Data protection notice for the "dermanostic" app

Dear user of this app,

The protection of your personal data is not only important to you, but also to us. We appreciate your trust that we will handle your personal data conscientiously and in accordance with the law. With this data protection notice, we would like not only to comply with our legal obligations under Articles 13 and 14 DS-GVO, but also to describe to you in an understandable way what personal data is collected when you use this app and how we handle it. DERMANOSTIC GmbH processes and uses personal data collected during the installation and use of the app in compliance with the data protection regulations applicable in the Federal Republic of Germany.

Responsible

The persons responsible pursuant to Art. 24 DS-GVO for the processing are the persons jointly responsible pursuant to Art. 26 DS-GVO.

App "dermanostic" GmbH
Merowingerplatz 1
40225 Düsseldorf

and

Practice Dr. Lang - specialist for dermatology
Kornstrasse 17 a
42719 Solingen.

Dermanostic GmbH is responsible for the technical development and provision of the app "dermanostic". Estefanía Lang, MD, is responsible for the medical design of the app.

If you wish to assert your data protection rights against the providers of the "dermanostic" app as a mediation platform, you can contact the data protection officer of Dermanostic GmbH by e-mail at datenschutz@dermanostic.com.

The jointly responsible parties of the app "dermanostic" offer you a convenient platform that can be accessed at any time and through which you can conclude a treatment contract with the responsible dermatologist.

The practice of Dr. Lang ensures that the requirements of § 7 para. 4 of the Model Professional Code of the German Medical Association are met.

Contact details of the data protection officer

You can contact the data protection officer of DERMANOSTIC GmbH at datenschutz@dermanostic.com.

Information on the necessity of cookies used.

Technically, no cookies are set within the app, but a similarly functioning principle is used (local storage). When you log in to the app, a session cookie is set to manage secure access to your login. In addition, we use the Firebase Crashlytics tool, which is necessary for our service, to obtain information exclusively about system crashes. For statistical purposes, we use the adjust program, in which your user behavior is recorded anonymously - we use this to further develop the app and make it even more user-friendly. At no time will health data or your personal data be passed on to adjust.

Processing during installation and access to the app.

API call logs

When you install our app or later access the app, data is collected for an API call log during installation and each time you access it.

Purposes

This processing is done for the following purposes:

  • Enabling the use of the App,
  • System security,
  • Technical administration of the network infrastructure,
  • Evaluation of system security and system stability,
  • Ensuring a smooth connection establishment.

We do not match the processed data with other data files and in no case use the data to draw conclusions about your person.

Types of data

During installation and each access data collected following data until their automated deletion after 30 days stored:

  • Date and time of installation,
  • Date and time of access,
  • Name and URL of the accessed file or page,
  • amount of data transferred,
  • Access status (successful transfer of file, file not found, etc.),
  • Browsers and operating systems of the user's terminal device,
  • name of the provider of the user's Internet access.

The legal basis of this processing is the fulfillment of the user contract entered into with you pursuant to Art. 6 para. 1 UAbs. 1 lit. b DS-GVO.

Necessity

The provision of our app is necessary for the performance of your usage contract for our app with us. If you do not install and access our app, you will not be able to use it.

Storage period

The data collected during installation or each time you access the app will be deleted automatically after 30 days.

Recipients

We use a web hoster for our service to provide the database of our app.

Google Firebase Crashlytics

Purposes

We use Google Firebase Crashlytics in our app, through which we process user data about system crashes and errors that occur when using the app on end devices with Android or iOS, so that we can fix them immediately.

Types of data

Google Firebase Crashlytics processes personal data on the user's terminal device type, the installed version of the app on the user's terminal device and the software and hardware of the user's terminal device. Furthermore, the time of the system crash and the affected programming code that led to the crash are processed by Crashlytics.

This processing is carried out on the legal basis of our legitimate interest in the stable operation of our app pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO.

Storage period

The data will be stored for two months.

Recipients

The data processed via Google Firebase Crashlytics is transmitted to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, and to Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and processed in the USA. Google is our processor for this processing and we have concluded an order processing agreement pursuant to Art. 28 DS-GVO with Google for this purpose. The legal basis for the third country transfer are standard data protection clauses pursuant to Art. 46 DS-GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

More information about Google's handling of user data in connection with Google Firebase Crashlytics can be found at https://firebase.google.com/support/privacy.

Right to object

You have the right to object to this processing of data related to you at any time. To object to our processing of data related to you via Google Crashlytics, you can contact the data protection officer of Dermanostic GmbH by email at datenschutz@dermanostic.com.

Processing in connection with user behavior analysis using Google Analytics.

Purposes

In order to optimize our web offer and our advertising, we analyze your user behavior using functions of the web analysis service Google Analytics. On our behalf, Google evaluates the personal data mentioned below in order to compile reports on your app activities and to provide us with further services related to app usage and internet usage for the purposes of market research and demand-oriented design of the app.

Types of data

When you consent to the analysis of your usage behavior of our app by Google Analytics, the following data is collected:

  • Your access time,
  • your access location,
  • to what extent you are currently actively using our app,
  • whether you are a returning user of our app,
  • the language, device model and platform (e.g. iOS or Android) of your terminal device.

We use the "demographic characteristics" feature of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. The data in the reports cannot be assigned to any particular person.

We have activated the IP anonymization function with regard to Google Analytics. This means that your IP address is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA.

We use the "demographic characteristics" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of data related to you by Google Analytics as shown in the item "Objection to data collection".

The legal basis for this processing is your consent pursuant to Art. 6 (1) lit. a DS-GVO.

Storage period

The data will be stored for 24 months.

