MEDICUS MVZ
Appointment
Appointment

Privacy Policy

Information about the processing of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR)

The protection of personal data is of utmost importance to us. This privacy policy informs visitors to the www.medicus-frankfurt.de website about which data is collected, processed, and used when using the website and for what purposes.

1. Name and contact details of the controller and the company data protection officer

This privacy information applies to data processing by:

Responsible:

Medicus-MVZ GmbH , represented by the Managing Director Dr. Umer Hameed, Bolangarostr. 65, 65934 Frankfurt am Main, Tel. 1: 069 / 30 20 40, Tel. 2: 069 / 31 27 38, Tel. 3: 069 / 39 82 40, E-Mail: bolongaro-str(at)medicus-frankfurt.de

Data Protection Officer:

Ms. Tatjana Fambach, Bolangearostr. 65, 65934 Frankfurt am Main, Tel. 1: 069 / 30 20 40, Tel. 2: 069 / 31 27 38, Tel. 3: 069 / 39 82 40; Email: datenschutz(at)medicus-frankfurt.de  

2. External hosting and content delivery networks

Our website is hosted by an external service provider, ALL-INKL.COM, Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf. Therefore, the personal data collected on this website is stored on the servers of our external service provider. This may primarily include your IP address, contact requests, meta and communication data, website accesses, and other data generated via a website.

Our external service provider is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a fast, secure and efficient provision of our website by a professional provider (Art. 6 (1) (f) GDPR).

Your data will only be processed by our external service provider to the extent necessary to fulfill its service obligations and to follow our instructions regarding this data.

3. Collection and storage of personal data as well as the type and purpose of their use when visiting our website

a. When you visit the website

When you visit our website www.medicus-frankfurt.de , the browser used on your device automatically sends information to our website server. This information is temporarily stored in so-called log files. The following information is collected without your intervention and stored until automatically deleted:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which access is made (referrer URL),
  • Websites accessed via the website,
  • visited page on our website,
  • browser used and, if applicable, the operating system of your computer as well as the name of your access provider,
  • Message whether the retrieval was successful,
  • Amount of data transferred.

We process the above data for the following purposes:

  • Ensuring a smooth connection to the website,
  • Ensuring comfortable use of our website,
  • Evaluation of system security and stability as well as
  • for further administrative purposes.

The legal basis for data processing is Art. 6 (1) (f) GDPR. The temporary storage of data is necessary for the duration of a website visit to enable delivery of the website. Further storage in log files is necessary to ensure the functionality of the website and the security of the information technology systems. These purposes also constitute our legitimate interest in data processing. Under no circumstances will we use the collected data to draw conclusions about you personally.

b. When contacting us via our email

If you contact us using the contact option provided, your details will be saved so that they can be used to process your request. This data will not be shared with third parties without your consent. When you contact us by email, your email address, your name, your telephone number (if provided), and the content of your appointment request will be saved and processed by us.

We process this data on the basis of Art. 6 (1) (f) GDPR exclusively to respond to your inquiries promptly. Please note that transmission via unencrypted email is insecure. This contact option is used solely for scheduling appointments. We do not receive health data via this method. We do not provide advice via remote communication, especially email, and/or diagnosis.

The personal data we collect as part of your appointment request will generally be automatically deleted after your request has been processed. If it relates to the existing treatment relationship and therefore requires documentation, and the email is therefore saved in the patient file, we will only retain your personal data for as long as necessary to carry out the treatment.

Due to legal requirements, we are obligated to retain this data for at least 10 years after the completion of treatment. Other regulations may require longer retention periods, for example, 30 years for X-ray records according to Section 85, Paragraph 2 of the Radiation Protection Act. The relevant legal requirements regarding retention obligations are available online at the following URL on the website of the Hessian Medical Association: https://www.laekh.de/fileadmin/user_upload/Aerzte/Rund_ums_Recht/Publikationen_und_Merkblaetter/Aufbewahrungsfristen_Patientenunterlagen.pdf

c. When using the appointment module

We have integrated the option to make appointments online via the website of Doctolib GmbH, Mehringdamm 51, 10961 Berlin (Doctolib) into our website.
If you click the "Make an appointment online" button, you will be redirected to the Doctolib website and can make an appointment online there. Although we do not forward any personal data to Doctolib ourselves, Doctolib may draw conclusions from the fact that you came from our website. Before you click the button, no data is transferred to Doctolib. By being redirected, you leave our website. Doctolib operates the Doctolib website and processes your data under its own responsibility and not on our behalf. We have no influence whatsoever on the design or content of the Doctolib website and do not adopt it as our own. Likewise, we have no influence whatsoever on the type and scope of the data processed by Doctolib or the transfer of this data to third parties. In this respect, we also have no effective control options. For information about which data Doctolib collects and how it is used, please refer to Doctolib's privacy policy:  https://info.doctolib.de/datenschutz/ .

4. Sharing of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We will only share your personal information with third parties if:

  • You have given your express consent in accordance with Art. 6 (1) (a) GDPR,
  • the transfer is necessary according to Art. 6 (1) (f) GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
  • in the event that there is a legal obligation for the transfer according to Art. 6 (1) (c) GDPR, and
  • this is legally permissible and is necessary for the processing of contractual relationships with you according to Art. 6 (1) (b) GDPR.

5.  Rights of data subjects

You have the right:

  • Pursuant to Art. 15 GDPR, you have the right to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from us, and the existence of automated decision-making, including profiling, and, where applicable, meaningful information on its details.
  • to request the immediate correction of inaccurate or the completion of your personal data stored by us in accordance with Art. 16 GDPR;
  • to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you contest the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
  • pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller;
  • to revoke your previously granted consent at any time in accordance with Art. 7 (3) GDPR. This means that we may no longer continue the data processing based on this consent in the future; and
  • Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or work or at our headquarters.

The address of the supervisory authority responsible for us is: The Hessian Commissioner for Data Protection and Freedom of Information, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Tel. 0611-1408 0, ( poststelle(at)datenschutz.hessen.de ).

6. Right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided there are reasons for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

If you wish to exercise your right of withdrawal or objection, simply send an email to www.medicus-frankfurt.de .

7. Data security

We use the widely used SSL (Secure Socket Layer) method during your visit to our website, combined with the highest level of encryption supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted encrypted by the closed key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

8. Currentness and changes to this privacy policy

This privacy policy is currently valid and is dated April 2025.

Due to the ongoing development of our website and the services it offers, or due to changes in legal or regulatory requirements, it may be necessary or become necessary to amend this privacy policy. You can access and print out the current privacy policy at any time on the website at www.medicus-frankfurt.de .