Privacy Policy

HomePrivacy Policy

Privacy Policy

1. Data Controller

The data controller for data processing on this website is:

KJPP Group Practice
Child and Adolescent Psychiatry
Psychotherapy
Wilhelmshöher Allee 122
34119 Kassel
Germany

Represented by:
Dr Ulrike Berlin
Dr Eva Marie Nonn

Telephone: +49 (0) 561 57 63 21
Email: praxis@kjpp-bemono.de

2. General information on data processing

We process the personal data of users of our website only to the extent necessary to provide a fully functional website and our content and services. The processing of personal data generally takes place only with the consent of the data subject or on the basis of a legal authorisation.

3. Purposes and legal bases of processing

We process personal data in particular for the following purposes:

  • to provide the website and its technical functionality,
  • to process contact enquiries sent to us by email, telephone, post or via the contact form,
  • to process documents submitted via the contact form, in particular registration forms, declarations of consent and confidentiality agreements,
  • to ensure the security and stability of the website,
  • to manage consents that have been given.

Depending on the content and purpose of the enquiry, processing is carried out on the basis of Article 6(1)(a) of the GDPR (consent), Article 6(1)(b) of the GDPR (pre-contractual measures or performance of a contract) and Article 6(1)(f) of the GDPR (legitimate interest).

If health data or other special categories of personal data are transmitted to us via the contact form or by other means, we will only process this data to the extent necessary for handling the matter in question and where there is a corresponding legal basis under data protection law.

4. Provision of the website and hosting

When this website is accessed, the hosting provider automatically records information in so-called server log files. This applies in particular to:

  • IP address,
  • date and time of access,
  • pages and files accessed,
  • browser type and browser version,
  • operating system used,
  • referrer URL.

This data is processed to ensure the technical operation, system security and stability of the website on the basis of our legitimate interest pursuant to Article 6(1)(f) of the GDPR.

Hosting by STRATO

This website is hosted by the following provider:

STRATO AG
Pascalstraße 10
10587 Berlin
Germany

5. SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognise an encrypted connection by the fact that the address bar of the browser begins with “https://”.

6. Cookies and consent management

Our website uses cookies and similar technologies. Where these are technically necessary for the operation of the website, their use is based on our legitimate interests. Where cookies or similar technologies are used for other purposes, this is done only with your consent.

We use a consent management tool to manage your consents. This involves processing and storing your consent decision, the time of the decision, your language settings (where applicable), and technical information about your browser or device. This processing is carried out for the purposes of documenting and managing the consents you have given.

Where the storage or retrieval of information on your device is necessary, this is carried out in accordance with legal requirements, in particular the TDDDG.

Consent management with Complianz

We use the “Complianz” tool to manage consents. Consent data may be stored in order to document users’ decisions and, where necessary, to enable the withdrawal or amendment of consents.

7. Contacting us and the contact form

If you contact us by email, telephone, post or via the contact form, we will process the personal data you provide in order to deal with your enquiry. This applies in particular to your name, your contact details, the subject of your enquiry, the content of your message and any documents you may have submitted.

The information marked as mandatory fields in the contact form is required in order to process and assign your enquiry.

In particular, the following documents can be sent to us via the contact form:

  • Registration form,
  • Declaration of consent,
  • Confidentiality agreement.

Processing is carried out to handle your enquiry on the basis of Article 6(1)(b) of the GDPR, insofar as it concerns a specific enquiry or the initiation of a treatment or other contractual relationship. In all other respects, processing is carried out on the basis of Article 6(1)(f) of the GDPR in the interests of orderly and efficient communication.

Where you voluntarily provide us with health data or other sensitive documents via the contact form, processing will only take place to the extent necessary to deal with your enquiry or where you have expressly consented to this.

Please note that, despite technical security measures, the transmission of information via web forms does not in all cases guarantee the same level of confidentiality as direct personal or telephone contact. Please therefore only submit information and documents that are absolutely necessary for your enquiry.

The contact form is intended solely for the transmission of documents and other messages. Appointments are made by telephone.

8. Integration of third-party services and content

Our website may incorporate content or functions from external providers. From a technical perspective, this requires the user’s IP address to be transmitted to the relevant provider.

Google Fonts

Where fonts are hosted locally on our own server on this website, no personal data is transmitted to Google.

Google Maps

Google Maps is integrated into this website to visually display geographical information and to make it easier to find our practice. When using Google Maps, personal data, in particular your IP address and, where applicable, location data, may be transmitted to Google.

The integration of Google Maps is based solely on your consent.

The provider is:

Google Cloud EMEA Limited
70 Sir John Rogerson’s Quay
Dublin 2
Ireland

9. Retention period

We store personal data only for as long as is necessary for the respective processing purposes or where statutory retention obligations apply. Enquiries and submitted documents are deleted as soon as their processing is complete and there are no statutory retention obligations or other legitimate reasons for further storage.

10. Rights of data subjects

Under the GDPR, you have the following rights in particular:

  • Right of access,
  • Right to rectification,
  • Right to erasure,
  • Right to restriction of processing,
  • Right to data portability,
  • Right to object,
  • Right to withdraw consent with effect for the future.

11. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.

12. Applicable professional regulations

The professional regulations of the Hessian Medical Association apply to the practice of medicine, in particular the Code of Conduct for Doctors in Hesse.

13. Date

Date: April 2026