Recipients

The data processed via Google Analytics is transmitted to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, and to Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and processed in the USA. Google is our processor for this processing and we have concluded an order processing agreement pursuant to Art. 28 DS-GVO with Google for this purpose. The legal basis for the third country transfer are standard data protection clauses pursuant to Art. 46 DS-GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

More information on the handling of user data in connection with Google Analytics by Google can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Right of withdrawal

You have the right to revoke your consent at any time. The revocation of the use of Google Analytics is possible within the app via the account management in the privacy section. The lawfulness of the processing carried out on the basis of your consent until revocation is not affected by this.

Processing in connection with user behavior analysis using Google Ads.

Purposes

We use Google Ads tracking to analyze user behavior in order to optimize our web offer and our advertising. So-called conversion tracking is used for this purpose. The information collected with the help of conversion tracking is also used to create conversion statistics for us.

Types of data

We ourselves do not collect or process any personal data in the aforementioned advertising measures. We are only provided with statistical evaluations by Google. We have insight into the cumulative data, i.e. the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. In addition, we process online identifiers (so-called fingerprint), anonymized internet protocol addresses and device identifiers.

The legal basis for the use is your express consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO.

Storage period

The cookie-like data stored on your end device will be automatically deleted from your device after 30 days, manually you can do this for Android or iOS app menu.

Recipients

The data collected for us is not visible to other Google Ads customers.

The data processed via Google Analytics is transmitted to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, and to Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and processed in the USA. Google is our processor for this processing and we have concluded an order processing agreement pursuant to Art. 28 DS-GVO with Google for this purpose. The legal basis for the third country transfer are standard data protection clauses pursuant to Art. 46 DS-GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

More information on Google Ads and Google conversion tracking can be found in Google's privacy policy: https://privacy.google.com/intl/de/businesses/adsservices/ as well as https://services.google.com/sitestats/de.html.

Right of withdrawal

You have the right to revoke your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.

Processing in connection with user behavior analysis using adjust.

Purposes

We use adjust to analyze your interactions with our app and thereby improve our mobile advertising campaigns. With your consent to the analysis of your usage behavior of our app by adjust, your data will be forwarded to Google Analytics Ireland Ltd. for statistical processing and analysis.

We also use adjust for attribution; this is an analysis of where you as a user last interacted with an advertisement, article or social media post of Dermanostic GmbH, i.e. whether you viewed an have viewed an advertisement, article or social media post of Dermanostic GmbH, clicked on a link contained therein or left a comment under the advertisement, article or post.

Types of data

Upon your consent to the analysis of your usage behavior of our app by adjust, the following data about you will be collected:

  • your access time to our app,
  • to what extent you are currently active on our app,
  • whether you are a returning user of our app,
  • your access location,
  • your demographic data,
  • the language, device model, and platform (e.g., iOS or Android) of your endpoint device,
  • Your IDFA (identifier for advertising on iOS devices) or Android advertising ID,
  • your IP address, and
  • your MAC address.

Demographic data includes information about the website, ad, or social media page from which you were directed to our app. This information is used to estimate your age group affiliation as well as the location from which you accessed the app.

Upon your consent to analyze your usage behavior of our app, the following data will be given to Google Analytics for further user and advertising analysis:

  • Your access time,
  • your access location,
  • to what extent you are currently actively using our app,
  • whether you are a returning user of our app,
  • the language, device model and platform (e.g. iOS or Android) of your terminal device.

The data related to you will be anonymized before processing for the above purposes, so that you can no longer be identified by means of the above data.

You can reset or deactivate the IDFA and Android advertising ID at any time via your operating system.

The legal basis for the use of adjust is your express consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO.

Storage period

The above data will be deleted after 14 months.

Recipients

The data we collect about you via adjust regarding your use of our app is processed on servers of adjust GmbH, Saarbrücker Str. 38 a, 10405 Berlin.

The data we collect about you via adjust regarding your use of our app is transmitted to Google Analytics. The data transmitted to Google Analytics is processed on servers of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, and Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and transmitted to the USA. Google is our processor for this processing and we have concluded an order processing agreement pursuant to Art. 28 DS-GVO with Google for this purpose. The legal basis for the third country transfer are standard data protection clauses pursuant to Art. 46 DS-GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

More information on the handling of user data in connection with Google Analytics by Google can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Right of withdrawal

You have the right to revoke your consent at any time. Revocation of your consent for the use of adjust is possible within the app via the account management in the privacy section. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.

Processing in connection with the management of your user account.

Purposes

For the purposes of creating and managing a user account, we process the data about you listed below.

Types of data

When creating the user account, we process the data you provide in the process in order to create the account, manage it and enable you to use the teledermatology consultation services we offer.

The legal basis of the related processing operations is your user contract for our app with us pursuant to Art. 6 (1) UAbs. 1 lit. b DS-GVO.

Necessity

The creation of a user account is for the teledermatological consultation via the app "dermanostic" is a technical and organizational measure for the processing of data related to you in accordance with the requirements of data protection and to ensure the protection of your data subject rights. If you do not create a user account, you will not be able to use the teledermatological consultation via the app "dermanostic".

Storage period

We store the data required for maintaining your user account for our app for as long as your user contract for our app exists with us.

Recipient

We use a web hoster to provide the database for our App.

Processing in connection with the creation of a request for a teledermatology consultation.

Purposes

The purpose of processing data related to you is the mediation of a treatment contract between you and the practice of Dr. Lang, the processing of personal data for anonymized evaluations for scientific, statistical and analytical purposes, including the development of new data-based diagnostic procedures - in each case if and to the extent permitted by law - as well as processing for billing purposes.

Insofar as processing for scientific, statistical and analytical purposes takes place, this occurs

in the form of the evaluation of your information in the questionnaire without images, as well as the diagnoses made by the dermatologist. Statistics are created, which may also be made available to third parties. In this evaluation, only anonymized data is processed, i.e. the person concerned cannot be identified or can no longer be identified.

in the form of the "training" of an artificial intelligence ("AI"), in that the data from the questionnaires, including the photographs of the skin disease posted by you, together with the diagnosis and therapy suggestion, are fed into a computer program that can facilitate the physician's diagnosis.

Types of data

In order to process your request, it is necessary to provide the treating dermatologist with the following information about you:

  • Name,
  • first name,
  • date of birth,
  • gender,
  • address,
  • e-mail,
  • pictures of the skin problem,
  • answers to the given questionnaire as well as
  • if applicable, answers to the queries posed by the dermatologist.

Should the respective dermatologist require further personal data from you for the treatment contract, the dermatologist will collect them himself in direct contact with you.

In relation to Dermanostic GmbH as the party responsible for the app "dermanostic" together with the practice Dr. Lang, the legal basis for the processing of the data relating to you is your usage contract for our app with us pursuant to Art. 6 para. 1 UAbs. 1 lit. b i. In conjunction with your consent to our processing of health data about you pursuant to Art. 9 para. 2 lit. a.

In relation to the practice of Dr. Lang as the person responsible for the app "dermanostic" together with Dermanostic GmbH, the legal basis for processing the data relating to you is your treatment contract with the practice of Dr. Lang according to Art. 9 para. 4 DS-GVO in conjunction with § 22 para. 1 subpara. 1 lit. b BDSG in conjunction with Art. 9 para. 2 lit. h Var. 3 and Var. 6 DS-GVO in conjunction with Art. 9 para. 3 DS-GVO in conjunction with § 630a ff. BGB.

The legal basis of the training of artificial intelligence ("AI") mentioned above is the processing for scientific purposes according to Art. 9 para. 2 lit. j DS-GVO in conjunction with Art. 89 DS-GVO and § 27 BDSG.

Necessity

The processing of the above data is necessary for the teledermatological consultation. If you do not provide us with the information requested by you, we will not be able to process your request.

Storage period

Your patient file will be stored for ten years after completion of treatment in accordance with the statutory retention periods pursuant to Section 630f (3) of the German Civil Code (BGB).

Recipients

We use a web hoster to provide the database for our app.

Right of revocation

You have the right to revoke your consent at any time. The lawfulness of the processing carried out on the basis of your consent until revocation is not affected by this.

Processing for payment transactions.

You can use the following options to pay the remuneration caused by the teledermatological consultation: PayPal and via Stripe: credit card payment, Apple Pay, Google Pay and Klarna Pay now.

Purposes

The processing serves the purpose of handling payment transactions in connection with the invoice issued to you by the dermatologist.

Types of data

In the context of payment processing, data of the following data types are processed:

  • Case ID,
  • transaction ID,
  • Date,
  • Amount,
  • payment gateway (credit card via Stripe or PayPal),

and in case of PayPal additionally the used PayPal address as well as the PayPal name

The legal basis for this processing is your consent, which you give voluntarily by using the respective payment option. The collection of the physician's claim by Dermanostic GmbH is based on an effective assignment of the claim by the physician to Dermanostic GmbH. All employees of Dermanostic GmbH are bound to confidentiality and are subject to the obligation of secrecy.

A further prerequisite for payment processing via Dermanostic GmbH is that you, as the patient, consent to the billing and the associated processing vis-à-vis the physician. You thereby declare your consent to the forwarding of the information required in each case for the purpose of billing for the medical services provided (name, date of birth, address, diagnosis, cost unit, examination and treatment data) as well as the assignment of the claim for the purpose of collection to Dermanostic GmbH, Merowingerplatz 1, 40225 Düsseldorf.

Right of revocation

You have the right to revoke your consent at any time. The lawfulness of the processing carried out on the basis of your consent until revocation will not be affected.

Storage period

We store invoices and receipts created in connection with the processing of the contract and your payment for ten years in accordance with our legal obligations arising from Section 147 (3) Sentence 1 of the German Fiscal Code (AO). The legal basis for this processing is our legal obligation Art. 6 para. 1 UAbs. 1 lit. c DS-GVO in conjunction with § 147 para. 3 sentence 1 AO.

Recipient

For the payment methods credit card and PayPal, the personal data you enter will be forwarded in encrypted form to the payment service Braintree, a product of PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal. This includes your name, address, telephone number, IP address, email address or other information necessary for order processing, including information about your order.

The processing of personal data is carried out by PayPal as the responsible party. As far as this is necessary for the fulfillment of the order, data may also be passed on to third parties by PayPal. For more information about processing by PayPal, please visit https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE.

For information on processing when using the payment service provider Google Pay, see https://support.google.com/pay/answer/7020860?hl=de and https://policies.google.com/privacy.

For details on processing by Apple Pay, please see https://support.apple.com/de-de/HT201469.

Klarna's privacy information can be found at https://www.klarna.com/de/datenschutz/.

Processing in connection with the dispatch of prescriptions to a registered pharmacy.

Purposes

For finding and selecting pharmacies to which prescriptions are to be sent on your behalf by the joint controllers of the "dermanostic" app, we use the Google Maps API.

Types of data

Within the scope of the prescription dispatch, data of the following data types are processed:

Your search query data,

Target pharmacy,

Postal address of the target pharmacy,

Fax number of the destination pharmacy.

The Google Maps API is called from our server, which means that your IP address is not transmitted to third parties via the Google Maps API. Only the IP address of the server used for the "dermanostic" app is not transmitted to third parties via the Google Maps API.

The legal basis for the processing of your search query is our legitimate interest in providing you with an easy way to send prescriptions to an established pharmacy, if you make use of this option, pursuant to Art. 6 (1) UAbs. 1 lit. f.

Storage period

We only store the address of the pharmacy to which we are to send the prescription for you. The address of the pharmacy will be stored together with your prescription in your patient file according to § 630 BGB for ten years.

