(1) In the following, we inform you about the processing of personal data when using our MedRhein Lab App (the "App"). Personal data is all data that can be related to you personally, e.g. name, address, e-mail address, IP address, or your user behavior.
(2) The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) for the processing of personal data in connection with the App is MedRhein GmbH, Immengarten 8, 30926 Seelze, [email protected] ("MedRhein" or "we"). You can reach our data protection officer at [email protected].
(3) This data protection declaration refers exclusively to data processing with the app. Information on other processing of personal data, such as when you contact us, can be found on our website. As you use the App to assign the results of medical experiments (the "test results") retrieved from suitable devices to individual patients, a commissioned processing agreement pursuant to Art. 28 GDPR between your employer and us is the basis of the processing.
(1) When downloading the app, the required information is transferred to the App Store, i.e. in particular user name, email address and customer number of your account for the app store, time of download, and the individual device identification number. In addition, the app store independently collects further data if necessary. We have no influence on this data processing and are not responsible for it. We process the data only insofar as it is required for downloading the app to your mobile device.
(2) To use the app, it is necessary for you to register with us in order to synchronize the test results with your account. You only need to provide an email address and password for this registration. In addition, we store some information about the device you use to use the App (e.g. model, device name, operating system, etc.). This data is stored until you delete your account to use the app. The legal basis for this data processing is Art. 6 para. 1 p. 1 lit. b GDPR.
(3) The App is loaded onto your mobile device and can be used without access to the Internet. In principle, no personal data is collected during its use. If you use the App to scan test results and transfer them to your account, we collect the following personal data:
– Individual identifier of the experiment (experiment ID).
– Information about the terminal device used for testing
– Test results (this test result data is personal only to the extent that it was collected through your account and is generally not attributable to the tester)
– Timestamp of the transmission of the data
This data is stored until you delete the transmitted events or test results via our IVD data platform or delete your account with us. The legal basis for the aforementioned data processing is Art. 6 para. 1 p. 1 lit. b GDPR.
(1) We provide technical and organizational measures in our systems to protect your personal data as best as possible against loss, unauthorized access, or changes. Although we cannot guarantee or warrant that such unintentional data processing will never occur, we do everything in our power to prevent it.
(2) Under no circumstances will we pass on your personal data to third parties for their own use. We only use so-called hosting providers as service providers (order processors) to operate the database connected to the app. This may also involve transfers to countries outside the European Economic Area. Suppose the existence of an adequate level of data protection for such third countries has not been established by the European Commission. In that case, we provide guarantees - for example, through contractual agreements and, if necessary, supplementary technical and organizational measures - to ensure an adequate level of data protection.
(1) You have one of the following rights vis-à-vis us with regard to the personal data concerning you:
– Right to information and copy of the processed data,
– Right to rectification or deletion,
– Right to restriction of processing,
– Right to object to processing,
– Right to withdraw the consent is granted under data protection law, and
– Right to data portability
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.