processed data includes health information, identification data (e.g. name, date of birth) and technical data such as IP addresses and time stamps, which are required for accessing and managing the content. The purpose of the data processing is to provide a central platform for the management of health data that facilitates access and exchange of information between authorized parties. The legal basis for data processing is Art. 6 para. 1 lit. a GDPR, based on the consent of the data subjects, as well as Art. 6 para. 1 lit. c GDPR, as processing may be necessary to fulfill legal obligations. The EPD does not set any cookies that are processed when integrated on our website. Personal data is transferred to Switzerland. Switzerland is considered a safe third country in accordance with the EU Commission’s adequacy decision. The data is stored until the purpose of the processing no longer applies or statutory retention periods have expired. Further information on data processing can be found at https://www.patientendossier.ch/privatpersonen/epd-sicherheit/datenschutz.
https://www.patientendossier.ch/rechtliches.
3.9Payment services
3.9.1Prepayment
We offer the option of paying in advance on our website. After the order has been placed, we will issue an invoice containing all the relevant information required for the bank transfer. This includes the amount to be paid, our bank details and a reason for payment.
We store personal data as part of the prepayment process. This includes transaction details (date, time and invoice amount), IP address, e-mail address, first and last name, address data (street, house number, city and zip code) and account data (IBAN, BIC, account holder and bank name).
The legal basis is Art. 6 para. 1 lit. b GDPR. The data is processed for the purpose of (pre-)contractual obligations.
4.This is also important
Finally, we would like to inform you in detail about your rights and how you will be informed about changes in data protection requirements.
4.1Your Rights in detail
4.1.1Right to information according to Art. 15 GDPR
You can request information about whether personal data about you is being processed. If this is the case, you can request further information on the type and manner of processing. A detailed list can be found in Art. 15 (1) lit. a to h GDPR.
4.1.2Right to rectification according to Art. 16 GDPR
This right includes the correction of inaccurate data and the completion of incomplete personal data.
4.1.3Right to deletion according to Art. 17 GDPR
This so-called ‘right to be forgotten’ gives you the right, under certain conditions, to request the deletion of personal data by the controller. This is generally the case if the purpose of the data processing has ceased to exist, if consent has been revoked or if the initial processing took place without a legal basis. A detailed list of reasons can be found in Art. 17 (1) a to f GDPR. Furthermore, this “right to be forgotten” corresponds with the obligation of the controller under Art. 17 (2) GDPR to take appropriate measures to bring about a general erasure of the data.
4.1.4Right to restriction of processing according to Art. 18 GDPR
This right is subject to the conditions set out in Art. 18(1)(a) to (d).
4.1.5Right to data portability according to Art. 20 GDPR
Here, the basic right to receive one’s own data in a common form and to transfer it to another data controller is regulated. However, this only applies to data processed on the basis of consent or a contract pursuant to Art. 20 (1) (a) and (b) and to the extent that this is technically feasible.
4.1.6Right of objection according to Art. 21 GDPR
In principle, you can object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct marketing and or profiling.
4.1.7Right to “decision in individual cases” according to Art. 22 GDPR
In principle, you have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. However, this right is also subject to limitations and supplements in Art. 22 (2) and (4) GDPR.
4.1.8Other rights
The GDPR contains comprehensive rights to inform third parties about whether or how you have asserted rights under Art. 16, 17, 18 GDPR. However, this only applies insofar as this is possible or feasible with reasonable effort.
We would like to take this opportunity to once again inform you of your right to withdraw your consent in accordance with Article 7 (3) of the GDPR. However, this does not affect the lawfulness of the processing carried out up to that point.
In addition, we would also like to inform you about your rights according to §§ 32 ff. BDSG, which, however, are largely congruent with the rights just described.
4.1.9Right of appeal according to Art. 77 GDPR
You also have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of personal data relating to you infringes this Regulation.
5.What if tomorrow the GDPR is abolished or other changes take place?
The current status of this Privacy Policy is 29.11.2024. From time to time it is necessary to adapt the content of the Privacy Policy in order to react to actual and legal changes. We therefore reserve the right to amend this Privacy Policy at any time. We will publish the amended version in the same place and recommend that you read the Privacy Policy regularly.