Last update 05.01.2022.
1. Purpose and scope of action
Personal data (hereinafter referred to as "data") will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly Internet presence, including its contents and the services offered there.
In accordance with of the Regulation (EU) 2016/679 (General Data Protection Regulation, herinafter referred to as "GDPR"), "processing" shall mean any operation or set of operations carried out with or without the aid of automated procedures in connection with personal data, such as collection, recording, organization, sorting, storage, adaptation or alteration, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, alignment or combination, restriction, deletion or destruction.
Generally, all data is transmitted encrypted by samedi. For this purpose samedi uses the current encryption standard TLS (Transport Layer Security). This proven cryptographic procedure is used worldwide as a standard for highly sensitive transactions on the Internet, such as in online banking and for sensitive Internet applications in the health sector. The lock symbol in the browser window indicates whether the information is being transmitted in a protected manner and which encryption length is supported in the browser. The authenticity of samedi's encryption key is confirmed by the SSL/TLS certificate. The user can find out more about the certificate by double clicking on the lock symbol at the top of the screen.
All data stored on samedi servers is stored on encrypted hard disks (AES-256). In addition, data that is subject to medical confidentiality is already encrypted locally on the customer's computer and only then transferred to the samedi servers. A multi-level system of symmetric and asymmetric encryption algorithms is used for this, so that neither administrators nor samedi employees nor third parties can read this data in plain text. In order to decrypt the necessary keys, it is absolutely necessary to know the username and password of the user account. All used cryptographic algorithms correspond to the technical guideline TR-02102 ("Cryptographic procedures: recommendations and key lengths") of the German Federal Office for Information Security (BSI).
For the secure, physical storage of user/customer data samedi works with an external internet provider. The servers provided by this provider are located in Germany. Only specially authorized persons (e.g. from service companies for maintenance work) have access to the secured rooms. Due to the encrypted data storage these persons cannot access the customer data. The provider guarantees the use of modern firewall technology and physically secured facilities. The provider's scope of duties only includes ensuring the availability of the data center infrastructure (power, Internet, routing) and the leased hardware (e.g. replacement of defective components). Only administrators of samedi have access to the servers themselves.
With the following data protection declaration we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, as far as we either alone or together with others decide on the purposes and means of processing. In addition, we inform you in the following about the third-party components we use for optimization purposes and to increase the quality of use, if third parties process data on their own responsibility.
2. Differentiation from our other services
For the pure use of the samedi (www.samedi.com) website, the data protection conditions for visitors to the homepage www.samedi.de (https://www.samedi.com/en/date...) apply. As soon as users log in or register at patient.samedi.de or termin.samedi.de, the data protection conditions for the user account for patients of samedi (https://www.samedi.de/en/daten...) apply.
3. Information about us as responsible persons
Responsible provider of this website in the sense of data protection law is:
represented by Katrin Alscher, Prof. Dr. Alexander Alscher, Dr. Benedikt Simon
Rigaer Str. 44 10247 Berlin
Germany Phone: +49 (0)30 21230707-0
Data protection officer at the provider is:
Externer Datenschutzbeauftragter / Wirtschaftsjurist (LL. M.)
Eichhorster Weg 80
Geschäftsführer: Ralf Schulze
HRB 4691 AG Neuruppin
4. Log files
For technical reasons, especially to ensure a secure and stable Internet presence, data is transmitted to us by your Internet browser. These so-called server log files are used to record, among other things, the type and version of your Internet browser, the operating system, the website from which you have switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access and the IP address of the Internet connection from which our Internet presence is used.
This data is temporarily stored, but not together with other data about you. This storage takes place on the legal basis of Art. 6 paragraph 1 (f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our Internet presence.
The data will be deleted after 7 days at the latest, unless further storage is required for evidentiary purposes. Otherwise, the data is completely or partially excluded from deletion until the final clarification of an incident.
6. Registration on our website and use of the contractual services
a) Personal data
You have the possibility to register on our web software by providing personal data and to use the services of samedi. Which personal data will be transmitted to the person responsible for processing can be seen in the respective input mask that is used for registration and within the framework of the service provision. The legal basis for the processing of this data is therefore Art. 6 para. 1 lit. b) General Data Protection Regulation GDPR in conjunction with Art. 28 General Data Protection Regulation GDPR.
