Privacy policy

The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

1. name and contact details of the data controller and the data protection officer

This data protection information applies to data processing by:

Responsible party:

Medical Strategy GmbH, Michael Fischer, MD.
Bahnhofstraße 7, 82166 Gräfelfing, Germany
Phone: +49 (0)89-27 27 24-16
Fax: +49 (0)89-27 27 24-24
E-Mail:office@medicalstrategy.de

The data protection officer of Medical Strategy GmbH can be reached as follows:

Attorney at Law Dr. Karsten Kinast, LL.M.
KINAST Law Firm Ltd.
Hohenzollernring 54
D-50672 Cologne
Tel: +49 221 222 183 0
E-Mail: mail@kinast.eu

Website: www.kinast.eu/externer-datenschutzbeauftragter

Any data subject may contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

2. collection and storage of personal data as well as type and purpose of their use

a) When visiting the website

When you call up our website www.medicalstrategy.de, information is automatically sent to the server of our website by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

IP address of the requesting computer,
Date and time of access,
Name and URL of the accessed file,
website from which the access was made (referrer URL),
browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The aforementioned data is processed by us for the following purposes:

Ensuring a smooth connection setup of the website,
Ensuring a comfortable use of our website,
evaluation of system security and stability as well as
for other administrative purposes.
The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.

In addition, we use cookies when you visit our website. You will receive more detailed explanations of this in the further course of this data protection declaration.

b) When subscribing to the newsletter

On our website you are given the opportunity to subscribe to the Medical Strategy Newsletter. For this purpose, it is necessary to provide a valid e-mail address and your last name so that a personalized dispatch can take place. Further information can be provided voluntarily. After registering, you will receive a confirmation email to verify that you are the owner of the email address provided.

When you register for the newsletter, we store the IP address assigned by the Internet service provider (ISP) of the computer system you are using at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace any misuse of a data subject's e-mail address at a later point in time and therefore serves as a legal safeguard for the controller.

The personal data collected in the context of a registration for the newsletter will be used exclusively for sending our newsletter and stored on the basis of your consent (Art. 6 para. 1 p. 1 lit. a DSGVO). You can revoke your consent at any time. For this purpose, an informal message to us by e-mail or a click on the unsubscribe link in the newsletter is sufficient. The legality of the data processing operations already carried out remains unaffected by the revocation.

3. transfer of data

A transfer of your personal data to third parties for purposes other than those listed below does not take place.

We will only pass on your personal data to third parties if:

you have given your express consent to this in accordance with Art. 6 (1) p. 1 lit. a DSGVO,
the disclosure is required under Art. 6 (1) p. 1 lit. f DSGVO for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
in the event that there is a legal obligation for disclosure pursuant to Art. 6 (1) p. 1 lit. c DSGVO, as well as
this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you.
4. cookies

We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware.

In the cookie, information is stored that arises in each case in connection with the specific end device used. This does not mean, however, that we gain direct knowledge of your identity.

The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognized that you have already been to our site and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These cookies enable us to automatically recognize that you have already been to our site when you visit it again. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 (1) p. 1 lit. f DSGVO.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before new cookies are created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

5. LinkedIn

Our website uses functions of the LinkedIn network. The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection issues outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click the "Recommend Button" of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.
For more information on this, please refer to LinkedIn's privacy policy at: www.linkedin.com/legal/privacy-policy. The cookie policy of LinkedIn is available at www.linkedin.com/legal/cookie-policy.

6. Xing

Our website uses functions of the Xing network. The operating company of Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time you call up one of the individual pages of our website that is operated by the controller and on which a Xing component (Xing plug-in) has been integrated, your Internet browser is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information on the Xing plug-ins can be found at dev.xing.com/plugins. Within the scope of this technical procedure, Xing receives information about which specific sub-page of our website you are visiting.

If you are logged in to Xing at the same time, Xing recognizes which specific sub-page of our website you have visited each time you visit our website and for the entire duration of your respective stay on our website. This information is collected by the Xing component and assigned to your Xing account by Xing. If you click one of the Xing buttons integrated on our website, for example the "Share" button, Xing assigns this information to your personal Xing user account and stores this personal data.

