We take confidentiality of our clients very seriously and take responsibility for the safety of our clients private information.
We are fully compliant with the data protection legislation of Germany and European Union. This document is designed to explain how your data is handled in accordance with the EU General Data Protection Regulation (GDPR).
This Policy outlines the following:
The collection and storage of your private data as a client and our web-site user and the way it is handled;
Sources of obtaining such data;
How we use the data;
How we store the data;
Who we can disclose the data to;
How your data is protected as per current data protection legislation.
We collect, use and store your private data only in volumes necessary to provide you with a service required.
HealthTech GmbH («We», «Company» or «Wunderdoc») is the controller of all private information collected, stored and used by Wunderdoc for the purpose of service provision, protection of legitimate HealthTech GmbH interests as well as those of the society, state and your own interests as a client.
Private data is defined by any information related to yourself, which allows to identify you as a private individual such as your name and surname, e-mail address, payment details and our web-site access level. We collect data the moment you access our web-site, authorise yourself or when you contact us directly. Information which can not be directly linked to certain private individual (e.g.web-site users statistics) is not considered to be private.
We collect the following categories of private data:
1. Name, surname, gender, date of birth, e-mail address, payment details;
2. All messages and requests sent to chosen medical providers (hereafter – service providers) along with the messages and requests sent by service providers to yourself through our service;
3. All created requests, correspondence and payment history;
4. Our web-site log in and usage history;
5. Messages sent to us via e-mail, chat, phone calls and social media.
6. Geographical location of your personal computer or other device in real time mode through your IP-address, type of browser and language used.
In the majority of cases we need to process your private data in order to get in touch with chosen Service Provider and monitor the process of providing the necessary information by Service Provider to yourself.
Your personal data is used for the following purposes:
1. By providing the requested service, we use your personal data for the following purpose: to find the suitable Service Provider and arrange the direct communication with its representatives;
2. We email you the message indicating the status change of your request. We also email you all the messages from Service Provider or Wunderdoc Support. These messages are not of marketing nature and can not be excluded;
3. We use your payment details for accounting, invoicing and audit;
4. We can disclose your personal data to government and law enforcement agencies in order to comply with the current legislation;
5. We use your personal data to maintain the relationship with you as a Client and improve our service;
Consent can be obtained only from individuals of 16 years of age or older. Parents or carers consent is required for children under 16 years of age. We will not store your data longer then required by the process of service provision. In order to determine the duration your data is stored we consider the quantity, nature and sensitivity of your personal data; purposes we need the data for and whether it can be achieved by other means. We also take in consideration the possibility of grievance procedures along with our business rights protection if requested. When personal data is no longer needed, it will be deleted.
We follow safety procedures whilst storing and disclosing your personal data. Site connectivity is encrypted by SSL (Secure Socket Layer) technology. SSL is a standard encryption of personal data to be safely passed on via Internet.
Your personal data can be disclosed to third parties for the purposes listed below:
1. We disclose the following data to Service Provider: your name and surname, date of birth, gender, original request text along with all the messages sent to Service Provider representatives.
2. Government, law enforcement and regulatory agencies;
3. Service providers used to run our business such as Cloud and web-mail providers;
4. Payment companies requiring payment information in order to carry out a transaction or guarantee a secure payment;
5. Legal or other professional consultants, judges or law enforcement agencies to protect our business rights as per legal contract signed by both parties.
Your personal information sent to Service Provider in your requests is considered “sensitive” as per current data protection legislation. When correspondence with Service provider is resumed, we archive your request and all related correspondence. This data is stored in our database but will no longer be available via your account on our web-site.
We keep your data whilst your account is active. You can refuse to provide your consent for private data processing at any time and delete your personal data by notifying us via e-mail firstname.lastname@example.org.
Our site contains links to external web-sites. We can not be held responsible for the confidentiality policies of external web-sites or their actions such as collecting and processing of your personal data.
You have right to:
1. Request the information about whether we store any personal data and reason for that.
2. Request access to your personal data.
3. Request the correction of your personal data. You can also make changed to your personal information via your profile on our web-site.
4. Request the deletion of your personal information unless we have good reasons to keep it for further processing.
5. Request the transmission of your personal data in digital and structured form to yourself or other party (data transfer right).
6. Consent withdrawal. On limited occasions, when you gave your consent to collect, process and disclose your personal data for certain purpose, you can withdraw your consent to process such information at any time. We will stop processing your personal information upon notification receipt about consent withdrawal unless we have other legal grounds to proceed. You can withdraw your consent to use your personal data by sending a request to email@example.com.
Access to your private data is free of charge. However, we can charge a small fee in case if your request is too complex or unreasonable. As an alternative, we might refuse to carry out the request under such circumstances.