en de

Privacy Information

The following information explains how Düsseldorf Dental Academy GmbH, as the controller within the meaning of Art. 4(7) GDPR, processes personal data when you use the website https://www.duesseldorf-dental-academy.de and the protected intranet area, if available.

These privacy information apply to the publicly accessible section of the website and, where applicable, to the password-protected intranet area. According to your current setup, we do not use cookies for analytics, tracking, or marketing in the public section of the website. In the intranet area, only technically necessary cookies for authentication and session management are used.

1. Controller

Düsseldorf Dental Academy GmbH
Liesegangstr. 17a
40211 Düsseldorf
Managing Director: Dr. David Sonntag
Phone: 0211-8829318-70
Fax: 0211-8829318-11
Email: apw.kluecken@dgzmk.de

2. Data Protection Officer

According to your current information, no Data Protection Officer has been appointed for Düsseldorf Dental Academy GmbH.

3. Processing of personal data when visiting the website

3.1 Server log files

When you access our website, our web server and/or hosting provider automatically processes technical access data. This may include in particular:

  • the IP address of the requesting device,
  • the date and time of access,
  • the requested file or resource,
  • the access status / HTTP status code,
  • the amount of data transferred,
  • the referrer URL,
  • browser type, browser version, and language settings,
  • operating system and device information.

This processing is carried out for the purpose of technically providing the website, ensuring stability and security, analysing errors, and defending against unauthorised access and other misuse or attack attempts.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable, and technically functional operation of our website.

Server log files are generally deleted no later than 7 days after collection, unless they need to be retained for longer in exceptional cases in order to investigate specific security incidents or to establish, exercise, or defend legal claims.

3.2 Contacting us

If you contact us by email, phone, or otherwise, we process the data you provide to us (e.g. name, contact details, and the content of your message) in order to handle your enquiry and communicate with you.

The processing is carried out on the basis of Art. 6(1)(b) GDPR insofar as your enquiry relates to the performance of pre-contractual steps or a contractual relationship. In all other cases, processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper handling of enquiries and communication with prospective participants, attendees, and other contacts.

The data will be deleted once the enquiry has been fully processed, provided that no statutory retention obligations or other legitimate grounds require further storage.

4. Intranet / protected login area

Where a password-protected intranet area is provided on our website, we process the access data and session information required for login and use.

4.1 Authentication and session management

For login to the intranet, we use only technically necessary cookies and/or comparable technical mechanisms serving authentication, session management, and protection of the login area. These cookies are not used for analytics, tracking, or marketing purposes.

The processing is carried out in order to provide the protected digital service expressly requested by the respective user, to manage access, and to prevent unauthorised access.

The legal basis for the processing of personal data is Art. 6(1)(b) GDPR where the use of the intranet takes place within the framework of a contractual or user relationship, and additionally Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure provision and protection of the intranet. Insofar as a telecommunications-law basis is required for storing or reading information on your terminal device, this is carried out pursuant to Section 25(2) no. 2 TDDDG, because the cookies used are technically necessary for providing the digital service expressly requested by the user.

Authentication and session data are generally deleted or invalidated upon logout, at the end of the browser session, or upon expiry of the respective session. Where longer technical runtimes are required in individual cases, we limit them to what is necessary.

5. Recipients of personal data

Within our company, personal data is disclosed only to those departments that need it in order to perform their duties. In addition, data may be transmitted to external service providers insofar as this is necessary for operating the website, hosting, IT security, administration, or handling enquiries. Where legally required, such service providers are engaged as processors pursuant to Art. 28 GDPR.

Data will be disclosed to other third parties only where there is a legal basis for doing so or where you have given your consent.

6. Transfers to third countries

As a rule, personal data is not transferred to countries outside the European Union (EU) or the European Economic Area (EEA), unless this is expressly stated for individual services or required by law. If, in an individual case, a transfer to a third country takes place, this will occur only in compliance with the applicable legal requirements, in particular on the basis of an adequacy decision or appropriate safeguards pursuant to Art. 44 et seq. GDPR.

7. Obligation to provide data

The provision of technical access data within the server communication is necessary in order to display and securely operate the website. Without this data, the website cannot be accessed for technical reasons.

If you wish to use the protected intranet area, you must provide the access data required for this purpose and allow the use of technically necessary authentication and session cookies. Otherwise, the login area cannot be provided.

If you contact us, you must provide the information required to process your enquiry.

8. Storage period

We store personal data only for as long as this is necessary for the respective purposes or as long as statutory retention obligations apply. Once the relevant purpose no longer applies and statutory retention periods have expired, the data will be deleted unless further storage is necessary for the establishment, exercise, or defence of legal claims.

9. Your rights

Subject to the applicable legal requirements, you have in particular the following rights:

  • the right of access to the personal data processed concerning you (Art. 15 GDPR),
  • the right to rectification of inaccurate data (Art. 16 GDPR),
  • the right to erasure (Art. 17 GDPR),
  • the right to restriction of processing (Art. 18 GDPR),
  • the right to data portability (Art. 20 GDPR),
  • the right to object to processing based on Art. 6(1)(f) GDPR (Art. 21 GDPR),
  • the right to withdraw any consent given with effect for the future, where processing is based on consent (Art. 7(3) GDPR).

10. Right to lodge a complaint with a supervisory authority

Under Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data is not lawful. The competent supervisory authority for North Rhine-Westphalia is in particular:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Phone: 0211 / 38424-0
Fax: 0211 / 38424-10
Email: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de

11. Automated decision-making

Automated decision-making, including profiling within the meaning of Art. 22 GDPR, does not take place in connection with the visit to this website or the use of the intranet.

12. Version

Version of this privacy information: 30 March 2026