Dear visitor,

Respect for your person and therefore also for your data is very important to me. When processing your data via this website or this web server, I therefore always endeavor to make the data processing in this regard as “fair” and transparent as possible for you.

Precisely because respect for you and your data is very important to me, I have not integrated any external services into my website where other providers become aware of your visit. Because I also regard your visit to my website as a secret that you might prefer to keep to yourself or only want to share with me…

So that you can get an idea of the data processing on this website, you will learn from me below, among other things, what data I receive and store from you based on your visit or your activities on the website. I also want to inform you about how and for what purposes I process the data you provide to me. In addition, I would like to inform you about your rights and other information about my website that may be of interest to you.

If you have any questions about certain points in my statement, I will be happy to answer them at any time.

The following information is based on the legal requirements of Art. 13 of the EU General Data Protection Regulation (hereinafter referred to as “GDPR”).

1. name and contact details of the data controller
   Responsible for the operation of this website is

Prof. Dr. med. Frank-Gerald B. Pajonk
Zeller Str. 22
82067 Zell
info@fgbpajonk.de

Name and address of the data protection officer:
((to be inserted))

2. processing of your data (purpose of use)
   In simple terms, your website visit is communication between you or your browser and my web server. As with any communication, data is exchanged when you visit my website or new data is created about the circumstances of the communication (so-called metadata).

Since you are a participant in this communication, all of this data theoretically allows more or less direct conclusions to be drawn about your person and is therefore to be assessed as “personal” or personally identifiable, which is why I must also comply with the applicable data protection requirements.

As this data concerns you more or less directly, I would like to inform you below about what data I or my server receives from you and how and for what purposes I use this data.

2. a) When you visit my website
   When you visit my website www.fgbpajonk.de, your browser automatically sends data to the web server of my website, which you cannot prevent. The data listed below is stored by my server (temporarily) in a so-called log file until it is automatically deleted:

• The so-called IP address assigned to you by your or an internet provider,
• The date and time of access to my website,
• The name and URL of the file accessed,
• If applicable, a previous website from which you came to my website (so-called referrer URL),
• The browser you are using and, if applicable, the operating system of your computer as well as the name of your access provider, which in turn can be derived from the IP address. However, the last two are automatically shortened. For example, the IP address 11.22.33.44 automatically becomes 11.22.0.0.

This data is processed by me for the following purposes:

• to ensure that your browser establishes a smooth connection and for the convenient use of my website,
• to ensure adequate system security,
• to ensure the traceability of any attacks and their legal prosecution, etc,
• for other, purely administrative purposes.

The processing of your data for these purposes has its legal basis in Art. 6 para. 1 sentence 1 c) GDPR. This is because I am legally obliged to ensure the security of this website when I operate a website like this one. The data described above is an integral part of this.

Furthermore, my interest in ensuring sufficient security and stability of this website is an interest that should correspond to your interest in the unhindered, secure use of my website.

I would like to point out that I do not process this data for purposes other than those mentioned above. In particular, this data will not be used for marketing purposes or similar. In this respect, I adhere to the strict purpose limitation under data protection law.

I do not store the data for longer than necessary in order to comply with the requirement of storage limitation stated in the GDPR and to be able to pursue the above-mentioned purposes. The data stored by me is retained for 30 days and then automatically deleted.

2. b) Data processing when using my contact form
   For questions of any kind, I offer you the opportunity to contact me via a form provided on the website.

Because I only want to collect the data that I really need to process your request via this contact form, only your name and a valid e-mail address as well as the subject are required. This information is absolutely necessary in order to find out who sent me the inquiry, what your request is and to which contact address I may send any reply. Even though I have made the transmission of this data secure, I still recommend that you disclose as little sensitive data as possible via the contact form. Instead, please choose to speak to me in person.

As you voluntarily disclose this data to me via this form in order to contact me, the data processing I carry out to contact you is based on your consent. The legitimation for processing this data for response purposes thus follows from Art. 6 para. 1 sentence 1 a) GDPR.

I only use the data transmitted to me to contact you and to document this.

The personal data collected by me for the use of the contact form will be automatically deleted from the web server after your request has been dealt with.

