Privacy Policy

medifa healthcare group GmbH
Kehler Road 31
76437 Rastatt
E-mail address:

Managing Director: Dr. med. Wolfgang Hohnhaus, Christian Keller, Bernhard Früh, Peter Jansenberger

Legal notice

As a user of our website, you will receive in this privacy policy all necessary information on how, to what extent and for what purpose we or third parties collect and use data from you.

The collection and use of your data is strictly in accordance with the provisions of the General Data Protection Regulation-EU (DSGVO-EU), the German data protection law according to the DSAnpUG-EU and the Telemedia Act (TMG) as applicable.

We commit ourselves to the confidentiality of your personal information and work strictly within the limits set by law.

The collection of these personal data takes place on a voluntary basis, if this is possible for us. Also, we only pass on this data to third parties with your express consent.

We ensure high security for particularly confidential data such as payment transactions or for your requests to us by using SSL encryption.

At this point, we would like to draw attention to the general dangers of Internet use, on which we have no influence. Especially in e-mail traffic your data is not safe without further precautions and may be recorded by third parties.

Used terms

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter the "data subject"); a natural person is considered as identifiable, which can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier (eg cookie) or to one or more special features, that express the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

"Processing" means any process performed with or without the aid of automated procedures or any such process associated with personal data. The term goes far and includes virtually every handling of data.

"Responsible person" means the natural or legal person, public authority, body or body that decides, alone or in concert with others, on the purposes and means of processing personal data.

Relevant legal bases

According to Art. 13 DSGVO-EU we inform you about the legal basis of our data processing. Unless the legal basis is stated in the privacy policy, the following applies:

  • The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 DSGVO-EU
  • The legal basis for the processing for the performance of our services and the execution of contractual measures as well as the answering of inquiries is Art. 6 para. 1 lit. b DSGVO-EU
  • The legal basis for the processing to fulfill our legal obligations is Art. 6 para. 1 lit. c DSGVO-EU
  • The legal basis for processing for the protection of our legitimate interests is Art. 6 para. 1 lit. f DSGVO-EU
  • In the event that vital interests of the data subject or any other natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO-EU as legal basis.

Collaboration with processors and third parties

If, in the context of our processing, we disclose data to other persons and companies (contract processors or third parties), transmit them to them or otherwise grant them access to the data, this will only be on a basis

  • a legal permission (eg data to payment service provider requirement in accordance with kind 6 para. 1 lit. b DSGVO-EU for the fulfillment of the contract)
  • You have agreed
  • a legal obligation to do so or
  • based on our legitimate interests (eg the use of agents, webhosters, IT maintenance orders, etc.)
If we commission third parties to process data on the basis of a so-called "contract processing contract", this is done on the basis of Art. 28 DSGVO-EU.

Transfers to third countries

If we process data in a third country (ie outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure, or transmission of data to third parties, this will only be done if it

  • to fulfill our (pre) contractual obligations
  • based on your consent
  • due to a legal obligation or
  • on the basis of our legitimate interests.
Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Art. 44 ff. DSGVO-EU. This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognized level of data protection (eg for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").

Rights of data subjects

You have the right to ask for confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data in accordance with Art. 15 DSGVO-EU.

You have accordingly. Art. 16 DSGVO-EU the right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.

In accordance with Art. 17 DSGVO-EU, they have the right to demand that the relevant data be deleted immediately, or, alternatively, to require a restriction of the processing of data in accordance with Art. 18 DSGVO-EU.

You have the right to request that the data relating to you that you provide us in accordance with Art. 20 DSGVO-EU be obtained and request their transmission to other persons responsible.

You have gem. Art. 77 DSGVO-EU the right to file a complaint with the competent supervisory authority.


You have the right to grant consent in accordance with. Art. 7 para. 3 DSGVO-EU with effect for the future.

right to

You may object to the future processing of your data in accordance with Art. 21 DSGVO-EU at any time. The objection may in particular be made against processing for direct marketing purposes.

Deletion of data

You have the right to request the correction, blocking or deletion of your data. This does not apply to data that is stored due to legal regulations or required for the proper conduct of business. For a data lock can be realized at any time, data for control purposes in a lock file held. If data is not recorded by a legal archiving requirement, we delete your data at your request. If the archiving obligation takes effect, we block your data. For all questions and concerns concerning the correction, blocking or deletion of personal data, please contact our data protection officer under the contact data in this privacy policy or to the address stated in the imprint.

Personal data

Each time a user accesses our Internet offering and each time a file is accessed, data about that activity is temporarily stored and processed in a log file.

Before saving each record is anonymized by changing the IP address. Specifically, the following data is stored about each access / retrieval:

  • anonymized IP address
  • Date and Time,
  • called page / name of the retrieved file,
  • transferred amount of data,
  • Message if the access / retrieval was successful.
These data are only evaluated for statistical purposes and to improve the offer and then deleted. There is no other use or disclosure to third parties.

If we collect personal data, we only collect it in the scope of data avoidance and data minimization to the extent and for the time required to use our website or as required by law.

When we collect personal information - such as your name, address or email address - this data collection is voluntary. Without your explicit consent, this information will not be disclosed to third parties.

