Data protection – Privacy statement
1) Data protection at a glance
The following information provides an overview of what happens with your personal data during a visit to our website. Personal data is all data with which you can be personally identified. We take the protection of personal data and therefore your privacy very seriously. Please refer to our privacy statement listed below this text for detailed information on the subject of data protection.
Data collection on our website:
Responsible authority in accordance with the data protection laws, in particular the EU General Data Protection Regulation (GDPR):
Lehrstuhl und Poliklinik für Prävention, Rehabilitation und Sportmedizin
Technische Universität München
Klinikum rechts der Isar
Uptown München-Campus C
Tel.: +49 (0)89-289 244 41
Responsible in accordance with the media law:
Univ.-Prof. Dr med. Martin Halle, Managing Medical Director
How do we record your data?
On the one hand, your data is collected when you provide it to us. Other data is registered automatically by our IT systems during your visit to the website. This is in particular in regard to technical data (e.g. Internet browser, operating system or the time of the page view). The registration of this data is performed automatically as soon as you visit our website.
What do we use your data for?
Data is collected in order to ensure the correct provision of the website. A transfer of the data inside or outside of the EU is not intended.
Which rights do you have in regard to your data?
At all times you have the right to receive information on the origin, recipient and purpose of your stored personal data free of charge. Furthermore, you have the right to request the correction, blocking or deletion of this data. You can contact us at any time under the address specified in the imprint on this matter as well as in the event of further questions on the subject of data protection. Additionally, the right to appeal is at your disposal at the responsible supervisory authority.
Analysis tools and third party tools
Your surfing behaviour can be evaluated statistically during the visit of our website. This is in particular performed with cookies and so-called analysis programs (which we however do not use). The analysis of your surfing behaviour is generally performed anonymously.
2) General information and mandatory information
We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as the privacy statement. Various personal data is collected when you use this website. Personal data is data with which you can be personally identified. The present privacy statement explains which data we collect and what we use it for. It also explains how and for which purpose this is performed. We would like to point out that the data transfer on the Internet (e.g. during the communication via e-mail) may feature security vulnerabilities. An absolute protection of the data against the access by a third party is not possible.
You can exercise the following rights at all times using the contact data of our data protection officer, which can be found below the privacy statement:
• Information on the data stored at us about you and its processing
• Correction of incorrect personal data
• Deletion of your data stored with us
• Limitation of the data processing, provided we are not permitted to delete your data yet due to legal obligations
• Objection against the processing of your data with us and
• Data portability, provided you have agreed to the data processing or have entered into an agreement with us.
If you have given us your consent, you can revoke this at any time with effect for the future.
You can contact the responsible supervisory authority at any time with a complaint. The supervisory authority responsible for you depends on the specific German federal state of your residence, your work or the suspected violation. A list of the supervisory authorities (for the non-public sector) with address can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right for data portability
You have the right to have data, which we process in an automated manner on the basis of your consent or in performance of a contract, handed over to you or a third party in a common, machine-readable format. Should you request the direct transfer of the data to a different responsible party, then this will only be performed provided it is technically feasible.
Purposes of the data processing by the responsible authority and third parties
We will only process your personal data for the purposes stated in this privacy statement. A transfer of your personal data to third parties for purposes other than those stated will not be performed. We will only transfer your personal data to third parties when:
• You have given your explicit consent
• The processing is required for the performance of a contract
• The processing is required for the fulfilment of a legal obligation, the processing is required for the safeguarding of legitimate interests and no reason is present for the presumption that you have an interest on the non-disclosure of your data that is predominantly worthy of protection.
We use an SSL encryption in order to protect the security of your data during the transmission. You can identify an encrypted connection by means of the browser’s address bar changing from “http://” to “https://” and additionally by means of the padlock icon displayed in your browser line. When the SSL encryption is activated, then the data that you transmit to us cannot be read by third parties.
Objection against advertising e-mails
The use of the contact data published in connection with the obligation to provide publication details for the transmission of advertising and information material that has not been explicitly requested is hereby objected to. The operator of the pages expressly reserves legal action in the event of the unsolicited sending of advertisement information, such as spam e-mail.
3) Data collection on our website
Registration of general information during the visit of our website
When you access our website, information of a general nature will be registered automatically by means of a cookie. This information (server log files) among others contains the type of the web browser, the utilised operating system, the domain name of your Internet service provider and similar. This is solely information that cannot be used to identify you.
This information is technically required in order to correctly deliver the contents of web pages that you have requested and are absolutely necessary for the use of the Internet. In particular, it is processed for the following purposes:
• Safeguarding of a trouble-free establishing of the connection of the website
• Safeguarding of a smooth usage of our website
• Evaluation of the system security and stability as well as
• For additional administrative purposes.
The processing of your personal data is based on our legitimate interest from the purposes for data collection listed above. We do not use your data in order to identify you. Recipients of the data are only the responsible authority and possibly the order processor.
Anonymous information of this type is possibly evaluated statistically for the optimisation of our web presence and the underlying technology.
