Privacy Policy
Data protection
Dear patient/client, dear patient/client,
The protection of your personal data is important to me. According to the EU General Data Protection Regulation (GDPR), I am obliged to inform you about the purpose for which my practice collects, stores or forwards data. From this information you can also find out what rights you have with regard to data protection.
My website contains links to websites of other providers. I would like to point out that this data protection declaration applies exclusively to this website. I have no influence on the content of other providers and do not check that other providers comply with applicable data protection regulations.
1. Person responsible for data processing The person responsible for data processing is:
Nadia Cavallaro
Alternative practitioner
Hohenzollernstr. 47, 80801 Munich
Internet: www.praxis-can.de
You can reach me at: Tel.: 089-21965161 Mobile: 0172-6705253
Email:
2. Purpose and type of data processing Data processing is carried out based on legal requirements in order to fulfill the treatment contract between you and me and the associated obligations. For this purpose, I process your personal data, in particular your health data. This includes anamnesis, diagnoses, therapy suggestions and findings that I or other alternative practitioners or doctors make. For these purposes, other alternative practitioners, psychotherapists or doctors with whom you are being treated may also provide me with data (e.g. medical reports, laboratory reports). In some cases, the collection of this data is a prerequisite for your treatment. In any case, the collection always takes place with your knowledge and consent. Personal data is only collected via this website when you come into personal contact with me, for example when requesting an appointment using the practice data provided on my website, such as telephone number or e-mail address. I then process data such as your name, your telephone number, your request. This is essential for initial or further processing and is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR and Article 9 Paragraph 2 Letter h, which allows the processing of data to fulfill a contract or pre-contractual measures. I take the protection of your personal data very seriously. I treat your personal data confidentially and in accordance with statutory data protection regulations and this data protection declaration. Data is also automatically recorded by the IT systems when you visit this website. This is primarily technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter my website.
3. What do I use your data for? Some of the data is collected to ensure that the website is provided error-free. I do not use Google Analytics, have not concluded a contract for data processing with Google and do not carry out any analysis of your usage behavior on this website. The use of this website is generally possible without providing personal data. Personal data will only be collected once you have contacted me using the options provided on this website (e-mail, telephone, practice visit). As far as possible, this is always done on a voluntary basis. This data collected via e-mail contact, telephone contact or personal contact will not be passed on to third parties without your express consent. Note on email contact: In addition to telephone contact, you can also communicate with me by email. I would like to point out that data transmission over the Internet (e.g. when communicating via email) can have security gaps. Complete protection of data from access by third parties is not possible. However, I also offer you the option of encrypted communication. If you would like this, please let me know.
4. Information, deletion, blocking You have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing, as well as the right to correct, block or delete this data. You can contact me at any time at the address given in the legal notice for this purpose or for further questions on the subject of personal data. All you need to do is send me an informal email. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation. I will only keep your personal data for as long as is necessary to carry out the treatment. Due to legal requirements, I am obliged to keep this data for at least 10 years after completion of treatment.
5. Right to lodge a complaint with the responsible supervisory authority In the event of data protection violations, the person affected has the right to lodge a complaint with the responsible supervisory authority. The responsible supervisory authority for data protection issues is the state data protection officer of the federal state in which my practice is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschrift_linksnode.html.
6. Right to data portability You have the right to have data that I process automatically based on your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the data to be transferred directly to another person responsible, this will only be done if it is technically feasible.
7. SSL encryption This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as inquiries that you send to me as the site operator. You can recognize an encrypted connection by the browser address line changing from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to me cannot be read by third parties.
8. Objection to advertising emails The use of contact details published as part of the imprint obligation to send unsolicited advertising and information materials is hereby objected to. The operator of the pages expressly reserves the right to take legal action in the event of unsolicited advertising information being sent, such as spam emails.
9. Data collection on this website Server log files The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to me. These are: • Browser type and browser version • operating system used • Referrer URL • Host name of the accessing computer • Time of server request • IP address This data will not be merged with other data sources. The basis for data processing is Article 6 Paragraph 1 Letter b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
10. Data transfer to third parties I only transfer personal data to third parties if this is permitted by law or if you have consented. Recipients of your personal data can primarily be other alternative practitioners, doctors, psychotherapists, health insurance companies or laboratories. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Article 6 (1) (b) GDPR and Article 9 (2) (h) GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. 11. Legal basis for data processing – the treatment contract between the practice owner and patient/client – Art. 6 Para. 1 b), Art. 9 Para. 2 f), h) in conjunction with Para. 3 GDPR, – Section 22 Paragraph 1 No. 1 b) BDSG and – the declarations of consent you have given in this context.