Privacy Policy

General information on our data collection on this website.

The following information gives you an overview of what happens to your personal data when you visit this website. Personal data is any information that can be used to identify you personally. Further, more detailed information on the subject of data protection can be found in the data protection declaration linked below this text.

What do we use your data for?

Most of the data is collected to ensure error-free use of the website. Other data may be used to analyze your user behavior via our Sqaurespace platform. What rights do you have regarding your data?

You have the right to receive information free of charge at any time about the origin, purpose and use of your stored personal data. You also have the right to request the updating, restriction or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the option of lodging a complaint with the competent supervisory authority. Under certain circumstances, you have the right to request the restriction of the processing of your personal data.

Who is responsible for the data collection on this website?

Data processing on this website is carried out by the website owner and operator. You can find the contact details in the imprint of this website.

Who is responsible for data collection on this website?

Data processing on this website is carried out by the owner and operator of the website. The contact details can be found in the legal notice of this website.

Analysis tools and tools from third parties

When you visit our website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can object to this analysis. We will inform you of your options for objecting in this privacy policy.

General information and mandatory information

Data protection and data security

The operator of this website takes the responsibility for the protection of your personal data very seriously. We treat your personal data as strictly confidential and in accordance with this privacy policy, the statutory data protection regulations and other applicable laws. Various personal data is collected from you when you use this website. Data with which you can be personally identified is referred to as personal data. This privacy policy describes what information we collect and how we use it. It also explains why and how this happens. We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by unauthorized persons is not possible.

Responsible body for this website.

The controller responsible for data processing on this website is:

Hender Chiropractic
Matthew Hender
Ebersstraße 80,
10827 Berlin

Phone: 0157/32402208
E-mail: info@henderchiropractic.de

The controller is the legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to the collection of data in certain cases and to direct marketing (Art. 21 GDPR)

You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation if the data processing is based on Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions. This privacy policy contains the respective legal basis for the processing. In the event of an objection, we will no longer process the personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).

You have the right to object at any time to the processing of your personal data for the purpose of direct marketing; this also applies to profiling insofar as it is associated with such direct marketing. This right exists if your personal data is processed for this purpose. After an objection, your personal data will no longer be used for direct marketing (objection pursuant to Art. 21 (2) GDPR).

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Right to lodge a complaint with the competent supervisory authority

In the event of infringements of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. Other administrative or judicial remedies remain unaffected by this right to lodge a complaint.

SSSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of sensitive content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, erasure and rectification

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the legal notice. The prerequisites for the restriction of processing are

  • The right to object:
    • The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. The controller will then no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
    • Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
    • Where personal data are processed for direct marketing purposes, the data shall no longer be processed for such purposes if the data subject objects to the processing.
    • The right referred to in paragraphs 1 and 2 shall be explicitly and clearly communicated to the data subject and shall be separated from the other information at the latest at the time of the first communication with the data subject.
    • Notwithstanding Directive 2002/58/EC, the data subject may exercise his or her right to object by automated means using technical specifications when using information society services.
    • Where personal data are processed for scientific, historical or statistical purposes pursuant to Article 89(1), the data subject, on grounds relating to his or her particular situation, shall have the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

Data collection on this website.

Online appointment booking

We use the services of Crossuite for the technical implementation of online appointment booking. As part of the online appointment booking process, Crossuite processes the personal data and health data you provide. Crossuite takes all organizational and technical precautions required by current standards in order to comply with data protection requirements, in particular to protect data from unauthorized access by third parties. Your data is transmitted and stored in encrypted form in accordance with the latest standards recommended by the German Federal Office for Information Security (BSI). By using the online appointment booking service, you agree that the personal data and health data you provide or collect may be processed by us and Crossuite.

Cookies

This website uses cookies. Cookies are text files that are stored in and by the browser of the user's computer or device. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. We use cookies to make our website more user-friendly. Some elements of our website require the browser to be identified when switching to another page. The user data collected in this way is pseudo-anonymized, i.e. the user cannot be identified. The data is not stored together with other personal user data.

The legal basis for the processing of personal data using cookies is Article 6 (1) lit. f GDPR. The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognized even after a page change.

Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

  • Operating system used
  • Browser type and version
  • Referrer URL
  • Time of the server request
  • Host name of the accessing computer
  • IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - the server log files must be recorded for this purpose.

Registration with Facebook Connect

Instead of registering directly on our website, you can register via Facebook Connect. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

If you decide to register with Facebook Connect and click on the "Login with Facebook" / "Connect with Facebook" button, you will be automatically redirected to the Facebook platform. There you can log in with your user data. This link connects your Facebook profile with our website or our services. This connection gives us access to the data stored on Facebook. This mainly includes

  • Facebook name
  • Facebook profile and cover picture
  • Facebook cover picture
  • Email address stored on Facebook
  • Facebook ID
  • Facebook friend lists
  • Facebook likes ("Like" information)
  • Language
  • Country of origin
  • Gender
  • Birthday

This data is used to set up, provide and personalize your account.

Registration with Facebook Connect and the associated data processing operations are based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time with effect for the future.

Further information can be found in the Facebook terms of use and the Facebook privacy policy. These can be viewed at https://de-de.facebook.com/about/privacy/ and https://www.facebook.com/legal/terms/.