We take the protection of your personal data seriously and adhere strictly to the relevant legal provisions and to this privacy policy when collecting and processing personal data.

If the purpose of the data collection falls away or the end of the legal storage period is reached, the collected data will be blocked or deleted. Regularly our website can be used without the transfer of personal data.


When accessing individual pages, so-called temporary cookies are used to facilitate navigation. These session cookies contain no personal data and expire at the end of the session. Techniques that make it possible to understand users' access behavior are not used.

We use cookies on our website. These small text files are stored on our PC from our server. They support the presentation of our website and help you to navigate our website.

Cookies collect data about your IP address, browser, operating system and internet connection. We do not associate this information with personal data and do not share it with third parties.

In no case are cookies used by us to bring malicious programs or spyware on your computer.

You may also use our website without the use of cookies, which may result in limited representation and functionality of our offer.

If you want to deactivate the cookies, you can do this through special settings of your browser. Please use its help function to make the appropriate changes.

The hosting services we use serve to provide the following services:

  • Infrastructure and Platform Services
  • computing capacity
  • Storage space and database services
  • Security and technical maintenance
which we use for the purpose of operating this website.

Here we, or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this website based on our legitimate interests in an efficient and secure provision of this online offer. Art. 6 para. 1 lit. f DSGVO-EU in conjunction with Art. 28 DSGVO-EU (conclusion of contract processing contract).

Collection of access data and log files

We, or our hosting provider / provider, collect on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO-EU Data on every access to the server on which this service is located (so-called server log files). The access data includes the name of the retrieved web page, file, date and time of retrieval, amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referer URL (the previously visited page), IP address and the requesting provider , These log files do not allow any conclusion to you and your person.

Logfile information is stored for security reasons (eg to investigate abusive or fraudulent activities) for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.

Third-party content and services

The offer on our website may also include content, services and services of other providers that complement our offer.

Calling these services from third parties regularly requires the transmission of your IP address. This makes it possible for these providers to use their user IP address and also to save it. We favor, only third-party vendors who use IP addresses solely to deliver the content. However, we have no influence on which third party provider may store the IP address. This storage can serve for statistical purposes, for example. Should we become aware of third-party storage operations, we will immediately notify our users of this fact.

In this context, please also note the special data protection statements for individual third-party providers and service providers whose services we use on our website. You can also find this information in this privacy policy.

SSL encryption

Our website uses SSL encryption when it comes to the transmission of confidential or personal content of our users. This encryption is activated, for example, in the processing of payments and requests that you make to us through our website.

Please make sure that the SSL-encryption is activated by your side during activities. The use of encryption is easy to recognize: The display in your browser line changes from "http: //" to "https: //". SSL encrypted data is not readable by third parties. Submit your confidential information only with activated SSL encryption and contact us in case of doubt.

Facebook plugin
You will find plugins of the social network Facebook on our website. Its provider is Facebook Inc. It is based in the US, California 94025, 1 Hacker Way, Menlo Park.

The Facebook logo or the "Like-Button" on our page mark the Facebook plug-ins. Also note the overview of the Facebook plugins at

When you visit our website, we use the plugin to directly connect to the Facebook server. You are then switched there via your browser. For Facebook this means that you have visited our website with your IP address.

With a click on the Facebook "Like-Button" you link contents of our website with your profile on Facebook. For Facebook, the visit to our page will be assigned to your user account. We are not aware of the nature of the content that is transmitted to Facebook and how Facebook uses it.

You can find more information about data collection and use in the Facebook Privacy Policy, which can be found at

You can prevent the assignment of your visit on our page with your Facebook profile by simply logging out of your Facebook account.

Use of Google Analytics

We use the web analytics service Google Analytics from Google Inc. on our website. It uses cookies.

These are text files that, by storing on your PC, allow an analysis of your user behavior regarding our website. The cookies generate information that is transmitted to a Google server. These servers are typically located in the United States, but they are based on agreements to use the European Economic Area and cut your IP address before it is sent to the United States.

Only in exceptional cases will the IP address be shortened after transmission to the USA. Google evaluates the information provided and provides in this context, other services for us website operators. The determined IP address is not merged with other Google services.

By changing your browser settings, you can prevent the storage of cookies on your computer. However, this may be associated with display and functional restrictions when using our website.

A browser plugin also prevents the collection and use of the data generated by the cookies. You can download it at the following link:

Learn more about the privacy policies of Google and Google Analytics at: or

Google Maps Plugin

We use a plugin of the internet service Google Maps on our website. Whose operator is Google Maps is Google Inc. It is located in the United States, CA 94043, 1600 Amphitheater Parkway, Mountain View.

By using Google Maps on our website, information about the use of this website and your IP address will be transmitted to a Google server in the US and also stored on this server.

We have no knowledge of the exact content of the submitted data, nor about their use by Google. The company denies in this context the connection of the data with information from other Google services and the collection of personal data. However, Google may transmit the information to third parties.

If you disable Javascript in your browser, you prevent the execution of Google Maps. But you can not use a map display on our website. By using our website, you consent to the described collection and processing of the information by Google Inc.

Learn more about the Google Maps Privacy Policy and Terms of Use here: