Privacy Policy

This privacy policy was created with the help of von

Dear visitor,
We would like to let you know that personal data are collected when you visit our website.
Personal data is data that are related to you personally (e.g. name, date of birth, phone number, user behaviour).

The person responsible for the collection and storage of the data in our practice is:

Dr med. Irene Kleinau
Galenusstraße 59
13187 Berlin
Phone: (030) 475 36 286
Fax: (030) 475 99 686

Our website serves the exclusive purpose of providing information about our practice, the treatments we provide, and the therapeutic and diagnostic options for various illnesses. When you visit our website, only the data that are transferred from your browser to our server are collected. These data are required to display our website and allow you to navigate it. The legal basis for the collection of these data is Art. 6, Par. 1 f) of the EU General Data Protection Regulation (GDPR).:

– IP address
– Type of browser as well as its version and language settings
Operating system
– Access status / http status code
– Date and time of the query, as well as the time zone
– Contents of the request and the website it came from
– Volume of data transferred

These data are deleted when they are no longer required.

Contact form / email contact

When you send us files or documents via the contact form on our website, the data you share with us (e.g., name, date of birth and phone number) will be saved in order to respond to your query. You can contact us using the email address
In this case, the personal data that are transmitted along with the email will be stored. The data will be used exclusively for responding to the enquiry.

The data transmitted via email or the contact form will be deleted as soon as they are no longer needed and any statutory retention periods no longer apply. These data will not be made available to third parties.

Please note that the data from the contact form is are sent to us by email in the practice as an email. The transmission occurs in encrypted form. However, IT experts often remind us that anything you would not send as a postcard should not be sent by email. For this reason, we suggest that you send us any confidential information/data via post or phone rather than using email or the contact form on our website. We ask you to understand that we do not accept any liability for unsolicited data/emails.

The legal basis for processing the data from the contact form or data that are transferred in the course of sending an email is Art. 6 Par. 1 (f) GDPR. We use these personal data solely for the purpose of handling your query. This also constitutes our legitimate interest in processing the data.


We use the OpenStreetMap (OSM) map service. The provider is the Open Street Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.
If you visit a website on which OpenStreetMap is integrated, e.g. Your IP address and other information about your behavior on this website will be forwarded to the OSMF.
Details can be found in the OpenStreetMap data protection declaration under the following link:


Cookies are pieces of information that are transmitted from our web server to the user’s web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.
Only technically necessary cookies are used on this website; the user’s consent is not required according to Section 25 (2) TTDSG.

SSL encryption

Our website uses SSL encryption when transmitting confidential or personal information from our users. The encryption is activated, for example, by queries that you make via our website. Please ensure that SSL encryption is enabled on your browser when you engage in these types of activities. It is easy to tell whether encryption is enabled:{MQ}the display on your browser’s address bar changes from “http://” to “https://”. SSL-encrypted data cannot be read by third parties. Only transmit your confidential information if SSL encryption is activated; if in doubt, please contact us by phone or post instead.
This privacy policy was created with help of

Cooperation with third parties and processors

To such extent that we transmit data to other persons or companies (third parties or processors) or otherwise grant them access to the data, this shall be done only in such case that this is legally permissible, that you have permitted us to do so, that there is a statutory mandate to do so, or we have a legitimate interest in transmitting the data (e.g. when working with contractors, web hosts, etc.). If we commission third parties with the processing of data on the basis of a data processing agreement (DPA), this is done on the basis of Art. 28 GDPR.

Your rights as a data subject

With regard to your personal data stored with us, you have the following rights:

– Right to rectification and erasure
– Right to data portability
– Right to restriction of processing
– The right to be informed
– The right to object to processing
– The right to withdraw consent to data processing

You can obtain information about the personal data we have stored about you, as well as about the origin, recipient and purpose of data collection and data processing, at any time. You also have the right to request that your data be corrected, deleted, or blocked. Data that must be stored due to statutory regulations, such as those in the German Social Code V (SGB V) governing our work as medical practitioners, form an exception to this right. To make it possible to block your data at any time, the data will be saved to an internal “blocked” file for monitoring purposes. If the data are not subject to a statutory archiving obligation, we will delete them at your request. If an archiving obligation applies, we will block your data. For any questions or concerns regarding rectification, blocking, or erasure of your personal data, please get in touch with the contact person named above using the contact details in this privacy policy.

