We only gather and use your personal data within the scope of the data protection law regulations of the Federal Republic of Germany. In the following, we will inform you of the type, scope and purpose for the gathering and usage of personal data. You can access this information at any time from our website.
- Data protection at a glance
The following information gives you a simplistic overview of what happens with your personal data when you visit our website. Personal data is what allows others to identify you. For detailed information regarding data protection, please refer to the contents of this data protection declaration.
Data gathering on our website
Who is responsible for data gathering on this website?
The LABCON-OWL Analytik Forschung und Consulting GmbH processes data on this website. You can find our contact details in the imprint of this website.
How do we capture your data?
Firstly, we capture your data by being notified by yourself. This may be data, which you enter into a contact form.
Other data is recorded by our IT-systems automatically, when you visit our website. This data is mainly technical data (such as internet browser, operating system or time of accessing the website). Recording of this data will happen automatically, as soon as you access our website.
What do we use your data for?
Within the context of the contact form, we use your data to process your request.
A portion of the data is captured to ensure flawless provision of the website services. Other data can be used to analyse user behaviour.
Which rights do you have with regard to your data?
You have the right to receive information regarding the origin, recipient and purpose of your recorded personal data at any time. You also have the right to demand that this data is rectified, blocked or deleted. If you have any further questions regarding this, or would like more information about data protection, you can contact us at any time. Contact details can be found in the imprint or you can send us an email to email@example.com. Furthermore, you have the right of appeal to the regulatory authority.
Analysis tools and tools from third parties
When visiting our website, your surf behavior can be statistically evaluated. This mainly happens by cookies and so-called analytic programs. The analysis of your surf behavior is anonymous and cannot be traced back to you.
- General comments and mandatory information
We take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with the legal data protection regulations and this data protection declaration.
When using this website, a variety of personal data is captured. Personal data is what allows others to identify you. This data protection declaration explains which data we collect and what we use it for. It also details how and why this is done.
We would like to point out, that data transfer in the internet (i.e. when communicating by email) can have security gaps. A comprehensive protection of data from access by third parties is not possible.
Declaration about the responsible body
The responsible body for data processing on this website is:
Prof. Dr. Carsten Tiemann
Dr. med. Dr. rer. nat. Dieter Münstermann
im Regierungsbezirk Detmold
32105 Bad Salzuflen
Data Protection Supervisor
Creditreform Compliance Services GmbH
Withdrawal of consent to data processing
Many data processing transactions are only possible with your definite consent. You can withdraw a consent previously given, at all times. For this, an informal notification by email to firstname.lastname@example.org will suffice. The legality of the data processing until such time of withdrawal of consent remains untouched.
Right of appeal to the responsible regulatory authority
In case of breach of data protection, the person affected has the right of appeal to the responsible regulatory authority. Responsible regulatory authority in data protection issues is the federal data protection commissioner of the Land, in which this company headquarters is situated. A list of the data protection commissioners as well as their contact details can be found under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data transferability
You have the right to have data that we process based on your consent or automatically whilst fulfilling the contract, handed out to yourself or to a third party in a commonly used, machine- readable format.
SSL- or TLS- encryption
This site uses an SSL- or TLS- encryption for security purposes and for the protection of transmission of confidential contents, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the changing URL entry field of the browser from “http://” to “https://” and the lock-symbol in front of your location bar.
When the SSL- or TLS-encryption is activated, third parties cannot see the data that you transfer to us.
Information, blocking, cancellation
Within the context of the current legal provisions you have the right to receive information regarding your personal data, its origin and recipient as well as the purpose of data processing and, if necessary, the right to rectification, blocking and removal of this data at any time, free of charge. If you have any further questions regarding this or the subject of personal data, you can contact us at any time. Contact details can be found in the imprint.
Right of appeal to advertising mails
We hereby object to the use of our contact data published within the context of the imprint obligation for the sending of advertisements and information, which have not been specifically requested by us. We especially reserve the right to initiate proceedings in case of sending of non-requested advertising information, such as spam-emails.
- Data capture on our website
The internet pages partially use so-called cookies. Cookies don’t cause any damage to your computer and don’t contain viruses. Cookies are used to make our service user-friendlier, more effective and more secure. Cookies are small text files, which are put on your computer and which are stored by your browser.
