+49 (0) 561 81 04 94 0
mailto:info@noahklinik.de
Online appointment
Contact
logo-noahklinik
Eyes / Nose / Ear / Chin
Wrinkle treatments
Breast surgery
Body

Privacy Policy Noah Clinic

1) Introduction and contact details of the responsible person

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we will inform you about how we handle your personal data when you use our website. Personal data is all data with which you can be personally identified.

1.2 The controller of the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Noahklinik GmbH, Kurfürstenstraße 10-12, 34117 Kassel, Germany, Tel.: +49 561 81 04 94 0, Fax: +49 561 81 04 94 9, E-Mail: info@noahklinik.de. The controller of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2) Data collection when visiting our website

2.1 During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to the page server (so-called "server log files"). When you call up our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you reached the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the person responsible). You can recognise an encrypted connection by the string "https://" and the lock symbol in your browser line.

3) Hosting & content delivery network

For the hosting of our website and the presentation of the page content, we use a provider that provides its services itself or through selected subcontractors exclusively on servers within the European Union.

All data collected on our website is processed on these servers.

We have concluded an order processing contract with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

4) Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your terminal device. In some cases, these cookies are automatically deleted again after the browser is closed (so-called "session cookies"), in other cases, these cookies remain on your end device for longer and allow page settings to be saved (so-called "persistent cookies"). In the latter case, you can find the storage period in the overview of the cookie settings of your web browser.

If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b DSGVO either for the performance of the contract, in accordance with Art. 6 para. 1 lit. a DSGVO in the case of consent given or in accordance with Art. 6 para. 1 lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.

You can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases or generally.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Making contact

5.1 Own function for making appointments online
We process your personal data as part of the online appointment booking process provided. You can see which data we collect for online appointments from the respective input form or the appointment request for making an appointment. If certain data is required in order to be able to make an online appointment, we will indicate this accordingly in the input form or appointment request. If we provide you with a free text field on the input form, you can describe your request in more detail there. You can then also decide for yourself which additional data you would like to enter. The data you provide will only be stored and used for the purpose of making an appointment. When processing personal data that is necessary for the fulfilment of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 para. 1 lit. b GDPR serves as the legal basis. If you have given us your consent to process your data, the processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time by sending a message to the controller named at the beginning of this statement.

5.2 WhatsApp Business

You have the option of contacting us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use the so-called "business version" of WhatsApp for this purpose.

If you contact us via WhatsApp on the occasion of a specific transaction (for example, an order placed), we store and use the mobile phone number you use on WhatsApp as well as - if provided - your first and last name in accordance with Art. 6 Para. 1 lit. b. DSGVO to process and respond to your request. On the basis of the same legal basis, we may ask you to provide further data (order number, customer number, address or email address) via WhatsApp in order to be able to assign your request to a specific process.

If you use our WhatsApp contact for general enquiries (e.g. about the range of services, availability or our website), we store and use the mobile phone number you use on WhatsApp and - if provided - your first name and surname in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in providing the requested information efficiently and promptly.

Your data will only be used to respond to your request via WhatsApp. Your data will not be passed on to third parties.

Please note that WhatsApp Business obtains access to the address book of the mobile device we use for this purpose and automatically transfers telephone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. For the operation of our WhatsApp Business account, we use a mobile end device in whose address book only the WhatsApp contact data of those users who have also contacted us via WhatsApp are stored.

This ensures that every person whose WhatsApp contact data is stored in our address book has already consented to the transmission of their WhatsApp telephone number from the address books of their chat contacts in accordance with Art. 6 (1) lit. a DSGVO when using the app on their device for the first time by accepting the WhatsApp terms of use. A transmission of data of such users who do not use WhatsApp and/or have not contacted us via WhatsApp is excluded in this respect.

For the purpose and scope of the data collection and the further processing and use of the data by WhatsApp, as well as your rights in this regard and setting options for protecting your privacy, please refer to WhatsApp's privacy policy: https://www.whatsapp.com/legal/?eea=1#privacy-policy

We have concluded an order processing contract with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.