The registration of the person concerned under voluntary indication of personal data serves us to offer you contents or services that due to the nature of the matter can only be offered to registered users. Registered persons are free to change the personal data provided during registration at any time or to have it completely deleted from the data stock of the data controller.
Upon request, we will provide you with information at any time about what personal data is stored about you. Furthermore, we will correct or delete personal data at your request or notice, provided that this does not conflict with any statutory storage obligations. The responsible employees are available to you in this context as contact persons.
b) Specific personal data
You are given the opportunity to transmit genetic data, biometric data for the clear identification of a natural person as well as health data for specified purposes (so-called special person-related). Which special person-related data are transmitted to us in this context is determined by the respective input mask which is used for registration and within the scope of the provision of services. Special data will only be processed with the explicit consent of the persons concerned. The legal basis for the processing of special categories of data is therefore Art. 9 (2) a) General Data Protection Regulation GDPR in conjunction with Art. 28 General Data Protection Regulation GDPR.
c) Encoding of data
The personal and special person-related data, in particular patient and health data, which you have stored in your personal user account are encrypted locally on your computer and are only decrypted locally on your computers. This means that only you can locally view these particularly sensitive data. samedi does not store the personal data in plain text, but only as cryptographic data ("cryptographic data") on the samedi servers. In contrast to pseudonymized data, samedi's cryptographic data does not contain any individual information about personal or factual circumstances and has a factually empty information content. For this purpose, samedi designed and implemented a client-side encryption solution. This procedure guarantees that the data can only be decrypted in the client system by the authorized users. This approach conforms to the guidelines of the data protection commissioners of the Federal and State governments - "Data Protection and Telemedicine - Requirements for Medical Networks 2002" (see https://www.datenschutz.rlp.de/fileadmin/lfdi/Dokumente/Orientierungshilfen/dsb_oh_telemedizin.pdf, status October 2020), since this ensures that samedi cannot take note of personal medical data. This does not constitute a breach of medical confidentiality according to § 203 StGB. Also the protection against confiscation according to § 97 para. 2 sentence 2 StPO is relevant for samedi as a cloud service provider with encryption technology, as the protection against confiscation for persons in the health care professions is extended to service providers (such as samedi), as long as they process sensitive data.
No special person-related data will be passed on by samedi, unless the customer has given their explicit consent or samedi is obliged to hand over the data, for example due to a court or official order. In the case of a termination of the contractual relationship between the customer and samedi, samedi will permanently delete the data stored in the user account within twelve months, unless the customer has explicitly objected to the deletion of the data and instructs samedi to do so.
7. Customer information and newsletter
In the samedi user account you are given the opportunity to receive information on the contractual relationship as well as additional customer information.
If we send you information on the contractual relationship, we process your data within the framework of the contractual relationship in accordance with Art. 6 Para. 1 lit. b) General Data Protection Regulation GDPR. In these cases, we inform you about contractual changes or technical innovations.
Furthermore, you have the option of registering to receive customer information that goes beyond the contractual relationship as part of your consent. We inform our customers and business partners at regular intervals about company offers and e-health developments. The processing of your data for the transmission of customer information is based exclusively on your consent in accordance with Art. 6 Para. 1 lit. a) General Data Protection Regulation GDPR. Should there be a third party transfer of your data in the context of a support request, the legal basis is your consent according to Art. 49 para. 1 lit. a) General Data Protection Regulation GDPR.
When you register for the above-mentioned services, we also store the following data:
1. the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration, and
2. the date and
3. the time of registration.
This data is stored against the background of legitimate interest (Art. 6 para. 1 lit. f) General Data Protection Regulation GDPR) in order to be able to trace the (possible) misuse of the service at a later date and therefore serves our legal protection.
