Hausarztpraxis
Christian Sibilski
Dr. med. Barbara Schmid-Horch
Dr. med. Andrea Podmaniczky

Privacy Policy

Controller within the meaning of data protection law

Christian Sibilski
Gartenstr. 2
72829 Engstingen
Germany
Tel.: +49 7129 932923
Fax: +49 7129 932989
Email: praxis@hasibilski.de

General Information on Data Processing

We take the protection of your personal data very seriously. The processing of your data is carried out in accordance with the statutory provisions, particularly the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).

Server Log Files

When visiting our website, the web server automatically collects data in so-called server log files. These include:

  • The domain from which the access is made
  • Date and time of access
  • Pages or files accessed
  • The browser and browser version used
  • Anonymised IP address

Purpose of processing: These data are used to ensure the functionality and security of the website and to optimise our services (Art. 6(1)(f) GDPR).

Storage duration: The log files are anonymised and deleted after 30 days, provided no unlawful use has been detected.

Use of Google Analytics

Our website uses Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics allows us to analyse the use of our website and continuously improve it.

Data processing: Google Analytics uses “cookies”, text files stored on your device that enable an analysis of your website usage. The information generated by the cookie (including your anonymised IP address) is generally transferred to a Google server in the USA and stored there.

IP anonymisation: We have activated IP anonymisation on this website (“anonymizeIP”). This means your IP address is shortened within the European Union or the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address sent to a Google server in the USA and shortened there.

Purpose of processing: The data is processed to evaluate the use of our website, compile reports on website activity, and provide other services related to website and internet usage. This is in our legitimate interest in optimising and economically operating our website (Art. 6(1)(f) GDPR).

Legal basis: The data processing by Google Analytics is based on your consent pursuant to Art. 6(1)(a) GDPR, which you provide via our cookie banner. You may withdraw your consent at any time.

Opt-out option: You can prevent cookies from being stored by adjusting your browser settings. You can also prevent the collection of data generated by cookies and related to your use of the website (including your IP address) and its processing by Google by downloading and installing the browser add-on to deactivate Google Analytics:
https://tools.google.com/dlpage/gaoptout?hl=de

Data processing agreement: We have concluded a data processing agreement with Google pursuant to Art. 28 GDPR. Google is obligated to process the data only in accordance with our instructions.

Data transfer to the USA: Google also processes data in the USA. Please note that the USA does not offer a level of data protection equivalent to that of the EU. Data is transferred based on the Standard Contractual Clauses of the European Commission.

For more information on data protection at Google, please visit:
https://policies.google.com/privacy?hl=de

Use of Cookies

Our website uses cookies to improve user-friendliness and provide certain functions. We distinguish between:

  • Necessary cookies: essential for the operation of the website
  • Functional cookies: enhance the functionality of the site
  • Analytics cookies: help us analyse user behaviour and improve our offerings

Legal basis: Art. 6(1)(f) GDPR (legitimate interest) and/or your consent provided via the cookie banner.

Note: You can disable cookies through your browser settings, but this may limit the functionality of the website.

Communication by e‑mail

If you contact us by e‑mail, the information you provide – including the contact details you enter – is stored for the purpose of processing your enquiry.
Legal basis: Article 6 (1) (f) GDPR (our legitimate interest in handling your request efficiently).

Retention period

  • If your message contains medically relevant information (e.g. elements of your medical history), it is incorporated into the patient record and retained for a minimum of 10 years.
  • If your message constitutes a commercial letter or accounting record, we are required to archive it for 6 years, or 8 years where accounting rules apply.
  • In all other cases, e‑mails are deleted after no more than two weeks.

Please note: transmitting unencrypted e‑mails is insecure. Kindly send confidential information via the contact form, where it is encrypted.

Our practice can encrypt e‑mail correspondence and uses PGP and S/MIME protocols – please speak to us if you wish to use them.

Our e‑mail service provider is Strato AG with servers in Germany. We have concluded a data‑processing agreement with Strato in accordance with Article 28 GDPR.
You have all the rights set out in Chapter III GDPR.

Forms

When you send us an enquiry via a form, the details you enter – including your contact data – are stored for the purpose of dealing with your enquiry.
Legal basis: Article 6 (1) (f) GDPR (legitimate interest).

  • Data remain with us until the purpose for which they were collected no longer applies or you object to the processing; statutory retention obligations remain unaffected.
  • If the content of your message is medically relevant (e.g. includes your medical history), it is added to the patient record and retained for at least 10 years.
  • Otherwise, we delete messages after no more than two weeks.

Your data are disclosed only to our service provider (Strato Mail) under a data‑processing agreement pursuant to Article 28 GDPR.
You have all rights described in Chapter III GDPR.

Your Rights as a Data Subject

You have the right:

  • To access your data in accordance with Art. 15 GDPR
  • To rectification of inaccurate data (Art. 16 GDPR)
  • To erasure of your data, provided no statutory retention obligations apply (Art. 17 GDPR)
  • To restriction of processing (Art. 18 GDPR)
  • To data portability (Art. 20 GDPR)
  • To object to the processing (Art. 21 GDPR)
  • To lodge a complaint with the relevant data protection authority:
    State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
de_DE de_DEro_RO ro_RO