Private practice for psychotherapy and psychological coaching Berlin-Mitte
Phone: +49 (0)30 992 538 93
“Personal data” is all information that relates to an identified or identifiable natural person. A natural person is regarded as identifiable if they can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or one or more special features. which express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
“Processing” refers to any process or any series of processes, automated or non-automated, carried out in connection with personal information. The term includes practically every handling of personal information.
“Pseudonymization” is the processing of personal data in such a way that they can no longer be assigned to a specific person without the use of additional information. This requires the information to be stored separately and it being subject to technical and organizational measures that ensure that the information is not connected to any identified or identifiable natural person.
“Profiling” refers to any type of automated processing of personal information with the aim to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal preferences and interests, or to analyze or predict the reliability, behavior, whereabouts or change of location of this natural person.
The “person responsible” is the natural or legal person, authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data.
A “data processor” is a natural or legal person, authority, institution or other body that processes personal information on behalf of the person responsible.
Types of data processed
- Core Information (i.e. names, addresses)
- Contact Information (i.e. e-mail addresses, phone numbers)
- Content Data (i.e. texts, photos, videos)
- Usage Information (i.e. visited websites, interests in certain content, access times)
- Meta-/Communication Data (i.e. devices, IP addresses)
Categories of affected persons
Visitors and users of this website and its associated websites (hereafter referred to as “users”).
Purpose of data processing
- To make sure that this website including all of its functions and contents is displayed correctly,
- To reply to contact requests and communicate with our users,
- To carry out security measures,
- To analyse the range of this website and carry out marketing measures.
Relevant legal bases
We strive to apply all technical and organizational measures to ensure protection of your personal information according to Art. 32 GDPR, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of data processing, as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons.
These measures include, among others, securing the confidentiality, integrity and availability of data by controlling the physical access to it. Furthermore, we have set up procedures that ensure that each affected persons’ rights are exercised and which concern the deletion of data as well as the appropriate response to data-related risks. Furthermore, we take into account the protection of personal data for the selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 25 GDPR).
Cooperation with contract processors and third parties
We only disclose data to other persons and companies (contract processors or third parties) by any means as part of our data processing if this is absolutely required, legally permitted (e.g. if the transmission of data is required for payment service providers in accordance with Art. 6 Para. 1 lit. b GDPR) and if the affected person has consented to the disclosure of their personal information. We may also disclose data to other persons, companies or authorities if a legal obligation provides for this or if the disclosure is based on our legitimate interests (e.g. when using agents, web hosts, etc.).
If we commission third parties with the processing of data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.
Transfers of data to third countries
If we process data in a third country (i.e. a country outside the European Union or the European Economic Area) or if data is processed in a third country in the context of using third-party services, this will only take place if it happens to fulfill our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. GDPR are met. This means that processing takes place e.g. on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g. through the “Privacy Shield” for the USA) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
Rights of affected persons
You have the right to request confirmation as to whether your personal information is being processed, to request information about this data, and to receive a copy of the data in accordance with Art. 15 GDPR.
According to Art. 16 GDPR you have the right to request the information stored and processed about you to be complete and correct, or request the correction or completion of any data that concerns you as a person.
In accordance with Art. 17 GDPR, you have the right to demand that the relevant data be deleted immediately or, alternatively, in accordance with Art. 18 GDPR, to request a restriction on the processing of your personal data.
You have the right to request that you receive any personal information that you have provided us in accordance with Art. 20 GDPR and to request that it be transmitted to other responsible parties.
In accordance with Art. 77 GDPR, you also have the right to lodge a complaint with the respective supervisory authority.
Right of withdrawal
You have the right to revoke your consent to processing your personal information in accordance with Art. 7 Paragraph 3 GDPR with effect for the future.
Right of objection
You can object to the future processing of your data in accordance with Art. 21 GDPR at any time. The objection can in particular be made against processing your personal information for direct marketing purposes.
Cookies and Right to Object to direct mail
Als „Cookies“ werden kleine Dateien bezeichnet, die auf Rechnern der Nutzer gespeichert werden. Innerhalb der Cookies können unterschiedliche Angaben gespeichert werden. Ein Cookie dient primär dazu, die Angaben zu einem Nutzer (bzw. dem Gerät auf dem das Cookie gespeichert ist) während oder auch nach seinem Besuch innerhalb eines Onlineangebotes zu speichern. Als temporäre Cookies, bzw. „Session-Cookies“ oder „transiente Cookies“, werden Cookies bezeichnet, die gelöscht werden, nachdem ein Nutzer ein Onlineangebot verlässt und seinen Browser schließt. In einem solchen Cookie kann z.B. der Inhalt eines Warenkorbs in einem Onlineshop oder ein Login-Status gespeichert werden. Als „permanent“ oder „persistent“ werden Cookies bezeichnet, die auch nach dem Schließen des Browsers gespeichert bleiben. So kann z.B. der Login-Status gespeichert werden, wenn die Nutzer diese nach mehreren Tagen aufsuchen. Ebenso können in einem solchen Cookie die Interessen der Nutzer gespeichert werden, die für Reichweitenmessung oder Marketingzwecke verwendet werden. Als „Third-Party-Cookie“ werden Cookies bezeichnet, die von anderen Anbietern als dem Verantwortlichen, der das Onlineangebot betreibt, angeboten werden (andernfalls, wenn es nur dessen Cookies sind spricht man von „First-Party Cookies“).
Wir können temporäre und permanente Cookies einsetzen und klären hierüber im Rahmen unserer Datenschutzerklärung auf.
