The person responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other provisions of data protection law is:
Medizinische Klinik I
Frankfurter Referenzzentrum für Seltene Erkrankungen (FRZSE)
Prof. Dr. med. T.O.F. Wagner
D-60590 Frankfurt am Main
Telefon: +49 (0)69 6301-1
60590 Frankfurt am Main
Telefon: +49 69 6301-5745
Fax: +49 69 6301-83779
Personal user data is only processed if it is necessary for the provision of functions, content or services on the internet platform. The users consent is given before the processing of personal data except in cases in which it is not possible to obtain prior consent for actual reasons or in which processing is permitted by legal framework conditions.
Insofar as we obtain the consent of the data subject for the processing of personal data,
Art. 6 para. 1 lit. a EU Data Protection Basic Regulation (DSGVO) serves as the legal
basis. Art. 6 para. 1 lit. b DSGVO serves as a legal basis for the processing of personal
data required for the performance of a contract to which the data subject is a party.
This also applies to processing operations that are necessary for the implementation of
If the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.
In the event that vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.
If the processing is necessary to maintain a legitimate interest of our institution or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis for the processing.
The personal data of the person concerned will be deleted or blocked as soon as the
purpose of storage no longer applies. In addition, the data may be stored if the European
or national legislator has provided for this in Union regulations, laws or other
provisions to which the person responsible is subject. The data shall also be blocked or
deleted if a storage period prescribed by the aforementioned standards expires, unless it
is necessary for further storage of the data for the conclusion or performance of a
Hinweis: Über das Recht auf Widerruf der datenschutzrechtlichen Einwilligung vergl. 7.8.
Each time the website is accessed the web hosting provider automatically collects and
stores data from the accessing computer.
The following data are collected while using the platform:
The legal basis for temporary storage of the data is Art. 6 para 1 lit f DSGVO.
The temporary storage of the IP address through the system is necessary to enable the
delivery of the website to the user's computer. To do this, the user's IP address has to
be stored for the duration of the session.
These purposes also include our legitimate interest in data processing pursuant to Art. 6 Para. 1 lit. f DSGVO.
The data will be deleted, as soon as they are not necessary any more for the purpose of their gathering. In the case of the collection of data for providing the website, this is the case when the respective session has ended. Please refer to section 5 for the duration of storage during registration.
The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. In consequence, there is no possibility for the user to object to this.
operating system in an internet browser and are created when you visit a website. They
are used to store bits of information about your interactions with the website. This
cookie contains a characteristic text string that allows the browser to be uniquely
friendly. Some elements of our website require that the requesting web browser can be
identified even after a page change.
The following data are stored and transmitted in the cookies:
The legal basis for the processing of personal data using cookies is defined in Art. 6 para. 1 lit. f DSGVO.
Technical cookies are used to make the website user friendly. Website functionalities
browser is recognized even after page change.
Cookies are used for the following applications:
On our internet platform there is a form to ask questions on all aspects of rare respiratory diseases. The data is entered into an input mask and transmitted to us and stored. This data will not be passed on to third parties. In order to submit a question, the user has to fill in the following data which will be saved and processed:
The legal basis for data processing is Art. 6 para. 1 lit. a DSGVO if the user has given
If the purpose of registration is to fulfil a contract to which the user is a party or to carry out pre-contractual measures, the additional legal basis for the processing of data is Art. 6 Para. 1 lit. b DSGVO
User registration is necessary for the provision of certain contents and services on our website. This includes allocating and answering as well as releasing answered questions and participating in internal discussion rounds to find answers to the questions. User identification is necessary to ensure the assignment of questions through the moderator to respective experts and to be able to allocate the comments made by the respective experts.
The data will be deleted as soon as they have fulfilled the purpose for which they were collected. This is the case for data that has been collected during the registration process if the registration on our website is either cancelled or modified on our website.
As a user you always have the possibility to cancel your registration. You can have all
personal data changed at any time.
The request of account deletion can be done by email or by phone. Replies that have already been made by the user and published can be retained, deleted or anonymized after notification.