Recipient

The data you enter in the search field during the search query is transmitted to our server so that your IP address is not transmitted to third parties. Only our IP address is transmitted to Google Maps API. The content of your search query is transmitted to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, and to Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and processed in the USA. Google is our processor for this processing and we have concluded an order processing agreement pursuant to Art. 28 DS-GVO with Google for this purpose. The legal basis for the third country transfer are standard data protection clauses pursuant to Art. 46 DS-GVO. Google provides appropriate data protection safeguards, which you can view at https://privacy.google.com/businesses/processorterms/.

Your prescription will be sent to the pharmacy you selected.

Right to object

You have the right to object to this processing of data relating to you at any time. To do so, please feel free to contact us by e-mail at datenschutz@dermanostic.com.

Processing for push notifications

Purposes

In order to inform you about the availability of your findings, we will send you push notifications when the findings you commissioned have been completed, if you selected this accordingly when you first launched our app or later in the app settings. You can change your selection at any time in your app settings.

Data types

Push notifications include text messages about special events: completion of reporting on a request you submitted, the ability to pick up a prescription, reminders about outstanding payments, requests for new images, and other callbacks from the dermatologist treating you.

When you first launch the app, your mobile device registers with the platform's corresponding push service (Android: Google Cloud Messaging; iOS: Apple Push Notification). This creates a so-called "registration token", which uniquely identifies the app installation on your device. The token is used to recognize the message destination. In the case of a push notification, our server sends the desired message to your platform's push service, which forwards the message to your device.

The Google Firebase or Apple servers cannot draw any conclusions about the requests of users or determine any other data related to an individual. Google Firebase or Apple serve solely as intermediaries.

The legal basis for this processing is your consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO.

Storage period

The registration information within the scope of the initial launch will be stored by the respective platform until the app is uninstalled.

Recipients

Push notifications for iOS devices are transmitted to the Apple Push Notification Service platform, a service of Apple Inc, 1 Apple Park Way, Cupertino, California, USA.

Push notifications for Android devices are mediated through the Google Cloud Messaging platform, a service provided by Google LLC., 1600 Amphitheatre Parkway Mountain View, CA 94043. USA.

Right of withdrawal

You may revoke consent to receive push notifications via the operating system as follows:

  • Apple devices: settings > dermanostic > notifications;
  • Android devices: settings > applications or apps > dermanostic > uncheck "notifications."

Processing in connection with follow-up care.

Purposes.

We operate a patient support service for follow-up care, which seeks feedback from you on treatment and your symptom development. Based on your feedback, we can record the success of your therapy and make or recommend adjustments to your therapy, if necessary. In addition, follow-up care serves to ensure the quality of our treatments.

Follow-up is only possible if you provide us with your telephone number.

Types of data

The following types of data are processed during follow-up care:

Your patient data (name, address, date of birth, photographs, medical history sheet, diagnosis and therapy recommendation),

  • date of request,
  • your telephone number,

the medical history sheet filled out by you when making a request.

In relation to Dermanostic GmbH as the party responsible for the app "dermanostic" together with the practice Dr. Lang, the legal basis for the processing of the data relating to you is your usage contract for our app with us pursuant to Art. 6 para. 1 UAbs. 1 lit. b i. In conjunction with your consent to our processing of health data about you pursuant to Art. 9 para. 2 lit. a.

In relation to the practice of Dr. Lang as the person responsible for the app "dermanostic" together with Dermanostic GmbH, the legal basis for processing the data relating to you is your treatment contract with the practice of Dr. Lang pursuant to Art. 9 para. 4 DS-GVO in conjunction with § 22 para. 1 subpara. 1 lit. b BDSG in conjunction with Art. 9 para. 2 lit. h Var. 3 and Var. 6 DS-GVO in conjunction with Art. 9 para. 3 DS-GVO in conjunction with § 630a et seq. BGB.

Necessity

In our opinion, follow-up care is necessary for the quality assurance of the doctors' diagnoses and therapy suggestions. It represents a supplementary offer to ensure the quality of treatment. Follow-up care is an optional offer and is not obligatory. You will not suffer any disadvantage in the course of treatment if you do not make use of this offer.

Storage period

Your patient file will be stored for ten years after completion of treatment in accordance with the statutory retention periods pursuant to Section 630f (3) of the German Civil Code (BGB).

Recipients

The data collected during follow-up care is processed by our medical staff as well as our physicians. For storage within your double-encrypted patient file, we use a server located within the EU.

Right of revocation

You have the right to revoke your consent at any time. The lawfulness of the processing carried out on the basis of your consent until revocation is not affected.

Processing when subscribing to our newsletter

Purposes

Our newsletters serve to provide you, in addition to news from dermanostic, with recommendations and information in the field of dermatology as well as topics of everyday life.

Types of data

To receive the newsletter, it is sufficient to provide an e-mail address. We process the time of your registration for the newsletter as well as your anonymized IP address entered by the Internet Service Provider (ISP) in order to be able to trace who has misused your e-mail address to register for the newsletter, if our newsletter was not registered by you for your e-mail address.

The legal basis for this processing is your explicit consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO.

Storage period

We will use your e-mail address to send you our newsletter until you revoke your consent.

Recipient

We use a German order processor with a German server location for the provision of our e-mail server.

Possibility of unsubscribing by revocation

You have the right to revoke your consent at any time. Unsubscribing from our newsletter is possible at any time by revoking your consent to receive our newsletter via a link at the end of each newsletter. In addition, you are also welcome to send your unsubscribe request at any time to info@dermanostic.com via email. Within the app, you can unsubscribe from the newsletter via the account management. The lawfulness of the processing carried out on the basis of your consent until revocation is not affected by this.

Processing in connection with the newsletter dispatch

Purposes

Within the scope of our newsletter dispatch, we evaluate your user behavior. This evaluation serves the needs-based design and ongoing optimization of our newsletter.

Types of data

The following types of data are processed:

  • email reading/clicking behavior (opening rate, as well as click rate within the newsletter),
  • the type of device used (desktop, tablet, cell phone),
  • whether you are a user or patient of our app,
  • the time and date of access,
  • number of cases created in the (web) app;
  • the redirect URL (pages to which you are redirected).

