Data Privacy Policy

General Aspects

Compliance with data protection laws is important to Dr. Imme Witzel not only as a legal obligation, but also as an important trust factor. With the following data protection regulations, we would therefore like to inform you transparently about the type, scope and purpose of the personal data collected and processed by you within this website as well as your rights.

Responsibility for Data Processing

Dr. Imme Witzel, Braystraße 12, 81677 Munich, Germany, (in the following: “We”), as the operator of the website https://imme-witzel.de, is responsible according to Article 4 No. 7 of the EU General Data Protection Regulation (GDPR). If you have any questions, you can contact info@imme-witzel.de.

Data Protection Officer

In accordance with Art. 37 GDPR in conjunction with Section 38 BDSG, we are not obliged to appoint a data protection officer. If you have any questions about data protection and to assert your rights mentioned below, you can of course contact us at any time using the contact details given above.

Rights of Affected Individuals

Your Rights as Affected Individuals

As an affected individual, you have the following rights with regard to your personal data:

  • A right to information, among other things, about the categories of data processed, the processing purposes, the storage period and any recipients, in accordance with Art. 15 GDPR and Section 34 BDSG.
  • A right to correction or deletion of incorrect or incomplete data, according to Art. 16 and 17 GDPR and § 35 BDSG.
  • Under the conditions of Article 18 GDPR or Article 35 Paragraph 1 Sentence 2 BDSG, a right to restriction of processing.
  • A right to object to the processing in accordance with Art. 21 Para.1 GDPR, insofar as the data processing was based on a legitimate interest.
  • A right to revoke a given consent with effect for the future according to Art. 7 Para. 3 GDPR.
  • A right to data portability in a common format according to Art. 20 GDPR.
  • Pursuant to Art. 22 GDPR, you have the right not to be subject to a decision based solely on automated processing that has legal effect on you or significantly affects you in a similar way. This also includes profiling within the meaning of Art. 4 No. 4 GDPR.
  • You also have the right, in accordance with Art. 77 GDPR, to complain to a data protection supervisory authority about the processing of your personal data by us, in particular in the member state of your usual place of residence, your place of work or the place of the alleged infringement.

Procedure

If you assert your rights against us under the GDPR and the BDSG, we will process the data you have transmitted to us in order to fulfill your claim.

We then store the data you have transmitted to us and the data we have transmitted to you in return for the purpose of documentation until the end of the statutory limitation period for administrative offenses (3 years).

The legal basis for the processing and storage of the data is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest results from our obligation to comply with your request and the need to be able to relieve us in possible fine proceedings by proving that we have properly complied with your request.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint. However, we would like to point out that the processing of your data to prove compliance with the rights of the data subject is mandatory within the meaning of Art. 21 Para. 1 DSGVO, since other means of proof do not exist or are not equally suitable.

Privacy Measures

We secure our website and other systems – and thus also your data – by technical and organizational measures against loss, destruction, access, modification or distribution by unauthorized persons. In particular, your personal data will be transmitted in encrypted form over the Internet. We use the TLS (Transport Layer Security) coding system.

However, the transmission of information over the Internet is never completely secure, so we cannot guarantee the security of data transmitted from our website 100%.

Modalities of Data Processing

Sources and Categories of Personal Data

We process your personal data insofar as they are necessary for the establishment, content design or change of a contractual relationship between us and you (inventory data). Inventory data can be in particular: name, title, contact details (postal address, telephone, e-mail address), date of birth, etc..

We also process your usage data. Usage data is data that is generated by your behavior when using our website and our services, in particular your IP address, the beginning and end of your visit to our website and information about what content you have accessed on our website.

We collect the data mentioned either directly from you (e.g. by visiting the website) or, insofar as this is permitted under data protection laws, from third parties or from publicly accessible sources (e.g. commercial and association registers, press, media, Internet).

Data Transfer to Third Countries outside the EU

All information that we receive from you or about you is generally processed on servers within the European Union. Your data will only be transmitted to or processed in third countries without your express consent if this is required or permitted by law, an appropriate level of data protection is ensured in the third country or contractual obligations exist through so-called standard data protection clauses of the EU.

Please note that the USA is a so-called unsafe third country. When personal data is transferred to the USA, there is a risk that US security authorities may be able to access this data as part of the “Cloud Act”. EU citizens have no effective legal protection options in the USA or the EU against these measures.

Transfer of Data, Order Processing

We never pass on your personal data to third parties without authorization. However, we can pass on your data to third parties in particular if you have consented to the data being passed on, if the passing on is necessary to fulfill our legal obligations or if we are entitled or obliged to pass on data due to legal provisions or official or judicial orders. In particular, this may involve the provision of information for the purposes of criminal prosecution, to avert danger or to enforce intellectual property rights.

