Data protection
01.) Privacy policy
My privacy policy clarifies the nature, scope and purpose of the processing of personal data within my online offer and the associated websites, functions and content. The use of my website is possible without providing personal data. Different regulations may apply to the use of individual services on our website, which in this case are explained separately below. Data is personal if it can be clearly assigned to a specific natural person. The legal basis for data protection can be found in the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG). In this respect, the following regulations inform you about the type, scope and purpose of the collection, use and processing of personal data by the provider. With regard to the terms used, such as “processing” or “controller”, please refer to the definitions in Art. 4 of the EU GDPR.
Person responsible
Roland Tennie
Wiegstrasse 20
45239 Essen, Germany
Phone: +49 201 4901452
Fax: +49 201 4901452
E-mail: rezeption@amliebstengesund.de
Imprint: https://werdener-naturheilpraxis.de/impressum/
Contact data protection officer:
Klaus Weinhoefer (DSB)
E – Mail: dsb@the-expert.eu
02) Types of data processed:
inventory data, such as names, addresses, contact data, etc., such as e-mail, telephone numbers, etc., content data, such as text entries, photographs, videos, audios, usage data, such as websites visited, interest in content, access times, etc., meta / communication data, etc., such as device information, IP addresses
Visitors and users of the online offer. In the following, I will also refer to the persons concerned collectively as “users”)
03.) Purpose of the processing
Provision of the online offer, its functions and content, answering contact requests and communication with users, security measures, reach measurement / marketing
04) Terminology used
04. a.) “Personal data” means any information relating to an identified or identifiable natural person, hereinafter referred to as “data subject”; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
04. b.) “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is far-reaching and covers practically any handling of data.
04. c.) “Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
04. d.) “Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
04. e.) The “controller” is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
04. f) “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
05.) Relevant legal bases
In accordance with Art. 13 GDPR, I inform you of the legal basis of my data processing. If the legal basis is not stated in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for the processing for the fulfillment of our services and the implementation of contractual measures as well as answering inquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfill my legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for the processing for the protection of my legitimate interests is Art. 6 para. 1 lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR as legal basis
06.) Safety measures
I take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk. The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transfer, safeguarding of availability and its separation.
07.) SSL encryption
For security reasons and to protect the transmission of confidential content, such as contact details, appointments or inquiries that you send to me as the site operator, I use an SSL or SSL-encrypted connection for my website. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to me cannot be read by third parties.
08) Cooperation with processors and third parties
If I disclose data to other persons and companies (processors or third parties) as part of my processing, transfer it to them or otherwise grant them access to the data, this will only be done on the basis of legal permission, e.g. if the data is transferred to third parties, such as payment service providers, in accordance with Art. 6 para. 1 lit. a GDPR. Art. 6 para. 1 lit. b GDPR is necessary for the performance of a contract, you have given your consent, a legal obligation provides for this or on the basis of my legitimate interests, for example when using agents, web hosts, etc. If I commission third parties with the processing of data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.
09) Transfers to third countries
If I process data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this will only take place if it is done to fulfill my contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of my legitimate interests. Subject to legal or contractual permissions, I process or have the data processed in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means that processing takes place, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU, or compliance with officially recognized special contractual obligations, the so-called “standard contractual clauses”.
10) Rights of the data subjects
You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
10. a) You have accordingly. In accordance with Art. 16 GDPR, you have the right to request the completion of data concerning you or the correction of incorrect data concerning you.
10. b) In accordance with Art. 17 GDPR, you have the right to demand that the data in question be deleted immediately or, alternatively, to demand that the processing of the data be restricted in accordance with Art. 18 GDPR.
10. c) You have the right to request to receive the data concerning you that you have provided to me in accordance with Art. 20 GDPR and to request that it be transferred to other data controllers.
10. d) You have further acc. Art. 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority.
11) Right of withdrawal
You have the right to withdraw your consent in accordance with. Art. 7 para. 3 GDPR with effect for the future
12) Right of objection
You can object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. The objection may be made in particular against processing for direct marketing purposes.