The legal basis is based on our legitimate interest according to Art. 6 (1) UAbs. 1 lit. f DS-GVO to provide you with a promotional and user-friendly newsletter.

Storage period

We remove your email address from our newsletter distribution list as soon as you revoke your consent, i.e. unsubscribe from our newsletter.

In order to fulfill our accountability in data protection, to which we are subject according to Art. 5 (2) DS-GVO, we keep a deletion log of the unsubscription of your e-mail address for up to three years. The legal basis for this is the fulfillment of our legal obligation pursuant to Art. 6 para. 1 UAbs. 1 lit. c DS-GVO.

Recipient

We use a German order processor with a German server location to provide our email server.

Right of revocation

Pursuant to Art. 21 DS-GVO, you have the right to object to the processing of data relating to you described above if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Sending evaluation requests and information on service updates to existing customers.

Purposes.

To keep our existing accounts informed about our offers or services, provide them with valuable content and ask for reviews, we will send you a newsletter on a regular basis.

Types of data

We process your email address, which you provided when registering in the dermanostic app, for sending the newsletter.

The legal basis is based on our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO to conduct personalized direct advertising. This does not require any separate consent from you pursuant to Section 7 (3) UWG.

Storage period

We will use your e-mail address to send you our newsletter until you revoke our use of your e-mail address to send direct advertising to you.

In the event of deletion of your user account, we will delete your e-mail address and you will no longer be sent any direct advertising.

Recipient

We use a web hoster to provide our app.

For the provision of our email server, we use a German order processor with a German server location.

For the management of our newsletter subscriptions, we use an open source tool that is operated exclusively on servers in Germany.

Right of objection

Pursuant to Art. 21 DS-GVO, you have the right to object to the processing of data relating to you as described above, if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You may exercise your right to object by sending an email to datenschutz@dermanostic.com.

Processing in connection with the sending of evaluation requests to existing customers.

Purposes

In the context of sending evaluation requests and information on service updates, we evaluate your user behavior. This evaluation serves the needs-based design and ongoing optimization of our information letters.

Types of data

The following types of data are processed:

  • email read/click behavior (open rate, as well as click rate within the newsletter),
  • the type of device used (desktop, tablet, cell phone),
  • whether you are a user or patient of our app,
  • the time and date of access,
  • number of cases created in the (web) app;
  • the redirect URL (pages to which you are redirected).

The legal basis is based on our legitimate interest according to Art. 6 (1) UAbs. 1 lit. f DS-GVO to provide you with a promotional and user-friendly newsletter.

Storage period

We remove your email address from our newsletter distribution list as soon as you revoke your consent, i.e. unsubscribe from our newsletter.

In order to fulfill our accountability in data protection, to which we are subject according to Art. 5 (2) DS-GVO, we keep a deletion log of the unsubscription of your e-mail address for up to three years. The legal basis for this is the fulfillment of our legal obligation pursuant to Art. 6 para. 1 UAbs. 1 lit. c DS-GVO.

Recipient

We use a web hoster for the provision of our app.

For the provision of our email server, we use a German order processor with a German server location.

For the management of our newsletter subscriptions, we use an open source tool that is operated exclusively on servers in Germany.

Right of objection

Pursuant to Art. 21 DS-GVO, you have the right to object to the processing of data relating to you as described above, if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Processing when you contact us via contact form within the app.

Purposes

Within the app, you have the possibility to contact us at any time via our contact form.

Types of data

When you contact us, we process your user ID, your case ID, and the content of your inquiry. Additional information can be provided voluntarily.

Processing for the purpose of contacting us is carried out for the fulfillment of a contract by you with us or for the implementation of pre-contractual measures with you by us pursuant to Art. 6 (1) lit. b DS-GVO or the processing of health data is based on your express consent pursuant to Art. 9 (2) lit. a DS-GVO.

Storage period

If contact is made within the framework of the treatment contract, we will retain your information within the framework of your patient file for ten years in accordance with §§ 630a ff. of the German Civil Code (BGB). Otherwise, we delete the personal data collected for the use of the contact form after completion of the request you have made.

Recipient

We use a processor with server location within the EU for the provision of our app.

Right of revocation

If you provide us with unsolicited health data via this communication channel, and we therefore assume your explicit consent pursuant to Art. 9 (2) lit. a DS-GVO, you have the right to revoke your consent at any time, including by sending an email to datenschutz@dermanostic.de. The lawfulness of the processing carried out on the basis of your consent until revocation is not affected.

Contact by e-mail or telephone

Purposes

You have the possibility to contact us via the e-mail addresses and telephone numbers provided on our website.

Types of data

In order to process your inquiry, we use the e-mail address or telephone number you have provided to us. We only collect other information directly from you where it is necessary and relevant to responding to your inquiry and is voluntarily provided to us by you.

Please do not submit health information to us via email.

The processing for the purpose of contacting us is carried out for the fulfillment of a contract by you with us or for the implementation of pre-contractual measures with you by us pursuant to Art. 6 (1) lit. b DS-GVO.

Please do not send us any health data by e-mail. If you do so nonetheless, the associated processing of health data is based on your express consent pursuant to Art. 9 (2) lit. a DS-GVO.

Necessity

The processing of your e-mail address or telephone number is necessary for the processing of your request in order to be able to contact you again in this context. If you do not provide us with any of these data, we will not be able to process your request.

Storage period

If contact is made within the framework of the treatment contract, we will retain your information in your patient file for ten years in accordance with §§ 630a ff. of the German Civil Code (BGB). Otherwise, the data provided by you will be deleted by us after the request you made has been dealt with.

Recipient

We use a German order processor with a German server location to provide our e-mail server.

