Privacy Policy - Mondosano - Digital Patient Recruitment

Data Privacy Policy

In this Data Privacy Policy, we would like to inform you about how we process personal data. We are aware of the importance of personal data processing to our users and as such, we comply with all relevant legal requirements. The protection of your privacy is of the utmost importance to us and we therefore comply with the legal data protection regulations as a matter of course.

Contact

Management: Dr. Julia Hitzbleck

Mondosano GmbH
Hans-Henny-Jahnn-Weg 53
22085 Hamburg, Germany
info@mondosano.de

Data Protection Officer

You can contact our Data Protection Officer at datenschutz@mondosano.de

Personal Data

Personal data is any information concerning the personal or material circumstances of an identified or identifiable natural person. This includes information and details such as your name, address or other postal address, telephone number and e-mail address.

Legal basis

Your data is processed on the basis of the following legal regulations:

– With regard to data that you provide in forms etc., with your consent, Art. 6 (1) lit. a) GDPR
– With regard to the services you use, to execute a contract concluded with you, Art. 6 (1) lit. b) GDPR
– Otherwise, particularly with respect to statistical data and online identifiers, on the basis of legitimate interests, Art. 6 (1) lit. f) GDPR (see below)

Legitimate interests

When processing your data, we pursue the following legitimate interests:

– Improvement of our services
– Protection against misuse
– Statistics

Sources of data

Unless stated otherwise, we receive this information from you (including via the devices you use).

Transfer of data to third countries

The data is transferred to third countries outside of the European Union. This is performed on the basis of statutory contractual provisions intended to ensure the adequate protection of your data and which you can consult upon request.

Disclosure of data to third parties

If you potentially qualify for a clinical trial, we will share your personalised information with the relevant study centre. As a general rule, no data is passed on to the study sponsors.

Storage duration

We store your data:

– If you have consented to the data processing, at the latest until you revoke your consent,
– If we need the data for the execution of a contract, for as long as the contractual relationship with you exists or for the legally required storage periods,
– If we use the data on the basis of a legitimate interest, as long as your interest in deletion or anonymisation does not take precedence.

Purposes

Your personal data will only be available to us when provided by you and only within the scope of and for the purpose for which the data was provided, e.g. during registration.

We only use and store your personal data as part of our services for the following purposes if you have expressly given us your consent:

If you have any questions, we will contact you by phone, email or using a messenger service. Queries and call-backs aim to determine your suitability for a potentially appropriate clinical trial. If a suitable clinical trial is found, we may transmit your data to our contractual partners, provided you have expressly consented to such. We also use your personal information to inform you about future studies if you have expressly consented to such. To this end, we will also regularly send you our newsletter if you have expressly consented to such (double opt-in).

Furthermore, your personal data will only be used for the following purposes by our company if you have previously given your express consent.

We only collect and use your health information for the following purposes: To verify your eligibility to participate in a clinical trial.

Data backup

We have taken extensive technical and organisational measures to safeguard your information against possible risks such as unauthorised access, unauthorised perusal, modification or dissemination, loss, destruction or abuse.

In order to protect your personal data from unauthorised third-party access during transmission, we secure the data transmissions using SSL encryption where necessary. This is a standardised encryption method for online services, especially for the internet.

Log files

Every time you access our internet pages, usage data is transferred via the respective internet browser and stored in log files. The records stored during this process contain the following data:

Domain from which the user accesses the website
Date and time of access
IP address of the accessing computer
Website(s) that the user visits within the scope of our offer
Volume of data transferred, browser type and version
Operating system used, name of the internet service provider
Notification stating whether the retrieval was successful

These log file records are evaluated anonymously in order to improve our services and make the website more user-friendly, to find and fix bugs and to control the server load.

Cookies

Cookies are small files that your browser stores on your device in a designated directory. These cookies can be used to determine, for example, whether you have previously visited a website. Most browsers automatically accept cookies. However, you can set your browser so that no cookies are stored or so that explicit consent is required before saving a cookie. You can also delete previously stored cookies at any time. Please note that disabling cookies may result in restrictions on the use of our website.

We need the cookies for the following purposes: By creating cookies, our web server can recognise your internet browser, your individual settings on our website and, if necessary, some of the login data in encrypted form, which makes it easier for you to use our website and log in automatically. We use session cookies, which are deleted when you close your internet browser on your device. Other cookies remain on your device even after the internet browser has been closed. However, these are deleted, either when you log out of your customer account with us, or after a few hours.

Web analytics

We use – like almost every other website operator – analytical tools in the form of tracking software to determine the frequency of use and number of users on our website.