On our internet platform there is a form to ask questions on all aspects of rare respiratory diseases. In order to submit a question, the user has to fill in the following data which will be saved and processed:
(1) Disease area of rare respiratory diseases
(3) Language, in which the question is asked
(7) Role (is the questioner a physician or a patient?)
(8) Email address
(9) Country of Residence
At the time the message is sent, the following data will also be stored:
- Timestamp on sent question
- For data processing
Your consent will be obtained for data processing as part of the sending process and reference will be made to this data protection declaration. Alternatively, you can get in touch with us via the provided email address. In this case, the personal data of the user, which are transmitted with the email, will be stored.
In this context, points (1), (2), (3), (4), (5), (6), (9) are passed on to registered, logged in experts via the Internet portal EXABO within the EU for the purpose of answering questions. The operators and developers of the internet portal have access to the database and therefore to your data for the purpose maintaining and further developing the platform and can also carry out manual deletion. The web server of domain Factory is used to send the e-mails. A passing on to third parties is not given in this context.
Legal basis for data processing is Art. 6 para. 1 lit. a DSGVO if the user has consented to it. The legal basis for processing the data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
The processing of your personal data from the data entry mask serves to provide you an answer to your question. In case you should contact us by email, we will provide you with an answer to your question or, if needed, an extended answer to your question. The other personal data which is processed during the sending process are used to assign and answer questions accordingly. Points (1), (2), (3), (4) and (9) will be published and available in the archive of our internet platform after having been reviewed and answered by our experts, which will be open accessed in form of a question-answering-catalogue which is available to other patients seeking help.
The data will be deleted as soon as they are not necessary anymore for the purpose of their gathering. For the personal data from the contact form and those, that have been sent via email, this is the case, if the question has been deleted from the archive.
The user has the possibility to withdraw his consent for processing of personal data at any time. If the user gets in touch with us, he can object to the storage of his persona data at any time. In this case, questions cannot be answered, or, should an answer have already been published, it can be deleted or its provision restricted for the public. There is a restriction if the user wishes to delete his personal data but still provide the question anonymously. The revocation can be done via the e-mail address firstname.lastname@example.org or via telephone number +49 (0)69-6301-1. Please indicate in this context whether you wish to delete your personal data or you agree with us retaining questions, subject and language zone. In case you wish for us to delete all information regarding the inquiry in the question, your data will be irrevocably deleted right after the announcement. Please note that for every question asked you have to object to the storage of your data.
If your personal data are processed, you are the data subject within the meaning of the DSGVO and you are entitled to the following rights vis-à-vis the person responsible:
You may request a confirmation form from the data controller stating whether your
personal data will be processed by us. In the event of such processing, you may ask the
data controller to provide you with the following information:
You are entitled to rectification and /or completion of your personal data corrected and completed by the data controller if the personal data processed concerning you is inaccurate or incomplete. The data controller must carry out rectification right away.
Under the following conditions you may request a restriction of the processing of your
personal data: If you dispute the accuracy of your personal data for a period of time
that allows the data manager to review the data for accuracy; if the data processing is
unlawful and you refuse deletion of your personal data and instead request the
restriction of the use of the personal data; if the responsible data controller no longer
requires your personal data for the purpose of data processing, but you need them to
assert, exercise or defend legal claims; If you have objected to the processing of
personal data pursuant to Art. 21 para. 1 DSGVO and it has not yet been established
whether the justified reasons of the data controller outweigh your reasons.
If the processing of your personal data has been restricted, this data may be processed only with your consent or for the purpose of asserting, exercising or defending legal claims, or for the protection of another natural or legal person, or for reasons of an important public interest of the Union or a Member State. Should the restriction measures of processing of personal data have been made according to the above mentioned prerequisites, you will be informed by the data manager, that the restriction has been revoked.
You can request immediate deletion of your personal data by the data manager, who is
obligated to delete these data, provided one of the following reasons:
Your personal data are no longer needed for the purposes, for which they have been collected or otherwise processed. You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO and there is no other legal basis for the processing. You object to the processing pursuant to Art. 21 para. 1 DSGVO and there are no overriding legitimate reasons for the processing or you object to the processing pursuant to Art. 21 para. 2 DSGVO. The personal data concerning you have been unlawfully processed. The deletion of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject. The personal data that have been collected are in respect to the offered services from the information society pursuant to Art. Para. 1 DSGVO.