13) Cookies and right to object to direct advertising
Cookies” are small files that are stored on users’ computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user or the device on which the cookie is stored during or after their visit to my online offering. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online service and closes their browser. Permanent” or “persistent” cookies are cookies that remain stored even after the browser is closed. This allows the login status to be saved when users visit them after several days. The interests of users can also be stored in such a cookie and used for reach measurement or marketing purposes. Third-party cookies” are cookies that are offered by providers other than the controller who operates the online service; otherwise, if they are only the controller’s cookies, they are referred to as “first-party cookies”. I may use temporary and permanent cookies on the website and provide information about this in this privacy policy. If users do not wish to have cookies stored on their computer, I will ask them to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer. A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices or the EU website http://www.youronlinechoices.com. Furthermore, the storage of cookies can be disabled in the browser settings. Please note that you may then not be able to use all the functions of this website.
14) Deletion of data
The data processed by me will be deleted or restricted in their processing in accordance with Art. 17 and 18 GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that I have to retain for commercial or tax law reasons. According to legal requirements, the data is stored for 10 years in accordance with §§ 147 para. 1 AO, 257 para. 1 no. 1 and 4, para. 4 HGB. This refers to books, records, management reports, accounting vouchers, trading books, documents relevant for taxation, etc. and 6 years in accordance with § 257 para. 1 no. 2 and 3, para. 4 HGB (commercial letters).
15) Business-related processing
In addition, I process contract data, for example the subject matter of the contract, term, customer and patient category, etc., payment data, for example bank details, payment history of customers/patients, interested parties and business partners for the purpose of providing contractual services, customer care, marketing, advertising and market research.
16) Preventive healthcare benefits
I process the data of my patients, interested parties and other clients or contractual partners in accordance with Art. 6 para. 1 lit. b) GDPR in order to provide them with my contractual or pre-contractual services. The data processed in this context, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship. The processed data generally includes inventory and master data of patients (e.g., name, address, etc.), as well as contact data (e.g., e-mail address, telephone, etc.), contract data (e.g., services used, products purchased, costs, names of contact persons) and payment data (e.g., bank details, payment history, etc.). In the context of my services, special categories of data pursuant to Art. 9 para. 1 GDPR, in particular information on the health of patients, possibly with reference to their sex life or sexual orientation, may also be processed. For this purpose, I obtain, if necessary, in accordance with Art. 6 para. 1 lit. a., Art. 7, Art. 9 para. 2 lit. a. GDPR and otherwise process the special categories of data for the purposes of preventive healthcare on the basis of Art. 9 para. 2 lit h. GDPR, § 22 para. 1 no. 1 b. BDSG. If necessary for the fulfillment of the contract or required by law, I disclose or transmit the data of the patients in the context of communication with medical professionals, third parties involved in the fulfillment of the contract, such as laboratories, billing offices or comparable service providers, insofar as this serves the provision of our services in accordance with Art. 6 para. 1 lit b. GDPR, is required by law pursuant to Art. 6 para. 1 lit. c. GDPR, serves my interests or those of patients in efficient and cost-effective healthcare as a legitimate interest pursuant to Art. 6 para. 1 lit f. GDPR or pursuant to Art. 6 para. 1 lit. d. GDPR is necessary to protect the vital interests of patients, another natural person or in the context of consent pursuant to Art. 6 para. 1 lit. a., Art. 7 GDPR. The data will be deleted when the data is no longer required to fulfill contractual or legal duties of care and to deal with any warranty and comparable obligations, whereby the necessity of storing the data is reviewed every three years; otherwise, the statutory retention obligations apply.
17) Therapeutic services and coaching
I process data of my patients and interested parties and other clients or contractual partners, uniformly referred to as “clients”, in accordance with Art. 6 para. 1 lit. b) GDPR in order to provide them with my contractual or pre-contractual services. The data processed in this context, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship. The processed data generally includes inventory and master data of clients, for example, name, address, etc., as well as contact data, for example, e-mail address, telephone number, etc., contract data, services used, fees, names of contact persons, etc. and payment data, bank details, payment history, etc. As part of my services, I may also process special categories of data in accordance with Art. 9 para. 1 GDPR, in particular information on the health of clients, possibly with reference to their sex life or sexual orientation, ethnic origin or religious or ideological beliefs. For this purpose, I obtain, if necessary, in accordance with Art. 6 para. 1 lit. a., Art. 7, Art. 9 para. 2 lit. a. GDPR and otherwise process the special categories of data for the purposes of preventive healthcare on the basis of Art. 9 para. 2 lit h. GDPR, § 22 para. 1 no. 1 b. BDSG. If necessary for the fulfillment of the contract or required by law, I disclose or transmit the client’s data in the context of communication with other professionals, third parties necessarily or typically involved in the fulfillment of the contract, such as billing offices or comparable service providers, insofar as this serves the provision of my services in accordance with Art. 6 para. 1 lit b. GDPR, is required by law pursuant to Art. 6 para. 1 lit. c. GDPR, serves my interests or those of the clients in efficient and cost-effective healthcare as a legitimate interest pursuant to Art. 6 para. 1 lit. f. GDPR or in accordance with Art. 6 para. 1 lit. d. GDPR is necessary to protect the vital interests of the client or another natural person or in the context of consent pursuant to Art. 6 para. 1 lit. a., Art. 7 GDPR. The deletion of the data takes place when the data is no longer required for the fulfillment of contractual or legal duties of care as well as dealing with any warranty and comparable obligations, whereby the necessity of storing the data is reviewed by me every three years; otherwise the statutory retention obligations apply.
