Skip to content
Startseite » Privacy policy

Privacy policy

With this privacy policy, we would like to inform you about the nature, scope and purpose of the processing of personal data (hereinafter also referred to as “data”). Personal data are all data that have a personal reference to you, e.g. name, address, e-mail address or your user behavior. The data protection declaration applies to all data processing operations carried out by us, both within the scope of our core activities and for the online media provided by us..

Who is responsible for data processing

Responsible for data processing is:
Ada Mielentz
Heilpraktikerin für Psychotherapie
Gaußstraße 13d
22765 Hamburg
Deutschland
040/24864192
info@ada-mielentz.de
https://ada-mielentz.de/impressum/

Processing of your data in the context of therapeutic services provided by us

If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual relationship existing between us. In this sense, the data processed by us includes all those data that are or were provided by you for the purpose of using the contractual or pre-contractual services and that are required to process your inquiry or the contract concluded between us. Unless otherwise stated in the further notes to this data protection declaration, the processing of your data and its transfer to third parties is limited to those data that are necessary and expedient to answer your inquiries and/or to fulfill the contract concluded between you and us, to protect our rights and to fulfill legal obligations. We will inform you which data is required for this before or in the course of data collection. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers apply.

Special categories of data:

If you are a patient with us or submit an inquiry to us because you are interested in the healthcare services we offer, so-called special categories of data may also be affected by the data processing. This includes, in particular, information about your health, possibly with reference to your sex life or sexual orientation, genetic and biometric information, as well as information that reveals your racial or ethnic origin (Article 9 (1) GDPR). We process this data exclusively for the purpose of your health care or to protect your vital interests. If we need the above-mentioned information for purposes other than those just mentioned (preventive health care, protection of vital interests), we will inform you of this in detail before we process this data and then obtain your express consent. 

If it is necessary for the fulfillment of the contract concluded between us, for the protection of your vital interests or due to legal requirements, we will transmit your data to third parties, such as authorities, medical institutions, laboratories, billing offices and tax consultants, in compliance with our professional confidentiality requirements.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • Contact data (e.g. e-mail address, telephone number, postal address)
  • Contract data (e.g. subject matter of contract, duration of contract)

Special categories of personal data:

  • Health data
  • Genetic data
  • Biometric data
  • Data concerning sexual life or sexual orientation
  • Data revealing racial or ethnic origin

Data subjects: Patients, prospective patients, business and contractual partners

Purpose of processing:

Abwicklung vertraglicher Leistungen, Kommunikation sowie Beantwortung von Kontaktanfragen, Büro und Organisationsverfahren

Legal basis:

Contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 lit. c GDPR), legitimate interest, Art. 6 para. 1 lit. f GDPR.

Deletion:

We delete your data after expiry of the legal warranty and comparable obligations, i.e. basically after 4 years. If legal regulations require the archiving of your data (e.g. for tax reasons or because of professional requirements, in this case usually 10 years), we delete this data after the expiry of these periods. Otherwise, we delete your data after the contractual relationship between us has ended.

Your rights under the GDPR

According to the GDPR, you are entitled to the rights listed below, which you can exercise at any time by contacting the data controller named in section 1. of this privacy statement:

  • Right to information:  You have the right to request information from us about whether and what data we process from you.
  • Right to rectification: You have the right to request the rectification of incorrect or completion of incomplete data.
  • Right to erasure: You have the right to request the erasure of your data.
  • Right to restriction: in certain cases, you have the right to request that we only process your data in a restricted manner.
  • Right to data portability: You have the right to request that we transfer your data to you or another responsible party in a structured, common and machine-readable format.
  • Right to complain: You have the right to complain to a supervisory authority. The supervisory authority of your usual place of residence, your workplace or our company headquarters is responsible.

Right of withdrawal

You have the right to revoke your consent to data processing at any time.

Right of objection

You have the right to object at any time to the processing of your data, which we base on our legitimate interest according to Art. 6 (1) lit. f GDPR. If you make use of your right to object, we ask you to explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling reasons worthy of protection for the data processing outweigh your interests and rights..

Irrespective of the above, you have the right at any time to object to the processing of your personal data for purposes of advertising and data analysis.

Please address your objection to the contact address of the data controller given above.

When do we delete your data?