The majority of the cookies used by us are so-called “session-cookies”. These are automatically deleted after your visit. Other cookies are saved on your device and remain there until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set up your browser to be informed as soon as cookies are set or to only allow cookies in individual cases, to rule out the acceptance of cookies for individual cases or in general, as well as activate the automatic deletion of cookies when you close your browser. If you deactivate cookies, the functionality of this website may be limited.
Cookies, which are required for electronic communication processes or for the availability of certain functions desired by you (such as shopping cart function), are stored in accordance with article 6 paragraph 1 lit. f DSGVO (General data protection regulation). The website operator has legitimate interest in storing of cookies for the issue of technically flawless and optimized services. As far as other cookies are stored (such as cookies for the analysis of your individual surf behavior), these are considered on their own merits in the data protection declaration.
Server log files
The provider of the pages captures and saves information automatically in so-called server log files, which your browser automatically transfers to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of server inquiry
There is no connection made between this data and other data sources.
Basis for data processing is article 6 paragraph 1 lit. f DSGVO (General data protection regulation), which allows data processing for the fulfilment of a contract or for per-contractual measures.
When sending us questions using the contact form, your data from the request form including the contact details given by you for the handling of your request and for potential queries regarding the request are saved by us. The processing of the data on the contact form therefore happens exclusive on the basis of your consent (Art. 6 Abs. 1 lit. a DSGVO). You can withdraw this consent at any time. For this, an informal notification by email will suffice. The legality of the data processing until such time of withdrawal of consent remains untouched.
The data, input into the contact form, remains with us until you ask us to delete it, withdraw your consent to data storage or the purpose for data storing becomes invalid (i.e. after completion of your request). Compelling legal requirements- especially retention periods- remain untouched.
Processing of data (customer data and contract data)
We only collect and use personal data as far as it is required for the justification, content development or changes to the legal relationship (inventory information). This is done in accordance with article 6 paragraph 1 lit. f DSGVO (General data protection regulation), which allows data processing for the fulfilment of a contract or for per-contractual measures. We only capture, process and use personal data about the use of our internet pages (usage data) as far as it is necessary to enable the customer to access the services or for accounting purposes.
Customer data gathered will be deleted after completion of the request or on conclusion of the business relations. Legal retention periods remain untouched.
- Analytical tools and advertisement
This website uses functions of the web analytics service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
Google Analytics uses so-called „cookies“. These are text files, which are stored on your computer and which enable analysis of your usage of this website. The information about your use of this website provided by the cookie is usually transmitted to a Google server in the US and stored there.
On this website, IP addresses are anonymized. Because of this, your IP address will be masked by Google within the member states of the European Union or other contracting states of the treaty of the European economic area, prior to transfer to the US. Google will use this information on behalf of the operator of this website to evaluate your use of this website, to compile reports about website activity and to provide more services in connection to website and internet usage for the website operator. The IP address transmitted by your browser by Google Analytics is not going to be connected with other Google data.
You can prevent storing of cookies by changing the settings of your browser software accordingly; however, we would like to point out that you may not be able to use all functions of this website in full. In addition to this, you can prevent cookie-generated data collection connected to the use of the website (incl. your IP address), as well as their processing by Google by downloading and installing the available browser plug in under the following link: http://tools.google.com/dlpage/gaoptout?hl=de
Objection to data capture
You can prevent data capture by Google Analytics by clicking the following link. An Opt-out cookie will be set, which prohibits data capture for future visits to this website:
Deactivate Google Analytics
There is more information about the handling of user data at Google Analytics in the data protection declaration from Google: https://support.google.com/analytics/answer/6004245?hl=de
Google web fonts
This website uses so-called web fonts, provided by Google, to achieve a uniform layout. When opening a page, your browser loads the required web fonts to your browser cache, to show text and fonts correctly.
For this, the browser used by you, has to connect to the Google servers. By doing this, Google is made aware, that our website was accessed from your IP address. The use of Google web fonts is for the benefit of a uniform and appealing performance of our online services. This poses a legitimate interest in the sense of article 6 paragraph 1 lit. f DSGVO.
Should your web browser not support web fonts, a standard font from your computer will be used.
