Privacy policy

Dear user of this website

The protection of your personal data is not only important to you, but also to us. We appreciate your trust that we will handle your personal data conscientiously and in accordance with the law. Your data will be treated confidentially by us.

With this data protection declaration, we would like to not only fulfill our legal obligation from Art. 13 and 14 DS-GVO, but also describe to you in an understandable way which personal data is collected and how we handle it.

Responsible

The persons responsible according to Art. 24 DS-GVO for the processing are the persons jointly responsible according to Art. 26 DS-GVO

Dermanostic GmbH
Merowingerplatz 1
40225 Düsseldorf

and

Practice Dr. Lang - specialist for dermatology
Kornstrasse 17 a
42719 Solingen.

Dermanostic GmbH is responsible for the technical development and provision of the app "dermanostic". Estefanía Lang, MD, is responsible for the medical design of the app.

If you wish to assert your data protection rights against the providers of the "dermanostic" app as a mediation platform, you can contact the data protection officer of Dermanostic GmbH by e-mail at datenschutz@dermanostic.com.

The jointly responsible parties of the app "dermanostic" offer you a convenient platform that can be accessed at any time and through which you can conclude a treatment contract with the responsible dermatologist.

The practice of Dr. Lang ensures that the requirements of § 7 para. 4 of the Model Professional Code of the German Medical Association are met.

Contact details of the data protection officer

You can contact the data protection officer of DERMANOSTIC GmbH at datenschutz@dermanostic.com.

Information on the necessity of cookies used

When you open our website, the cookie consent banner is displayed. This has three categories: (1) "Necessary," (2) "Statistics," and (3) "Other Media." If you consent to the necessary cookies, only a cookie is set that stores whether you have consented and to which cookies. In the case of consent for statistical purposes, cookies are set by Google Analytics, Google Tag Manager, Facebook Pixel as well as Pinterest Ads. If you agree to the cookies of the third category "Other Media", the website chat will open and a cookie will be set by YouTube if you watch a video embedded on our website.

Purposes

We process the types of data mentioned below for the following purposes:

  • Ensuring a smooth connection setup of the website,
  • Ensuring a comfortable use of our website,
  • evaluating system security and system stability, and
  • for other administrative purposes.

We do not use this data to draw conclusions about you personally.

Types of data

When you access our website, personal data is processed. This is the data that the browser used on your end device (cell phone, laptop, PC or similar) sends to the server of our website. This information is temporarily stored in a so-called log file on our server.

The following data is processed without your intervention and stored until automated deletion:

  • IP address of your terminal device,
  • date and time of your access,
  • the content of your request, i.e. the specific web pages that you accessed,
  • name and URL of the files accessed,
  • website from which your access is made (referrer URL),
  • the browser you are using,
  • the operating system of your terminal device
  • the name of your access provider
  • the language settings of the browser software used by your end device,
  • the version of the browser software used by your terminal device,
  • the time zone difference from Greenwich Mean Time (GMT) of your end device,
  • the access status/HTTP status code.

The aforementioned processing is based on the legal basis of our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO. Our legitimate interest results from the aforementioned purposes of the processing.

Storage period

The data will be deleted 30 days after collection.

Recipients

We use a web hoster with server location in Germany to provide our website.

Your right to object

In accordance with Art. 21 DS-GVO, you have the right to object to the processing of data relating to you as described above, if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Web analysis with Google Analytics

Purposes

In order to optimize our website and our advertising, we analyze your user behavior using functions of the web analysis service Google Analytics. On our behalf, Google evaluates the personal data listed below to compile reports about your website activities.

Types of data

When you consent to the analysis of your usage behavior on our website by Google Analytics, the following data is collected:

  • your access time to our website collected,
  • to what extent you are actively using our website at any given time,
  • whether you are a returning user of our website,
  • the location from which you are using our website,
  • the language, device model and platform (e.g. iOS or Android) of your terminal device.

We have activated the "IP anonymization" function on this website. This means that your IP address is shortened by Google. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website and compiling reports on website activity. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google. You can deactivate this function at any time via the ad settings in your Google account or generally object to the collection of your data by Google Analytics as shown in the item "Objection to data collection".

