top of page

Data Protection Policy

Your Personal Data is Secure

The privacy of my patients is of utmost importance to me, Can Ikram, and my clinic www.clinic153.com. I have taken appropriate measures to ensure the security of your data. This privacy policy explains how your information is collected and used, fully complying with the General Data Protection Regulation (GDPR) of the European Union and the Telecommunications and Telemedia Data Protection Act (TTDSG) in Germany.

The legal basis for processing your personal data is Article 9(2)(h) of the GDPR in conjunction with Section 22(1) No. 1(b) of the Federal Data Protection Act (BDSG), as well as Article 6 of the GDPR, where applicable.

Responsible for Data Processing in the Clinic

Can Ikram, Clinic153, www.clinic153.com
A data protection officer is not required for my clinic.

 

What Data is Collected and Processed? Why?

Data processing is carried out in accordance with legal requirements in order to fulfill the treatment contract between you and me, and the associated obligations.
The data I process mainly consists of health data such as anamnesis, diagnosis, treatment suggestions, and findings collected by me or other therapists. For this purpose, other healthcare professionals, doctors, and therapists may also provide me with data.
The collection of health data is essential for your proper treatment. If you refuse to provide the necessary information, treatment cannot take place.

 

Appointment Booking

When you book an appointment, either by phone or email, data such as your name, phone number (landline or mobile), and email address are collected. Any further information you provide is given voluntarily.

 

Patient Consultation / Anamnesis

During the anamnesis, health data is collected and documented in writing by me. This data may also be stored to ensure optimal case documentation and, in certain cases, may be recorded on video to determine your individual treatment.

 

Visiting My Website (TTDSG & GDPR)

According to the Telecommunications and Telemedia Data Protection Act (TTDSG) and the GDPR, certain data is collected when you visit my website, including:

  • Date and duration of your visit,

  • The pages you viewed,

  • Identification data of your browser and operating system, and

  • The website from which you accessed my site.

If cookies or tracking services are used on my website, they are only activated with your explicit consent, which you can revoke at any time. Please review the cookie settings in your browser to control what data is collected. For more details, visit the cookie policy on my website.

 

Phone Calls & Apps

You can contact me during my phone consultation hours. All information you provide during this contact is voluntary. Any data you share with me will be documented in writing. By contacting me, you agree to the processing of this data for this purpose.

 

When is Data Shared with Third Parties?

I only share your personal data with third parties when legally permitted or if you have provided consent.

 

Referrals, Case Discussions with Colleagues

For referrals or case discussions between colleagues, your data (e.g., name, age, anamnesis discussions, diagnoses) may be shared with other professionals. The principle of data minimization applies here—only the necessary information will be shared. You can withdraw your consent at any time.

 

Text and Video Recordings

Excerpts from written anamneses or videos may be used for training, articles, or presentations. These data will always be anonymized. If your face is visible, this will only occur with your explicit consent.

 

Data Processing and Storage by Third-Party Providers

To streamline my workflow, I collaborate with a medical billing service. The services I provide are billed via a medical billing company. Only the necessary data for billing (e.g., name, address, treatment dates, and service codes) will be forwarded. This consent can be withdrawn at any time. All data is treated confidentially.

 

How Long is My Data Stored?

I store your personal data only as long as it is necessary for the treatment in compliance with legal requirements. Afterward, I am required to retain this data for at least 10 years after the treatment is completed. Other regulations may result in longer retention periods.

 

Data Protection Impact Assessment (DPIA)

In compliance with the GDPR, I conduct a Data Protection Impact Assessment (DPIA) if the processing of your personal data poses a high risk to your rights and freedoms, particularly when large-scale processing of sensitive health data occurs.

 

How Secure is My Data?

I use technical and organizational security measures to protect the data you provide from loss, destruction, or unauthorized access. These measures are continually updated in line with the latest technological advancements.

 

What are My Rights as a Patient and How Can I Exercise Them?

  • Access: You may request information about the data stored about you at any time.

  • Correction, Deletion, and Restriction (Blocking): You can request the correction, deletion, or restriction of the processing of your personal data, as long as this is legally permissible.

  • Portability: You have the right to data portability for the information you provided during your treatment.

 

Further Questions?

If you have further questions about how your personal data is used, you can contact me at info@clinic153.com.

 

How Up-to-Date is This Privacy Notice?

I update this privacy policy from time to time, publishing an updated version on my website. You should periodically check the website to ensure you are aware of any changes.

Current Version: Oktober 2024

bottom of page