Xing always receives information via the Xing component that you have visited our website if you are logged into Xing at the same time as calling up our website; this takes place regardless of whether you click on the Xing component or not. If you do not want this information to be transmitted to Xing, you can prevent the transmission by logging out of your Xing account before accessing our website.

The data protection provisions published by Xing, which can be accessed at www.xing.com/privacy, provide information about the collection, processing and use of personal data by Xing. Furthermore, Xing has published data protection information for the XING Share button at https://www.xing.com/app/share?op=data_protection.

7. Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited, registered and operated under Irish law (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

In order to use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 p.1 lit. f DSGVO.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

privacy.google.com/businesses/gdprcontrollerterms and

privacy.google.com/businesses/gdprcontrollerterms/sccs.

More information on the handling of user data can be found in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

9. matomo

If you have given your consent, this website uses Matomo, an open source software tool for web analysis. The responsible service provider is InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand.

The software is operated on our server, and the data privacy-sensitive log files are stored exclusively on this server.

The purpose of the Matomo component is to analyze the flow of visitors to our website. We use the data and information obtained, among other things, to evaluate the use of this website and to compile online reports showing the activities on our website.

Matomo sets a cookie on your information technology system. What cookies are has already been explained above. Setting the cookie enables us to analyze the use of our website. Each time you call up one of the individual pages of this website, the Internet browser on your information technology system is automatically prompted by the Matomo component to transmit data to our server for the purpose of online analysis. As part of this technical procedure, we obtain knowledge of personal data, such as your IP address, which we use, among other things, to track the origin of visitors and clicks.

By means of the cookie, personal information such as the time of access, the place from which an access originated and the frequency of visits to our website are stored. Each time you visit our website, this personal data, including the IP address of the Internet connection you are using, is transmitted to our server. This personal data is stored by us. We do not pass on this personal data to third parties.

You can prevent the setting of cookies by our website, as already described above, at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Matomo from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Matomo can be deleted at any time via an Internet browser or other software programs.

The legal basis and revocation option for this data processing is your consent, Art. 6 para.1 p.1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by calling up the cookie settings (see footer/footer of the website below) and changing your selection there.

However, with the setting of the opt-out cookie, there is the possibility that our website is no longer fully usable.

Further information and the applicable privacy policy of Matomo can be found at matomo.org/privacy/.

10 Google reCAPTCHA 

We use on our website the service reCAPTCHA of Google Ireland Limited, registered and operated under Irish law (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The purpose of the query is to distinguish the input by a human or by automated, machine processing. For this purpose, your input is transmitted to Google and further used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and, if necessary, also to the USA. For data transfers to the USA, an adequacy decision of the European Commission, the "Privacy Shield", is in place. Google participates in the "Privacy Shield" and has submitted to the requirements. 

The processing is based on Art. 6 para. 1 p. 1 lit. f DSGVO from the legitimate interest to protect our website from automated spying, abuse and SPAM.

You can find more information about Google reCAPTCHA and the associated privacy policy at: www.google.com/recaptcha/intro/android.html and www.google.com/privacy.

11. data subject rights

You have the following rights:

a) Right to confirmation pursuant to Art. 15 (1) DSGVO.

b) Right to information pursuant to Art. 15 DSGVO

c) Right to rectification according to Art. 16 DSGVO

d) Right to erasure ("right to be forgotten") pursuant to Art. 17 DSGVO

e) Right to restriction of processing pursuant to Art. 18 DSGVO

f) Right to data portability pursuant to Art. 20 DSGVO

g) Right to object pursuant to Art. 21 DSGVO

h) Right not to be subject to automated decisions in individual cases (including profiling) pursuant to Art. 22 DSGVO

i) Right to withdraw consent under data protection law pursuant to Art. 7(3) DSGVO.

12. right of objection

Insofar as your personal data are processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.

If you wish to exercise your right of revocation or objection, an e-mail to office@medicalstrategy.de will suffice.

13. data security

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Status: March 2023