Google Analytics cookies are stored on the basis of your express consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO. You give your consent to this processing via our cookie banner.

Storage period

The storage period is limited to 14 months.

Recipients

The data processed via Google Analytics is transmitted to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, and to Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and processed in the USA. Google is our processor for this processing and we have concluded an order processing agreement pursuant to Art. 28 DS GVO with Google for this purpose. The legal basis for the third country transfer are standard data protection clauses pursuant to Art. 46 DS GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

More information on the handling of user data in connection with Google Analytics by Google can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

You may withdraw your consent at any time by clicking on the following link:

Delete All Cookies.

Advertising analysis using Google Ads

Purposes

We use Google Ads to draw attention to our service on external websites. We use Google Ads tracking to analyze user behavior in order to optimize our web offering and advertising.

Through Google Ads, we use conversion tracking cookies and create statistics from the cookie data of visitors to our website.

Types of data

The following data related to you is processed for this cookie:

  • Unique cookie ID,
  • Last impression (relevant for conversions),
  • Number of ad impressions per placement (frequency),
  • Information about opt-out of the website visitor.

This information is used by Google to recognize your web browser. Provided that the cookie stored on your computer has not yet expired and you have clicked on one of our externally placed ads, Google and we can recognize that you have clicked on an ad and have been redirected to our site.

As Google Ads customers, we do not collect or process any personal data as part of the aforementioned advertising measures. We only receive statistical evaluations from Google on the above information, i.e. the total number of users who clicked on our ad and were redirected to a page tagged with a conversion tracking tag. We do not receive any information that allows us to identify you personally.

Due to the use of Google, your browser automatically connects to the Google server. If you have a user account with Google and are registered, Google can assign the visit to your user account. If you are not registered with Google or logged in, there is a possibility that Google will find out and store your IP address.

The legal basis for the use of these cookies is your express consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO. You can give your consent to, among other things, this processing via our cookie banner if you select the category "Statistics" and consent.

Storage duration

The storage period of the cookies is limited to 30 days.

Recipients

The data processed via Google Ads is transmitted to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, and to Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and processed in the USA. Google is our processor for this processing and we have concluded an order processing agreement pursuant to Art. 28 DS-GVO with Google for this purpose. The legal basis for the third country transfer are standard data protection clauses pursuant to Art. 46 DS-GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

More information on Google Ads and Google conversion tracking can be found in Google's privacy policy: https://privacy.google.com/intl/de/businesses/adsservices/ as well as https://services.google.com/sitestats/de.html.

The data collected for us is not visible to other Google Ads customers.

You may withdraw your consent at any time by clicking on the following link:

Delete All Cookies.

Web analytics with Facebook Pixel

Purposes.

We use Facebook Pixel, for advertising and optimization purposes. We use this tool to serve ads on Facebook to people who have visited our website or shown interest in certain topics. We use this information to improve our advertising efforts by targeting ads accordingly to your interests.

Types of data

When you consent to the analysis of your usage behavior on our website by Facebook Pixel, the following data about you is collected:

Your access time and access location to our website,

  • to what extent you are currently active on our website,
  • whether you are a returning user of our website,
  • your demographic information (gender, age group, interests),
  • the language, device model and browse,

Facebook provides us with the collected data anonymously, so we cannot personally identify you or draw conclusions about your identity.

Through our use of Facebook Pixel, Facebook is informed when you have clicked on one of our ads on Facebook or accessed the corresponding web page of our website.

If you do not maintain a user account with Facebook, Facebook can assign this information to your account. If you have a user account with Facebook and are registered, Facebook can assign the visit to your user account. If you are not registered or logged in to Facebook, it is possible that Facebook will learn and store your IP address and possibly other identifiers.

The legal basis for this processing is your express consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO. You give your consent to this processing via our cookie banner when you select the category "Statistics" and consent.

Storage duration

The storage period is limited to 24 months.