We delete your data when we no longer need it or when you instruct us to do so. This means that – unless otherwise stated in the individual data protection notices of this data protection declaration – we delete your data,

  • when the purpose of the data processing has ceased to exist and thus the respective legal basis stated in the individual data protection notices no longer exists, e.g.
    • after termination of the contractual or membership relationship existing between us (Art. 6 para. 1 lit. a GDPR) or
    • after our legitimate interest in the further processing or storage of your data ceases to exist (Art. 6 para. 1 lit. f GDPR),
  • if you exercise your right of withdrawal and no other legal basis for processing within the meaning of Art. 6 (1) lit. b-f GDPR applies,
  • if you exercise your right to object and there are no compelling legitimate grounds for deletion.

If, however, we still need to retain (certain parts of) your data for other purposes, for example because tax retention periods (generally 6 years for business correspondence or 10 years for accounting records) or the assertion, exercise or defense of legal claims arising from contractual relationships (up to four years) make this necessary, or if the data is needed to protect the rights of another natural person or legal entity, we will delete (that part of) your data only after these periods have expired. However, until the expiration of these periods, we limit the processing of this data to these purposes (fulfillment of the retention obligations).

Web hosting

In order to maintain our Internet pages, we make use of a provider on whose server our Internet pages are stored and made available for retrieval on the Internet (hosting). In this context, the provider may process all the data transmitted via the browser you use that is generated when you use our Internet pages. This includes, in particular, your IP address, which the provider needs to deliver our online offer to the browser you use, as well as all entries you make on our website. In addition, the provider used by us may record 

  • the date and time of access to our website
  • time zone difference to Greenwich Mean Time (GMT)
  • access status (HTTP status)
  • the amount of data transferred
  • the Internet service provider of the accessing system
  • the type of browser you are using and its versiondas von Ihnen verwendete Betriebssystem
  • the operating system you are using
  • the website from which you may have accessed our website
  • the pages or sub-pages that you visit on our website.

The aforementioned data is stored as log files on the servers of our provider. This is necessary to ensure the stability and security of the operation of our website.

Data concerned:

  • Content data (e.g. posts, photos, videos).
  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address).

Data subjects: Users of our Internet presence

Purpose of processing: Playing out our Internet pages, ensuring the operation of our Internet pages

Legal basis: Legitimate interest, Art. 6 para. 1 lit. f GDPR

Web host(s) commissioned by us:

STRATO

Service provider: STRATO AG, Pascalstr. 10, 10587 Berlin
Website: https://www.strato.de/hosting/
Privacy policy: https://www.strato.de/datenschutz/

Contact

If you contact us via email, social media, telephone, mail, our contact form or otherwise and in doing so provide us with personal data such as your name, telephone number or email address, or provide further information about yourself or your request, we will process this data to respond to your inquiry within the scope of the pre-contractual or contractual relationship existing between us.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Contact data (e.g. e-mail address, telephone number, postal address)
  • Content data (texts, photos, videos)
  • Contractual data (e.g. subject matter of the contract, duration of the contract).

Data subjects: Interested parties, customers, business and contractual partners

Purpose of processing: communication as well as answering contact requests, office and organization procedures

Legal basis: contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR.

Online advertising

We use services to play out internet advertising. Through the services we use, certain user data is collected by a cookie or pixel. This includes, in particular, the information from which website you have accessed our website (so-called referrer), which pages of our website you have accessed, how long you have visited our pages and which interactions you have carried out there. In addition, data on the browser you use, computer system and type of device are collected. In addition, demographic information such as age or gender can be collected as pseudonymous values via such a service. If you have consented to the collection of your location data, this may also be processed, depending on the provider. In order to collect and store this data, the respective service places a cookie or a so-called counting pixel on the end device used by you, with which the IP address assigned to you is also collected. However, this is shortened via a so-called IP masking procedure, so that the IP address can no longer be assigned to your visit to our website. In principle, no clear data such as names or e-mail addresses are stored when using the respective service. This is only the case if you are a member of a social network that offers one of the services mentioned below and merges your profile with the aforementioned data material.

The data is analyzed by the service we use to produce a report with statistical statements about the number of visitors generated via the advertising and the success of the advertising measure. The reports show, among other things, the total number of users who were redirected to our website via our ads. In addition, the reports contain information on the end devices and browsers of the users, at which locations the users were located, at which times the advertisement was clicked. However, the reports do not contain any information that could be used to personally identify you as a user of our site.