In the course of the above-mentioned processing, data may be transferred to servers of Meta Platforms Inc. in the USA.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

5.3 Personal data is collected when contacting us (e.g. via contact form or e-mail). Which data is collected in the case of the use of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration.

The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO. Your data will be deleted after your request has been processed. This is the case when the circumstances indicate that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

6) Web analytics services

Matomo

This website uses a web analytics service provided by the following provider: InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, ("Matomo").

To protect site visitors, Matomo uses a so-called "config_id" to enable various analyses of site usage within a short time window of up to 24 hours. The site's "config_id" is a randomly set, time-limited hash of a limited set of the visitor's settings and attributes. The config_id or config hash is a string that is calculated for a visitor based on their operating system, browser, browser plugins, IP address and browser language. Matomo does not use device fingerprinting and uses an anonymised IP address of the website visitor to create the "config_id".

If the information processed in this way includes personal user data, the processing is carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes. To object to data processing of your visitor data for the future, we provide you with a separate objection option on our website.

Data is only transferred to the provider if the service is not hosted on our servers. In the case of self-hosting, data collected via the service is not transmitted to the provider.

If the service is not hosted on our own servers, we have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.

In this case, data transfers to New Zealand are subject to an adequacy decision by the EU Commission, which certifies compliance with European data protection standards for international data transfers.

7) Page functionalities

7.1 Youtube

This website uses plugins for the display and playback of videos from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Data may also be transmitted to: Google LLC., USA

When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the provider's servers in order to load the plugin. In this process, certain information, including your IP address, is transmitted to the provider.

If the playback of embedded videos is started via the plugin, the provider also uses cookies to collect information about user behaviour, create playback statistics and prevent abusive behaviour.

If you are logged into a user account with the provider during your visit to the site, your data will be assigned directly to your account when you click on a video. If you do not wish your data to be associated with your account, you must log out before clicking the play button.

All of the aforementioned processing, in particular the setting of cookies for reading out information on the end device used, only takes place if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service via the "Cookie Consent Tool" provided on the website.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

7.2 Graphic elements from the following provider are integrated on our website to display external customer ratings and/or an externally awarded quality mark: Trustindex Ltd, Nyari Pal utca 15, 2724 Ujlengyel, Hungary.

When you call up a page on our website that contains such graphic elements, your browser establishes a direct connection to the provider's servers in order to load the elements properly. In the process, certain browser information, including your IP address, is transmitted to the provider.

If personal data is also processed in the process, this is done in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in the optimal marketing of our offer and the appealing design of our website.

7.3 Adobe Fonts (Typekit)

This site uses so-called web fonts from the following provider for the uniform display of fonts: Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA.

When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly and establishes a direct connection to the provider's servers. In the process, certain browser information, including your IP address, is transmitted to the provider.

The processing of personal data in the course of establishing a connection with the provider of the fonts is only carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service via the "cookie consent tool" provided on the website. If your browser does not support web fonts, a standard font will be used by your computer.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

7.4 Google reCAPTCHA

On this website we use the CAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Data may also be transmitted to: Google LLC, USA. For the visual design of the captcha window, the provider uses "Google Fonts", i.e. fonts loaded from the Internet by Google. No information other than that mentioned above, which is already transmitted to Google via the functionality of ReCaptcha, is processed in this case.

The service checks whether an entry is made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks and similar automated malicious access. To ensure that an action is carried out by a person and not by an automated bot, the provider collects the IP address of the end device used, identification data of the browser and operating system type used as well as the date and duration of the visit and transmits these to the provider's servers for evaluation. This may involve the use of cookies, i.e. small text files that are stored in the browser of the end device.

If the processing described above is carried out on the basis of cookies, these will only be set if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "cookie consent tool" provided on the website.

If the processing described above is carried out without the use of cookies, the legal basis is our legitimate interest in determining individual responsibility on the Internet and avoiding misuse and spam in accordance with Art. 6 para. 1 lit. f GDPR.

We have concluded an order processing contract with the provider, which ensures the protection of our site visitors' data and prohibits unauthorised disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/en/privacy/

7.5 Google Photos

This website uses the image service "Google Photos" from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google") for the integration and display of images.