Recipient

Facebook Pixel is a product of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland ("Facebook"). Facebook is our processor for this processing and we have entered into a processing agreement pursuant to Art. 28 DS-GVO with Facebook for this purpose. The legal basis for this transfer are standard data protection clauses pursuant to Art. 46 DS-GVO. You can find out about the appropriate or adequate safeguards Facebook Pixel gives us for third country transfers here https://web.facebook.com/legal/terms/data_security_terms and here https://web.facebook.com/legal/EU_data_transfer_addendum.

You may withdraw your consent at any time by clicking on the following link:

Delete all cookies.

Processing when subscribing to our newsletter.

Purposes.

The purpose of our newsletters is to provide you with recommendations and information in the field of dermatology, as well as topics related to everyday life, in addition to news from dermanostic.

Types of data

To receive the newsletter, it is sufficient to provide an e-mail address. We process the time of your registration for the newsletter as well as your anonymized IP address entered by the Internet Service Provider (ISP) in order to be able to trace who has misused your e-mail address to register for the newsletter, if our newsletter was not registered by you for your e-mail address.

The legal basis for this processing is your explicit consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO.

Storage period

We will use your e-mail address to send you our newsletter until you revoke your consent.

Recipient

We use a German order processor with a German server location for the provision of our e-mail server.

Possibility of unsubscribing by revocation

You have the right to revoke your consent at any time. Unsubscribing from our newsletter is possible at any time by revoking your consent to receive our newsletter via a link at the end of each newsletter. In addition, you are also welcome to send your unsubscribe request at any time to info@dermanostic.com via email. Within the app, you can unsubscribe from the newsletter via the account management. The lawfulness of the processing carried out on the basis of your consent until revocation is not affected by this.

Processing in connection with the newsletter dispatch

Purposes

Within the scope of our newsletter dispatch, we evaluate your user behavior. This evaluation serves the needs-based design and ongoing optimization of our newsletter.

Types of data

The following types of data are processed:

  • email reading/clicking behavior (opening rate, as well as click rate within the newsletter),
  • the type of device used (desktop, tablet, cell phone),
  • whether you are a user or patient of our app,
  • the time and date of access,
  • number of cases created in the (web) app;
  • the redirect URL (pages to which you are redirected).

The legal basis is based on our legitimate interest according to Art. 6 (1) UAbs. 1 lit. f DS-GVO to provide you with a promotional and user-friendly newsletter.

Storage period

We remove your email address from our newsletter distribution list as soon as you revoke your consent, i.e. unsubscribe from our newsletter.

In order to fulfill our accountability in data protection, to which we are subject according to Art. 5 (2) DS-GVO, we keep a deletion log of the unsubscription of your e-mail address for up to three years. The legal basis for this is the fulfillment of our legal obligation pursuant to Art. 6 para. 1 UAbs. 1 lit. c DS-GVO.

Recipient

We use a German order processor with a German server location to provide our email server.

Right of revocation

Pursuant to Art. 21 DS-GVO, you have the right to object to the processing of data relating to you described above if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Sending evaluation requests and information on service updates to existing customers.

Purposes.

To keep our existing accounts informed about our offers or services, provide them with valuable content and ask for reviews, we will send you a newsletter on a regular basis.

Types of data

We process your email address, which you provided when registering in the dermanostic app, for sending the newsletter.

The legal basis is based on our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO to conduct personalized direct advertising. This does not require any separate consent from you pursuant to Section 7 (3) UWG.

Storage period

We will use your e-mail address to send you our newsletter until you revoke our use of your e-mail address to send direct advertising to you.

In the event of deletion of your user account, we will delete your e-mail address and you will no longer be sent any direct advertising.

Recipient

We use a web hoster to provide our app.

For the provision of our email server, we use a German order processor with a German server location.

For the management of our newsletter subscriptions, we use an open source tool that is operated exclusively on servers in Germany.

Right of objection

Pursuant to Art. 21 DS-GVO, you have the right to object to the processing of data relating to you as described above, if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You may exercise your right to object by sending an email to datenschutz@dermanostic.com.

Processing in connection with the sending of evaluation requests to existing customers.