Information in accordance with article 13 and article 14 of the GDPR
The protection of personal data has a special significance for the LABCON-OWL Analytik, Forschung und Consulting GmbH. Thus, this organization processes personal data only in conjunction to the current legal provisions and ensures technical and administrative compliance with data protection regulations.
The following information provides an overview of the handling of data and the rights of those affected, which arises from the GDPR since 25.05.2018.
Information in accordance with article 13 (data collected from data subject) and article 14 (data collection from third parties) of the GDPR.
Please note the following data protection information:
- Details of the accountable body:
The accountable body for data collection is:
LABCON-OWL Analytik, Forschung und Consulting GmbH
32105 Bad Salzuflen
Tel: +49 5222 8076-0
Fax: +49 5222 8076-163
- Information on the data protection commissioner:
Creditreform Compliance Services GmbH
Tel.: + 49 (0) 21 31 – 109 1937
- Information on the regulatory authority:
The regulatory authority for data protection is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
- Purpose and legal basis of processing:
Legal bases for the processing of data are as follows:
- Processing for the purpose of fulfilling contracts, which are made with LABCON-OWL GmbH in accordance with article 6(1/b) GDPR
As far as personal data is collected and processed for the implementation of pre-contractual measures or on the basis of a contract, this data is used for the contract fulfilment, the execution of the contractual relationship as well as for its termination, if applicable. This covers communication with business partners on products, services and projects, i.e. to process inquiries from business partners. Furthermore, data processing is used for planning, execution and administrative purposes of the contractual relationship between the company and the business partner, i.e. to manage the commissioning of services, for accounting and settlement purposes and for debt collection.
- Processing for the protection of legitimate interests in accordance with article 6(1/f) GDPR
Data may be processed to uphold legitimate interests of LABCON-OWL GmbH or those of third parties, where applicable. This may be necessary for example, for ensuring IT security and IT operation, for the prevention and investigation of criminal offences/infringement of the regulations, for the securing of the right of domicile and for direct advertising.
- Processing due to given consent of the data subject in accordance with article 6(1/a) GDPR
As far as the data subject has given the company their consent to the processing of data for specific purposes (i.e. sending of newsletters), this personal data can be lawfully used according to the extent of the consent.
- Processing for the compliance with legal obligations in accordance with article 6(1/c) GDPR
Data processing may be necessary for the fulfilment of legal obligations such as retention requirements in accordance with the commercial code.
- The legal basis for the processing of special categories of personal data, is article 9(2 & 4) GDPR, possibly in connection to § 22 federal data protection act.
Legal bases for the processing of health data (special categories of personal data):
Processing of health data is carried out on the basis of article 9 (2-4) GDPR in conjunction with §§ 22 Germany FDPA. This applies in particular for the:
- Processing of special categories of personal data on the basis of explicit consent, as per article 9 (2/a) GDPR
Insofar as the data subject provides the company with a consent to data processing for specified purposes (e.g. carrying out of an individual health service request (IGEL)), this personal data may be used lawfully in accordance with the scope of the consent.
- Processing of special categories of personal data for the purpose of medical diagnostics, article 9 (2/b) GDPR, article 9 (4) in conjunction with §22 Germany FDPA
As a laboratory medical practice the MVZ Labor Krone GbR processes health data, in order to fulfill the task of the provision with medical services to the population, particularly medical diagnostics.
- Data categories that we collect from third parties:
We process the following categories of personal data, which we receive from third parties:
- Contact information, such as first name and surname, business address, business telephone number, business mobile number, business fax number and business email address.
- As well as details of sending physicians or organizations, as necessary: Name, date of birth, gender, address, medical insurance details, billing type, bank details, anamnestic data, tentative diagnosis, parameters to be examined, declaration of consent, release from confidentiality obligation.
- Sources (third parties) of whom the personal data is received
The LABCON-OWL GmbH processes personal data, as far as this data is provided or submitted by the data subject itself or by third parties.
Insofar, as the company receives personal data from third parties, it is mainly from the following:
- Business partners in the context of contractual fulfilment
- Recipients or categories of recipients of personal data
At the LABCON-OWL GmbH, those persons gain access to personal data who require data for the legitimate performance of the contract in question.
As far as commissioned external contractors receive personal data for this reason, we ensure that technical and organizational measures are carried out and necessary agreements are concluded, so that the processing is in line with the current data protection act and protection of the data subjects’ personal rights are guaranteed.