The following data is stored at the time the message is sent:

• Date and time of registration
• Category of the person making the inquiry (referrer / patient), if applicable
• Requested clinic
• Type of request
• Message type
• Company, if applicable
• Surname, first name and title if applicable
• E-mail address
• Postal address, if applicable
• Telephone number, if applicable
• Callback request, if applicable
• Availability, if applicable
• Uploaded file, if applicable

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored. The data will not be passed on to third parties in this context. The data will be used exclusively for processing the conversation.

3. recipients of your data that I process via this website
   As described under 1.), it is very important to me not to disclose the data of your visit to external third parties, unless:

• You agree to the disclosure,
• I am legally/statutorily obliged to transmit the data or
• it is technically necessary.

Because I cannot operate my server myself, I have this done by my provider
united-domains GmbH, Starnberg
to do this. This provider may have the possibility to access the data mentioned in 2 a) of this declaration in particular.

However, I have taken appropriate contractual provisions and organizational measures to ensure that this only takes place to the extent necessary and for legally legitimate purposes.

Furthermore, I do not want to conceal the fact that there may always be people / organizations that can track communication on the Internet / by e-mail, over which I have no influence. However, I have tried to prevent this (unauthorized) knowledge as much as possible by using an encrypted connection (see also point 7 of this declaration).

4. cookies
   Cookies are small files that your browser automatically downloads and that are stored on your end device (laptop, tablet, smartphone, etc.) for a certain period of time. Information is stored in a cookie that is related to the device you use to visit the website (computer, smartphone, etc.).

As shown, I do not use any external services, which is why I do not set any third-party cookies that can be used to “track” or trace you across the network.

However, I myself use so-called “session cookies” on the website in order to be able to identify you during your visit and to ensure that, for example, you do not have to make entries twice. By using these cookies, I want to make your visit and the use of my website as convenient as possible. In this respect, this should also be in your interest and thus represent a legitimate interest on my part in accordance with Art. 6 para. 1 f) GDPR. In particular, I have made sure that the use of this cookie is as little “invasive” as possible, which is why this cookie is automatically deleted when you close the browser or end the “browser session”.

I also use a cookie that is associated with the offer window for my information flyer that appears when you visit my website. This cookie is intended to prevent you from being shown the offer window again when you visit my website again. In this respect, this should also be in your interest and thus represent a legitimate interest on my part pursuant to Art. 6 para. 1 f) GDPR. In particular, because I only use this cookie for this purpose and it is automatically deleted after one day.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. It is also possible to delete cookies manually or to instruct the browser to delete the cookies set when you close the browser. However, deleting my cookies will cause your browser to forget certain things and therefore, for example, the offer window will be displayed again when you visit the site again.

5 Your rights as a so-called “data subject”
As I process “your” data during your visit, as shown above, you have certain rights vis-à-vis me by law. These are in particular the rights listed below:

• In accordance with Art. 15 GDPR, to request information about your personal data processed by me;
• In accordance with Art. 16 GDPR, to demand the immediate correction of incorrect or incomplete personal data stored by me;
• to request the deletion of your personal data stored by me in accordance with Art. 17 GDPR
• to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR
• in accordance with Art. 20 GDPR, to receive your personal data that you have provided to me in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller
• In accordance with Art. 7 para. 3 GDPR, to revoke your consent (see point 2b) to me at any time. However, this revocation only applies to future data processing. This does not affect the lawfulness of the processing based on this legal basis;
• To lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or that of my practice. The supervisory authority responsible for data protection for my practice is

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 27
91522 Ansbach
E-mail address: poststelle@lda.bayern.de

6 Right to object
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which I will implement without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to info@fgbpajonk.de

7. data security
   As stated at the beginning, it is very important to me to protect you and your data as well as possible. For this reason, I have taken various measures to protect your data as well as possible from unauthorized access.

For example, I have developed a so-called “referrer policy”, which prevents external providers from finding out which website you are currently on or that you have come to the corresponding website from the fgbpajonk.de website.