Purposes

In the context of sending evaluation requests and information on service updates, we evaluate your user behavior. This evaluation serves the needs-based design and ongoing optimization of our information letters.

Types of data

The following types of data are processed:

  • email read/click behavior (open rate, as well as click rate within the newsletter),
  • the type of device used (desktop, tablet, cell phone),
  • whether you are a user or patient of our app,
  • the time and date of access,
  • number of cases created in the (web) app;
  • the redirect URL (pages to which you are redirected).

The legal basis is based on our legitimate interest according to Art. 6 (1) UAbs. 1 lit. f DS-GVO to provide you with a promotional and user-friendly newsletter.

Storage period

We remove your email address from our newsletter distribution list as soon as you revoke your consent, i.e. unsubscribe from our newsletter.

In order to fulfill our accountability in data protection, to which we are subject according to Art. 5 (2) DS-GVO, we keep a deletion log of the unsubscription of your e-mail address for up to three years. The legal basis for this is the fulfillment of our legal obligation pursuant to Art. 6 para. 1 UAbs. 1 lit. c DS-GVO.

Recipient

We use a web hoster for the provision of our app.

For the provision of our email server, we use a German order processor with a German server location.

For the management of our newsletter subscriptions, we use an open source tool that is operated exclusively on servers in Germany.

Right of objection

Pursuant to Art. 21 DS-GVO, you have the right to object to the processing of data relating to you as described above, if there are grounds arising from your particular situation or if your objection is directed against direct marketing.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Processing when contacting us by e-mail or telephone.

Purposes

You have the possibility to contact us via the e-mail addresses and telephone numbers provided on our website.

Types of data

In order to process your inquiry, we use the e-mail address or telephone number provided to us by you. We only collect other information directly from you where it is necessary and relevant to responding to your inquiry and is voluntarily provided to us by you.

Please do not submit health information to us via email.

The processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 UAbs. 1 lit. b DS-GVO.

Storage period

If contact is made within the framework of the treatment contract, we will retain your information within the framework of your patient file for ten years in accordance with §§ 630a ff. of the German Civil Code (BGB). Otherwise, we delete the personal data collected for the use of the contact form after completion of the request you have made.

Recipient

We use a German order processor with a German server location for the provision of our e-mail server.

Contact via WhatsApp

Purposes

You have the option to contact us at any time via the phone number provided on our website. This possibility of contacting us does not serve as patient support.

Types of data

In order to process your request, we use the telephone number provided to us by you. We only collect other information directly from you where it is necessary and relevant to responding to your inquiry and is voluntarily provided to us by you.

Please do not provide us with health data via WhatsApp.

The processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 lit. b DS-GVO in conjunction with. Art. 6 para. 1 p. 1 f DS-GVO.

Storage period

The data provided by you will be deleted by us after completion of the request you have made.

Recipients

In the case of a contact request via WhatsApp, WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("WhatsApp") processes your data. The data relating to you will be transmitted to the USA. For this purpose, we have an order processing agreement in accordance with Art. 28 (3) DS-GVO under the terms of use, including standard data protection clauses in accordance with Art. 46°DS-GVO.

You can find out about the appropriate or adequate safeguards WhatsApp gives us for third country transfers here https://www.whatsapp.com/legal/business-data-security-terms and here https://www.whatsapp.com/legal/business-data-transfer-addendum.

Processings when contacting us via chat.

Purposes

You have the option to contact us via our chat.

Types of data

In order to process your request, we process the time of your request for technical reasons. In addition, we process the following types of data:

  • Your operating system used,
  • Your used browser type,
  • your domain
  • URL of the previously visited website.

Other information, such as first name, last name; email address and your request, we only collect directly from you where it is necessary and relevant to respond to your request and is provided to us voluntarily by you.

Please do not submit health information to us via chat.

The processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) UAbs. 1 lit. b DS-GVO. However, we only provide the chat function after your express consent. You give your consent to this processing via our cookie banner when you select the category "other media" and consent.

Storage period

The personal data collected in the context of contacting us via chat will be deleted after the request you have made has been dealt with.