Right of revocation

If you provide us with unsolicited health data via this communication channel, and we therefore assume your express consent pursuant to Art. 9 (2) lit. a DS-GVO, you have the right to revoke your consent at any time, including by sending an e-mail to datenschutz@dermanostic.de. The lawfulness of the processing carried out on the basis of your consent until revocation is not affected by this.

Contact by chat via WhatsApp

Purposes

You have the possibility to contact us at any time via the phone number provided on our website. This possibility of contacting us does not serve as patient support.

Types of data

In order to process your request, we use the phone number provided to us by you. We only collect other information directly from you where it is necessary and relevant to responding to your inquiry and is voluntarily provided to us by you.

Please do not submit health information to us via chat.

The processing for the purpose of contacting us is carried out for the fulfillment of a contract by you with us or for the implementation of pre-contractual measures with you by us pursuant to Art. 6 (1) lit. b DS-GVO.

Please do not send us any health data via WhatsApp. If you do so nonetheless, the associated processing of health data is based on your express consent pursuant to Art. 9 (2) lit. a DS-GVO.

Necessity

The processing of your telephone number is necessary for the processing of your request in order to be able to contact you again in this context. If you do not provide us with your telephone number, we will not be able to process your request.

Storage period

The data provided by you will be deleted by us after completion of the request you have made.

Recipient

In the case of a contact request via WhatsApp, WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("WhatsApp"), a subsidiary of Facebook, processes your data. The data relating to you will be transferred to the USA. For this purpose, we have an order processing agreement pursuant to Art. 28 (3) DS-GVO under the terms of use, including standard data protection clauses pursuant to Art. 46 DS-GVO.
You can find out about the appropriate or adequate safeguards WhatsApp gives us for third country transfers here https://www.whatsapp.com/legal/business-data-security-terms and here https://www.whatsapp.com/legal/business-data-transfer-addendum.

Right of withdrawal

If you provide us with unsolicited health data via this communication channel and we therefore assume your explicit consent according to Art. 9 (2) lit. a DS-GVO, you have the right to revoke your consent at any time, among others gladly by email to datenschutz@dermanostic.de. The lawfulness of the processing carried out on the basis of your consent until the revocation is not affected by this.

Processing in connection with our Facebook presence.

Purposes

We operate a page on Facebook to present our company and our offer.

Further information

Facebook Ireland Ltd. is responsible for processing your data when you visit our Facebook page. We are responsible with Facebook for processing this data via the Insights tool for Facebook page operators: Facebook provides us, as page operators, with information about the user profiles that interact with the Facebook page we operate. The legal basis for this is our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO.

We have entered into a shared responsibility agreement with Facebook Ireland Ltd: https://www.facebook.com/legal/terms/page_controller_addendum. Pursuant to this agreement, Facebook assumes the fulfillment of transparency obligations and you can inform yourself about the processing of your personal data here: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Processing operations in connection with our Twitter presence.

Purposes.

We operate an account on Twitter to present our company and our offer.

Twitter Inc. is responsible for the processing of data related to you on Twitter with the exception of the processing of data related to you in connection with our interaction with your account and your tweets through our company account. The legal basis for this is our legitimate interest in presenting our company and our offer according to Art. 6 para. 1 UAbs. 1 lit. f DS-GVO.

Further information

You can find out more about the processing of your personal data here: https://developer.twitter.com/en/docs/twitter-for-websites/privacy.

If you do not want Twitter to be able to associate the use of the app with your Twitter user account, please log out of your Twitter user account before your visit.

You can find out about the appropriate or adequate safeguards Twitter gives us for third country transfers by contacting https://twitter.com/privacy.

Purposes.

We operate an account on Instagram to showcase our company and our offerings.

Further information

Instagram is responsible for the processing of your data on Instagram. We are jointly responsible with Instagram for the processing of personal data in connection with your interaction with our company account. The legal basis for this is our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO.

We have entered into a joint responsibility agreement with Instagram: https://www.facebook.com/legal/terms/page_controller_addendum. Instagram assumes the fulfillment of transparency obligations in accordance with the joint responsibility. You can find out more about how your personal data is processed here: https://de-de.facebook.com/help/instagram/519522125107875/.

Processing operations in connection with our TikTok presence.

Purposes.

We operate an account on TikTok in order to present our company and our services as well as to provide TikTok users with content in the field of dermatology.

Further information

TikTok is responsible for the processing of your data on TikTok. You can find out more about how your personal data is processed here: https://www.tiktok.com/legal/privacy-policy?lang=de.

Purposes

We use TikTok Pixel, a service provided by TikTok Technology Ltd, to display advertisements of our service to TikTok users who indicate interest in our service. In doing so, TikTok Pixel allows us to determine the target audience for the display of advertisements. Using TikTok Pixel, we can analyze the effectiveness of our advertising for statistical and market research purposes by tracking the extent to which a user is redirected to our site after clicking on a Tik-Tok Ad, so-called conversion tracking. This is done to ensure that our ads within the TikTok social media channel are in line with the TikTok user's interest and are not harassing.

Types of data

  • The following types of data are processed as part of advertising on TikTok:
  • Behavior of network site visitors and TikTok users:
  • data on impressions and clicks of TikTok users,
  • pages visited and events triggered on our website, if you have consented to cookie tracking on our website,
  • triggered events in the app (e.g. registration in the app),
  • anonymized, cumulated data for the creation of so-called Custom- Audiences, if you have shown interest in our service.

In addition, the following personal data is processed:

  • your IP address and
  • information about your device ID,
  • your device type and
  • the operating system used by your terminal device.

We only process information about triggered events on our website dermanostic.com as well as within our app (registration in the app, purchase within the app) if you have consented to the processing for the purpose of statistics or tracking within the app on our site via our Consent banner.

We process your data based on our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO to analyze the effectiveness of our advertisements for statistical and market research purposes.

If you have consented to the processing for the purpose of "statistics" via our Consent Banner or agree to the tracking within the app, the TikTok pixel is used and we process your data based on your consent pursuant to Art. 6 para. 1 UAbs. 1 lit. a DS-GVO.

