Privacy Policy
With this privacy policy we would like to inform you about how we process personal data. We are aware of the importance of the processing of personal data for the user and accordingly observe all relevant legal requirements. The protection of your privacy is of the utmost importance to us. Therefore, compliance with the legal provisions on data protection is a natural part of our activities.
Personal data
Personal data is all information about the personal and factual circumstances of a specific or identifiable person. This includes information and details such as your name, your address, your postal address, your telephone number or your e-mail address.
Legal basis
The processing of your data takes place on the following legal bases:
- with regard to data that you provide in forms etc., with your consent, Article 6 (1) (a) GDPR
- in relation to services that you use, to perform a contract with you, Art. 6 (1) (b) GDPR
- otherwise, in particular in the case of statistical data and online identifiers, on the basis of legitimate interests, Article 6 (1) (f) GDPR (see below)
Legitimate interests
When processing your data, we pursue the following legitimate interests:
- improvement of our service
- protection against misuse
- statistics
Data sources
Unless otherwise stated, we receive the data from you (including the devices you use).
Storage duration
We store your data:
- if you have consented to processing, until you revoke your consent.
- if we need the data to execute a contract, at most for as long as the contractual relationship with you exists or statutory retention periods are in effect.
- if we use the data on the basis of a legitimate interest, for as long as your interest in deletion or anonymization does not outweigh it.
There may also be statutory retention requirements, such as commercial or tax retention requirements (e.g. Commercial Code, Fiscal Code). If such storage obligations exist, we will block or delete your data at the end of these storage obligations.
Intended purpose
Personal data will only be collected by us and only to the extent and for the purpose for which you have given us the data yourself, e.g. as part of a registration.
Data protection
We have taken extensive technical and organizational measures to protect your data against possible dangers such as unauthorized entry or access, unauthorised perusal, modification or distribution, as well as loss, destruction or misuse.
In order to protect your personal data from unauthorized access by third parties during transmission, we secure the data transmission using SSL encryption, if necessary. This is a standardized encryption method for online services, especially for the web.
Log files
Every time our website is accessed, usage data is transmitted by the respective internet browser and stored in log files, the so-called server log files. The data records saved this way contain the following data:
- domain from which the user accesses the website
- date and time of retrieval
- IP address of the accessing computer
- website(s) visited by the user as part of the service
- amount of data transferred, browser type and version
- operating system used
- name of the Internet service provider
- message whether the retrieval was successful
These log file data records are evaluated in an anonymous form in order to improve our service and make it more user-friendly, to find and correct errors and to control server utilization.
Cookies
This website uses so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our service more user-friendly, effective and secure. Cookies are small text files that are stored on your computer via your browser. By using cookies, we can provide you with more user-friendly services that would not be possible without the cookie setting. Cookies enable us to recognize you on our website. The purpose of this recognition is to make it easier for you to use our website.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser in a way that you get informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. However, if cookies are deactivated, the technical functionality of this website may be restricted.
Web analytics
We use Matomo for web analytics, a service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769, (“Matomo”) using cookie technology. The protection of your data is important to us, which is why we have also configured Matomo so that your IP address is only recorded in abbreviated form. We therefore process your personal usage data anonymously. It is not possible for us to draw any conclusions about your person. Further information on Matomo’s terms of use and privacy policy can be found at: https://matomo.org/privacy/
Marketing services
We use Google Tag Manager, a technical solution with which so-called website tags can be managed via an interface and e.g. Google Analytics and other Google marketing services can be integrated into our online presence. The Tag Manager itself (which implements the tags) does not process any personal data. Further information on the processing of personal data can be found in the information on Google services: https://www.google.com/intl/de/tagmanager/use-policy.html
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law. You can find the certificate here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
Social networks
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to be able to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
We process user data if they communicate with us within social networks and platforms, e.g. write posts on our online presence or send us messages.
Recruiting
Our recruitment page is operated by Personio GmbH, which offers a human resource and candidate management software solution (https://www.personio.com/legal-notice/). Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The processing of this data by Personio is based on an agreement for the processing of orders between us and Personio. In addition, Personio GmbH processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website.
Third party services
We transfer personal data to third parties in order to fulfill our contractual or legal obligations and to be able to offer our services. We are legally obliged to transmit data to state authorities, e.g. tax authorities, supervisory authorities and law enforcement authorities.
In the case of transmission to external parties in third countries, i.e. outside the EU or the EEA, we ensure that these parties treat your personal data with the same care as within the EU or the EEA. We only transfer personal data to third countries for which the EU Commission has confirmed an adequate level of protection or if we ensure careful handling of personal data through contractual agreements or other suitable guarantees, such as certifications or proven compliance with international security norms and standards.
Hosting
This website uses Google Cloud, an online storage service for files, photos and videos. The service provider is the American company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
Google also processes your data in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. You can find more information on this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
Google also uses so-called standard contractual clauses (= Art. 46 (2) and (3) GDPR). Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through the EU-US Data Privacy Framework and the standard contractual clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en.
Google has a contract for order processing in accordance with Art. 28 GDPR, which serves as the data protection basis for our customer relationship with Google. The content of this contract refers to the EU standard contractual clauses. You can find the order processing conditions here: https://business.safety.google/intl/en/adsprocessorterms/
Cloudflare
We use the Cloudflare service from Cloudflare Inc, 101 Townsend Street, San Francisco, California 94107, USA as a so-called CDN (Content Delivery Network). The integration takes place to secure our website and to optimize loading times. IP addresses and the data of your browser or operating system as well as the referrer URL are processed. This service is used to distribute, accelerate and protect online applications.
Cloudflare may use (technically necessary) cookies for optimization and analysis purposes. Further information about the provider can be found here: https://www.cloudflare.com/privacypolicy/
Rights of the data subject
- You have the right to request information as to whether and which of your personal data is processed by us. You also have the right to request that your personal data be corrected or completed.
- You have the right to request that your personal data be deleted in certain circumstances.
- In certain circumstances, you have the right to request that the processing of your personal data be restricted.
- You can revoke your consent to the processing and use of your data in whole or in part at any time with effect for the future.
- You have the right to receive your personal data in a common, structured and machine-readable format.
- You can also contact our data protection officer in writing with questions, comments and complaints as well as requests for information in connection with our declaration on data protection and the processing of your personal data.
- You also have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data violates the statutory provisions.
Contact
Fax: +49 40 35 67 60 36
For all questions and concerns regarding the security of your data, you can contact us at datenschutz@sidekickhealth.com. If you have a particularly sensitive matter, please contact us by post, as communication by e-mail can always have security risks.
Need or obligation to provide data
Unless expressly stated during the survey, the provision of data is not required or mandatory.
Status of this privacy policy: January 24th 2024