Privacy policy

We take data protection seriously

The protection of your privacy when processing personal data is very important to us. When you visit our website, our web servers automatically store the IP address of your internet service provider, the website from which you visit us, the websites you visit on our site, and the date and duration of your visit. This information is essential for the technical transmission of the web pages and secure server operation. This data is not evaluated on a personalised basis.

If you send us data via the contact form, this data will be stored on our servers for data security purposes. We will use your data exclusively for the purpose of processing your enquiry. Your data will be treated as strictly confidential. It will not be passed on to third parties.

Responsible body:

Dr. Ina Krieter & Dr. Gerhard Krieter Gemeinschaftspraxis GbR
Kumpfmühler Str. 30
93051 Regensburg
Telefon (0941) 5 53 58
Telefax (0941) 56 00 80
E-Mail info@dr-krieter.de

Personal data is data about you as an individual. This includes your name, address and email address. You do not need to disclose any personal data in order to visit our website. In some cases, we require your name and address as well as other information in order to provide you with the service you require.

The same applies if we send you information material at your request or if we respond to your enquiries. In these cases, we will always inform you accordingly. Furthermore, we only store data that you have provided to us automatically or voluntarily.

When you use one of our services, we generally only collect the data necessary to provide you with our service. We may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to provide you with our service or to pursue our commercial objectives.

When contacting us (e.g. via contact form, email, telephone or social media), the details of the enquiring persons are processed to the extent necessary to respond to the contact enquiries and any requested measures.
Responding to contact requests within the framework of contractual or pre-contractual relationships is done to fulfil our contractual obligations or to respond to (pre-)contractual enquiries and, in addition, on the basis of legitimate interests in responding to enquiries.

• Types of data processed: Inventory data (e.g. names, addresses), contact details (e.g. email, telephone numbers), content data (e.g. entries in online forms).
• Data subjects: Communication partners.
• Purposes of processing: Contact enquiries and communication.
• Legal basis: Contract fulfilment and pre-contractual enquiries (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Date and time of the request
• Name of the requested file
• Page from which the file was requested
• Access status (file transferred, file not found, etc.)
• Web browser and operating system used
• Full IP address of the requesting computer
• Amount of data transferred

This data is not merged with other data sources. Processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.   
For reasons of technical security, in particular to defend against attempts to attack our web server, we store this data for a short period of time. It is not possible for us to draw conclusions about individual persons based on this data. After seven days at the latest, the data is anonymised by shortening the IP address at domain level so that it is no longer possible to establish a connection to individual users. The data is also processed in anonymised form for statistical purposes; it is not compared with other data sets or passed on to third parties, even in excerpts. 

Our websites use cookies. Cookies are small data packets that do not cause any damage to your computer. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them.

Cookies may originate from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have different functions. Many cookies are technically necessary, as certain functions of the website would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to analyse user behaviour or for advertising purposes.

Cookies that are necessary for the electronic communication process, for the provision of certain functions requested by you (e.g. for the shopping basket function) or for the optimisation of the website (e.g. cookies for measuring the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimised provision of its services. If consent has been obtained for the storage of cookies and similar recognition technologies, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDSG); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be restricted. You can find out which cookies and services are used on this website in this privacy policy.

You can change your settings for the use of cookies at any time here:

This website uses the open source web analytics service Matomo. Matomo uses technologies that enable cross-page recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before storage.

With the help of Matomo, we are able to collect and analyse data about how visitors use our website. This allows us to find out, among other things, when page views were made and which region they came from. We also collect various log files (e.g. IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).

The use of this analysis tool is based on the corresponding consent in accordance with Art. 6 (1) lit. a GDPR and 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

We use IP anonymisation for analysis with Matomo. This means that your IP address is truncated before analysis so that it can no longer be clearly assigned to you.

We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on.

We use the DMT 360 Grad service provided by DMT direktmarketingtool.de GmbH, Osterbergweg 2, 93059 Regensburg, to display virtual tours.
This is integrated for the purpose of presenting our premises and offers in an appealing and interactive way. When you access one of these 360-degree tours, technically necessary data is processed that is required to provide the content.

This includes in particular:

• IP address of the end device
• Date and time of access
• Browser type and version
• Operating system
• Referrer URL
• Other technical log data, if applicable

This data is processed on the basis of Art. 6 (1) (f) GDPR (legitimate interest in a modern and user-friendly presentation of our offers). If the processing is based on your consent, Art. 6 (1) (a) GDPR is the legal basis.
If cookies or similar technologies are required in the context of providing the tour, their use is exclusively in accordance with the provisions of the Telecommunications Digital Services Data Protection Act (TDDDG). Technically necessary storage technologies may be used without consent (Section 25(2) TDDDG). For technologies that are not technically necessary, prior consent is required in accordance with Section 25(1) TDDDG.
Personal data is only transferred to DMT to the extent that this is technically necessary for the presentation of the tour. To the best of our knowledge, no further use or storage takes place.
Further information on data processing by DMT direktmarketingtool.de GmbH can be found in their data protection information at www.dmt-360.de/datenschutz.

We generally store personal data for as long as it is necessary for the purposes of the relevant processing, for as long as there are legal or regulatory retention periods, or for as long as we have a legitimate interest in storing it or have obtained the relevant consent from the data subject.

