At AskGermanDoc, a telemedicine platform, we are committed to upholding high standards for data protection. Regardless of legal requirements, we pledge to collect and process your personal data solely for clearly defined and lawful purposes.
1. Data Processing Responsibility
The data controller responsible for data processing is DIT Deutsches Institut für Telemedizin UG (Ratsweg 9, 41472 Neuss, Germany). For any questions about data protection, you may contact us at info@askgermandoc.com.
2. Legal Basis for Data Processing
We process your personal data based on various legal grounds:
- Contract Performance under Art. 6(1)(b) GDPR, such as to provide telemedicine services.
- Consent under Art. 6(1)(a) and Art. 9(2)(a) GDPR for processing special categories of personal data (e.g., health information).
- Legitimate Interests under Art. 6(1)(f) GDPR, which allows us to analyze site usage and improve website functionality.
3. Data Collection When Using the Website
When you use our website, we automatically collect technical data, such as IP address, browser type, and access times. This data is processed anonymously and used solely for statistical purposes, enabling us to enhance the website and analyze user behavior.
4. Processing of Personal Data
Personal data, such as your name, email address, and health information, is collected with your consent when you register, request a consultation, or otherwise engage with the platform. This data is used for:
- Organizing and conducting consultations.
- Issuing invoices.
- Enhancing site functionality and providing a personalized experience.
Sensitive health data is stored securely on servers in Germany, maintained by Digital Ocean LLC. Access to this data is strictly limited to authorized personnel.
5. Data Retention and Deletion
Personal data is retained only as long as necessary to fulfill the specified purposes or as required by law. Medical data and account data are securely stored and deleted according to statutory retention periods. User accounts that are inactive for over one year are automatically deleted, with prior notification sent via email.
6. Data Sharing and International Transfers
We share medical data solely with partners for translation and consultation purposes, and payment data with payment systems (e.g., Klarna and Stripe). To ensure GDPR compliance, transfers to third countries (such as the U.S.) include adequate safeguards like EU Standard Contractual Clauses (SCCs) and other protective measures to secure your data.
7. Your Rights
Under GDPR, you have several rights regarding your personal data:
- The right to access information about your stored data.
- The right to correct or delete data under legal conditions.
- The right to restrict data processing.
- The right to data portability.
- The right to object to processing based on legitimate interests.
If you have any questions or wish to exercise these rights, please contact us at info@askgermandoc.com. You also have the right to lodge a complaint with the relevant supervisory authority.
8. Cookies and Web Analytics
Our website uses cookies and web analytics technologies to enhance user experience and conduct marketing campaigns. This data is collected anonymously and cannot identify you personally. If you wish, you can disable cookies in your browser settings.
For full transparency, we use a consent management tool to allow you to control the types of cookies activated during your visit. Only necessary cookies are enabled by default.
a. Main Types of Cookies and Third-Party Services
- Digital Ocean: Personal data is securely stored on Digital Ocean LLC servers (106 6th Avenue, New York, USA) to facilitate medical consultations, billing, and internal statistical analysis. See the Digital Ocean privacy policy for details.
- Vonage: Video consultations are conducted via Vonage (101 Crawfords Corner Rd, Suite 2416, Holmdel, NJ 07733, USA). The Vonage privacy policy is available on their website.
- Seven IO: For SMS notifications and two-factor authentication, we use Seven IO (seven communications GmbH & Co. KG, Willestr. 4-6, 24103 Kiel, Germany). More information on data protection by Seven IO is available on their website.
b. Marketing Cookies
We use marketing cookies to improve site interaction and display personalized ads:
- Google Analytics: Google Analytics helps us understand user behavior on our website. We use functions like remarketing and demographic reporting. This data is collected anonymously via cookies. You may disable this feature via your browser settings or Google’s opt-out options. See the Google Analytics privacy policy.
- Google AdWords: Google remarketing enables personalized ads based on prior site visits. Google collects no personal data in this process. To disable this feature, adjust your browser settings or use the Ad Network opt-out options. See the Google AdWords privacy policy.
c. Additional Services
- Payment Processors: For payment processing, we share your data with:
- Stripe: To handle medical consultation and product/service invoices, we transfer data to Stripe Inc. (510 Townsend Street, San Francisco, CA 94103, USA). Stripe uses cookies to optimize payment functionality. The Stripe privacy policy is available online.
- Brevo (formerly SendinBlue): Brevo manages automated email distribution for newsletters and notifications (Sendinblue SAS, 55 Rue d'Amsterdam, 75008 Paris, France). Their privacy policy is available online.
9. Data Security
We use appropriate technical and organizational measures to ensure the protection of your data against unauthorized access, including encryption, access controls, and secure storage. All sensitive data transfers are encrypted.
10. Amendments to the Privacy Policy
We reserve the right to amend this Privacy Policy to keep it accurate and compliant with legal requirements. Any changes will be communicated through the website.