Falls die Nutzer nicht möchten, dass Cookies auf ihrem Rechner gespeichert werden, werden sie gebeten die entsprechende Option in den Systemeinstellungen ihres Browsers zu deaktivieren. Gespeicherte Cookies können in den Systemeinstellungen des Browsers gelöscht werden. Der Ausschluss von Cookies kann zu Funktionseinschränkungen dieses Onlineangebotes führen.
Ein genereller Widerspruch gegen den Einsatz der zu Zwecken des Onlinemarketing eingesetzten Cookies kann bei einer Vielzahl der Dienste, vor allem im Fall des Trackings, über die US-amerikanische Seite http://www.aboutads.info/choices/ oder die EU-Seite http://www.youronlinechoices.com/ erklärt werden. Des Weiteren kann die Speicherung von Cookies mittels deren Abschaltung in den Einstellungen des Browsers erreicht werden. Bitte beachten Sie, dass dann gegebenenfalls nicht alle Funktionen dieses Onlineangebotes genutzt werden können.
Deletion of data
According to legal requirements in Germany, such data is stored for a period of 10 years according to §§ 147 Abs. 1 AO, 257 Abs. 1 Nr. 1 and 4, Abs. 4 HGB (books, records, management reports, accounting documents, trading books, more relevant for taxation Documents, etc.) and 6 years according to § 257 Paragraph 1 No. 2 and 3, Paragraph 4 HGB (commercial letters).
Therapeutic services and coaching
We process the data of our clients, interested parties contractual partners (uniformly referred to as “clients”) in accordance with Art. 6 Paragraph 1 lit. b) GDPR in order to provide them with our contractual or pre-contractual services. The data processed here, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship. The processed data basically includes master data of the clients (e.g., name, address, etc.), as well as the contact details (e.g., e-mail address, telephone, etc.), the contract data (e.g., services used, fees, names of contact persons, etc.) and payment data (e.g., bank details, payment history, etc.).
As part of our services, we can also process special categories of data in accordance with Article 9 (1) GDPR, in particular information on the health of clients. For this purpose, if necessary, in accordance with Article 6 Paragraph 1 lit. a., Article 7, Article 9 Paragraph 2 lit. a. GDPR an express consent of the clients and otherwise process the special categories of data for health care purposes on the basis of Art. 9 Para. 2 lit h. GDPR, Section 22 Paragraph 1 No. 1 b. BDSG.
If necessary for the fulfillment of the contract or by law, we disclose or transmit the client’s data in the context of communication with other specialists, third parties that are necessary or typically involved in the fulfillment of the contract, such as billing offices or comparable service providers, provided that this is necessary for the provision of our services according to Art. 6 para. 1 lit b. DSGVO serves, legally according to Art. 6 Abs. 1 lit c. DSGVO is prescribed to serve our interests or those of the clients in efficient and inexpensive health care as a legitimate interest in accordance with Art. 6 Para. 1 lit f. GDPR or in accordance with Art. 6 Para. 1 lit d. GDPR is necessary. to protect the vital interests of the client or another natural person or within the scope of consent in accordance with Art. 6 Para. 1 lit. a., Art. 7 GDPR.
The data will be deleted when the data is no longer required to fulfill contractual or statutory duties of care and to deal with any warranty or comparable obligations, whereby the need to store the data is checked every three years; Otherwise, the statutory retention requirements apply.
Administration, financial accounting, office organization, contact management
We process data in the context of administrative tasks as well as the organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the context of providing our contractual services. The processing bases are Article 6 Paragraph 1 lit. DSGVO, Art. 6 Para. 1 lit.f. DSGVO. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in processing lies in administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks and provide our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the information given for these processing activities.
We disclose or transmit data to the financial administration, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers.
Furthermore, on the basis of our business interests, we store information about suppliers, organizers and other business partners, e.g. for the purpose of later contact. We generally store this mostly company-related data permanently.
Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. In doing so, pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; In addition, users can prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de .
You can find more information on the use of data by Google, settings and objection options in Google’s data protection declaration () https://policies.google.com/technologies/ads ) and in the settings for the display of advertisements by Google ( https://adssettings.google.com/authenticated ).
The personal data of users are deleted or anonymized after 14 months.
We maintain an online presence within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services.
We would like to point out that user data can be processed outside of the European Union. This can result in risks for the user because, for example, the enforcement of user rights could be made more difficult. With regard to US providers who are certified under the Privacy Shield, we would like to point out that they undertake to comply with the EU data protection standards.
In addition, user data is usually processed for market research and advertising purposes. For example, user profiles can be created from user behavior and the resulting interests of the user. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and the interests of the users are stored. Furthermore, data can be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of the personal data of the users takes place on the basis of our legitimate interests in an effective information of the users and communication with the users according to Art. 6 Abs. 1 lit. f. GDPR. If the users are asked for their consent to the data processing by the respective providers (i.e. declare their consent, e.g. by checking a check box or confirming a button), the legal basis for processing is Art. 6 Para. 1 lit. a., Art. 7 GDPR.
For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the information provided by the providers linked below.
In the case of requests for information and the assertion of user rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information. If you still need help, you can contact us.
Integration of third party services and content
We use content or service offers from third-party providers within our online offer based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. Integrate services such as videos or fonts (hereinafter uniformly referred to as “content”).
This always presupposes that the third-party providers of this content perceive the IP address of the users, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and contain, among other things, technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offer, as well as being linked to such information from other sources.
We embed videos from YouTube, provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated .
We integrate fonts (“Google Fonts”) from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated .
We integrate maps of the “Google Maps” service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, the users’ IP addresses and location data, which, however, are not collected without their consent (usually in the context of the settings of their mobile devices). The data can be processed in the USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated .