General Data Protection Regulation
This Regulation lays down rules relating to the protection of natural persons regarding the processing of personal data and rules relating to the free movement of personal data when using our website. Personal data is all data which refer to you in person (e.g. name, address, e-mail address, user behaviour, IP address).
Name and contact data of the processor as well as the operative data protection officer according to article 4 paragraph 7 GDPR
This data protection information is valid for the data processing by:
Q-Zahnärzte – Zahnarztpraxis Dres. Quirin & Schultheis
Dr. Ralf Quirin & Dr. Stefan Schultheis
Telephone: 0761 71040
Telefax: 0761 796053
You may reach the responsible data protection officer via:
Data protection officer:
Sylvia Bernhard – consult4dent
88239 Wangen im Allgäu
Safety and protection of your personal data
It is our foremost aim and duty to protect your personal data with which you entrusted us and to protect you from unauthorized access. Therefore, we are very careful and use the most modern safety standards in order to guarantee maximal protection of your personal data.
As a private-law company, we are subject to the regulations of the European GDPR and the regulations of the federal data protection law (BDSG). We have applied technical and organizational measures which ensure that the data protection regulations are observed by us and by our external service providers.
Our Legislature demands that personal data is processed according to law, in good faith and in a comprehensible manner for the person in question (“lawfulness, processing in good faith, transparency”). To guarantee this, we inform you of the single legal terminologies that are also used in this GDPR:
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing
‘restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.
‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
‘pseudonymization’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
‘filing system’ means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Lawfull of processing
Processing shall be lawful only if there is a legal basis for processing and to the extent that at least one of the following applies (according to article 6 1 lit a-f GDPR):
- the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Information on the collection of personal data
(1) In the following, we inform you of the collection of personal data when using our website. We collect, store, use, transfer or delete the following personal data:
- Persons interested in our website and patients of our practice, who are natural persons
- all other natural persons who are in contact with our practice (e.g. agents of patients, legal guardians of patients, employees of legal entities, visitors of our website)
Personal data are e.g. name, address, e-mail address, user behaviour. We process personal data only if this is necessary for the allocation of this website as well as that of the contents and services we offer.
(2) If you contact us by telephone, e-mail or contact form, we store the provided data (your e-mail address, if necessary name and telephone number) in order to answer your questions. Data in this connection is deleted when storing is no longer necessary or processing is limited if there are legal record retentions. For third parties, this data is not made accessible.
- You have given your express consent,
- the processing is required to complete a contract with you,
- the processing is necessary to fulfill a legal obligation,
processing is necessary to protect legitimate interests and there is no reason to believe that you have an overriding legitimate interest in not disclosing your information.
(3) Data of children is only collected if these children are presented in our practice by their legal guardians.
(4) If we intend to revert to assigned service provider for single functions on our website or if we intend to use your data for marketing purposes, we will inform you of the procedure in detailed manner below.
Information on the collection of personal data when visiting our website
If you just visit our website in order get information (if you do not register or transfer information in any other way), we only collect the data that is transferred to our server by your browser. If you just want to have a look at our website, we only collect the data that are technically necessary in order for us to show you our website and to guarantee stability and safety (legal basis article 6, paragraph 1. p 1 lit f GDPR)
- IP address
- Date and time of query
- Time zone difference to Greenwich Mean Time (GMT)
- Contents of query (specific webpage)
- Status of access / HTTP status code
- Data quantity transferred
- Website from which the query comes from
- System software and its surface
- Language and browser software version
You have the following rights regarding your data stored by us:
- Information about your stored data and their processing,
- Right to rectification and erasure,
- Deletion of your data stored with us,
- Restriction of data processing, if we are not yet allowed to delete your data due to legal obligations,
- Right to object to processing andData portability, if you have consented to the data processing or have concluded a contract with us.
You have the ability to file a complaint in connection with data processing to the data protection authority responsible for us:
Der Landesbeauftragte für den Datenschutz Baden-Württemberg
Dr. Stefan Brink
Postfach 10 29 32
Rights of data subjects
(1) The data subject shall have the right to obtain confirmation as to whether or not personal data concerning him or her are being processed, and further information and a copy of the data according to Art. 15 GDPR.
(2) The data subject shall have the right according to Art. 16 GDPR to completion of the personal data concerning him or her or the rectification of inaccurate personal data concerning him or her.
(3) The data subject shall have the right according to Art 17 to erasure of the data concerning him or her without delay and/or to demand restriction of processing the data according to Art. 18 GDPR.
(4) The data subject shall have the right to access the data concerning him or her disclosed to us according to Art. 20 GDPR and to demand transfer thereof to other controllers.
(5) The data subject shall have the right to file a complaint with the responsible supervising authority.
