Privacy policy in general for customers

1. Purpose and Scope

This Privacy Policy applies with regard to visiting and use of: app.samedi.de und app.samedi.com

We process personal data (hereinafter referred to in general as “data”) only to the extent required and for the purpose of providing a functional and user-friendly website, including the contents and services offered therein.

In accordance with Article 4 No. 1. of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to simply as “GDPR”), “processing” shall mean any operation or set of operations performed on personal data, with or without the aid of automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, query, use, disclosure by transmission, dissemination or any other form of provision, matching or combination, restriction, deletion or destruction.

Basically, all data is transmitted encrypted by samedi. For this purpose samedi uses the current encryption standard TLS (Transport Layer Security). This proven cryptographic procedure is used worldwide as a standard for highly sensitive transactions on the Internet, such as online banking and sensitive Internet applications in the health sector. The lock symbol in the browser window indicates whether the information is transmitted in a protected manner and which encryption length is supported in the browser. The authenticity of samedi’s encryption code is confirmed by the SSL/TLS certificate. By double-clicking on the lock symbol at the top of the screen, the user can find out more about the certificate.

All data stored on the samedi servers is stored on encrypted hard disks (AES-256). In addition, data that is subject to medical confidentiality is already encrypted locally on the customer’s computer and only then transferred to the samedi servers. For this purpose, a multi-level system of symmetric and asymmetric encryption algorithms is used so that neither administrators nor employees of samedi nor third parties can read this data in plain text. To decrypt the necessary keys it is mandatory to know the user name and password of the user account. All cryptographic algorithms used comply with the Technical Guideline TR-02102 (“Cryptographic Methods: Recommendations and Key Lengths”) of the German Federal Office for Information Security (BSI).

For the secure, physical safekeeping of user/customer data, samedi works with an external Internet provider. The servers provided by this provider are located in Germany. Only specially authorized persons (e.g. from service companies for maintenance work) have access to the secured rooms. Due to the encrypted data storage, these persons cannot access customer data. The provider ensures the use of modern firewall technology and physically secured facilities. The provider’s scope of duties only includes ensuring the availability of the data center’s infrastructure (power, Internet, routing) as well as the rented hardware (e.g. replacement of defective components). Only administrators of samedi have access to the servers themselves.

With the following Privacy Policy we inform you in particular about the type, scope, purpose, term and legal basis of the processing of personal data, insofar as we decide either independently or together with others on the purposes and means of processing. Moreover, we inform you in the following about the third-party components we use for optimisation purposes and in order to increase the quality of use insofar as third parties process data in turn on their own responsibility.

2. Differentiation from Our Other Services

For the pure use of the Internet pages of samedi (www.samedi.com), the data protection conditions for visitors to the homepage https://legal.samedi.de) apply. As soon as users log in or register at patient.samedi.de or termin.samedi.de, the data protection conditions for the user account for patients of samedi (https://www.samedi.de/datenschutz-patienten.html) apply.

3. We as the Controller

The responsible provider of this website within the meaning of data protection law is:

The provider’s data protection officer is:

4. Log Files

For technical reasons, in particular to ensure a secure and stable provision of the web software, data is transmitted to us by your Internet browser. With these so-called server log files, the following information, among others, is collected:

• the type and version of your internet browser
• the operating system
• the website from which you accessed our web software referrer URL)
• the website(s) of our web software that you visit
• date and time of the respective access
• the IP address of the Internet connection
• entries you have made in form fields

This data collected in this way is stored temporarily, but not together with other data from you. This storage takes place on the legal basis of Art. 6 para. 1 lit. f) EU GDPR, in conjunction with a contract processing agreement pursuant to Art. 28 EU GDPR for the relevant institution as the responsible entity. The legitimate interest lies in the improvement, stability, functionality and security of the web software.

The data will be deleted again after 7 days at the latest, unless further storage for evidence purposes is required. Otherwise, the data is exempt from deletion in whole or in part until final clarification of an incident.

5. Cookies

We use so-called cookies with our web software. Cookies are small text files or other storage technologies that are placed and stored on your end device by the Internet browser you use. Through these cookies, certain information from you is processed to an individual extent. We only use technically necessary session cookies, which are deleted after the end of the use of our web application - at the latest when you exit your web browser. These cookies do not contain any personal reference. The use of session cookies is absolutely and exclusively necessary in order to be able to provide you with the desired web application technically. The use of cookies required for the operation of the web software is based on § 25 para. 2 no. 2 TTDSG.

6. Registration and use of contractual services

a) personal information

You have the possibility to register on our web software by providing personal data and to use services of samedi. Within the scope of the registration and use of our web software, samedi GmbH acts as a processor for the respective institution as the controller. Which personal data is transmitted to the controller in the process is determined by the respective input mask used for registration and in the context of service provision.

The personal data you enter in the mandatory fields will be processed exclusively for the provision of the contractual services, unless otherwise specified in this privacy policy. The legal basis for the processing of this data is therefore Art. 6 para. 1 lit. b) EU GDPR in conjunction with Art. 28 EU GDPR.

In addition to the mandatory information, you also have the option of providing further personal data as part of your consent pursuant to Art. 6 (1) a) EU GDPR during registration and within the web software. The registration under voluntary provision of personal data serves us to offer you content or services that, due to the nature of the matter, can only be offered to registered users.

Registered persons are free to change the personal data provided during registration at any time or to have it completely deleted from the data stock of the controller.

b) special personal data

You are given the option of transmitting genetic data, biometric data for the unique identification of a natural person and health data for specified purposes (so-called special personal data). Which special personal data is transmitted to us in this context is determined by the respective input mask used for registration and in the context of service provision. Special data is only processed after the express consent of the data subjects or within the scope of commissioned processing. The legal basis for the processing of special categories of data is thus Art. 9 (2) a) EU GDPR in conjunction with Art. 28 EU GDPR.

c) Encryption of the data

The personal and special personal data you have stored in your personal user account, in particular patient and health data, are encrypted locally on your computer and are only available decrypted locally on your computers. This means that only you can view this particularly sensitive data locally. samedi does not store the personal data in plain text, but only as cryptographic data (“crypto data”) on the samedi servers. In contrast to pseudonymized data, samedi’s crypto data do not contain any individual information about personal or factual circumstances and have a factually empty information content. For this purpose, samedi has designed and implemented a client-side encryption solution. This procedure ensures that the data can only be decrypted in the client system by authorized users. This approach conforms to the guidelines of the data protection commissioners of the federal and state governments - “Data Protection and Telemedicine - Requirements for Medical Networks 2002”. (cf. https://www.datenschutz.rlp.de/fileadmin/lfdi/Dokumente/Orientierungshilfen/dsb_oh_telemedizin.pdf , as of October 2020), as this ensures that samedi cannot take note of any personal medical data. This means that there is no breach of the medical confidentiality obligation in accordance with Section 203 of the German Criminal Code (StGB). Likewise, the protection against seizure pursuant to Section 97 (2) sentence 2 StPO is relevant for samedi as a cloud service provider with the encryption technology, since the protection against seizure for persons in the medical professions is extended to service providers (such as samedi) if the latter processes data worthy of protection.

No special personal data will be disclosed by samedi unless the customer has expressly given his consent or samedi is obliged to disclose such data, for example due to a court or official order.

7. Contract information and customer information

We have included content from YouTube (videos), operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA on our homepage. This content can be played directly via our homepage. All of this content is integrated in “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. The data specified in Paragraph 2 are transmitted only when you play the videos. We have no influence on this data transmission.

If we send you information about the contractual relationship, we process your data within the framework of the contractual relationship in accordance with Art. 6 para. 1 lit. b) EU GDPR. In these cases, we inform you about contractual changes or technical innovations.

Furthermore, you have the option of registering to receive customer information that goes beyond the contractual relationship as part of your consent. We inform our customers and business partners at regular intervals about company offers and e-health developments. The processing of your data for the transmission of customer information is based exclusively on your consent in accordance with Art. 6 Para. 1 lit. a) EU GDPR. If there is a third party transfer of your data in the context of a support request, the legal basis is your consent pursuant to Art. 49 para. 1 lit. a) EU GDPR. When registering for the aforementioned services, we also store

1. the IP address of the computer system used by the data subject at the time of registration, as assigned by the Internet service provider (ISP), as well as
2. the date and
3. the time of registration.

The storage of this data takes place against the background of legitimate interest (Art. 6 para. 1 lit. f) EU GDPR) in order to be able to trace the (possible) misuse of the service at a later point in time and therefore serves our legal protection.

The personal data collected in the course of a registration will be used exclusively for sending information on the contractual relationship and, if you have opted to receive more extensive customer information, for sending the customer information. Furthermore, subscribers could be informed by e-mail if this is necessary for the operation of the services or a related registration, as could be the case in the event of changes to the customer information offer or changes in the technical circumstances. There is no transfer of the collected personal data to third parties. You can revoke your consent to receive our customer information at any time with effect for the future. To do so, simply uncheck the box for receiving customer information in your user account. Alternatively, you can also revoke the revocation vis-à-vis our data protection officer.

For the processing of your data for sending customer information, we use a service provider based in the USA, whereby your data is stored in Germany. However, under certain circumstances (e.g. in the case of support requests from us to the service provider), a third country transfer of your data to the USA may still occur. Furthermore, due to US laws, American security authorities have the theoretical possibility to access data stored by our service provider in the EU. In this case, our service provider has submitted to the standard contractual clauses. Furthermore, there is an order processing contract with the service provider.

8. Contact Form

The samedi web software contains the possibility of a quick electronic contact to our enterprise. If a data subject contacts the data controller by e-mail or via a contact form, the personal data transmitted by the data subject will automatically be stored for the purpose of processing or contacting the data subject. A use for other purposes or a transfer of your provided data to third parties does not take place, unless you give us your separate consent for this. The legal basis for the processing of your personal data is your consent pursuant to Art. 6 (1) a) EU GDPR. You can revoke this consent at any time. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. If you contact us to ask questions about your contract or our agreed services, the legal basis is Art. 6 para. 1 lit. b) EU GDPR. As soon as we have fully processed your request, we will delete your personal data, unless mandatory legal provisions - in particular retention periods - take precedence.

9. Contact via our contact form outside the web software

If you send us inquiries about samedi in general or further information about the areas of application and functionalities of the software via our contact form, the data you provide there will be processed for the purpose of handling and processing your inquiry by e-mail. Your data will not be used for other purposes or passed on unless you give us your separate consent to do so. The legal basis for the processing of your personal data is your consent in accordance with Art. 6 (1) a) EU GDPR. Should there be a third party transfer of your data in the context of a support request, the legal basis is your consent pursuant to Art. 49 (1) lit. a EU GDPR. You can revoke this consent at any time. For this purpose, an informal communication by e-mail to: datenschutz@samedi.de is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. As soon as we have fully processed your request, we will delete your personal data, unless mandatory legal provisions - in particular retention periods - take precedence.

If you give us your separate consent in accordance with Art. 6 (1) a) EU GDPR, the data you enter in the contact form will be stored by us for a maximum period of one year in order to adequately process any subsequent inquiries, unless you request us to delete it or revoke your consent. Mandatory legal provisions - in particular retention periods - remain unaffected.

We use a service provider based in the USA to process your data, with your data being stored in Germany. However, under certain conditions (e.g. support requests from us to the service provider), your data may still be transferred to a third country in the USA. Furthermore, due to US laws, American security authorities have the theoretical possibility of accessing data stored by our service provider in the EU. In this case, our service provider has submitted to the standard contractual clauses. Furthermore, there is an order processing contract with the service provider.

10. General Information and Contact Support

We conclude processing / data protection agreements insofar as we use external service providers for whom commissioned data processing of our available personal data represents a (core) component of their processing activities. These external service providers are carefully selected and regularly monitored by us. They process personal data only on our behalf and strictly in accordance with our instructions on the basis of the relevant contract on commissioned processing / data protection agreement (Article 28 EU GDPR).

Unless otherwise stated in this Privacy Policy, we will transfer data to processors for the aforementioned purposes to

• dogado GmbH, Antonio-Segni-Straße 11, 44263 Dortmund: hosting services
• retarus GmbH, Aschauer Straße 30, 81549 Munich: e-mail dispatch and sms
• Telekom T-Systems International GmbH Hahnstrasse 43d, 60528 Frankfurt am Main: hosting services
• Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen: STUN/TURN; Jira

Furthermore, disclosure may be made to the following recipients:

• authorities, state regulators or other law enforcement agencies and courts, if required or permitted by law or if enforced by a binding order (Article 6 Paragraph 1 lit. f) EU GDPR or in accordance with other statutory provisions)

Your personal data will not be passed on unless this is related to the purposes listed. Where necessary, we will always provide you with prior notice and an opportunity to choose whether or not we may use your personal information in this different manner.

11. Transfer of personal data to third countries

If we transfer personal data to countries outside the EU, we rely on an adequacy decision by the Commission (Art. 45 EU GDPR), on suitable guarantees (Art. 46 EU GDPR) or on the exceptions for third-country transfers under Art. 49 EU GDPR.

12. Duration of data storage - routine deletion and blocking of personal data

We process and store data only for the period of time necessary to achieve the purpose of storage or if this has been provided for by the European legislator for directives and regulations or another legislator in laws or regulations to which we are subject. If the purpose of storage no longer applies or if a storage period stipulated by the European directive and regulation authority or another competent legislator expires, the data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.

13. Rights of Users and Data Subjects

With regard to the data processing described above, users and data subjects shall be entitled to

a) Right of access

You have the right of access to the personal data processed with regard to your person; that is, you have the right to obtain confirmation as to whether your personal data are processed or not. Insofar as this is the case, you have the right to access the personal data processed about you and certain additional information, as well as to receive a copy in a commonly used electronic format.

b) Right to rectification

You have the right to have inaccurate personal data concerning you corrected as well as the right to have incomplete personal data completed.

c) Right to erasure

You have the right to erasure of your personal data, subject to restrictions under applicable law. This is the case, for example, if the personal data are no longer necessary in relation to the purposes for which they are processed, you withdraw your consent and there is no other legal ground for the processing, or the processing of your personal data is not required for compliance with a legal obligation, for the assertion, exercise or defence of legal claims.

d) Right to restriction of processing

You have the right to restrict your personal data, for example if you contest its accuracy or if you have objected to the processing as described above. In both cases, this right applies during the processing and verification of your request by us.

e) Right to withdraw your consent to data processing

If you have consented to a certain type of processing, then you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

f) Right to data portability

You have the right to have data that we automatically process on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request direct transfer of the data to another controller, then this will only be done to the extent technically feasible.

g) Right to object

You have the right to object if the processing is based on the weighing of interests in accordance with Article 6 Paragraph 1 Sentence 1 lit. e) or f) EU GDPR in order to request a reassessment of interests or to object to direct marketing. We will then carry out a new assessment and continue processing your personal data, despite your objection, only if we can demonstrate compelling legitimate grounds that override your interests.

h) Right to lodge a complaint with the competent supervisory authority

You may file a complaint if you believe that we have violated applicable data protection provisions in the processing of your personal data.

In addition, the provider shall be obliged to inform all recipients to whom data has been disclosed by the provider about any correction or erasure of data or restriction of processing that takes place on the basis of Articles 16, 17 Paragraph 1, 18 of the EU General Data Protection Regulation. However, this obligation shall not obtain insofar as this notification is impossible or involves disproportionate effort. Notwithstanding the above, the user shall have a right to information about these recipients.