The personal data collected in the context of a registration will be used exclusively for sending information on the contractual relationship and, if you have opted to receive further customer information, for sending the customer information. Furthermore, subscribers could be informed by e-mail if this is necessary for the operation of the services or a related registration, as could be the case in the event of changes to the customer information offer or changes to the technical circumstances. No personal data collected will be passed on to third parties.
You can revoke your consent to receive our customer information at any time with effect for the future. To do so, simply uncheck the box in your user account for the receipt of customer information. Alternatively, you can also revoke your consent by contacting our data protection officer.
For the processing of your data for sending customer information, we use a service provider based in the USA, whereby your data is stored in Germany. However, under certain circumstances (e.g. in the case of support requests from us to the service provider), there may still be a third-country transfer of your data to the USA. Furthermore, due to US laws, American security authorities have the theoretical possibility to access data stored by our service provider in the EU. In this case, our service provider has submitted to the standard contractual clauses. Furthermore, there is an order processing contract with the service provider.
8. Possibility of contact
The web software samedi contains the possibility of a fast electronic contact to our company. If a data subject contacts the data controller by e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted voluntarily by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. This personal data is not disclosed to third parties.
9. contact via our contact form outside the web software
If you send us enquiries about samedi in general or further information about the areas of application and functionalities of the software via our contact form, the data you provide there will be processed for the purpose of handling and processing your enquiry by e-mail. Your data will not be used for other purposes or passed on unless you give us your separate consent to do so. The legal basis for the processing of your personal data is your consent in accordance with Art. 6 Para. 1 lit. a) General Data Protection Regulation GDPR. Should a third country transfer of your data occur in the context of a support request, the legal basis is your consent pursuant to Art. 49 para. 1 lit. a General Data Protection Regulation GDPR.
You can revoke this consent at any time. For this purpose, an informal communication by e-mail to: email@example.com is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. As soon as we have fully processed your request, we will delete your personal data unless mandatory legal provisions - in particular retention periods - take precedence.
If you give us your separate consent in accordance with Art. 6 (1) a) General Data Protection Regulation GDPR, the data you entered in the contact form will be stored by us for a maximum period of one year in order to adequately process any subsequent enquiries, unless you request us to delete it or revoke your consent. Mandatory legal provisions - in particular retention periods - remain unaffected.
We use a service provider based in the USA to process your data, whereby your data is stored in Germany. Under certain circumstances (e.g. in the case of support requests from us to the service provider), however, your data may still be transferred to the USA. Furthermore, due to US laws, American security authorities have the theoretical possibility of accessing data stored by our service provider in the EU. In this case, our service provider has submitted to the standard contractual clauses. Furthermore, there is an order processing contract with the service provider.
10. Other processors
We pass on your data to service providers who support us in the operation of the application and the associated processes within the scope of commissioned processing pursuant to Art. 28 GDPR. Our service providers are strictly bound by instructions and contractually obligated to us accordingly. For this purpose, we conclude an order processing agreement (AV) with the users of our web software for professionals (doctors/service providers).
- Filoo GmbH, Rhedaer Straße 25, 33330 Gütersloh: Hosting services.
- Twilio Ireland Limited: 25 - 28 North Wall Quay, Dublin 1, Ireland: SMS dispatch. In the course of sending SMS messages, personal data may be transferred to the USA. This transfer to third countries is secured by an AV contract with standard contractual clauses as well as by exemption clauses according to Art. 49 GDPR.
- Usercentrics GmbH, Sendlingerstr. 7, 80331 Munich: Cookie Consent Banner
- retarus GmbH, Aschauer Strasse 30, 81549 Munich: E-mail dispatch.
- Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin: e-mail newsletter.
- Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen: STUN/TURN; Jira
- Telekom T-Systems International GmbH Hahnstrasse 43d, 60528 Frankfurt am Main: Database backup (E2E).
Furthermore, data may be forwarded to the following recipients:
- Authorities, state regulators or other law enforcement agencies and courts, if it is required or permitted by law or if it is enforced by a binding order (Art. 6 para. 1 lit. f) GDPR or according to other legal provisions).
We do not transfer your personal data to third parties unless this is in connection with the purposes listed. If necessary, we will always inform you in advance and give you the opportunity to decide whether or not we may use your personal data in this different way.