Storage period

The personal data collected in the context of the advertisement will be deleted after 18 months.

Recipients

In the context of the advertisement, TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok") processes your data. The data related to you will be transferred to the USA. For this purpose, we have concluded an order processing agreement pursuant to Art. 28 (3) DS GVO within the scope of the Terms of Use, including standard data protection clauses pursuant to Art. 46°DS GVO.

You can find out about the appropriate or adequate safeguards TikTok gives us for third country transfers via https://www.tiktok.com/legal/privacy-policy?lang=de and here https://ads.tiktok.com/i18n/official/policy/privacy.

Within the "dermanostic" app, you can disable advertising tracking in the settings menu as follows: Using the setting indicated by the gear icon, select Account Management and disable tracking under Privacy.

You can turn off the collection of data to display interest-based advertising at any time in your TikTok profile. To do so, go to your account settings within your profile and select "Turn off personalization and data" in the Privacy section.

Your right to object

According to Art. 21 DS-GVO, you have the right to object to the above-described processing of data related to you, if there are reasons arising from your particular situation or your objection is directed against direct advertising.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Processing operations in connection with our LinkedIn presence.

Purposes.

We operate a page on LinkedIn to present our company and our services.

Further information

We have entered into a joint accountability agreement with LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum. LinkedIn is responsible for fulfilling transparency obligations pursuant to the joint accountability agreement. You can find out more about how we process your personal data here: https://privacy.linkedin.com/de-de.

Processing operations in connection with our Pinterest presence.

Purposes.

We operate an account on Pinterest to present our company and our offer.

Further information

Pinterest is responsible for the processing of your data on Pinterest. You can find out more about the processing of your personal data here: https://policy.pinterest.com/en/privacy-policy.

Processing operations in connection with Pinterest Ads.

Purposes

We use the Pinterest tag, a service of Pinterest Europe Ltd, to deploy our Pinterest campaigns in a needs-based manner, to further optimize them and to measure their conversion Provided that you have reached our website via a Pinterest ad, we can track your subsequent actions. This allows us to analyze the effectiveness of our ad for statistical and market research purposes. This is to ensure that our ads on Pinterest are relevant to the user's interest and not harassing.

Types of data

The following types of data are processed as part of the ad display:

  • Device information,
  • Operating system used,
  • Time of the call of our offer,
  • Type and content of the campaign,
  • Cumulative data on the behavior of network site visitors:
  • Data on impressions and clicks,
  • triggered events on the website.

In addition, the following personal data is collected.

  • your IP address and
  • information about your device ID,
  • your device type and
  • the operating system used by your terminal device are processed.

We process information about triggered events on our website dermanostic.com as well as within our app "dermanostic" (registration in the app, purchase within the app) only if you have consented to the processing for the purpose of statistics or tracking within the app on our site via our Consent banner.

We process your data based on our legitimate interest in analyzing the effectiveness of our advertisements for statistical and market research purposes pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO.

If you have consented to the processing for the purpose of "statistics" via our Consent Banner or agree to the tracking within the app, the use of Pinterest tracking will take place and we will process your data based on your consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO.

Storage period

The personal data collected as part of the ad will be deleted after 180 days.

Recipients

In the context of the advertisement, Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland processes your data. The data related to you will be transferred to the USA.

Information about the Pinterest privacy policy can be found here: https://policy.pinterest.com/de/privacy-policy.

You may withdraw your consent from tracking on the Website at any time by clicking on the following link:

Delete All Cookies.

Within the app, you can disable advertising tracking in the settings menu as follows: Using the setting indicated by the gear icon, select Account Management and disable tracking under Privacy.

In your account settings on Pinterest, you can deactivate the collection of data for the display of interest-based advertising at any time at https://www.pinterest.de/settings (under "Customization", deactivate the button "Use info from our partners to better tailor recommendations and ads on Pinterest").

Alternatively, you can go to https://help.pinterest.com/de/article/personalization-and-data#info-ad and uncheck the box under "Disable Customization" or enable your browser's Do-Not-Track setting.

Your right to object

Pursuant to Art. 21 DS-GVO, you have the right to object to the processing of data relating to you as described above, if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Processing operations in connection with our Spotify presence.

Purposes.

We operate an account on Spotify to showcase our company and our offerings and to provide listeners with valuable content.

Further information

Spotify is responsible for processing your data on Spotify. You can find out more about how your personal data is processed here: https://www.spotify.com/de/legal/privacy-policy/ .

YouTube integration

Purpose

To optimize our web presence, we embed videos via YouTube on our website.

Types of data

When you call up a page that has an embedded video, a connection to the YouTube servers is established. The following types of data are processed in the process:

  • browser used,
  • visited page of this website,
  • content displayed by YouTube.

We use the "enhanced privacy mode" option provided by YouTube. According to the information provided by YouTube, in "extended data protection mode" your data - in particular which of our web pages you have visited as well as device-specific information including the IP address - is only transmitted to the YouTube server in the USA when you watch the video. By clicking on the video, you consent to this transmission.

The legal basis for this processing is your express consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO. You give your consent to this processing via our cookie banner.

Storage period

For more information, please see Google's privacy policy (https://policies.google.com/privacy?hl=de&gl=de).

Recipients

Through this processing, components of YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a Google Inc. company, Amphitheatre Parkway, Mountain View, CA 94043, USA, are used. We have concluded an order processing agreement with YouTube as our processor pursuant to Art. 28 DS-GVO. The legal basis for the third country transfer are standard data protection clauses according to Art.°46 DS-GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

If you have a user account with YouTube and are logged in there at the time of calling up the page, the data processed when calling up the page will be assigned to your user account if you have not logged out beforehand.

For more information on data protection at YouTube, please refer to the privacy policy of Google (https://policies.google.com/privacy?hl=de&gl=de).

