Privacy Policy

Controller within the meaning of the General Data Protection Regulation (GDPR)

Radioonkologie im Vosspalais
Prof. Dr. med. S. Marnitz
Voßstraße 33
10117 Berlin
Germany

Phone: +49 (0)30 314 9063-31
Email: info@radiotherapy.care
Website: www.radiotherapy.care

The protection of your personal data is very important to us. We process your personal data exclusively in accordance with the applicable legal provisions, in particular the General Data Protection Regulation (GDPR) and the German Telecommunications Digital Services Data Protection Act (TDDDG).

Please note that data transmission over the Internet may have security vulnerabilities. Complete protection of data against access by third parties is not technically possible in all cases.

Data Protection Officer

Dr. rer. medic Redouane Fouassi
Email: redouane.fouassi@radiotherapy.care

1. Definitions

Personal data means any information relating to an identified or identifiable natural person, such as name, email address, telephone number or IP address.

A data subject is any natural person whose personal data is processed.

Processing means any operation performed on personal data, such as collection, recording, storage, use, disclosure or deletion.

2. Hosting and Server Log Files

When accessing our website, technically necessary information is processed by our hosting provider in so-called server log files. This includes in particular:

  • visited page
  • date and time of access
  • amount of data transferred
  • referrer URL
  • browser type and version
  • operating system
  • IP address

This processing is carried out to ensure the stability, security and functionality of the website as well as to detect misuse.

Legal basis: Art. 6(1)(f) GDPR

Retention period: Server log files are deleted after three days unless further retention is required for evidentiary purposes.

3. Cookies and Consent Management

Our website uses cookies and similar technologies.

Where cookies are not technically necessary, they are only used with
your consent.

Legal basis:

  • Section 25(1) TDDDG
  • Art. 6(1)(a) GDPR

Technically necessary cookies are used on the basis of Section 25(2) TDDDG.

Consent Management (Borlabs Cookie)

We use Borlabs Cookie to manage user consent.

The following cookies may be set:

  • borlabsCookie
  • borlabsCookieUnblockContent

These are used solely to store your consent preferences.

You can withdraw your consent at any time with effect for the future.

4. Contact via Email, Telephone or Contact Form

If you contact us, we process the data you provide to handle your request.

This may include in particular:

  • name
  • contact details (email, phone)
  • message content
  • additional voluntary information

Legal basis:

  • Art. 6(1)(b) GDPR (pre-contractual measures)
  • Art. 6(1)(f) GDPR (general inquiries)

Retention period: Only as long as necessary to process your request and subject to statutory retention obligations.

5. Email Communication (Microsoft 365 / Outlook)

Email communication is carried out via Microsoft 365 (Outlook).

Provider:
Microsoft Ireland Operations Limited, Dublin, Ireland

Personal data may also be processed on servers in third countries
(e.g. USA).

Microsoft uses appropriate safeguards pursuant to Art. 46 GDPR, including:

  • Standard Contractual Clauses (SCCs)
  • participation in the EU-U.S. Data Privacy Framework (where applicable)

Further information:
https://privacy.microsoft.com/en-us/privacystatement

Legal basis:
Art. 6(1)(b) and Art. 6(1)(f) GDPR

6. Forms (WPForms)

We use WPForms for contact forms.

The data entered is processed solely for the purpose of handling your request.

Configuration:

  • no storage of IP addresses
  • no storage in the CMS
  • transmission exclusively via email

Legal basis: Art. 6(1)(b) GDPR

7. Protection Against Misuse (Spam Prevention)

To protect our website and communication systems from automated misuse, we use technical protective measures.

This may involve processing technically necessary connection data.

Legal basis: Art. 6(1)(f) GDPR

Our legitimate interest lies in protecting our systems and ensuring proper communication.

8. Google Tag Manager

We use Google Tag Manager.

Provider: Google Ireland Limited, Ireland

Google Tag Manager is used to manage tags and scripts. It does not process personal data itself but may trigger other services.

It is only used with your consent.

Legal basis: Art. 6(1)(a) GDPR

9. Google Maps

We use Google Maps on our website.

The map is only loaded after your consent.

Personal data (e.g. IP address) may be transmitted to Google.

Legal basis:

  • Art. 6(1)(a) GDPR
  • Section 25(1) TDDDG

10. Google Web Fonts

We use Google Web Fonts locally.

No data is transmitted to Google.

11. Matomo

We use Matomo (self-hosted).

  • hosted on our own server
  • IP anonymization
  • no data is shared with third parties

Where cookies are used, this is done only with your consent.

Legal basis:

  • Art. 6(1)(a) GDPR
  • Section 25(1) TDDDG

Retention period:
In accordance with technical configuration and anonymization.

12. Recipients of Personal Data

Personal data is only shared where necessary or legally permitted.

Recipients may include:

  • hosting providers
  • email service providers (Microsoft 365)
  • consent management providers (Borlabs Cookie)
  • Google (if maps are activated)
  • other technical service providers where applicable

13. Legal Bases

We process personal data on the following legal bases:

  • Art. 6(1)(a) GDPR – consent
  • Art. 6(1)(b) GDPR – contract / request
  • Art. 6(1)(c) GDPR – legal obligation
  • Art. 6(1)(f) GDPR – legitimate interest

Where cookies are used, Section 25 TDDDG also applies.

14. Data Retention

We store personal data only as long as necessary or required by law.

Typical retention periods:

  • server log files: 3 days
  • contact requests: until processing is completed
  • cookie preferences: according to consent tool
  • analytics data: according to Matomo configuration

15. Rights of Data Subjects

You have the following rights:

  • right of access (Art. 15 GDPR)
  • right to rectification (Art. 16 GDPR)
  • right to erasure (Art. 17 GDPR)
  • right to restriction of processing (Art. 18 GDPR)
  • right to data portability (Art. 20 GDPR)
  • right to object (Art. 21 GDPR)
  • right to withdraw consent

You can exercise your rights at any time by contacting us.

16. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority.

Competent authority in Berlin:
Berlin Commissioner for Data Protection and Freedom of Information

17. Data Security

We implement appropriate technical and organizational measures to protect your data.

This website uses SSL/TLS encryption.

18. Changes to this Privacy Policy

We reserve the right to amend this privacy policy to reflect legal or technical changes.

Status: March 2026