11. transfer of personal data to third countries
When we transfer personal data outside the EU, we rely on an adequacy decision of the Commission (Art. 45 GDPR), on appropriate safeguards (Art. 46 GDPR) or, under Art. 49 GDPR, on the exemptions for a third country transfer.
12. Duration of data storage - routine deletion and blocking of personal data
We process and store data only for the period of time necessary to achieve the purpose of storage or if this has been provided for by the European Directives and Regulations or any other legislation in laws or regulations to which we are subject to. If the purpose of storage ceases to apply or if a storage period prescribed by the European Directive and Regulation Giver or any other competent legislator expires, the data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.
With regard to the data processing described above, users and data subjects have the right
- to obtain confirmation as to whether or not data concerning them is being processed, information on the data processed, further information on data processing and copies of the data (see also Art. 15 GDPR);
- the correction or completion of incorrect or incomplete data (see also Art. 16 GDPR);
- to the immediate deletion of data relating to them (see also Art. 17 of the GDPR), or, alternatively, if further processing is necessary in accordance with Art. 17 para. 3 of the GDPR, to the restriction of processing in accordance with Art. 18 of the GDPR;
- to the receipt of data concerning them and provided by them and to the transfer of such data to other providers/responsible parties (cf. also Art. 20 GDPR);
- to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection provisions (see Art. 77 GDPR.
In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or the restriction of processing that is carried out on the basis of Articles 16, 17 (1) and 18 of the GDPR. However, this obligation does not apply if such notification is impossible or involves disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.
Likewise, in accordance with Art. 21 of the GDPR, users and data subjects have the right to object to the future processing of data concerning them, provided that the data is processed by the provider in accordance with Art. 6 para. 1 letter f) of the GDPR. In particular, an objection to data processing for the purpose of direct advertising is permitted. Furthermore, users and data subjects have the right to revoke any consent given at any time for the processing of personal data.
13. Rights of Users and Data Subjects
With regard to the data processing described above, users and data subjects shall be entitled to
a) Right of access
You have the right of access to personal data processed with regard to your person; that is, you have the right to obtain confirmation as to whether your personal data are processed or not. Insofar as this is the case, you have the right to access the personal data processed about you and certain additional information, as well as to receive a copy in a commonly used electronic format.
b) Right to rectification
You have the right to have inaccurate personal data concerning you corrected as well as the right to have incomplete personal data completed.
c) Right to erasure
You have the right to erasure of your personal data, subject to restrictions under applicable law. This is the case, for example, if the personal data are no longer necessary in relation to the purposes for which they are processed, you withdraw your consent and there is no other legal ground for the processing, or the processing of your personal data is not required for compliance with a legal obligation, or for the assertion, exercise or defence of legal claims.
d) Right to restriction of processing
You have the right to restrict your personal data, for example if you contest its accuracy or if you have objected to the processing as described above. In both cases, this right shall apply during the processing and verification of your request by us.
e) Right to withdraw your consent to data processing
If you have consented to a certain type of processing, then you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
f) Right to data portability
You have the right to have data that we automatically process on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request direct transfer of the data to another controller, then this will only be done to the extent technically feasible.
g) Right to object
You have the right to object if the processing is based on the weighing of interests in accordance with Article 6 Paragraph 1 Sentence 1 lit. e) or f) EU GDPR in order to request a reassessment of interests or to object to direct marketing. We will then carry out a new assessment and continue processing your personal data, despite your objection, only if we can demonstrate compelling legitimate grounds that override your interests.
h) Right to lodge a complaint with the competent supervisory authority
You may file a complaint if you believe that we have violated applicable data protection provisions in the processing of your personal data.
In addition, the provider shall be obliged to inform all recipients to whom data has been disclosed by the provider about any correction or erasure of data or restriction of processing that takes place on the basis of Articles 16, 17 Paragraph 1, 18 of the EU General Data Protection Regulation. However, this obligation shall not obtain insofar as this notification is impossible or involves disproportionate effort. Notwithstanding the above, the user shall have a right to information about t