Who is the data controller?
Joint surgical practice
Dr. med. Matthias Brandt
Dr. med. Jürgen Kochhan
Data processing occurs based on statutory rules to be able to fulfil the treatment contract concluded between you and your medical doctor and to perform the related duties.
This is why we process your personal data, in particular your health-related data. Such data may include medical histories, diagnoses, therapy proposals and reports captured by us or by other medical doctors. It also happens that other doctors or psychotherapists, who have been treating you, provide us with data (e.g. in referral letters) for these purposes.
Collecting health-related information is a basic requirement for treating you. If the necessary data are not made available, an effective treatment cannot be ensured.
We only disclose your personal data to third parties, if this is legally permitted or if we have your consent to do so.
Possible recipients of your personal data are primarily other doctors / psychotherapists, associations of statutory health insurance physicians, health insurances, the Medical Service of the Health Funds (MDK), chambers of medical doctors and/or private medical clearing houses.
The disclosure of such data mainly occurs for the purpose of billing services rendered to you, for sorting out medical issues or any other question resulting from your insurance contract. On a case-to-case basis, data may also be supplied to other entitled recipients.
We only retain your personal data for the period required to provide your treatment.
As a result of legal requirements we are obliged to retain such data until at least 10 years after the treatment has been completed. Under other provisions even longer retention periods may be applicable, e.g. 30 years for radiographies pursuant to section 28 (3) of the German X-Ray Regulation. Where the purpose of collecting the information ceases to exist or the retention period has expired, we will block or erase the data.
In general, you can use our online services without disclosing your identity.
Whenever someone visits this website, we and/or our web space provider automatically collect information. These data, also called server log files, are of a general nature and do not identify individual users.
The following information is recorded automatically: name of the website, file, date, amount of data, browser and browser version, operating system, your internet provider’s domain name, referrer URL (the page from where you accessed our site) and IP address, etc.
Without collecting these data it would be technically impossible to deliver and show the content of the website. In this regard the data collection is absolutely necessary.
This website uses SSL/TLS encryption for security reasons and to protect the transmission of sensitive content, like e.g. requests that you may send to the website operator. You recognise a secure connection when the address bar changes from ‘http://’ to ‘https://’ and when the ‘lock’ sign is displayed in the browser bar.
When the SSL/TLS encryption is activated, data that you send us cannot be read by third parties.
We do not carry out statistical analyses of the data collected when you access our website. In particular, we do not use statistical tools like Google Analytics or others.
Most of the cookies that we use are session cookies. They are automatically deleted when you end your session. Other cookies remain stored on your device until you remove them. These cookies make it possible to recognise your browser when you access the website again.
You can set your browser to prompt you each time a cookie is offered, to accept cookies on a case-to-case basis, or to reject cookies in certain cases or altogether, or you can activate the automatic removal of all cookies once you close the browser. When cookies are disabled the functionality of this website may be restricted.
Cookies required for performing electronic communication or providing certain functions desired by you (e.g. change of language), are retained on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest to retain cookies for the technically smooth and optimised provision of services.
This website uses so-called web fonts, made available by Google, for a consistent delivery of fonts. When accessing a page, your browser loads the required web fonts into the browser cache to be able to show the texts and fonts correctly.
For this purpose your browser must establish a connection with Google’s servers. Thus Google will know that our website was requested from your IP address. The use of Google Web Fonts is meant to ensure a consistent and appealing presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.
If your browser does not support web fonts, your computer will use a standard font.
In principle, we do not supply personal data to third parties. Specifically, we do not provide data to third parties for advertising purposes.
We assume no liability for the content of external links. It is the operators of these external links who are exclusively responsible for their content.
You have a right to obtain information, free of costs, regarding the data that we retain about you and/or to request rectification, blocking or erasure. Exceptions: It is mandatory to retain these data in the context of our professional activities, or the data are subject to legal retention duties. Please contact us for these purposes.
Moreover, under certain circumstances, you have a right to request the erasure of data or the restriction of processing and a right to data portability.
Processing of your data occurs based on legal provisions most of the time. Your consent is required in exceptional cases only. In these cases you have a right to withdraw consent for the future handling of your data.
You also have a right to file a complaint with the responsible data protection supervisory authority if you are of the opinion that the processing of your personal data is unlawful.
The legal basis for processing your data is provided by item (h) of Art. 9 (2) GDPR in conjunction with item (1) (b) of section 22 (1) of the German Data Protection Act.