In addition, you have the right to file a complaint with the State Commissioner for the Protection of Data and Freedom of Information for the state of Berlin.

Online appointment booking

Use of our online appointment booking service is unfortunately not possible without submitting personal data (hereafter also: “data”). Data are considered “personal” when they contain information about the personal or factual circumstances of a particular or identifiable natural person and can be associated with this person.

We collect these data in accordance with the provisions of German data protection statutes. The legal basis for this collection can be found primarily in the Federal Data Protection Act (FDPA) and the Telemedia Act (TMA). Information in English about both of these laws is available  here.

For the technical implementation of online appointment booking, we use the services of a multi-award-winning German security specialist for patient data, samedi GmbH, Rigaer Str. 44, 10247, Berlin (hereafter: “samedi”). You can view the samedi privacy policy in English here.

By clicking “Accept and book appointment” (Akzeptieren und Termin buchen) you declare your agreement with the terms contained therein regarding the handling of your data. In particular, you agree to the collection and processing of your data by samedi GmbH and by us. You also thereby confirm that the data you provide is accurate. Any falsification of identity is prohibited.

If you do not agree to the privacy policy, we can unfortunately not make the online appointment booking service available to you.
Your data can be accessed only by the employees of the Kleinau Paediatric and Adolescent Medical Practice. samedi’s employees cannot access the data that are stored on samedi’s servers. Both we and samedi are governed by the data protection regulations of the Federal Republic of Germany and to monitoring and supervision by the authorities responsible for data protection and freedom of information. Your data will be protected with the utmost effectiveness and security.

samedi takes all organisational and technical precautions that are currently considered necessary to meet data protection requirements — particularly in regards to protecting the data from being accessed by unauthorised parties. Your data are not only transmitted using encryption; they are also stored on encrypted hard drives. This prevents third parties from directly accessing the data. Even though this encryption means that samedi does not process any personal data in plaintext, you still authorise samedi to process these data. Due to the local encryption of the data, the obligation to maintain medical confidentiality according to Art. 203 of the German Criminal Code (StGB) is still satisfied.

Your data will be stored only as long, and to such extent, as is necessary to provide our services to you.

If you want to correct, block, or delete your data, you can contact us at any time and we will be happy to correct, block or delete any of your data that is incorrectly or inappropriately stored. In this case, we reserve the right to request a suitable proof of your identity in order to prevent any possible wrongful use of this service. We will then accommodate your request without undue delay according to the statutory data protection regulations.
Should you require further information in addition to the information we have provided here, especially regarding which of your personal data we specifically process, you can contact us at any time at:

You will receive information regarding your stored data at no charge, and there is no need to state the reason.

Because statutory regulations, or their interpretation by the courts and authorities, can change — as can the services we offer — we must reserve the right to alter this privacy policy in the future. Should we change our privacy policy, we will inform you in advance by appropriate means. You will receive a comprehensive explanation of the changes and can decide whether you agree to the new privacy policy.

The protection of your data is important to us, and we strictly conform to the rules of the data protection regulations. That means that you can visit this website without submitting any personal data. The collection of personal data (e.g. name, address or email address) occurs only on a voluntary basis. These data will not be disclosed to third parties without your explicit consent. In such case that a contractual relationship (meaning the treatment contract) exists, is defined, or is in need of revision, or in case of a query, we collect and use personal data exclusively for these purposes.

Aside from that we process your usage data so that you may take full advantage of this online offering. However, this information is saved only as long as is necessary to process your request or to fulfil the treatment contract. We also comply with legal retention periods.

Current version of the privacy policy

This privacy policy is currently valid and was last updated in September 2018. It may be necessary to change this privacy policy as a result of the further development of our website and offerings, or due to changes in statutory or regulatory requirements.