Recipients

We use a chat software of the company Userlike UG, Probsteigasse 44-46, 50670 Cologne, Germany.

You can revoke your consent at any time by clicking on the following link:

Delete all cookies.

Processing in the context of your application to our company.

Contacting us via Indeed and our career portal.

We are pleased if you are interested in dermanostic as your new employer and inform yourself about vacant positions for this purpose on Indeed or via our career website. We inform you about data collection and processing in the context of an application procedure here: Privacy Policy for Applicants.

Processing in connection with our Facebook presence.

Purposes

We operate a page on Facebook to present our company and our offer.

Further information

Facebook Ireland Ltd. is responsible for processing your data when you visit our Facebook page. We are jointly responsible with Facebook for processing this data via the Insights tool for Facebook page operators: Facebook provides us, as page operators, with information about the user profiles that interact with the Facebook page we operate. The legal basis for this is our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO.

We have entered into a shared responsibility agreement with Facebook Ireland Ltd: https://www.facebook.com/legal/terms/page_controller_addendum. Pursuant to this agreement, Facebook assumes the fulfillment of transparency obligations and you can inform yourself about the processing of your personal data here: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Processing operations in connection with our Twitter presence.

Purposes.

We operate an account on Twitter to present our company and our offer.

Twitter Inc. is responsible for the processing of data related to you on Twitter with the exception of the processing of data related to you in connection with our interaction with your account and your tweets through our company account. The legal basis for this is our legitimate interest in presenting our company and our offer according to Art. 6 para. 1 UAbs. 1 lit. f DS-GVO.

Further information

You can find out more about the processing of your personal data here: https://developer.twitter.com/en/docs/twitter-for-websites/privacy.

If you do not want Twitter to be able to associate the use of the app with your Twitter user account, please log out of your Twitter user account before your visit.

You can find out about the appropriate or adequate safeguards Twitter gives us for third country transfers by contacting https://twitter.com/privacy.

Purposes.

We operate an account on Instagram to showcase our company and our offerings.

Further information

Instagram is responsible for the processing of your data on Instagram. We are jointly responsible with Instagram for the processing of personal data in connection with your interaction with our company account. The legal basis for this is our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO.

We have entered into a joint responsibility agreement with Instagram: https://www.facebook.com/legal/terms/page_controller_addendum. Instagram assumes the fulfillment of transparency obligations in accordance with the joint responsibility. You can find out more about how your personal data is processed here: https://de-de.facebook.com/help/instagram/519522125107875/.

Processing operations in connection with our TikTok presence.

Purposes.

We operate an account on TikTok in order to present our company and our services as well as to provide TikTok users with content in the field of dermatology.

Further information

TikTok is responsible for the processing of your data on TikTok. You can find out more about how your personal data is processed here: https://www.tiktok.com/legal/privacy-policy?lang=de.

Purposes

We use TikTok Pixel, a service provided by TikTok Technology Ltd, to display advertisements of our service to TikTok users who indicate interest in our service. In doing so, TikTok Pixel allows us to determine the target audience for the display of advertisements. Using TikTok Pixel, we can analyze the effectiveness of our advertising for statistical and market research purposes by tracking the extent to which a user is redirected to our site after clicking on a Tik-Tok Ad, so-called conversion tracking. This is done to ensure that our ads within the TikTok social media channel are in line with the TikTok user's interest and are not harassing.

Types of data

As part of advertising on TikTok, the following types of data are processed:

  • Behavior of network site visitors and TikTok users:
  • data on impressions and clicks of TikTok users,
  • pages visited and events triggered on our website, if you have consented to cookie tracking on our website,
  • triggered events in the app (e.g. registration in the app),
  • anonymized, cumulated data for the creation of so-called Custom- Audiences, if you have shown interest in our service.

In addition, the following personal data is processed:

  • your IP address and
  • information about your device ID,
  • your device type and
  • the operating system used by your terminal device.

We only process information about triggered events on our website dermanostic.com as well as within our app (registration in the app, purchase within the app) if you have consented to the processing for the purpose of statistics or tracking within the app on our site via our Consent banner.