Just like many other websites, we also use so-called “cookies”. Cookies are small text files that are transmitted from a website server to your hard disk. In this manner, we receive certain data, e.g. IP address, utilised browser, operating system and your connection to the Internet. Cookies cannot be used to launch programs or to transmit viruses to a computer. Based on the information contained in the cookies, we can simplify the navigation for you and facilitate the correct display of our web pages. Under no circumstances will the data registered by us be transmitted to third parties or will a link to your personal data be created without your consent.
Appointment request / contact form
We collect data for the purpose of the performance of your contact request via our appointment arrangement form. When you contact us via the contact form or via e-mail, you provide your voluntary consent for the purpose of establishing contact. The data processing is based on article 6 section 1 f) GDPR. Our legitimate interest lies in responding to your appointment request. A transfer to a third party does not occur. The data is deleted automatically as soon as it is no longer required for the purpose of the processing of the request or for possible follow-up questions. You have the right at all times to object to the use of your data for the purpose of establishing contact.
4) Integration of external providers / social media
Use of facebook components
We utilise components of the provider facebook.com (direct link to our facebook page: www.facebook.com/sportmritum). Facebook is company of facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. With each access of our website, these components trigger that the browser you use will download a corresponding display of the respective components from facebook. This process will inform facebook on which specific page of our online presence is currently being visited.
This means: When you access our page while you are logged on to facebook, then using the information collected by the component, facebook will recognise which specific page you are visiting and will assign this information to your personal facebook account. For example, when you click on the “Like” button, enter a comment or share posts, then this information is transferred to your personal user account on facebook and stored there. Furthermore, the information that you have visited our page is transmitted to facebook. This occurs irrespectively whether you have clicked on the component or not.
If you would like to prevent this transfer and the storage of data about you and your behaviour on our website by facebook, then you must log out of facebook – before you visit our site. Facebook’s data protection information provides more detailed information on this, in particular on the collection and usage of the data by facebook, on your rights in this matter and the configuration options for the protection of your privacy: http://de-de.facebook.com/about/privacy/.
Use of Instagram components
We use components from the provider instagram.com on our website (direct link to our instagram page: www.instagram.com/sportmedizintum). Instagram is an audiovisual platform that enables users to like and share photos and videos and also to disseminate such data in other social networks. The operating company for Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.
Each time one of the individual pages of this website is accessed, which is operated by the person responsible for processing and on which an Instagram component (Insta button) has been integrated, the Internet browser on the information technology system of the person concerned is automatically replaced by the respective Instagram component prompts you to download a representation of the corresponding component from Instagram. As part of this technical process, Instagram receives knowledge of which specific subpage of our website is visited by the person concerned.
If the person concerned is logged in to Instagram at the same time, Instagram recognizes which specific sub-page the person concerned is visiting with each visit to our website by the person concerned and for the entire duration of their stay on our website. This information is collected by the Instagram component and assigned to the respective Instagram account of the person concerned. If the person concerned clicks one of the Instagram buttons integrated on our website, the data and information transferred with it will be assigned to the personal Instagram user account of the person concerned and stored and processed by Instagram.
Instagram always receives information via the Instagram component that the person concerned has visited our website if the person concerned is logged into Instagram at the same time as accessing our website; this takes place regardless of whether the person concerned clicks on the Instagram component or not. If the data subject does not want this information to be transmitted to Instagram, they can prevent the transmission by logging out of their Instagram account before calling up our website.
Further information and Instagram's applicable data protection regulations can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.
Use of Google+
A Google logo is visible in the footer of our website. This is linked to the provider Google+ of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, in the following referred to as “Google”. By clicking on the Google logo, you have the opportunity of providing an evaluation on us via your Google+ account.
With each access of our website, this component triggers that the browser you use downloads a corresponding presentation of the component from Google. This process will inform Google on which specific page of our online presence is currently being visited. In accordance with the specifications of Google, a further evaluation of your visit is not performed in the event that you are not logged into your Google account.
When you access our site while you are logged on to your Google account, then with a click on the Google button via your Google account, Google can collect information on a website recommended by you as well as your IP address and other browser-related information. In this manner, your Google recommendation can be stored and made publicly accessible. Your Google recommendation can be shown as a tip together with your account name and possibly with your image stored at Google in Google services, such as search results or in a Google account or at other locations such as web pages and advertisements on the Internet. Additionally, Google can link your visit to our site with your data stored at Google.
If you would like to prevent the registration described above as best as possible, then you should log off from your Google account before visiting our online presence.
The data protection information of Google+ with all further information on the collection, transfer and use of data by Google, on your respective rights as well as your profile setting options can be retrieved here: https://www.google.com/intl/de/+/policy/+1button.html.
5) Analysis tools and advertisement
We do not use Google Analytics.
6) Changes to our data protection regulations
We reserve the right to modify this privacy statement in order to ensure that it complies with the currently applicable legal requirements or in order to implement changes of our services in the privacy statement, for example in the event of the introduction of new services. The new privacy statement then applies when you visit the site again.
7) Questions to the data protection officer
Should you have questions on data protection, then please send us an e-mail or directly contact the person responsible for data protection in our organisation:
Data protection officer:
Klinikum rechts der Isar
Tel.: +49 (0)89/4140-0
As at: May 2018