Right of cancellation
The data subject shall have the right to cancel his or her consent according to Art 7 GDPR, effective for the future
Right of objection
According to Art. 21 GDPR, the data subject shall have the right to object to future processing data concerning him or her at any time. This objection may be carried out particularly against processing for direct marketing purposes.
(1) In addition to the data mentioned above, cookies are also stored on your computer when using our website. Cookies are little text data files that are stored on your hard disk attributed to the browser you use and by which the place which set the cookie is provided with certain information. Cookies cannot execute programmes or transfer virus onto your computer. They are simply for making the internet offer more user-friendly and more efficient as a whole.
(2) This website uses the following kinds of cookies which are explained by extent and functioning as follows:
- transiente cookies (see 1.)
- persistente cookies (see 2.)
- transient cookies are automatically deleted if you shut the browser. Here, these are so-called session cookies in particular. These store a so-called session ID with which various queries of your browser may be assigned to the common session. By this, your computer may be recognized when you return to our website. Session cookies are deleted when you log out or shut the browser.
- persistent cookies are automatically deleted after a given period of time, which may vary from cookie to cookie. You may delete the cookies in the security settings of your browser any time.
You may configure your browser settings according to your requirements and, e. g., deny the acceptance of third party cookies or all cookies. So-called “third party cookies” are those which were set by a third party, so not by the actual website that you are currently on. We inform you that by deactivating cookies, you may not be able to make full use of this website’s functions.
The provider of the website automatically collects and stores information in so-called server log files which your browser automatically transfers to us. These are the following:
- browser type and version
- operating system used
- referrer URL
- host name of the accessing computer
- time of server query
This data cannot be assigned to certain persons. This data will not be connected with other data sources. We reserve the right to check this data later, if we have concrete indication for an illegal use.
This website uses SSL for security reasons and for the protection of confident content transfer, such as queries you send us as website provider. You may recognize an SSL connection that the address line of the browser changes from Fehler! Hyperlink-Referenz ungültig. to Fehler! Hyperlink-Referenz ungültig. and from the lock symbol in your browser line.
If SSL is activated, third parties cannot read data that you send us.
Using Google Analytics
(1) This website uses Google Analytics, a web analyst service of Google Inc. (“Goggle”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable analysis of your use of the website. Information on your use of this website obtained via this cookie are usually transferred to a Google server in the US and stored. In case IP anonymization is activated on this website, your IP address is condensed within the Member States of the EU and other contractual States of the European Economic Area by Google. Only in exceptional cases is the full IP address transferred to a Google server in the US and condensed there. By order of the operator of this website, Google uses this information in order to assess your use of the website, to compose reports on the website activities and to offer further services in connection with the website and internet use concerning the website operator.
(2) The IP address transferred by your browser from Google Analytics is not connected to other Google data.
(3) You may prevent storage of cookies by corresponding settings of your browser software; however, we inform you that in this case, you may not be able to make full use of all functions of this website. Moreover, you may prevent Google’s collection of data created by cookies and referring to your use of the website (incl. your IP address) as well as Google’s processing thereof by downloading and installing the following browser plug-in link: http://tools.google.com/dlpage/gaoptout?hl=de.
(4) This website uses Google Analytics with the extensions “_anonymizelp()”, by which IP addresses are processed in condensed form, any personal reference is excluded. So if there is a personal reference by data collected from you, it is immediately removed and the personal data is deleted without delay.
(5) We use Google Analytics in order to analyze and improve the use of our website regularly. By these statistics, we are able to improve our offer and to design it in a more interesting manner for you as user. In exceptional cases in which personal data is transferred to the US, Google is subject to EU-US privacy shield https://www.privacyshield.gov/EU-US-Framework. Legal basis for the use of Google Analytics is Art. 6 paragraph 1 lit f GDPR.
(6) Information on third party provider: Google Dublin, Google Ireland Ltd. Gordon House, Barrow Street, Dublin 4, Ireland, Fax +353 1 436 1001.
Overview on data protection:
As well as the data privacy declaration: http://www.google.de/intl/de/policies/privacy.
(7) We have concluded a contract with Google on the processing of order data.
(8) In addition, this website uses Google Analytics for a comprehensive analysis of visitor streams which is conducted by a user ID. You may deactivate this analysis of your use in your customer account “my data”, “personal data”.
Google Web Fonts
On our website, we use “Google Web Fonts”, a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: “Google”). Google Web Fonts allows us to use external fonts, so-called Google Fonts. Here, calling on our website leads to loading the required Google Font from your web browser into the browser cache, which is necessary for your browser to show an optically improved version of our texts. If your browser does not support this function, your computer uses a standard font. Implementation of these Web Fonts is conducted by calling on a server, usually a Google server in the US. The server receives the information about which internet pages you have visited. We have no influence on the extent and further use of data which is collected by implementing Google Web Fonts and processed by Google.
We use Google Web Fonts for optimizing purposes, in particular in order to improve your use of our website and to make its form more user-friendly. We have justified interest in this fact.
Google is subject to The Privacy Shield Agreement between the EU and the US and is certified, by which Google is obliged to comply with standards and regulations of the European data protection law. Further information can be obtained here:
Information on the third party provider: Google Dublin, Google Ireland Ltd. Gordon House, Barrow Street, Dublin 4, Ireland, Fax +353 (1) 436 1001. Further information on data protection can be obtained from the following Google websites:
Further information on Google Web Fonts can be obtained here:
(1) On our website, we use Google maps offer. By this, we are able to show interactive maps directly on our website and enable comfortable use of the map function.
(2) By visiting our website, Google receives the information that you called on a corresponding sub page of our website. Furthermore, the data mentioned in §3 of this declaration is transferred, regardless of whether Google allocates a user account by which you are logged in or if there is no user account. If you are logged in with Google, your data is directly assigned to your account. If you do not wish this, you have to log out before activating the button. Google stores your data as user profile and uses it for marketing purposes. Such an assessment is particularly conducted (even for users that are not logged in) for contributing tailor-made marketing and in order to inform other users of the social network on your activities on our website. You have the right to object to the formation of these user profiles, however, for this, you have to address to Google.
(3) Further information on the purpose and extent of collecting data and processing thereof by the plug-in-provider may be obtained from the GDPR of the provider. There, you may also obtain further information on your respective rights and setting possibilities concerning the protection your privacy: http://google.de/intl/de/policies/privacy. Google also processes your data in the US and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Google Tag Manager
On our website, we use “Google Tag Manager”, a service of Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: “Google”) Google Tag Manager allows us – as marketing operator – to administer website tags via a surface. The tool Google Tag Manager which implements the tags is a domain without cookies and collects no personal data itself. Google Tag Manager provides for triggering other tags which, in turn, possibly collect data. Google Tag Manager does not access this data. When there is a deactivation on domain or cookie level, this continues to exist for all tracking tags which are implemented by Google Tag Manager.
Google is subject to The Privacy Shield Agreement between the EU and the US and is certified, by which Google is obliged to comply with standards and regulations of the European data protection law. Further information can be obtained here:
Information on the third party provider: Google Dublin, Google Ireland Ltd. Gordon House, Barrow Street, Dublin 4, Ireland, Fax +353 (1) 436 1001. Further information on the data protection can be obtained from the following Google websites:
- Data protection declaration: http://www.google.de/intl/de/policies/privacy
- FAQ Google Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html
- User requirements Google Tag Manager: https://www.google.com/intl/de/tagmanager/use-policy.html
Our website uses plug-ins of Jameda GmbH, St.-Cajetan-Str. 41, D-81669 Munich.
If you visit one of our sites furnished with a Jameda plug-in, a connection to the Jameda servers is created. The Jameda server is informed of the sites you have visited.
A widget is a small window that displays variable information. Our seal works in a similar way, too. It does not always look the same, but the ad changes. Although the corresponding content is displayed on our website, it is currently being retrieved from the jameda servers. Only in this way the current content can always be shown, especially the current rating. For this, a data connection must be established from this website to jameda and jameda receives certain technical data (date and time of the visit, the page from which the query is made, used Internet Protocol address (IP address), browser type and version, device type , Operating system and similar technical information) necessary for the content to be delivered. However, this data will only be used to provide the content and will not be stored or otherwise used.
Purpose and extent of collecting data and processing and use of data by Jameda as well as your rights and setting options for the protection of your privacy sphere may be obtained from Jameda’s data privacy declaration https://www.jameda.de/datenschutz.php.
If you send your appointment wishes or queries via contact form, this data (e-mail address, name, telephone number) is stored in order to answer your questions. This data is deleted as soon as it is no longer needed and if there are no legal record retentions. This data is not made accessible to third parties.
Our website uses the service of Matelso GmbH, Stuttgart. If you call a number operated by Matelso for us, information on the telephone conversation is transferred to a web analytic service used by us (e.g. Google Analytics). Furthermore, Matelso reads out cookies set by our analytic service or other parameter of your internet visits, e. g. referrer, document path, remote user agent. The corresponding information is processed by Matelso in line with our instructions and is stored on servers in the EU. Further information may be obtained here: https://www.matelso.de/privacy.
You may prevent cookies to be stored by corresponding browser software settings. However, we inform you that, in this case, you might not be able to make full use of our website’s functions as a whole.
On our website, we use social plug-ins of social networks Facebook, Twitter and Instagram according to Art. 6 paragraph 1 p. 1 lit f GDPR in order to popularize our practice even more. Marketing purposes behind this incorporate justified interest in line with GDPR. The responsibility for the data conformance must be guaranteed by the respective operator. We insert plug-ins by using the so-called 2-click method in order to protect our website’s visitors as best as we can.