To prevent external parties from “eavesdropping” on communication, I use the widely used SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support such a high level of encryption, I will use 128-bit v3 technology instead. You can recognize that communication with my website is encrypted by the closed display of the key or lock symbol, which is usually located on the right in the lower status bar of your browser.

I also use what I consider to be appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. My security measures are continuously reviewed for their effectiveness in line with technological developments and improved where necessary.

8. topicality and amendment of this privacy policy
   This privacy policy is currently valid and was last updated in February 2025.

However, due to the further development of my website or due to changes in legal or official requirements, it may become necessary to amend this privacy policy.

I will draw your attention to any changes to the privacy policy in a prominent place on this website. Furthermore, any changes will be highlighted in the new privacy policy.

You can access and print out the current privacy policy at any time on my website at https://fgbpajonk.de/datenschutz/.

9. analysis tools
   Google Analytics

Description and scope of data processing

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

I have activated the IP anonymization function for this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator . The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Data transfer to third parties

I have concluded a contract with Google for commissioned data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Legal basis for data processing

By confirming my cookie notice, you agree to the use of cookies from external providers in order to improve the content and appearance of my website and to measure the effectiveness of my advertising. The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given such consent.

Legal basis for the transfer of data

In order to perform the service for you, your personal data must be transferred to Google Inc. which processes the data at its headquarters in the USA. The involvement of the subcontractor is due to the fact that I could not provide the service myself.

I would like to point out that there is currently no adequacy decision by the EU Commission within the meaning of Art. 45 para. 1, 3 GDPR. This means that the EU Commission has not yet positively determined that the country-specific level of data protection in the USA corresponds to that of the European Union on the basis of the GDPR.

The GDPR requires so-called appropriate safeguards for data transfers to a third country or to international organizations, Art. 46 para. 2, 3 GDPR. For example, internal company data protection regulations approved by a supervisory authority and standard EU contracts are currently not implemented by the subcontractor.

Possible risks that cannot currently be ruled out in connection with the aforementioned are in particular

• Your personal data could possibly be passed on by Google to other third parties beyond the actual purpose of order fulfillment, who may, for example, use your data for advertising purposes.
• You may not be able to assert or enforce your rights to information against Google in the long term.
• There may be a higher probability that incorrect data processing may occur, as Google’s technical and organizational measures for the protection of personal data do not fully comply with the requirements of the GDPR in terms of quantity and quality.

You therefore agree in accordance with Art. 49 para. 1 lit. a GDPR that I may transfer the data to Google. This also applies to the products from Google listed under “Further processing”. The legal basis for the transmission of the data is Art. 49 para. 1 lit. a GDPR if the user has given such consent.

Possibility of objection and removal

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will then be set to prevent your data from being collected on future visits to this website. You can revoke your consent to data transmission at any time in accordance with Art. 49 GDPR. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Further processing

1. a) Demographic characteristics with Google Analytics
   This website uses the “demographic features” function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.
2. b) Google Analytics Remarketing
   My websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you sign in with your Google account.

To support this feature, Google Analytics collects Google-authenticated user IDs that are temporarily linked to my Google Analytics data to define and create audiences for cross-device advertising.

You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account by following this link:

https://www.google.com/settings/ads/onweb/.

The summary of the data collected in your Google account is based exclusively on your consent, which you can give or revoke at Google (Art. 6 para. 1 lit. a GDPR). For data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merging), the collection of data is based on Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that I have an interest in the anonymized analysis of website visitors for advertising purposes.

Further information and the data protection provisions can be found in Google’s privacy policy at: https://www.google.com/policies/technologies/ads/.

1. c) Google Tag Manager
   Google Tag Manager is also a product of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), which allows me to manage website tags from applications such as Google Analytics via an interface. The Tag Manager is a cookie-free domain and does not collect any personal data.
2. d) Google AdWords and Google conversion tracking
   This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). As part of Google AdWords, I use what is known as conversion tracking. If you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and I can recognize that the user clicked on the ad and was redirected to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of “conversion cookies” is based on Art. 6 para. 1 lit. f GDPR. I have a legitimate interest in the analysis of user behavior in order to optimize both my website and my advertising.