18.) Administration, financial accounting, office organization, contact management
I process data in the context of administrative tasks and the organization of my business, financial accounting and compliance with legal obligations, storage, archiving, etc.. In doing so, I process the same data that I process as part of the provision of my contractual services. The processing bases are Art. 6 para. 1 lit. c. GDPR, Art. 6 para. 1 lit. f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and my interest in the processing lies in the administration, financial accounting, office organization, storage / archiving of data, i.e. tasks that serve the maintenance of my business activities, performance of tasks and provision of my services. The deletion of data with regard to contractual services and contractual communication corresponds to the information specified in these processing activities. I disclose or transmit data to the tax authorities, tax consultants or auditors as well as other fee offices and payment service providers. Furthermore, on the basis of my business interests, I store information on suppliers, event organizers and other business partners, mostly company-related data, permanently for the purpose of contacting them at a later date.
19) Business analyses and market research
In order to operate my practice economically, to be able to recognize market trends, wishes of contractual partners, patients and users, I analyze the data available to me on business transactions, contracts, inquiries, etc.. In doing so, I process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 para. 1 lit. f. GDPR, whereby the data subjects include contractual partners, interested parties, patients, customers, visitors and users of my online offer. These analyses are carried out for the purpose of business evaluations, marketing and market research. I can take into account the profiles of registered users with details of the services they have used. These analyses help us to increase user-friendliness, optimize our network offering and improve business efficiency. These analyses serve me alone and are not disclosed externally, unless they are anonymous analyses with summarized values. If these analyses or profiles are personal, they will be deleted or anonymized upon termination by the user, otherwise after two years from the conclusion of the contract. In addition, the overall business analyses and general trend determinations are prepared anonymously wherever possible.
20) Hosting and e-mail dispatch
The hosting services I use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services that I use for the purpose of operating my online offering. In doing so, my hosting provider processes inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of my legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f GDPR. Art. 6 para. 1 lit. f GDPR in conjunction with. Art. 28 GDPR
21) Collection of access data and log files
My hosting provider collects data on the basis of legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO data about every access to the server on which this service is located, the so-called server log files. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL, IP address and the requesting provider. Log file information is stored for a maximum of 7 days for security reasons, e.g. to investigate misuse or fraud, and then deleted. Data whose further retention is necessary for evidentiary purposes shall remain exempt from deletion until the respective incident has been finally clarified.
22) Google Analytics
I use cookies on the basis of my legitimate interests in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) Google Analytics, a web analytics service provided by Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there. Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymous user profiles can be created from the processed data. Google Analytics is only used on my website with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. Further information on the use of data by Google, setting and objection options, can be found in Google’s privacy policy(https://policies.google.com/technologies/ads), and in the settings for the display of advertisements by Google(https://adssettings.google.com/authenticated). The personal data of the users of my pages will be deleted or anonymized after 14 months.