We store certain data in accordance with the following rules for the specified duration and delete or destroy it after the specified storage period has expired:

• If the processing is based on your consent, we will delete the data concerned after you revoke your consent.
• If none of the following retention periods apply, we will delete the data after the purpose of the processing has ceased to apply.
• 3 years: Data and content relating to legal transactions (including their preparation) to the extent necessary for the ability to provide information and defend oneself, as well as to assert or defend against claims. This also includes data relating to marketing and customer service, unless it also falls under a category with a longer storage period.
• 6 years: commercial letters received and sent (Section 257 (1) Nos. 2 and 3, (4) HGB)
• 10 years: Documents relevant for taxation, accounting documents, commercial books (Sections 147 (1) AO, 257 (1) No. 1 and 4, (4) HGB).
• 30 years: Data that is stored in the company's own interest or in the interest of third parties due to special circumstances, as there are corresponding limitation periods or special retention periods (e.g. enforcement orders, special limitation periods).

We regularly process personal data in our capacity as the responsible body. However, processing by passing on or disclosing personal data to third parties may be necessary in the course of our activities, in particular if one of the following reasons based on the specified legal basis applies:

• It is necessary for the performance of a contract with the data subject or for the implementation of pre-contractual measures at his request (Art. 6(1)(b) GDPR).
• The transfer is necessary for the establishment, exercise or defence of legal claims and there is no reason to assume that the data subject has an overriding interest worthy of protection in not disclosing their data (Art. 6(1)(f) GDPR).
• There is a legal obligation to disclose the data (Art. 6(1)(c) GDPR).
• We have valid consent (Art. 6(1)(a) GDPR).

Categories of recipients within the scope of our activities may include, in particular:

• Postal, telecommunications and transport service providers
• Payment and financial service providers
• Sales and business partners and other persons and companies involved in the provision of services
• Authorities, courts, opposing parties, other parties involved
• In addition, we will indicate in the individual processing operations if further recipients are to be considered.

In order to carry out our activities, we also use service providers who are bound by instructions as processors in accordance with Art. 28 GDPR in the context of processing personal data; these service providers are also considered recipients of the data in terms of data protection. A contract for order processing ensures, in particular, that the processing is carried out in accordance with our instructions, that sufficient guarantees are in place to comply with appropriate technical and organisational measures, and that the rights of data subjects are guaranteed.
In general, we use service providers for the following processing purposes:

• Hosting of our online offerings/websites with providers (infrastructure and platform services, computing capacity, storage space and database services).
• Care, maintenance and servicing of online offerings/websites.
• Implementation, care, maintenance and servicing of IT systems.
• Document and information management.
• Communication, contact and conference systems (e-mail, contacts, appointments, messenger, video conferencing, etc.).
• File and data carrier destruction.

You may object to the use of your personal data for advertising purposes at any time, either in whole or for individual measures, without incurring any costs other than the transmission costs according to the basic rates.

Under the legal requirements of Section 7 (3) of the German Unfair Competition Act (UWG), we are entitled to use the email address you provided when concluding the contract for direct advertising of our own similar goods or services. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter.
If you do not wish to receive such recommendations from us by email, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the basic rates. A notification in text form is sufficient for this purpose. Of course, every email always contains an unsubscribe link.

We have taken technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working on our behalf are bound by the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our data protection declarations are constantly being revised. Please ensure that you have the latest version.

You have the right to obtain information about, rectify, erase or restrict the processing of your stored data at any time, as well as the right to object to the processing and the right to data portability and to lodge a complaint in accordance with the requirements of data protection law.

Right to information:
You can request information from us about whether and to what extent we process your data.

Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we rectify or complete it at any time.

Right to erasure:
You can request that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of statutory retention obligations.
Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, provided that there are no legal or statutory retention obligations to the contrary.

Right to restriction of processing:
You may request that we restrict the processing of your data if

• you dispute the accuracy of the data, for a period enabling us to verify the accuracy of the data.
• the processing of the data is unlawful, but you refuse to have it deleted and instead request a restriction on its use,
• we no longer need the data for the intended purpose, but you still need it to assert or defend legal claims, or
• you have objected to the processing of the data.

Right to data portability:
You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that

• we process this data on the basis of your revocable consent or for the performance of a contract between us, and
• this processing is carried out using automated means.
• If technically feasible, you may request that we transfer your data directly to another controller.

Right to object:
If we process your data on the basis of legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. You may object to the processing of your data for direct marketing purposes at any time without giving reasons.

Right to lodge a complaint:
If you believe that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions. You also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert any of the above rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

We reserve the right to change our privacy policy if this becomes necessary due to new technologies. Please ensure that you have the latest version. If fundamental changes are made to this privacy policy, we will announce them on our website.

All interested parties and visitors to our website can contact us with any questions regarding data protection at:

Dr. Ina Krieter & Dr. Gerhard Krieter Gemeinschaftspraxis GbR
Kumpfmühler Str. 30
93051 Regensburg
Telefon (0941) 5 53 58
Telefax (0941) 56 00 80
E-Mail info@dr-krieter.de