Derma + Co. - Your private practice in Hamburg.
The following declaration is addressed to all users of this website.
Ⅰ. Responsible body
The body responsible for the operation of this website within the meaning of Art. 4 No. 7 GDPR is: Derma + Co. Dr. med. Christian Willig Colonnaden 43 20354 HamburgMail: Info@dermaundco.de
Ⅱ. Use of the website
1. General use
This website can be used for the most part without providing personal data. As with the use of most websites, however, some of your data is processed automatically. This data is used to ensure the smooth structure and problem-free use of this website. When you open this website, the browser used on your device automatically sends various information to the server on which this website is hosted. This includes the time the page was accessed, the browser used, the IP address of the requesting computer and the website from which access is made. In addition, information about your operating system.
The legal basis for this data processing is Art. 6 Paragraph 1 Clause 1 Letter f of GDPR. The legitimate interest arises from the need for processing for smooth use. No conclusions are drawn about the person using the website from the data collected in this way.
2. Cookies
This site uses cookies. A cookie is a small text file. The cookie text file is automatically generated by this website. This text file is saved by your computer in a storage space allocated to your Internet browser on the hard disk of your computer. Information about the use of this website is saved in the cookie text file. This makes it possible to identify the requesting browser. However, this does not automatically mean that conclusions about your identity could or would be drawn based on this cookie text file.
Most browsers accept the storage of cookies due to their default settings. However, browsers allow the option of no longer allowing the storage of these cookie text files. This can be done generally or to a limited extent. It is also possible to set a prior notification or a prior query. If the use of cookie text files is no longer permitted in general, there is a risk that you will not be able to use all of the functions provided on this website in the intended manner.
The legal basis for this data processing is Art. 6 Paragraph 1 Clause 1 Letter f of GDPR. The legitimate interest arises from the necessity of collecting the data for smooth use. No conclusions are drawn about the person using the data from the data collected in this way.
Ⅲ. Data collection by third parties
1. Hosting
This website is hosted on a server belonging to STRATO AG. Their data protection regulations can be found at https://www.strato.de/datenschutz/
2. Google Maps
This website uses the Google Maps service provided by Google. This service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA. The data controller for use in the European Union is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
This service cannot function without the processing of personal data. Your IP address and data about the system you use will be transferred to servers of the service provider Google in the USA and processed there. Google ensures compliance with European data protection regulations. This is done in accordance with the standard contractual clauses.
The terms of use for Google Maps can be found at https://www.google.com/intl/de_de/help/terms_maps.html
You can find Google's privacy policy at https://policies.google.com/privacy
Instructions on how to manage your data with Google can be found at http://www.dataliberation.org/
The legal basis for this data processing is Art. 6 Paragraph 1 Clause 1 Letter f of GDPR. The legitimate interest arises from the possibility created thereby to enable the data subject to use the map function.
3. Doctolib
This website uses services from the company Doctolib. Doctolib offers the possibility of scheduling and managing appointments. These are services from the company Doctolib GmbH, Mehringdamm 51, 10961 Berlin.
When you book an appointment via this website, you will be forwarded to doctolib. When you access the website, doctolib records your IP address and data about the system you use. When you book an appointment, the data required for booking an appointment is recorded (name, first name, date of birth, address, telephone number, email address, family doctor, health insurance status, referring doctor, reason for visit and appointment history). As a European company, Doctolib is obliged to comply with European data protection rules.
You can find the data protection regulations of the company doctolib at https://doctolib.legal/privacy-policy-B2C-DEThe legal basis for this data processing is Art. 6 Paragraph 1 Clause 1 Letter f of GDPR.
The legitimate interest arises from the simplified possibility of scheduling and managing appointments. When booking an appointment, the legal basis is of a contractual nature, in accordance with Art. 6 Paragraph 1 Clause 1 Letter b of GDPR.
In addition, you can give doctolib consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR so that they can contact you by SMS or email. This consent can be revoked at any time.
IV. Contact
You have the option of contacting us by email. The data you submit will be stored for the duration of the communication or until the request has been processed.
Personal data obtained as a result of such contact will not be passed on to third parties without your express consent.
The legal basis for this data processing can be Art. 6 Paragraph 1 Clause 1 Letter a of GDPR. This requires prior consent. It is generally also possible to give this consent implicitly, for example by deliberately transmitting data. In the case of data processing in accordance with Art. 6 Paragraph 1 Clause 1 Letter a of GDPR, i.e. based on consent, the person affected by the data processing has the right to revoke his or her consent at any time.
However, the data processing carried out up to that point remains lawful despite the revocation. The legal basis for this data processing can also be Art. 6 Paragraph 1 Clause 1 Letter b of GDPR. This is the legal basis for data processing within the framework of a contractual relationship.
V. Confidentiality of communication
Communication with this website is encrypted. This site uses an SSL certificate for encryption. This is the currently most common encryption method. This encryption prevents transmissions or communication between your computer and this website from being read by third parties. You can ensure the confidentiality of communication via email yourself by setting up encryption.
Ⅵ. Data storage
Unless other periods of storage have been expressly stated in this declaration, the storage period of the processed data is governed by the relevant statutory provisions.
Ⅶ. Rights of the data subject
As already explained in the above points, you could be affected by the processing of personal data due to the use of this website or due to the voluntary transmission. As a data subject, you can request information from the responsible body (see point I above) about the data processed by this body free of charge (Art. 15 GDPR).
In addition, a data subject can request rectification of the processed data (Art. 16 GDPR) or erasure (Art. 17 GDPR). In addition, the restriction of the processing of personal data (Art. 18 GDPR) can also be requested in accordance with the statutory provisions. Data subjects have the right to object to processing that has taken place on the basis of collection pursuant to Art. 6 Paragraph 1 Clause 1 Letter e or f GDPR (Art. 21 GDPR). In addition, the right to data portability (Art. 20 GDPR) is guaranteed. To exercise these rights, please contact the body responsible for this website (see point I above).
Ⅷ. Right to complain
If you notice one or more data protection violations on this website, you have the right, in addition to other extrajudicial and judicial remedies, to complain about these violations to a data protection authority. A list of the data protection authorities based in Germany, among others, can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
The supervisory authority responsible for this website is the Hamburg Commissioner for Data Protection and Freedom of Information, Ludwig-Erhard-Str. 22, 20459 Hamburg.
Ⅸ. Subject to change
I expressly reserve the right to change or adapt this privacy policy at any time. This applies in particular if there has been a change in legal requirements or case law.
Status: January 2025