Where applicable, we submit personal data to:
- Business partners such as financial service providers/banking establishments, postal /parcel services, sales agents, external advisors etc., for whom data transfer is required for the completion of tasks
- Debt collectors, to collect claims
- Authorities and companies in the context of updating or for fulfilling legal notification obligations (i.e. social insurance agencies, tax offices, police and public prosecutor`s offices, regulatory authorities, road traffic licensing departments, credit rating agencies)
- Other third parties, for whom the data subjects have given consent to data transfer or where a legal authorization for data transfer exists (i.e. lawyers, insolvency administrators)
- other specialized laboratory practices, who carry out special analyses in their capacity as co-treating physicians and independent responsible persons in accordance with the GDPR
- sending physicians or organizations, in which data transfer is part of the scope of the requested service
- Intention for the transfer to third countries or international organizations
There will be no transfer of personal data to third countries (Countries outside of the European Union or the European economic area) or to international organizations.
- Duration of storage or criteria for determining the duration
Personal data is only stored for as long as is permitted on the basis of the current law. This especially applies, as long as it is required to fulfil the contractual purpose for which the personal data was required, as long as the continued storage is required for retention obligations or if it is necessary due to overriding legitimate interests or until the data subject withdraws their consent, on which the processing was based.
- Rights of the data subject
You have the following rights when it comes to the elicitation of your personal data:
- Right to access, article 15 GDPR: In accordance with article 15(1) GDPR the data subject has the right to obtain confirmation as to whether or not personal data about him/her is being processed. If this is the case, the data subject has the right to access this information and all further information as per article 15(1/a-h) GDPR.
- Right to rectification, article 16 GDPR: Should personal data be inaccurate or insufficient for the processing purposes, in accordance with article 16 GDPR there is a right to have personal data corrected or completed.
- Right to erasure, article 17 GDPR: In accordance with article 17(1) GDPR there is the right to have personal data erased, where the processing of personal data is inadmissible for one of the reasons specified in this provision. Erasure cannot be demanded, where processing is necessary for reasons as laid down in article 17(3) GDPR, such as for compliance with legal obligations.
- Right to restriction of processing, article 18 GDPR: Subject to the conditions laid down in article 18(1/a-d) GDPR, the data subject has the option of requesting that the processing be restricted (blocking).
- Right to data portability, article 20 GDPR: The data subject has the right to receive his/her personal data, which he/she has provided to the LABCON-OWL GmbH and which have been automatically processed by the organization on the basis of a consent or a contract, in a commonly used, machine-readable format. This right is subject to technical feasibility amongst others.
- Right to object, article 21 GDPR: The data subject has the right to object to processing of his/her personal data, which is processed on the basis of a weighing of interests (article 6(1/f) GDPR) under consideration of the provisions of article 21 GDPR.
Where the objection is aimed at direct marketing (this includes related profiling, where applicable), data processing will then no longer take place to this extent. In other cases, processing despite objection will only be carried out if there are compelling legitimate grounds that override the data subject’s interests, rights and freedoms or serves the establishment, exercise or defence of legal claims.
- Withdrawal of consent
Furthermore, a given consent can be amended or fully withdrawn at any time with effect for the future. The withdrawal does not affect the lawfulness of data processing based on consent prior to withdrawal.
You can send us your withdrawal either by post (LABCON-OWL GmbH, Siemensstraße 40, 32105 Bad Salzuflen), by email (email@example.com) or by fax (+49 5222 8076 163). This will not incur any further cost outside of the basic tariffs.
- Right of appeal to the supervisory authority
You have the right to lodge an appeal with the supervisory authority for data protection. The contact details of the supervisory authority responsible for us can be found under item 3.
- Obligation to provide personal data
An obligation to provide certain personal data arises from concluded contracts or contracts to be concluded, as far as the contract execution cannot take place without data provision.
Furthermore, legal obligations need to be considered, which oblige us to collect/process certain data.
If data is required on the basis of a contract, the contract cannot be concluded if data is missing.
If data has to be provided due to legal obligations, the associated service cannot be provided without its provision.
- Automated decision-making or profiling
An automated individual decision-making, including profiling as per article 22 GDPR does not take place at LABCON-OWL GmbH.