Information on Data Protection
The following data protection information provided by Düsseldorf Dental Academy as the controller under Data Protection Law (Art. 4 No. 7 GDPR) gives you information about the personal data (Art. 4 No. 1 GDPR) to be processed on the website https://www.duesseldorf-dental-academy.de as well as about the purposes and legal bases on which this processing (Art. 4 No. 2 GDPR) is based. In providing such information, Düsseldorf Dental Academy GmbH complies with their data protection obligations which the controller shall meet under Art. 12, 13 GDPR when collecting data from the data subject (in this case the visitor to the website https://www.duesseldorf-dental-academy.de).
Information according to Art. 13 GDPR
Identity of the Controller:
Düsseldorf Dental Academy GmbH, Liesegangstr. 17a, 40211 Düsseldorf, executive director: Dr. David Sonntag, phone: 0211-8829318-70, telefax: 0211-8829318-11, email: firstname.lastname@example.org, is responsible for data collection within the meaning of Art. 4 No. 7 GDPR. The controller is herein after referred to as ‘DDA’.
Data Protection Officer (DPO):
No data protection officer has been appointed for the DDA.
Categories of Personal Data Concerned:
- Visitor data, IP addresses, device and domain data of visitors and customers, date and time of a request, time zone difference to the Greenwich Mean Time (GMT), content of the request (specific page), access status / HTTP status code, amount of data transferred, website, from which the request comes, browser, operating system and its interface, language and version of the browser software, path of the requested resource, information about success or error status of the access
- Login and user data
- Session Cookies, i.e. cookies that are erased when the session is ended or after long periods of inactivity or when the browser is closed
- Persistent cookies, i.e. such cookies that are stored on the visitor's computer for a predefined period of time during the visit of our website
Purposes of the Processing:
The collection of personal data and their processing by the DDA have the following purposes:
- Operation and optimization of the website
- Securing the web offer against unauthorized access and attacks by third parties, such as DDos attacks, malicious code and malware attacks
- Defense against payment, performance, rescission, omission and/or damages claims of third parties, in particular of users of the website and other third parties
- Fulfillment of legal information, notification, access and retention obligations
- Establishment of identity
- Providing information regarding services of the controller
- Company, service and product presentation
- Management of closed user groups and user access provided for this purpose, such as customer or user accounts and/or portals
- Corporate communications
Information on the Data Source:
Personal data is collected from the data subject (visitors to the website).
Legal Basis of Processing:
The legal bases of processing are as follows:
- The existence of a consent acc. Art. 6 (1) (a) GDPR
Provided that such consent exists, the data subject has the right to revoke it at any time without affecting the lawfulness of the processing carried out on the basis of the consent until the revocation.
- Art. 6 (1) (b) GDPR and/or Art. 6 (1) (c) GDPR
- Art. 6 (1) (f) GDPR, as far as the pursuit of advertising purposes of the person responsible is concerned, in particular within the framework of corporate communication, company presentation and/or product presentation purposes, furthermore as is concerned the range and cost-benefit analysis, securing the web offer against unauthorized access and attacks by third parties, such as DDos attacks, malicious code and malware attacks, the defense against payment, performance, rescission, omission and/or damages claims of third parties, in particular of users of the website and other third parties, as well as the operation and optimization of the website.
Storage Duration Criteria:
Personal data will be processed until the completion of the collection or – in case of further processing – until the fulfillment of the purpose of further processing. Upon fulfillment of the respective purpose(s), the data will be erased. The controller also has a test and erasure concept, which ensures the regular examination of the erasure obligations.
- Visitor data will be erased after a maximum of 7 days after visiting the domain https://www.duesseldorf-dental-academy.de.
- Session cookies are erased at the end of the session or after a long period of inactivity or when closing the browser.
- Persistent cookies have a predefined validity, about which we inform you in the context of the cookie information when you visit our website. Please note that you also have the option to erase stored cookies from your systems at any time either manually or with the appropriate software.
Recipients of Personal Data:
- (Subcontracted) Processors, such as technical service providers etc.
- Representatives of legal professions
Information about the Obligation to Provide Data of the Data Subject
The provision of personal data is partly required by law (for example, under the tax law, or the requirements of the fight against money laundering). You may also be required to provide us with the personal information necessary to establish, implement and terminate any contractual relationship with us and to perform the related contractual obligations. Without this information, we will often be unable to enter into contractual relationships with you and/or to comply with our legal obligations. For maximum data protection transparency, we separately point out to you any obligations to provide information in individual cases before carrying out the specific data collection situation.
Your Rights as a Data Subject:
You have the following rights vis-à-vis our company under Art. 15 to 22 GDPR:
- Right to information, rectification, erasure, limitation of processing and to data portability.
- Right to object to processing operations that are based on the legitimate interests of the controller or a third party (Article 6 (1) (f) of the GDPR).
Right to lodge a complaint at a supervisory authority
- Under Art. 77 GDPR you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not legal. The address of the supervisory authority responsible for our law firm is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Further Privacy Notices and Information
A cookie is a small file that is stored on a visitor's computer as soon as he or she calls a website. When he or she calls this website again, the cookie indicates that it is a repeated visit. We transmit cookies via your web browser to the hard disk of your computer and can read them during your current visit to our website and during subsequent visits within one year. Our cookies are protected against being read by third parties using the security standards of your browser. Essentially, cookies serve the purpose of making your use of our service as comfortable as possible. If you still want to deactivate the cookies, you can read in the help function in the menu bar of the web browser you are using, which settings you have to adjust to prevent the storage of new cookies. There you will also receive information about further cookie settings, for example information and warning functions for the erasure of existing cookies. In order to ensure unrestricted and trouble-free use of our websites, we recommend that you leave the cookie functions fully activated.
If you do not want to save range-measuring cookies on your device, you may object to the use of these files by visiting i.a. the following websites:
Furthermore, information about the retrieved resources is stored on the application server. This storage includes software engineering error logs if corresponding errors occur. However, this storage does not include references to the incoming requests. This means it is anonymized data that is collected exclusively for the purposes of error detection and error analysis. This data will be completely erased after 7 days.
A statistical evaluation of the log files takes place only for the detection of attacks and their defense. Neither further analyzes nor user profiles are generated or created.