You can find more information about Google AdWords and Google Conversion Tracking in Google’s privacy policy: https://www.google.de/policies/privacy/.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

1. e) Google Optimize:
   I use Google Optimize, a service provided by Google (“Google Optimize”). Google Optimize analyzes the use of different variants of the website so that I am able to adapt the user-friendliness to the behavior of the website users. Google Optimize is a tool integrated into Google Analytics and uses cookies.

The IP address received in this way is anonymized immediately after processing. In exceptional cases, the full IP address is transmitted to a Google server in the USA and encrypted there. The transmitted IP address is not merged with other Google data.

You can prevent the storage of cookies by setting your browser accordingly. Please note, however, that in this case you may not be able to use all the functions of my website to their full extent. You can also prevent Google from collecting the data generated by the cookies and relating to your use of the website and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

10 Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis me as the controller

Right to information

You can request confirmation from me as to whether personal data concerning you is being processed by me. If such processing is taking place, you can request the following information from me

• the purposes for which the personal data are processed
• the categories of personal data being processed
• the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed
• the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period
• the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by me or a right to object to such processing
• the existence of a right to lodge a complaint with a supervisory authority
• all available information about the origin of the data if the personal data is not collected from the data subject
• the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

Right to rectification

You have a right to rectification and/or completion vis-à-vis me if the processed personal data concerning you is incorrect or incomplete. I must make the correction without delay.

Right to restriction of processing

Under the following conditions, you may request that the processing of your personal data be restricted:

• if you contest the accuracy of the personal data concerning you for a period enabling me to verify the accuracy of the personal data
• the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead
• I no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or
• if you have objected to the processing pursuant to Art. 21 para. 1 GDPR and it is not yet certain whether my legitimate reasons outweigh your reasons.

If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by me before the restriction is lifted.

Right to erasure

1. a) Obligation to erase

You have the right to obtain from me the erasure of personal data concerning you without undue delay and I am obliged to erase such data without undue delay where one of the following grounds applies:

• The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
• You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
• You object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR.
• The personal data concerning you has been processed unlawfully.
• The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which I am subject.
• The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.

1. b) Information to third parties

If I have made the personal data concerning you public and I am obliged to delete it in accordance with Art. 17 para. 1 GDPR, I will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.

1. c) Exceptions

The right to erasure does not apply if the processing is necessary

• to exercise the right to freedom of expression and information
• for compliance with a legal obligation which requires processing by Union or Member State law to which I am subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in me;
• for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR
• for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
• for the establishment, exercise or defense of legal claims.

Right to information

If you have asserted the right to rectification, erasure or restriction of processing against me, I am obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed about these recipients.

Right to data portability

You have the right to receive the personal data concerning you that you have provided to me in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from me to whom the personal data has been provided, provided that

1. the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
2. the processing is carried out by automated means.

In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly by me to another controller, insofar as this is technically feasible. The freedoms and rights of other persons may not be affected by this.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in me.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.

I will no longer process the personal data concerning you unless I can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you have the possibility of exercising your right to object by automated means using technical specifications.

Right to revoke the declaration of consent under data protection law

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Automated decision-making in individual cases, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

• is necessary for the conclusion or performance of a contract between you and me
• is authorized by Union or Member State law to which I am subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
• with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

With regard to the cases referred to in 1. and 3. above, I shall take reasonable measures to safeguard the rights and freedoms and your legitimate interests, including at least the right to obtain the intervention of a person on my part, to state my own position and to challenge the decision.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

11. security
    SSL encryption
    This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to me as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to me cannot be read by third parties.
12. telephone tracking with Multiconnect
    I use my own telephone numbers on my websites, which I can display individually for each visitor. This means that the next visitor who accesses the same website as you will be shown a different telephone number. You can use this number to contact me.

If you call such a number, I know from the number you dialed which website you were on and can measure the success of the website in question, as it was obviously so interesting that you called me. Using phone numbers for measurement purposes is called call tracking.

For analysis purposes, I forward the number you called, your customer ID and the date and time the call started to Google Analytics. However, this does not make you personally identifiable. I use call tracking so that I can constantly improve my information offerings. For this purpose, it is important for me to know how well these information services are received by visitors to my website.