In order to optimise this website and our services, we use Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, text files that are stored on your computer, to help analyse how you use the website. Information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the United States and stored there. However, in the event that IP anonymisation is activated on this website, your IP address is initially truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website in order to compile reports on website activities for the website operator and provide further services to the website operator relating to website and internet usage. The IP address transferred from your browser as part of Google Analytics will not be linked with any other data held by Google. You can prevent the storage of cookies by selecting the appropriate settings in your browser software; in this case, however, please note that use of some of this website’s functions may be limited.

In addition, you can prevent data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google by downloading and installing a browser plug-in by clicking on the following link: tools.google.com/dlpage/gaoptout?hl=de. As an alternative to the browser add-on or within browsers on mobile devices, please click this link to prevent future detection by Google Analytics within this website (the opt-out will only work for this browser and only for this domain). An opt-out cookie will be stored on your device. If you delete your cookies, you will need to click on the link again. For more information, please visit http://tools.google.com/dlpage/gaoptout?hl=de and http://www.google.com/intl/de/analytics/privacyoverview.html (general information about Google Analytics and data privacy).

This website uses Google Analytics with the extension “gat._anonymizeIp();” to ensure that IP addresses are collected anonymously (IP masking).

Usage-related advertising

The advertisements displayed on this website are optimised for you through the anonymous collecting and processing of your user behaviour, so that you can view advertising tailored to your interests. A cookie is stored on your computer for this purpose. Cookies are small text files that are stored on the hard disk of your computer and allow it to be recognised, but do not allow you to be personally identified. The behavioural targeting is carried out by third parties who also advertise other providers’ websites. These third-party companies then create their own usage profiles with cookies and use their respective targeting systems to select the collected data for the purpose of user-friendly advertising. These include the following companies: Facebook, Outbrain and Google.

We have allowed the following companies to collect usage data in order to optimise advertising for you based on your interests. Additional privacy information on each service is available on the websites of the listed companies, Facebook, LinkedIn, Outbrain and Google.

Social networks

Facebook

Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA and can be accessed at www.facebook.de. These individual social plugins can be identified by one of the Facebook logos or the additional specification, ‘Facebook social plugin’. A list with the appearance and functions of the individual plugins is available here: developers.facebook.com/docs/plugins. When you visit a page of our website that contains a social plug-in, the browser you are using makes a direct connection to the Facebook servers. The content of the social plug-in is then transmitted directly to your browser by Facebook and is integrated into the website. We therefore have no control over the amount of data that Facebook collects through the social plugins, and therefore notify you that to the best of our knowledge, due to the integration of the social plugins, Facebook will be informed that you have visited the corresponding page of our website, even if you are not registered as a Facebook user or are not currently logged into Facebook. This information, together with your IP address, is transferred from your browser to a Facebook server in the US and stored there. According to the information provided by Facebook, only the IP address of unregistered users in Germany will be stored. If you are logged in to Facebook, Facebook can directly link our website to your Facebook account. Facebook is informed that you have visited our website, regardless of whether you interact with the social plugins or not. If you interact with the social plugins, for example if you press the ‘Like’ button or leave a comment, the corresponding information is transmitted from your browser directly to Facebook and stored there. The information will also be posted on Facebook and displayed to your Facebook friends. Please see Facebook’s data privacy policy for further information about the purpose and scope of the data collection and the further processing and use of data by Facebook as well as your associated rights and settings options to protect your privacy, which are available at www.facebook.com/about/privacy. If you are a registered user of Facebook and do not want Facebook to collect information about you through our website and link this to your membership data stored on Facebook, you must log out of Facebook before visiting our website. It is also possible to block the social plugins with add-ons for your browser, such as the Facebook Blocker, webgraph.com/resources/facebookblocker

On our website we use functions of the social media network LinkedIn of the company LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. LinkedIn can be accessed at https://www.linkedin.com. By accessing pages that use such functions, data (IP address, browser data, date and time, cookies) is transmitted to LinkedIn, stored and evaluated. If you have a LinkedIn account and are logged in, this information will be associated with your personal account and the information stored in it. Regarding the Privacy Policy inside the European Union the operating company of LinkedÍn LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland. The Privacy Policy of LinkedIn can be accessed at https://www.linkedin.com/legal/privacy-policy. LinkedIn is verified under the Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active. If you choose to opt out of personalized advertising through LinkedIn, you can do so at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

YouTube

This website uses YouTube.de/YouTube.com plugins, which are operated by YouTube, LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA. When a user visits a website that contains this type of plugin, their browser establishes a direct connection to the YouTube servers. This will inform the YouTube server which of our websites the user has visited. If you are logged in as a member of YouTube, YouTube will link this information to your personal user accounts on these platforms. When using these plug-ins, e.g. by clicking on the video or start button or by posting a comment, this information is assigned to your YouTube user account, which you can only prevent by logging out of your account before using the plug-in. For more information, see the data privacy policy at www.google.de/intl/de/policies/privacy

Third-party services

We use the services of third parties for various functions of our website.