23.) Jetpack (WordPress Stats)
On the basis of my legitimate interests in the analysis, optimization and economic operation of my online offer within the meaning of Art. 6 para. 1 lit. f. GDPR. GDPR the plugin Jetpack the sub-function “WordPress Stats”. It is a tool for the statistical evaluation of visitor access. The company Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, USA. Jetpack uses so-called “cookies”, text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this online offer is stored on a server in the USA. User profiles can be created from the processed data, although these are only used for analysis and not for advertising purposes. Further information can be found in Automattic’s privacy policy: https://automattic.com/privacy and notes on Jetpack cookies: https://jetpack.com/support/cookies
24) Online presence in social media
I maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about my services. I expressly point out that data of my site visitors may be processed outside the European Union. This may result in risks for users because, for example, the enforcement of users’ rights could be made more difficult. With regard to US providers that are certified under the Privacy Shield, I would also like to point out that they undertake to comply with EU data protection standards. Furthermore, user data is generally processed for market research and advertising purposes. For example, usage profiles can be created by me from the usage behavior and the resulting interests of the users, which are used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are also generally stored on the user’s computer, in which the user’s usage behavior and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users, especially if the users are also members of the respective platforms and are logged in to them. The processing of users’ personal data is based on my legitimate interests in effective user information and communication with users in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR. If the users are asked by the respective providers for consent to data processing (i.e. they declare their consent, e.g. by ticking a checkbox or confirming a button), the legal basis for processing is Art. 6 para. 1 lit. a., Art. 7 GDPR. For a detailed description of the respective processing and the objection options, please refer to the information provided by the providers linked below. Also in the case of requests for information and the assertion of user rights, I would like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. – Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com,
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
25) Use of Facebook social plugins
On the basis of my legitimate interests in the analysis, optimization and economic operation of the online offer within the meaning of Art. 6 para. 1 lit. f. GDPR. GDPR social plugins of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. This may also include content such as images, videos, audio or text and buttons with which users can share content from this online offering within Facebook. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law(https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active)
When a user accesses a function of my online offering that contains such a plugin, their device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offering. User profiles can be created from the processed data. I have no influence on the scope of the data that Facebook collects from the visitor with the help of this plugin. I therefore only inform visitors to my website according to my level of knowledge. By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to their Facebook account. When users interact with the plugins, for example by clicking the Like button or leaving a comment, the corresponding information is transmitted directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to find out and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for protecting the privacy of users, can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/. If a user is a Facebook member and does not want Facebook to collect data about them via this online service and link it to their membership data stored on Facebook, they must log out of Facebook and delete their cookies before using our online service. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/ The settings are platform-independent and are adopted for all devices, such as desktop computers or mobile devices. If you still need help, you can contact my data protection officer by e-mail: dsb@the-expert.eu
26) Integration of third-party services and content
I use content or service offers from third-party providers within my online offer on the basis of my legitimate interests in order to integrate their content and services, such as videos or fonts, within the meaning of Art. 6 para. 1 lit. f GDPR. 1 lit. f. GDPR. This always presupposes that the third-party providers of this content are aware of the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. I try to only use content on my website whose respective provider only uses the IP address to deliver the content. Third-party providers may also use so-called pixel tags for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of my website. The pseudonymous information may also be stored in cookies on the user’s device and contain, among other things, technical information about the browser and operating system, referring websites, visit time and other information about the use of our online offer, as well as being linked to such information from other sources.
27.) Font Awesome
I also use web fonts from Fonticons, Inc. on my Internet pages for the uniform display of fonts. When you access my pages, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to the servers of Fonticons, Inc. record. By doing so, Fonticons, Inc. knowledge that my website has been accessed via your IP address. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR represent. If your browser does not support web fonts, a standard font will be used by your computer. Further information about Font Awesome can be found at https://fontawesome.com/help and in the privacy policy of Fonticons, Inc.: https://fontawesome.com/privacy.
28.) Font Typekit
I also use web fonts from Adobe Typekit on my website for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to the Adobe Typekit servers. As a result, Adobe Typekit becomes aware that our website has been accessed via your IP address. The use of Adobe Typekit Web Fonts is in the interest of a uniform and appealing presentation of my online offer. This constitutes my legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer. Further information on Adobe Typekit Web Fonts can be found at https://typekit.com/ and in Adobe Typekit’s privacy policy: https://www.adobe.com/de/privacy/policies/typekit.html
29) Google Fonts
The fonts (“Google Fonts”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, are used in my website. Privacy Policy: https://www.google.com/policies/privacy, Opt-Out: https://adssettings.google.com/authenticated.
30.) Google Maps
My website integrates the maps of the “Google Maps” service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, IP addresses and location data of my website visitors, which, however, are not collected without their consent, usually as part of the settings of their mobile devices. The data may be processed in the USA. The Google Maps privacy policy: https://www.google.com/policies/privacy, Opt-Out: https://adssettings.google.com/authenticated.
31.) Further note
I would also like to point out that Internet-based data transmissions are subject to security vulnerabilities, making complete protection against access by third parties impossible.