On our website, we use the social media plug-ins of Facebook in order to design their use in a more personal manner. Here, we use the button “like” or “share”. This is an offer of Facebook.
If you call on a page of our website that contains such a plug-in, your browser directly connects with Facebook servers. The contents of the plug-ins are directly transferred by Facebook to your browser, which directly embeds them in the website
By the embedding plug-ins, Facebook receives the information that your browser has called on the corresponding page of our website, even if you do not have a Facebook account or if you are currently not logged in at Facebook. This information (including your IP address) is directly transferred from your browser to a Facebook server in the US and stored there.
If you are logged in at Facebook, Facebook can directly assign the visit of our website to your Facebook account. If you interact with plug-ins, e.g. pushing the buttons “like” or “share”, the corresponding information is also transferred directly to a Facebook server and stored there. Furthermore, the information is published on Facebook and is visible for your friends.
Facebook may use this information for marketing, market research and tailor-made design of Facebook sites purposes. Here, Facebook user, interest and relation profiles are created, e.g. in order to assess your use of our website with regard to the ads on your Facebook site, to inform other Facebook users on your activities on our website and to collect further services in connection with use of Facebook.
If you do not want Facebook to assign your data collected by our website to your Facebook account, you must log-out at Facebook before you visit our website.
Purpose and extent of collecting data and processing and use of data by Facebook as well as your rights and setting options for the protection of your privacy sphere may be obtained from Facebook’s data privacy declaration https://www.facebook.com/about/privacy/.
On our website, we integrated plug-ins of the short message network of Twitter Inc. (“Twitter”). Twitter plug-ins (tweet button) can easily be recognized from the Twitter logo on our website. Here is an overview of tweet buttons: https://about.twitter.com/resources/buttons.
If you call on a page of our website that contains such a plug-in. a direct connection between your browser and the Twitter server is created, by which Twitter receives the information that you have visited our website with your IP address. If you click the button “tweet button”, while you are logged in at Twitter with your Twitter account, you may link the contents of our sites with your user account. We inform you that we, as operator of the website, do not receive any information on the contents of the data transferred as well as their use by Twitter.
If you do not want Twitter to assign your data collected by our website, you must log-out at your Twitter account.
Further information may be obtained from Twitter’s data privacy declaration https://www.twitter.com/privacy.
On our website, we also use so-called social plug-ins (“plug-ins”) of Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).
Plug-ins are characterized with an Instagram Logo, e.g. in the form of an “Instagram camera”.
If you call on a page of our website that contains such a plug-in, a direct connection between your browser and the Instagram servers is created. The contents of the plug-in are directly transferred by Instagram to your browser and embedded in the site. By this embedding, Instagram receives the information that your browser has called on the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in at Instagram.
This information (including your IP address) is directly transferred from your browser to an Instagram server in the US and stored there. If you are logged in at Instagram, Instagram can directly assign the visit of our website to your Instagram account. If you interact with plug-ins, e.g. by pushing the button “Instagram”, this information is also directly transferred to an Instagram server and stored there.
Furthermore, information is published in your Instagram account and visible for your contacts.
If you do not want Instagram to assign your data collected by our website, you must log-out from your Instagram account.
Further information may be obtained from Instagram’s data privacy declaration https://help.instagram.com/155833707900388 .
Moreover, this website uses “+1”push button of Google Plus. This is operated by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94034, USA). If you visit a website which contains “+1” push button, a direct connection between your browser and Google servers is created. Therefore, the website operator has no influence on the nature and extent of data that the plug-in transfers to Google Inc. servers. If you click the “+1” push button while logged in at Google+, you share the site’s contents with your public profile. Personal data is, according to Google, only collected if you click the push button. Logged-in Google users’ IP addresses are, among others, also stored. If you want to prevent Google Inc. from storing these data and connecting them to your account, please log-out before visiting this website.
Further information on “+1” push button can be obtained here:
Our website uses contents (video player and videos) of the Google-operated site YouTube. Operator of this site is YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
If you visit one of our sites furnished with a YouTube plug-in, a connection to the YouTube servers is created. The YouTube server is informed on which sites you have visited.
Currentness of data and amendment of this data protection declaration
This data protection declaration is currently valid, as of May 2018.
By further processing our website and our offers or requirements due to amendments in legislation and/or requirements by authorities, it may be necessary to change this data protection declaration. You may call on and print the respective up-to-date data protection declaration at any time here: https://www.q-zahnaerzte.de/datenschutz/
Questions to the data protection officer
If you have any questions about privacy, please email us or contact the person responsible for data protection in our organization: