The protection of your personal data is very important to us. We treat this topic with a great deal of care and therefore inform you in the following about the handling of your personal data when visiting our website.
Personal data means any information relating to an identified or identifiable natural person, such as name, address and e-mail address.
1. Controller and data protection officer
The responsible controller according to Art. 4 para. 7 of the General Data Protection Regulation (GDPR) is HPS Gesundheitscloud gGmbH, Rudolf-Breitscheid-Str. 185, D-14482 Potsdam, Germany, firstname.lastname@example.org.
You can contact our data protection officer by e-mail (email@example.com) or by sending a letter to our postal address (to the attention of “the data protection officer”).
2. Purpose and legal basis for the processing of personal data
a. When visiting our website
While visiting our website and if you do not register for our newsletter or contact us via our contact form, we only collect the data that your browser transmits to our server.
This is the following information required to display our website to you and to ensure stability and security: IP address, date and time of the request, content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system and its interface, language and version of the browser software. Please note that we cannot draw any conclusions about individual persons on the basis of this data.
The data is stored by us for technical security reasons, e.g. to prevent attacks on our web server; however, the data is anonymized after seven days at the latest by shortening the IP address at domain level, so that it is no longer possible to establish any reference to the individual website user. The legal basis for the processing described above is Art. 6 para. 1 sentence 1 lit. f GDPR (processing is necessary in relation with controller’s legitimate interests).
b. Registering for our Newsletter
With your consent, you can subscribe to our newsletter, in which we inform you –approximately once a month- about updates about the “Gesundheitscloud”, in particular about the launch of the “Gesundheitscloud” and eventual possibilities of a beta test for users about once a month.
For the registration to our newsletter we have implemented the so-called double opt-in procedure. This means that after you registered for the newsletter, we will send you an e-mail to the specified e-mail address in which we ask you for your confirmation that you would like to receive the newsletter. If you do not confirm the registration within three days, your information will be blocked and automatically deleted after one month.
The only information required to register for our newsletter is your e-mail address. After your confirmation we will save your e-mail address for the purpose of sending you the newsletter. The legal basis for the processing described above for the purpose of sending the newsletter is Art. 6 para. 1 sentence 1 lit. a GDPR (processing on the basis of the data subject’s consent).
In addition, we store your IP addresses and the time of registration and confirmation. The purpose of the aforementioned storage is to be able to prove your registration and, if necessary, to investigate a possible misuse of your personal data. The legal basis for this is Art. 6 para. 1 sentence 1 f GDPR (processing is necessary in relation with controller’s legitimate interests).
You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter, by e-mail to firstname.lastname@example.org or e.g. by contacting us via the contact details given in our imprint.
To send our newsletter, we use the services of our ISO 27001 certified newsletter service provider Mailjet, Friedrichstraße 68, 10117 Berlin. The e-mail addresses of the newsletter subscribers and the associated registration data required for logging / proof of registration are stored on Mailjet’s servers exclusively in the European Union. These data are used exclusively on our behalf on the basis of a data processing agreement between us and Mailjet for sending the newsletter and storing the registration data, not for other purposes and in particular not for Mailjet’s own use of the data.
We store the data described above in connection with the subscription to our newsletter for as long as you are subscribed for the newsletter. We will delete the data as soon as the storage is no longer necessary, e.g. after you have unsubscribed from the newsletter or revoked your consent.
c. Use of our contact form
When you contact us by e-mail or via our contact form, the data you provide (your e-mail address and your name as well as the content of your request) will be stored by us in order to process and answer your questions or your request.
We will delete the data after storage is no longer necessary (usually after your request has been completely dealt with) or we will limit processing if there are legal obligations to store the respective data.
In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are text files containing information on the use of our service (websites visited, number of visits, visiting times, length of stay on individual pages, browser used, operating system used, etc.), which are stored on your hard drive/device if you permit such storage via the setting of your browser.
Cookies cannot run programs or transmit viruses to your computer. Cookies are used to make our website more user-friendly and effective. This website uses the following types of cookies, the scope and functionality of which are explained below:
- Session cookies: We use session cookies on our website in order to understand how users interact with our website and their interest in the content offered on the website. Session cookies are automatically deleted when you close your web browser. Session cookies store a so-called session ID, with which different requests of your browser can be assigned to the common session.
- Permanent Cookies: In addition, we use so-called permanent cookies on our website. This helps us understand whether different visits to our website over a longer period of time come from one or different visitors to our website, in order to be able to measure the interest in our website. The permanent cookies we use have a lifetime of two years.
Please note that the cookies we use do not store any personal data and therefore we cannot draw any conclusion about your identity.
For the cookies used in the context of Google Analytics, please see the information below in section 4.
You can deactivate the option to save these cookies at any time in the system settings of your browser and delete existing cookies. Every user can view our website without cookies. However, the proper functioning of our website could be impaired if you do not accept cookies.
4. Use of Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. “(“Google”). Google Analytics uses “cookies”, text files, which are stored on your computer and allows us an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will shorten your IP address within the Member States of the European Union or in other states of the European Economic Area before such transfer occurs. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with further services associated with website and internet use. The IP address transmitted by your browser in relation with Google Analytics will not be combined with other Google data.
You may refuse the storage of the cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from such processing by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are processed only in shortened form, in order to rule out a potential personal identification of our website users.
We use Google Analytics to analyze and improve the use of our website. Using the insights gained from Google Analytics, we can improve our website and make it more interesting for you as a user. The legal basis for the use of Google Analytics is Art. 6 Par. 1 S. 1 lit. f GDPR (processing is necessary in relation with controller’s legitimate interests).Click here to opt-out.
5. Integration of YouTube videos
We have embedded YouTube videos on our website, which are stored on http://www.YouTube.com and can be played directly on our website. These videos are integrated in an “extended data protection mode”, i.e. no YouTube cookies are set if you do not play the videos. Only when you play the videos will the data specified in the following paragraph be transmitted. We include YouTube videos on our website in order to make the use of our website as user-friendly as possible by allowing you to view videos without leaving our website.
Even though the videos on our website have been embedded in an “extended data protection mode”, please note that the visit of our website leads to a connection with YouTube and YouTube receives the information that the user has called up the corresponding subpage of our website. Please also note that when you play the video, YouTube stores your data as user profiles and uses them for purposes of advertising, market research and/or design of the YouTube website. You have the right to object to the creation of such user profiles, although you must contact YouTube in order to exercise this right.
6. Your rights
You have the following rights with regard to personal data related to you:
- Right of access (Art. 15 GDPR),
- Right to rectification (Art. 16 GDPR),
- Right to erasure (Art. 17 GDPR, “right to be forgotten”),
- Right to restriction of processing (Art. 18 GDPR),
- Right to object to processing (Art. 21 GDPR),
- Right to data portability (Art. 20 GDPR).
You also have the right to complain about us to a data protection supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement if you consider that the processing of personal data related to you is unlawful.
7. Obligation to provide personal data
If you would like to subscribe to our newsletter or e.g. contact us via our contact form, you must provide the personal data required to send the newsletter or to process and respond to your inquiry. If you do not provide us with this information, it is not possible for us to send you the newsletter you have ordered or to process and respond to your inquiry.
8. Non-existence of automated individual decision making, including profiling
Please note that in the context of the use of our website and the use of our offers/services offered on our website (newsletter, contact form) you will not be subject to an individual decision based exclusively on automated processing – including profiling – which has a legal effect on you or significantly impairs you in a similar manner.