We may also transmit your data to external service providers who process data on our behalf and according to our instructions (processors) in order to simplify or relieve our own data processing. Each processor is bound by a contract in accordance with Art. 28 GDPR. In particular, this means that the processor must offer sufficient guarantees that suitable technical and organizational measures will be implemented by him or her in such a way that the processing is carried out in accordance with the requirements of the GDPR and the protection of your rights as the data subject is guaranteed. Despite the commissioning of contract processors, we remain the responsible body for the processing of your personal data within the meaning of data protection laws.

Purpose of Data Processing

In principle, we only use the data for the purpose for which the data was collected from you. We can further process the data for another purpose, unless this other purpose is incompatible with the original purpose (Article 5 (1) (c) GDPR).

Storage Duration

Unless otherwise stated in detail, we only store data collected from you for as long as is necessary for the respective purpose, unless there are statutory storage obligations to the contrary, e.g. from commercial law or tax law.

Individual Processing Activities

In the following, we would like to show you as transparently as possible which of your data we process, on what occasion, on what basis and for what purpose.

Server-Log-Files

Every time a website is accessed and every time data is retrieved from a server, general information is automatically transmitted to the server providing it. This data transfer is automatic and is a fundamental part of communication between devices on the Internet.

The data transmitted by default includes the following information: your IP address, product and version information about the browser used and the operating system (so-called user agent), the website from which you accessed (so-called referer), date and time of the Request (so-called timestamp). In addition, the http status and the amount of data transferred are recorded as part of this request.

This information is logged by the server, stored in a table and stored there for a short time (so-called server log files). By analyzing these log files, we can identify and then eliminate errors on the website, determine the utilization of the website at certain times and make adjustments or improvements based on this, and ensure the security of the server by being able to trace the IP address from which attacks were run on our server.

Your IP address will only be stored for the time you are using the website and will then be deleted immediately or partially made unrecognizable by shortening it. The remaining data is stored for a limited period of time (usually 7 days).

The legal basis for the use of the server log files is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from the need for the operation and maintenance of our website, as we have explained above. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint. However, we would like to point out in advance that the processing of your data in server log files is mandatory within the meaning of Art. 21 Para. 1 DSGVO, since otherwise the website cannot be operated at all.

Cookies and Web Storage

Cookies

We use so-called “cookies” to improve user-friendliness on our website.

What Cookies are

Put very simply, a cookie is a small text file that stores data about websites visited. Cookies can be used in many ways. For example, they may store a kind of “user profile”, which means things like your preferred language and other site settings that our website needs to provide you with certain services. The cookie file is stored on your end device and can also help to recognize you when you visit our website again.

Under certain circumstances, we can also use the cookies to obtain information about your preferred activities on our website and thus tailor our website to your individual interests or even increase the speed of navigation on our website.

How to prevent Cookies

You can manually delete the cookies in the security settings of your browser at any time.

You can also prevent the storage of cookies from the outset by setting your browser accordingly. Please note, however, that you may then not be able to use all the functions of our website to their full extent or that errors may occur in the display and use of the website.

Cookies of Third-Party Services

It is possible that third-party providers, with the help of which we design and operate our website, store their own cookies on your end device, in particular through so-called plugins (see below in the “Third-Party Services” section). If you only want to accept our own cookies and not cookies from third parties, you can prevent these cookies from being saved by setting the browser to “Block Third-Party Cookies”.

Which Cookies are used

Specifically, our website uses the following cookies:

Name Specification Origin (Domain) Validity/

Storage duration

Access of third parties
_pk_id.<websiteID>.<domainHash> This cookie is used to analyze and develop our website by recognizing the user, storing the number of users, the number of days since a user’s last visit, and the number of visits by a user. imme-witzel.de 13 months No
_pk_ses.<WebsiteID>.<domainHash> This cookie is used to analyze the website by enabling the recording of new website visits by the user by storing whether 30 minutes or more have passed since the user’s last visit and how many of these visits take place. imme-witzel.de 30 minutes No
borlabs-cookie This cookie is used to recognize whether you have already been shown the consent notice and whether you have fully accepted or rejected it, or which specific settings you have selected. It does not contain any personal data. imme-witzel.de 6 months No
wp-wpml_current_language Stores the user-selected language version of a web page. imme-witzel.de End of the session No

Legal basis

The legal basis for the use of cookies that are essential for the website to function (e.g. shopping cart cookie, session cookie) is Art. 6 Para. 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing) and § 25 Para. 2 No. 2 TTDSG (absolute necessity for the provision of a telemedia service expressly requested by the user). The legitimate interest results from our need to be able to offer you a functioning website. Cookies are necessary because they are an integral part of current Internet technology and many functions of current websites would not be available without cookies. We therefore need cookies in order to be able to make the website available to you at your request.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

However, we would like to point out that the processing of your data in certain cookies is mandatory within the meaning of Art. 21 Para. 1 DSGVO, since otherwise the website cannot be operated at all and we do not have the technical possibility of setting cookies on certain to prevent individual end devices. However, you may be able to do this yourself in your browser. For more information on this, please take a look at the instructions for your browser.