We would like to point out that, depending on the location of the service provider, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Usage data (e.g. access times, web pages clicked on).
  • Communication data (e.g. information about the device used, IP address).

Data subjects: Users of our online offers

Verarbeitungszweck: Reichweitenmessung, Erfolgskontrolle von Kampagnen, Remarketing sowie interessen- und verhaltensbedingtes Marketing

Purpose of processing: Measuring reach, monitoring the success of campaigns, remarketing, and interest- and behavior-based marketing

Legal basis: If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 (1) lit. a GDPR. In addition, we use the respective service on the basis of our legitimate interest in directing visitor flows to our website, to analyze these visitor flows in order to be able to continuously improve the functions, offers and user experience, Art. 6 (1) lit. f GDPR.

We use the following service providers for online advertising:

Bing Ads

Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Headquarters in Germany:  Microsoft Deutschland GmbH, Walter-Gropius-Straße 5, 80807 Munich, Germany
Website: https://ads.microsoft.com/
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement

Google Ads

Service Provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Headquarters in Europe: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland
Website: https://ads.google.com/home/
Privacy policy: http://www.google.de/intl/de/policies/privacy

Our online presence on social networks

We operate online presences within the social networks listed below. If you visit one of these presences, the data listed in more detail below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and usage profiles are created with it. In the usage profiles, data can be stored regardless of the device you use. This is particularly the case if you are a member of the respective platform and logged in to it. The usage profiles can be used by the providers to play interest-based advertising to you. You have a right of revocation against the creation of user profiles. To exercise this right, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when you visit our website, the respective provider may collect data about your usage behavior on our website. To prevent such linking of your data, you can log out of the provider’s service before visiting our site.

For what purpose and to what extent data is collected by the provider, you can see the respective, in the following communicated, privacy statements of the providers.

We would like to point out that, depending on the country of domicile of the provider named below, the data collected via its platform may be transmitted and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Inventory data and contact data (e.g. name, address, telephone number, e-mail address).
  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address).

Purpose of processing: Kocommunication and marketing, tracking and analysis of user behavior.

Legal basis: consent, Art. 6 para. 1 lit. a GDPR, legitimate interests Art. 6 para. 1 lit. f GDPR.

Objection options: For the respective objection options (opt-out), we refer to the information of the providers linked below.

We maintain online presences on the following social networks::

Facebook

Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland 
Website: https://www.facebook.com/
Privacy policy: https://www.facebook.com/about/privacy/
Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data

Messenger services

We communicate via messenger services. Messenger services are chat programs that can be used to send text messages, as well as image or video files, between users in real time over the Internet. In addition, messenger services can also be used to transmit emoticons, electronic greeting cards and contacts. In order for messages to be transmitted, the participants must be connected to each other with a computer program (called a client) via a network such as the Internet, either directly or via a server. As a rule, messages can also be sent when the other party is not online – the message is then cached by the service’s server and later delivered to the recipient when he or she is available again. Finally, these services can also be used for screen transmission and online gaming.

If the service uses end-to-end encryption for the sent content (texts, attachments), only the selected communication partners, but not third parties or the service provider itself, can view the message. In this respect, we recommend that you regularly install updates for the service to ensure that the content is encrypted. However, the service provider has the option of accessing the metadata of the communication. This includes the time and (depending on the setting) location of the communication as well as the device you are using.

We would like to point out that, depending on the country of domicile of the provider mentioned below, the data collected via its platform may be transmitted and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Inventory and contact data (e.g. name, telephone number, e-mail address).
  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address).

Purpose of processing: communication and marketing

Legal basis:If we have asked you for your consent before using the respective service, this is the legal basis, Art. 6 (1) lit. a GDPR. In this respect, we clarify that we will not transfer your contact data to the service provider for the first time without your consent. If we communicate with you in the context of a contract initiation or in the context of an existing contractual relationship via one of the following mentioned services, the legal basis is the fulfillment or preparation of the contract, Art. 6 para. 1 lit. b GDPR. In addition, we invoke our legitimate interests in fast and efficient communication and fulfillment of the needs of our communication partners in the communication of the services mentioned below, Art. 6 (1) lit. f GDPR.

Possibilities of objection: You can revoke the consent given to us for the use of the following named service at any time. You can also object to communication via the messenger service at any time.