Outbrain

Outbrain Inc plugins are used on this website. This helps us to communicate with users (on the internet) in a targeted way by analysing their browsing behaviour. The method is based on cookie technology and analyses the content of websites visited by the internet user and their interaction with advertising banners. For more information, see the data privacy policy at https://www.outbrain.com/legal/privacy

opentrack

opentrack plugins are used on this website. This helps us with re-targeting and enables us to constantly improve the internet service we offer you. This technology makes it possible for internet users who are already interested in our services and website to advertise on our partners’ websites. Further information can be found in the data privacy policy at https://www.opentrack.org/privacy/policy/4ctFgEFUIi

Google Maps of Google Inc.

Google Maps plugins are used on this website. This helps us to find a suitable study in your area. Further information can be found in the data privacy policy at https://www.google.com/intl/de_de/help/terms_maps.html

Mailchimp

Mailchimp plugins are used on this website. This helps us to send you newsletters that appeal to you. For more information, see the data privacy policy at www.google.de/intl/de/policies/privacy

salesforce.com EMEA Limited

We use salesforce.com’s marketing service to provide you with the best possible study suitability process once we have found a potential study for you. Further information can be found in the data privacy policy at https://www.salesforce.com/de/company/privacy/full_privacy.jsp

Hotjar Limited

We use the analysis service Hotjar internally on our website in order to continuously optimise our content and the use of the forms as part of our quality control procedure. You can find Hotjar’s data privacy policy at https://www.hotjar.com/legal/policies/privacy

Amazon Web Services

We use the cloud computing services of Amazon Web Services, Inc. to operate our services. For more information, see the data privacy policy at https://aws.amazon.com/de/privacy/

Zapier

We use the services of Zapier Inc. for the automated forwarding of data. Among other things, completed contact forms are sent by email to the responsible employee. For more information, see the data privacy policy at https://zapier.com/privacy/

Adobe Typekit

We use Adobe Systems Software Ireland Limited’s services to provide you with the most readable and modern fonts on this website. For more information, see the data privacy policy at https://www.adobe.com/de/privacy.html

Sharethis.com

Sharethis.com plugins are used on this website to provide you with a convenient possibility to share articles either with your facebook friends or via e-mail. For more information, see the data privacy policy at https://www.sharethis.com/privacy/

Ausgezeichnet.org

We use AUBII GmbH’s rating services on https://ausgezeichnet.org in order to provide our customers a comfortable way of reviewing anonymously Mondosano’s services. For more information, see the data privacy policy at https://www.ausgezeichnet.org/datenschutz/

DoubleClick by Google

We use the online marketing service DoubleClick by Google Inc. for advertising customer related adverts, for optimizing our marketing campaigns and prevent adverts to be shown twice or more to our customers. For more information, see the data privacy policy at https://www.google.de/intl/de/policies/privacy

Rights of the data subject

Right to information, correction, revocation, complaint, cancellation and blocking.

You have the right to request information about whether we process your personal data and which of your personal data we process. You also have the right to request the correction of your personal data or its completion.
In certain circumstances, you have the right to request that your personal data be deleted.
In certain circumstances, you have the right to request that the processing of your personal data be restricted.
You may withdraw your consent to the processing and use of your data in whole or in part at any time with future effect.
You have the right to receive your personal data in a standard, structured and machine-readable format.
If you have any questions, comments, complaints or requests for information in connection with our Data Privacy Policy and the processing of your personal data, please contact our data protection officer in writing.
You also have the right to complain to the relevant supervisory authority if you believe that the processing of your personal data violates statutory provisions.

Contact

You can contact us at the following address:

Dr. Julia Hitzbleck, Hans-Henny-Jahnn-Weg 53
22085 Hamburg, Germany
patientenservice@mondosano.de

Requirement or obligation to provide data

Unless specifically stated at the time of collection, the provision of data is not required or obligatory.

Status of this Data Privacy Policy

18.05.2018
We reserve the right to amend this Data Privacy Policy at any time with future effect.
This Data Privacy Policy was created with the assistance of the privacy policy generator of ePrivacy GmbH.