The legal basis for the use of cookies, which are not absolutely necessary for the website to function, is Art. 6 Para. 1 Sentence 1 Letter a) GDPR (consent of the person concerned). When you first call up the website, we ask you for your consent to the use of non-essential cookies via a displayed information text. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings you have made.

Web Storage

Our website does not access the web storage of your browsers.

Third Party Services

To simplify our data processing and to expand the functionality of our website, we use services/resources from third parties, such as plugins, external content, software or other external service providers (services). Personal data may also be transmitted to the service provider. In order to protect your data, we have contractually obliged the service providers to process your data only according to our instructions, if necessary in accordance with Article 28 GDPR.

We expressly point out that we are regularly only responsible for data collection and transmission by the service within the meaning of the GDPR, but not for any subsequent processing by the respective service provider.

Specifically, we use the following services:

Analysis Tools

We use certain services that record data from website visitors and make it available to us for analysis. We use this data to improve our website, our services and offers in a user-oriented manner. In particular, the following information on visitor behavior can be collected: your IP address, product and version information about the browser used and the operating system (so-called user agent), the website from which you accessed (so-called referrer), date and time of the request and may include your internet service provider, approximate origin (country and city), language, clicks on content and view time.

The legal basis for the use of analysis tools is Art. 6 Para. 1 S. 1 Letter a) GDPR (consent of the data subject). When you first call up the website, we will ask you for your consent to use the service via a message text that is displayed. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings you have made.

We use:

Matomo (formerly Piwik)

Our website uses the “Matomo” (formerly “Piwik”) service from InnoCraft Ltd. (InnoCraft), 150 Willis St, 6011 Wellington, New Zealand. Matomo is a so-called web analysis service. Matomo uses a so-called cookie. The usage information generated by the cookie (including your shortened IP address) is transmitted to our server and stored for usage analysis purposes. Your IP address is immediately anonymized during this process, so that you as a user remain anonymous to us. We store the collected information exclusively on our own server and do not transmit it to third parties. You can prevent the use of cookies by setting your browser software accordingly, but in this case you may not be able to use all the functions of this website to their full extent.

Further information on data protection at Matomo can be found at: https://matomo.org/privacy-policy/

Social-Media-Fanpages

In addition to our website, we maintain online presences on social platforms in order to be able to communicate with customers, interested parties and users who are active there and to inform them about our services.

If you visit our presence on a social platform, your data will usually be processed by the respective provider of the platform for our market research and advertising purposes. The provider can also process the data for its own purposes. Usage profiles can be created from your usage behavior and your resulting interests. These usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to your interests. For these purposes, cookies (see above) are usually stored on your end device, in which your usage behavior and your interests are stored. In particular, if you are a member of the respective platforms and are logged in to them, additional data can be stored independently in the usage profiles. For a detailed description of the respective data processing and the possibility of objection, we refer to the following linked information from the providers, as only they know the exact processes of their data processing.

We would like to point out that your data can also be processed outside the European Union. This can give rise to risks, for example because it could make it more difficult to enforce your rights.

The legal basis for the use of the online presence and the associated data processing is generally Article 6 Paragraph 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to present ourselves to visitors and users of social networks and to make statements of all kinds in the media and opinion market. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

The use of statistical data from all visitors to our social media websites, which is collected, processed and made available to us by the respective site operators, is based on Art. 6 Para. 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing ). The legitimate interest results from our need for an anonymous evaluation of the visit and usage behavior on our websites for the user-oriented improvement of the design of our online offer and the optimization of our communication with interested parties. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. For this purpose, please use the contact details given in the imprint.

If you are asked by the respective providers for your consent to data processing, the legal basis for the processing is Article 6 (1) sentence 1 letter a) GDPR (consent of the data subject). You can revoke this consent at any time with effect for the future. To do this, please contact the provider who asked for your consent.

In the event that you want to assert your above-mentioned rights, we would like to point out that these can be asserted most effectively with the providers, despite possible joint responsibility. As a rule, only the providers have direct access to your data and can take appropriate measures and provide information directly. If you still need help, you can contact us and we will support you at any time within the scope of our possibilities.

We are represented on:

LinkedIn

LinkedIn is a professional network of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This company represents LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA in the EU.

Further information on data protection at LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy.

You can configure data collection by LinkedIn on the following page: https://www.linkedin.com/psettings/guest-controls/

Status of the data protection declaration: 08.03.2023

Source: Süddeutsche Datenschutzgesellschaft mbH