You can revoke your consent within the app in the Settings section under Privacy.

You can revoke your consent at any time by clicking on the following link:

Delete All Cookies.

Purposes

We use Apple ads to promote our app "dermanostic" within the App Store. In doing so, people with similar interests are grouped together to form so-called segments. These segments are used to support the display of personalized advertising. Your personal information is used to determine which segments you are assigned to and consequently which advertisements are displayed to you.

Types of data

The following types of data are processed as part of the advertising display:

  • Number of impressions of our advertisement,
  • Number of clicks on our advertisement,
  • Number of times our app was installed, which was triggered by the ad,
  • Search terms through which our ad was displayed.

In addition, the following personal data is processed:

  • your IP address and
  • information about your device ID,
  • your device type and
  • the operating system used by your end device are processed.

We process your data based on our legitimate interest pursuant to Art. 6 para. 1 UAbs. 1 lit. f DS-GVO to conduct effective marketing.

Storage period

The personal data collected in the context of the advertisement will be deleted 14 months.

Recipients

In the context of the advertisement, Apple Distribution International Ltd. ("ADI"), with the address Hollyhill Industrial Estate, Hollyhill, Cork, Ireland processes your data. The data related to you will be transferred to the USA. We have concluded an order processing agreement with Apple Search Ads as our processor pursuant to Art. 28 DS GVO. The legal basis for the third country transfer are standard data protection clauses according to Art.°46 DS-GVO.

Your right to object

If you do not want to receive personalized advertising, you can disable the personalized advertising setting on your iPhone, iPad, iPod touch or Mac.

For more information about disabling ads, please visit: https://support.apple.com/de-de/HT202074.

Disclosure of personal data to third parties.

Except for the recipients mentioned above, we do not share your personal data with third parties. This only happens if

you have given your express consent in accordance with Art. 6 para. 1 UAbs. 1 lit. a or Art. 9 para. 2 lit. a DS-GVO,

the disclosure of the data relating to you is necessary for the assertion, exercise or defense of legal claims pursuant to Art. 6 (1) (1) (f) DS-GVO and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of the data relating to you,

there is a legal obligation for the disclosure in accordance with Art. 6 Para. 1 UAbs. 1 lit. c DS-GVO or

the disclosure is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 (1) (1) (b) DS-GVO.

Storage and deletion of personal data

In principle, we store your personal data only as long as it is necessary for the fulfillment of our contractual obligations. Therefore, all stored personal data and pseudonymized usage data will be deleted if they are no longer needed for the purposes for which they were collected or if you expressly request this and we are not obliged to store them due to legal regulations. This includes storage and documentation obligations, for example, under commercial law, tax law or the German Civil Code. In some cases, these laws provide for retention periods of 10 years or more. In these cases, the data is deleted automatically after the legally prescribed retention period has expired.

Our app may contain links to providers of other Internet content via the links to our presences on platforms of social media operators already set out. This privacy policy relates exclusively to the processing of this app. We have no influence on the processing on linked sites. Please inform yourself there about the processing taking place in each case.

What rights do you have in connection with the processing of your personal data?

You have the right to,

to request information about your personal data processed by us in accordance with Art. 15 DS-GVO. In particular, you can request information about the processing purposes, the category of personal data, the category of recipients to whom the data relating to you has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of the data relating to you if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;

pursuant to Art. 16 DS-GVO, to demand the correction of incorrect or the completion of your personal data stored by us without delay;

pursuant to Art. 17 DS-GVO, to request the erasure of your personal data stored by us, unless the processing of such data is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;

pursuant to Art. 18 DS-GVO, to request the restriction of the processing of your personal data, provided that the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DS-GVO;

pursuant to Art. 20 DS-GVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;

to revoke your consent given once to us at any time in accordance with Art. 7 (3) DS-GVO. This revocation has the consequence that we may no longer continue the processing based on this consent for the future, whereby the processing carried out up to the time of the revocation remains lawful;

complain to a supervisory authority in accordance with Article 77 of the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose. The supervisory authority responsible for our registered office is the State Commissioner for Data Protection of North Rhine-Westphalia, Kavalleriestraße 2-4, 40213 Düsseldorf, Germany, phone: +49 211 384240, e-mail: poststelle@ldi.nrw.de

Your right to object

In cases where processing is carried out on the legal basis of Art. 6 (1) UAbs. 1 lit. f DS-GVO (legitimate interest), you may object to the processing of your personal data pursuant to Art. 21 DS-GVO if there are grounds arising from your particular situation or if the objection is directed against direct advertising.

In the case of objection to direct marketing, you have a general right of objection, which is implemented by us without any indication of a particular situation.

In any case, you can exercise your right to object simply by sending an email to info@dermanostic.com.

Revocation of your consents

In any case of processing based on your consent given pursuant to Art. 6 (1) UAbs. 1 lit. a or Art. 9 (2) lit. a DS-GVO, you may revoke your consent at any time. This does not affect the lawfulness of the processing carried out up to the time of the revocation.

In any case, you can revoke your consent simply by sending an email to info@dermanostic.com.

Data security

To ensure adequate security of the processing of your personal data, we use appropriate technical and organizational measures. When using our app, the so-called SSL procedure is used, combined with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. Only in exceptional cases, in which your browser does not support this encryption technology, a 128-bit v3 technology is used.

With our processors, we regularly develop the technical and organizational measures and strive to constantly improve the security conditions for your personal data info@dermanostic.com exercise.

Actuality of this privacy policy

This privacy policy is valid and has the status of May 2021. As we always strive to keep up with technical progress, we continue to develop our app and its offerings, as well as the technical and organizational measures to protect the data related to you. In this context, it may be necessary to adapt the privacy policy accordingly. You can access and print out the current data protection declaration at any time at https://dermanostic.com/datenschutz-app.

Would you like to delete all cookies?