Processing of data (customer and contract data)

Legal basis for the processing of personal data: The European General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data where we obtain the consent of the data subject. Art. 6 para. 1 lit. b GDPR serves as the legal basis for the processing of personal data if this is necessary for the performance of a contract to which the data subject is party. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. If processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6 para. 1 lit. d GDPR serves as the legal basis. If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis for processing is Article 6(1)(f) GDPR.

Scope of the processing of personal data

In principle, we collect and use our users' personal data only to the extent necessary to provide a functional website and to deliver our content and services. We routinely collect and use our users' personal data only with their consent. There is an exception in cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by law.

Data erasure and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or performance of a contract.

Social media

Share content via plugins (Facebook, Google+1, Twitter & Co.)

The content on our pages can be shared on social networks such as Facebook, Twitter or Google+ in compliance with data protection regulations. For this purpose, this page uses the eRecht24 Safe Sharing Tool. This tool only establishes a direct connection between the networks and the users when the user actively clicks on one of these buttons. Clicking on the button constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time with effect for the future.

This tool does not automatically transfer any user data to the operators of these platforms. If the user is registered with one of the social networks, an information window appears when using the social buttons of Facebook, Google+1, Twitter & Co. in which the user can confirm the text before sending it.

Our users can share the content of this page on social networks in compliance with data protection regulations without complete surfing profiles being created by the network operators.

Social media plugins

Plugins from social media are used on our pages (e.g. Facebook, Google+, Instagram, XING, LinkedIn).

You can usually recognize the plugins by the respective social media logos. To ensure data protection on our website, we only use these plugins together with the so-called "Shariff" solution. This application prevents the plugins integrated on our website from transmitting data to the respective provider as soon as you enter the page.

Only when you activate the respective plugin by clicking on the corresponding button will a direct connection to the provider's server be established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the provider can assign the visit to our pages to your user account.

The activation of the plugin constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future.

Facebook plugins (Like & Share button)

Plugins of the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages. You can recognize the Facebook plugins by the Facebook logo or the "Like" button on our site. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/.

When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook "Like" button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook's privacy policy at: https://www.facebook.com/privacy/explanation.

If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

The Facebook plugins are used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in social media.

Google+ plugin

Our pages use functions of Google+. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Capture and share information: You can use the Google+ button to publish information worldwide. You and other users receive personalized content from Google and our partners via the Google+ button. Google stores both the information that you have given +1 for a piece of content and information about the page you viewed when you clicked +1. Your +1s can be displayed as references together with your profile name and photo in Google services, such as in search results or in your Google profile, or in other places on websites and advertisements on the Internet.

Google records information about your +1 activities in order to improve Google services for you and others. To use the Google+ button, you need a globally visible, public Google profile, which must contain at least the name chosen for the profile. This name is used in all Google services. In some cases, this name can also replace another name that you have used when sharing content via your Google account. The identity of your Google profile can be displayed to users who know your e-mail address or have other identifying information about you.

Use of the information collected: In addition to the uses described above, the information you provide will be used in accordance with the applicable Google privacy policy. Google may publish summarized statistics about the +1 activities of users or pass them on to users and partners, such as publishers, advertisers or associated websites.

The Google+ plugin is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in social media.

Instagram plugin

Functions of the Instagram service are integrated on our pages. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA.

If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.

The Instagram plugin is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in social media.

Analysis tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

The storage of Google Analytics cookies and the use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

IP anonymization

We have activated IP anonymization on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website: Deactivate Google Analytics.

Further information on the handling of user data by Google Analytics can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics in Google Analytics

This website uses the "demographic features" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics, as described in the section "Objection to data collection".

Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted based on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on any device on which you sign in with your Google Account.

To support this function, Google Analytics collects Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data in order to define and create target groups for cross-device advertisements.

You can permanently object to cross-device remarketing/targeting by deactivating personalized advertising in your Google account. Follow this link: https://www.google.com/settings/ads/onweb/.

The data collected in your Google account is merged exclusively on the basis of your consent, which you can give or revoke at Google (Art. 6 para. 1 lit. a GDPR). In the case of data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merging), the collection of data is based on Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.

Further information and the data protection provisions can be found in Google's privacy policy at: https://www.google.com/policies/technologies/ads/.

Google AdWords and Google Conversion Tracking

This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

We use conversion tracking as part of Google AdWords. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your Internet browser under the user settings. You will then not be included in the conversion tracking statistics.

The storage of "conversion cookies" and the use of this tracking tool are based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

Further information on Google AdWords and Google Conversion Tracking can be found in Google's privacy policy: https://www.google.de/policies/privacy/.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Facebook Pixel

Our website uses the visitor action pixel from Facebook, Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") to measure conversions.

In this way, the behavior of site visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy. This allows Facebook to place ads on Facebook pages and outside of Facebook. As the website operator, we have no influence on this use of data.

The Facebook pixel is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in effective advertising measures, including social media.

For more information on protecting your privacy, please refer to Facebook's privacy policy: https://www.facebook.com/about/privacy/.

You can deactivate the remarketing function "Custom Audiences" in the settings for advertisements at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must be logged in to Facebook to do this.

If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

Plugins and tools

Google Web Fonts

This website uses Google Web Fonts for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using establishes a connection to Google's servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offer. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/.

Google Maps

This website uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

You can find more information on the handling of user data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

The purpose of reCAPTCHA is to check whether data is entered on our websites (e.g. in a contact form) by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

Data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM.

Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.