Has the person responsible made the personal data concerning you public and is obliged to delete them pursuant to Art. 17 para. 1 DSGVO, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform the persons responsible who process the personal data that you, as the person concerned, have requested them to delete all links to this personal data or copies or replications of this personal data.
The right to deletion does not exist if the processing is necessary for the exercise of the right to freedom of expression and information; To fulfil a legal obligation, which the processing requires under the law of the Union or of the Member States to which the controller is subject, or to perform a task which is carried out in public interest, or which was assigned to the responsible controller; for reasons of public interest in the field of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) DSGVO; for archive purposes in the public interest, for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 DSGVO, inasmuch as the law referred to under section a) presumably makes the attainment of the objectives of such processing impossible or seriously impairs them, or for the assertion, exercise or defence of legal claims.
If you have exercised the right to rectify, cancel or limit the processing of your personal data against the controller, the latter is obliged to inform all recipients to whom your personal data have been disclosed, of this rectification, cancellation or limitation of the processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed by the controller of such recipients.
You have the right to receive the personal data that concern you, which you have provided to the responsible person, in a structured, common and machine-readable format. Furthermore, you are entitled to forward these personal data to another responsible without being hindered by the responsible person to whom the personal data has been provided, insofar as the processing is based on a consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO and the processing is carried out using automated procedures. In exercising these rights, you also have the right to obtain the direct transfer of your personal data relating to you from one responsible person to another, as far as this is technically feasible. Other person´s freedom and rights must not be affected by this. The right to data transfer does not apply to the mere processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority entrusted to the person responsible.
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you on the basis of Art. 6 para. 1 lit. e or f DSGVO. The responsible person will no longer process the personal data relating to you, unless he can prove compelling reasons that are worthy of protection for processing your data, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. If your personal data are processed, for direct advertisement purposes, you have the right to object to the processing of your personal data for the purpose of such advertisement; this also applies for the profiling, provided that it is linked with such advertisement. Should you object to the processing of your data for the purpose of direct advertisement, your personal data will no longer be processed for these purposes. You have the possibility to exercise your right of objection in relation to the use of Information Society services, regardless Directive 2002/58/EC, by means of automated procedures using technical specifications.
You have the right to revoke your data protection consent at any time. Revocation will however not affect the lawfulness of the processing of personal data which was carried out on the basis of the consent until revocation.
You have the right not to be subject to any decision based solely on automated processing, including profiling, that has any legal effect or affects you in a significant and similar manner. This does not apply when the decision is needed for the conclusion or the fulfillment of a contract between yourself and the responsible data controller, is admissible under the laws of the Union or of the Member States, to which the data controller is subject, and those laws contain appropriate measures to safeguard your rights and freedom and your legitimate interests or are adopted with your explicit consent. These decisions, however, must not be based on specific criteria of personal data pursuant to Art. 9 para. 1 DSGVO, unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect the rights and freedom as well as your legitimate interests. Regarding the cases referred to in (1) and (3), the responsible person must take appropriate measurements to protect the rights and freedom as well as your legitimate interests, which includes at least the right to obtain the intervention of a person on the part of the responsible person, to state the own point of view and to challenge the decision.
Without prejudice to any other legal administrative proceedings or judicial remedy, you
have the right to send your complaints to a surveillance authority, particularly in the
Member State of your place of residence, your place of work or the place of the alleged
violations, if you are under the impression that the processing of the respective
personal data concerned violates the DSGVO. The surveillance authority, which the
complaint is submitted to, informs the complainant about the status and outcome of the
complaint and the possibilities of judicial remedy under article 78 DSGVO.
For security reasons this site uses SSL or TLS encryption and to protect the transmission of
confidential content, such as requests you send to us as a site operator. You can recognize an
encrypted webpage by the fact that the browser´s address bar changes from http:// to https://,
as well as a lock icon in the browser bar. If the SSL or TLS encryption is activated, the data
you have transmitted to us cannot be read by third parties.