Google Photos itself does not store or read any information on user devices. The service also does not carry out any independent data analyses.

However, to load the image files from the Google network, your IP address is transmitted to Google when you access the page and may be stored there. It may also be transmitted to servers of Google LLC. in the USA is possible.

This processing will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, image files will not be loaded via Google Photos.

You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "cookie consent tool" provided on the website. We have concluded an order processing contract with Google, which obliges Google to protect the data of our website visitors and not to pass it on to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

7.6 Google Customer Reviews (formerly Google Certified Merchant Programme)

We work with Google as part of the "Google Customer Reviews" programme. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This programme gives us the opportunity to collect customer reviews from users of our website. After making a purchase on our website, you will be asked if you would like to participate in an email survey from Google.

If you give your consent in accordance with Art. 6 (1) lit. a DSGVO, we will transmit your email address to Google. You will receive an email from Google Customer Reviews asking you to rate the purchase experience on our website. The rating you provide will then be aggregated with our other ratings and displayed in our Google Customer Reviews logo and in our Merchant Center dashboard. In addition, your review will be used for Google Seller Reviews. The use of Google Customer Reviews may also involve the transmission of personal data to the servers of Google LLC. in the USA.

You can withdraw your consent at any time by sending a message to the data controller or to Google.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Further information on Google's privacy policy can be found here: https://business.safety.google/intl/en/privacy/

8) Rights of the data subject

8.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective prerequisites for exercising these rights:

  • Right to information pursuant to Art. 15 DSGVO;
  • Right to rectification pursuant to Art. 16 DSGVO;
  • Right to erasure pursuant to Art. 17 DSGVO;
  • Right to restriction of processing pursuant to Art. 18 DSGVO;
  • Right to information pursuant to Article 19 of the GDPR;
  • Right to data portability pursuant to Art. 20 DSGVO;
  • Right to revoke consent given in accordance with Art. 7 (3) DSGVO;
  • Right to lodge a complaint pursuant to Article 77 of the GDPR.

8.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

9) Duration of the storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and - if relevant - additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, the data concerned will be stored until you revoke your consent.

If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 Para. 1 lit. b DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfilment of the contract or the initiation of the contract and/or there is no justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6(1)(f) DSGVO, this data is stored until you exercise your right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing based on Art. 6 (1) lit. f DSGVO, this data will be stored until you exercise your right to object in accordance with Art. 21 (2) DSGVO.

Unless otherwise indicated in the other information in this statement on specific processing situations, stored personal data are otherwise deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

You have questions or want to make an appointment?

+49 (0) 561 81 04 940

Contact & Request

+49 176 62408957

Online appointment
Noah Clinic Logo

Prof. Ernst Magnus Noah, MD
Specialist in plastic, reconstructive and aesthetic surgery, hand surgery

In our practice for plastic, reconstructive and aesthetic surgery in Kassel, we offer the entire spectrum of aesthetic operations and procedures at a high level.

Opening hours:

Monday: 09:00-19:00
Tuesday: 09:00-19:00
Wednesday: 09:00-19:00
Thursday: 09:00-19:00
Friday: 09:00-17:00
Saturday: by arrangement

Contact & Address

Kurfürstenstraße 10-12
34117 Kassel

Phone:
+49 (0)561 81 04 94 0

Fax:
+49 (0)561 81 04 94 9

E-mail: info@noahklinik.de

WhatsApp
+49 (0) 176-62408957

Facebook-f Instagram Youtube

About us

Treatment areas

Aesthetic plastic surgery

Frequent treatments

Our memberships

DGPRÄC
German Society of Plastic, Reconstructive and Aesthetic Surgeons e. V.
VDAEPC Logo
Association of German Aesthetic Plastic Surgeons
American Society of Plastic Surgery
American Society of Plastic Surgery
International Society for Aesthetic Competence
International Society for Aesthetic Competence
International Society of Aesthetic Plastic Surgery
International Society of Aesthetic Plastic Surgery