We process your data based on our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO to analyze the effectiveness of our advertisements for statistical and market research purposes.

If you have consented to the processing for the purpose of "statistics" via our Consent Banner or agree to the tracking within the app, the TikTok pixel is used and we process your data based on your consent pursuant to Art. 6 para. 1 UAbs. 1 lit. a DS-GVO.

Storage period

The personal data collected in the context of the advertisement will be deleted after 18 months.

Recipients

In the context of the advertisement, TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland ("TikTok") processes your data. The data related to you will be transferred to the USA. For this purpose, we have concluded an order processing agreement pursuant to Art. 28 (3) DS GVO within the scope of the Terms of Use, including standard data protection clauses pursuant to Art. 46°DS GVO.

You can find out about the appropriate or adequate safeguards TikTok gives us for third country transfers via https://www.tiktok.com/legal/privacy-policy?lang=de and here https://ads.tiktok.com/i18n/official/policy/privacy.

You may withdraw your consent from tracking on the Website at any time by clicking on the following link:

Delete All Cookies.

Within the dermanostic app, you can disable advertising tracking in the settings menu as follows: Using the setting indicated by the gear icon, select Account Management and under Privacy, disable tracking.

You can turn off the collection of data to display interest-based advertising at any time in your TikTok profile. To do so, go to your account settings within your profile and select "Turn off personalization and data" in the Privacy section.

Your right to object

According to Art. 21 DS-GVO, you have the right to object to the above-described processing of data related to you, if there are reasons arising from your particular situation or your objection is directed against direct advertising.

You can exercise your right to object by sending an email to datenschutz@dermanostic.com.

Processing operations in connection with our LinkedIn presence.

Purposes.

We operate a page on LinkedIn to present our company and our services.

Further information

We have entered into a joint accountability agreement with LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum. LinkedIn is responsible for fulfilling transparency obligations pursuant to the joint accountability agreement. You can find out more about how we process your personal data here: https://privacy.linkedin.com/de-de.

Processing operations in connection with our Pinterest presence.

Purposes.

We operate an account on Pinterest to present our company and our offer.

Further information

Pinterest is responsible for the processing of your data on Pinterest. You can find out more about the processing of your personal data here: https://policy.pinterest.com/en/privacy-policy.

Processing operations in connection with Pinterest Ads.

Purposes

We use the Pinterest tag, a service of Pinterest Europe Ltd, to deploy our Pinterest campaigns in a needs-based manner, to further optimize them and to measure their conversion Provided that you have reached our website via a Pinterest ad, we can track your subsequent actions. This allows us to analyze the effectiveness of our ad for statistical and market research purposes. This is to ensure that our ads on Pinterest are relevant to the user's interest and not harassing.

Types of data

The following types of data are processed as part of the ad display:

  • Device information,
  • Operating system used,
  • Time of the call of our offer,
  • Type and content of the campaign,
  • Cumulative data on the behavior of network site visitors:
  • Data on impressions and clicks,
  • triggered events on the website.

In addition, the following personal data is collected.

  • your IP address and
  • information about your device ID,
  • your device type and
  • the operating system used by your terminal device are processed.

We process information about triggered events on our website dermanostic.com as well as within our app "dermanostic" (registration in the app, purchase within the app) only if you have consented to the processing for the purpose of statistics or tracking within the app on our site via our Consent banner.

We process your data based on our legitimate interest in analyzing the effectiveness of our advertisements for statistical and market research purposes pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO.

If you have consented to the processing for the purpose of "statistics" via our Consent Banner or agree to the tracking within the app, the use of Pinterest tracking will take place and we will process your data based on your consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO.

Storage period

The personal data collected as part of the ad will be deleted after 180 days.

Recipients

In the context of the advertisement, Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland processes your data. The data related to you will be transferred to the USA.

Information about the Pinterest privacy policy can be found here: https://policy.pinterest.com/de/privacy-policy.

You may withdraw your consent from tracking on the Website at any time by clicking on the following link:

Delete All Cookies.

Within the app, you can disable advertising tracking in the settings menu as follows: Using the setting indicated by the gear icon, select Account Management and disable tracking under Privacy.

In your account settings on Pinterest, you can deactivate the collection of data for the display of interest-based advertising at any time at https://www.pinterest.de/settings (under "Customization", deactivate the button "Use info from our partners to better tailor recommendations and ads on Pinterest").

Alternatively, you can go to https://help.pinterest.com/de/article/personalization-and-data#info-ad and uncheck the box under "Disable Individual Customization" or enable your browser's Do-Not-Track setting.

Purposes.

We operate an account on Spotify to showcase our company and our offerings.

Further information

Spotify is responsible for the processing of your data on Spotify. You can find out more about the processing of your personal data here: https://www.spotify.com/de/legal/privacy-policy/ .

Integration of YouTube

Purpose

To optimize our web presence, we embed videos via YouTube on our website.

Types of data

When you call up a page that has an embedded video, a connection to the YouTube servers is established. The following types of data are processed in the process:

  • browser used,
  • visited page of this website,
  • content displayed by YouTube.

We use the "enhanced privacy mode" option provided by YouTube. According to the information provided by YouTube, in "extended data protection mode" your data - in particular which of our web pages you have visited as well as device-specific information including the IP address - is only transmitted to the YouTube server in the USA when you watch the video. By clicking on the video, you consent to this transmission.

The legal basis for this processing is your express consent pursuant to Art. 6 (1) UAbs. 1 lit. a DS-GVO. You give your consent to this processing via our cookie banner.

Storage period

For more information, please see Google's privacy policy (https://policies.google.com/privacy?hl=de&gl=de).

Recipients

Through this processing, components of YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a Google Inc. company, Amphitheatre Parkway, Mountain View, CA 94043, USA, are used. We have concluded an order processing agreement with YouTube as our processor pursuant to Art. 28 DS-GVO. The legal basis for the third country transfer are standard data protection clauses according to Art.°46 DS-GVO. Google provides appropriate guarantees for data protection, which you can view at https://privacy.google.com/businesses/processorterms/.

If you have a user account with YouTube and are logged in there at the time of calling up the page, the data processed when calling up the page will be assigned to your user account if you have not logged out beforehand.

For more information on data protection at YouTube, please refer to the privacy policy of Google (https://policies.google.com/privacy?hl=de&gl=de).

You may withdraw your consent at any time by clicking on the following link:

Delete All Cookies.

Processing operations in connection with Apple Search Ads.

Purposes

We use Apple ads to promote our app "dermanostic" within the App Store. In doing so, people with similar interests are grouped together to form so-called segments. These segments are used to support the display of personalized advertising. Your personal information is used to determine which segments you are assigned to and consequently which advertisements are displayed to you.

Types of data

The following types of data are processed as part of the advertising display:

  • Number of impressions of our advertisement,
  • Number of clicks on our advertisement,
  • Number of times our app was installed, which was triggered by the ad,
  • Search terms through which our ad was displayed.

In addition, the following personal data is processed:

  • your IP address and
  • information about your device ID,
  • your device type and
  • the operating system used by your end device are processed.

We process your data based on our legitimate interest pursuant to Art. 6 para. 1 UAbs. 1 lit. f DS-GVO to conduct effective marketing.

Storage period

The personal data collected in the context of the advertisement will be deleted 14 months.

Recipients

In the context of the advertisement, Apple Distribution International Ltd. ("ADI"), with the address Hollyhill Industrial Estate, Hollyhill, Cork, Ireland processes your data. The data related to you will be transferred to the USA. We have concluded an order processing agreement with Apple Search Ads as our processor pursuant to Art. 28 DS GVO. The legal basis for the third country transfer are standard data protection clauses according to Art.°46 DS-GVO.

Your right to object

If you do not want to receive personalized advertising, you can disable the personalized advertising setting on your iPhone, iPad, iPod touch or Mac.

For more information about disabling ads, please visit: https://support.apple.com/de-de/HT202074.

Your rights in connection with our processing of your personal data.

You have the right to,

To request information about your personal data processed by us in accordance with Art. 15 DS-GVO. In particular, you may request information about the purposes of processing, the category of personal data, the category of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, and the existence of automated decision-making, including profiling, and, where applicable, meaningful information about its details;

pursuant to Art. 16 DS-GVO, to demand the correction of incorrect or the completion of your personal data stored by us without undue delay;

pursuant to Art. 17 DS-GVO, to request the erasure of your personal data stored by us, unless the processing of such data is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;

pursuant to Art. 18 DS-GVO, to request the restriction of the processing of your personal data, provided that the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DS-GVO;

pursuant to Art. 20 DS-GVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;

to revoke your consent given once to us at any time in accordance with Art. 7 (3) DS-GVO. This revocation has the consequence that we may no longer continue the processing based on this consent for the future, whereby the processing carried out up to the time of the revocation remains lawful;

complain to a supervisory authority in accordance with Article 77 of the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose. The supervisory authority responsible for our registered office is the State Commissioner for Data Protection of North Rhine-Westphalia.

Your right to object

In cases where processing is carried out on the legal basis of our legitimate interest pursuant to Art. 6 (1) UAbs. 1 lit. f DS-GVO, you may object to the processing of your personal data pursuant to Art. 21 DS-GVO if there are grounds arising from your particular situation or if the objection is directed against direct advertising.

In the case of objection to direct marketing, you have a general right of objection, which is implemented by us without any indication of a particular situation.

In any case, you can exercise your right to object simply by sending an email to info@dermanostic.com.

Revocation of your consents

In any case of processing based on your consent given pursuant to Art. 6 (1) UAbs. 1 lit. a or Art. 9 (2) lit. a DS-GVO, you may revoke your consent at any time. This does not affect the lawfulness of the processing carried out up to the time of the revocation.

You can revoke the consent you have given us simply by sending an email to info@dermanostic.com.

Data transfer

In principle, we do not pass on your personal data to third parties. This only happens if

you have given your express consent in accordance with Art. 6 para. 1 UAbs. 1 lit. a or Art. 9 para. 2 lit. a DS-GVO,

  • the disclosure of your data pursuant to Art. 6 (1) (1) (f) DS-GVO is necessary for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in not having your data disclosed,
  • there is a legal obligation for the disclosure pursuant to Art. 6 (1) UAbs. 1 lit. c DS-GVO, or
  • the disclosure is legally permissible and necessary for the processing of contractual relationships with you pursuant to Art. 6 (1) (1) (b) of the German Data Protection Regulation (DS-GVO).

We would like to point out at this point that we have concluded order processing contracts with external service providers in accordance with Art. 28 DS-GVO, for example with our IT provider. A processor is a natural or legal person, an authority, institution or other body that processes personal data on behalf of the controller. When selecting these processors, we have ensured that they provide sufficient guarantees that appropriate technical and organizational measures are implemented in such a way that the processing is in compliance with data protection requirements. We are authorized to issue instructions to the processors and regularly monitor whether the processing by the processors complies with the requirements of data protection law. For their part, the processors do not disclose the data to third parties.

Data security

To ensure adequate security of the processing of your personal data, we use appropriate technical and organizational measures. When visiting our website/app, the so-called SSL procedure is used, combined with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. Only in the exceptional cases where your browser does not support this encryption technology, a 128-bit v3 technology is used. You can very easily check whether a single page of our website is transmitted in encrypted form. The closed display of the key or a lock symbol in the lower status bar of your browser prove the encrypted transmission.

Together with our order processors, we regularly further develop the technical and organizational measures and strive to constantly improve the security conditions for your personal data.

Actuality of this data protection declaration

This privacy policy is valid and has the status of May 2021. As we always strive to keep up with technical progress, we continue to develop our website and its offerings, as well as the technical and organizational measures to protect your data. In this context, it may be necessary to adapt the data protection declaration accordingly. You can access and print out the current data protection declaration at any time at https://dermanostic.com/datenschutz.

Would you like to delete all cookies?