We use the following messenger services:

Signal

Service provider: Privacy Signal Messenger, LLC 650 Castro Street, Suite 120-223 Mountain View, CA 94041, USA
Website: https://signal.org/de
Privacy policy: https://signal.org/legal/

Onlinemeetings, Videokonferenzen und BildsOnline meetings, video conferencing, and screen sharing

We use third-party offerings to facilitate online meetings, conference calls via video and/or audio circuit, and online seminars among employees and with prospects or customers. When you communicate with us through such a service, the data collected in that communication process is processed by both us and the third-party provider. The data that may be generated in such a communication process includes, in particular, your login and contact information, posts in the chat window, your video and audio posts, and shared screen content. The data processed by the third-party provider we use primarily includes user data as well as metadata (e.g., IP address, computer system information). As a rule, the third-party providers process this data in order to check and ensure the security of the service. In addition, findings from the data processing are to be used to optimize the third-party provider’s offer and to carry out corresponding marketing measures. Please refer to the data protection information of the third-party provider in this regard.

We would like to point out that, depending on the country of domicile of the service provider mentioned below, the data collected via the service may be transmitted and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Contact data (e.g. e-mail address, telephone number)
  • Shared content (e.g. photos, videos, texts, audio recordings)
  • User data (e.g. times of access, web pages visited, interest in content)
  • Meta and communication data (e.g. IP address, computer system information)

Data subjects: Interested parties, customers, communication partners

Purpose of processing: processing of contact requests, internal and external communication with employees as well as interested parties and customers, fulfillment of our contractual services, service offer

Legal basis: consent, Art. 6 para. 1 lit. a GDPR, contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR.

Services we use:
Service providers: Vectera, Wilderoosstraat 2, 9000 Ghent, Belgium
Website: https://go.vectera.com
Privacy policy: https://www.vectera.com/policies/privacy-policy/

Content services

We use certain services in order to be able to play out certain content or graphics (videos, images, music, fonts, maps) via our Internet presence. In doing so, the services we use process the IP address assigned to you at the time of your visit to our Internet pages, as this is the only way the respective content can be displayed in the browser you are using. In addition, the providers of these services may place further cookies on your terminal device, which are used to collect information about your usage behavior, your interests, the device and browser you are using, as well as the time and duration of your session. The providers regularly use this data for analysis, statistical and marketing purposes. In addition, this information may also be combined with information from other sources. This applies in particular if you yourself maintain an account with the service provider and are logged in there at the time of the session.

We would like to point out that, depending on the country of domicile of the service provider named below, the data named in more detail below may be transferred to and processed on servers outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that the enforcement of your rights will not be possible or will be difficult.

Data concerned:

  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address)

Data subjects: Users of our Internet presence

Purpose of processing: displaying our Internet pages, offering content, ensuring the operation of our Internet pages

Legal basis: consent via cookie consent banner, Art. 6 para. 1 lit. a GDPR, legitimate interests, Art. 6 para. 1 lit. f GDPR.

We use the following content services:

Google Maps

We use Google Maps on our website. In doing so, Google collects and processes the IP address of the visitor. When you visit a website on which Google Maps is integrated, your IP address and your location data (the latter usually not without your consent) are transmitted to Google, regardless of whether Google Maps is actually used or you are logged into your Google account. Your IP address is assigned to your Google account if you are logged in there when you visit our website.

Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Headquarters in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Website: https://www.google.de/maps
Privacy policy: https://policies.google.com/privacy
Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de

Google Web Fonts

Google Web Fonts enable us to integrate fonts (web fonts) into the design of our website and to display them correctly when our web pages are displayed in your browser. The integration of these web fonts is done by a server call at Google. From there, the fonts are compressed and passed on to your browser, where they are unpacked. This server is usually located in the USA. If you visit one of our pages on which we embed Google Fonts, it is transmitted to Google which of our Internet pages you have visited.

Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Headquarters in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Website: https://fonts.google.com/
Privacy policy: https://policies.google.com/privacy

Security measures

We also take technical and organizational security measures in accordance with the state of the art to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.

Actuality and change of this privacy policy

This privacy policy is currently valid and has the status October 2021. Due to changes in legal or regulatory requirements, it may become necessary to adapt this privacy policy.

This data protection declaration was created with the help of the data protection generator of SOS Recht. SOS Recht is a service of Mueller.legal Rechtsanwälte Partnerschaft, based in Berlin.