English
Deutsch
Русский
عربي
MedicusUnion GmbH
Bruno-Marek-Allee 20/50
1020 Vienna
Handelsgericht Wien, FN 556089d
UID-Nummer: ATU 78538628
Contact information data protection officer
Mag. Markus Brodnik
This platform uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller). You can recognize an encrypted connection by the string "https: // " and the lock symbol in your browser line.
Status: January 2023
If you use our platform for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files "). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. A transfer or other use of the data does not take place. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
2.3 Personal data is collected when contacting us (e.g. via contact form or e-mail). Which data is collected in the case of a contact form can be seen from the respective contact form. This data will be stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is the processing of Art. 6 para. 1 lit. b GDPR (necessary for the implementation of pre-contractual measures). Your data will be deleted 3 years after final processing of your request.
ContractWhen you register to use our services, you provide us with basic information such as: Your e-mail address, name, address and date of birth. Which inventory data is collected can be seen from the respective input forms during registration. In accordance with Art. 6 para. 1 lit. b GDPR, personal data is collected and processed if you provide it to us for the execution of the agency contract. We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g. services used, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 para. 1 lit b. GDPR. If users have terminated their user account, their data will be deleted with regard to the user account, unless their storage is required for commercial or tax or medical reasons. Art. 6 para. 1 lit. c GDPR. It is the responsibility of the users to back up their data in the event of termination before the end of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.
If you use our Services to receive a healthcare service, you may provide us with medical data such as medical history, physical condition information, current health information, history, medical image data (including X-ray, CT scan, MRI, PET, ultrasound, mammography) and medical reports. On our website, we therefore offer users the opportunity to allow access to image files and health data via upload function to the corresponding doctor. The data is stored encrypted on a server of Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. The transmission and processing of personal health data is necessary for the conclusion and execution of the findings contract and the provision of the associated services, to which you have given your express consent by concluding the findings contract. We process your health data for health care, for medical diagnostics or for the care or treatment in the health or social sector by the doctor in accordance with Art. 9 para. 2 lit h GDPR or pursuant to Art. 9 para. 2 lit a GDPR, provided that you have given us your express consent.
These express declarations of consent can be revoked in writing without justification and at any time with effect for the future. You can send this revocation to us at the specified e-mail address. However, if the revocation takes place before the conclusion of the health service contract in question, the processing is necessary for this purpose and can then not be carried out.
Encrypted data transport of health data: The data transport is exclusively encrypted.
In addition to these technical security measures, we have created a security concept.
By authenticating the doctor (when the doctor registers on the platform) and the user (when the user registers on the platform), the system checks whether the doctor and the user are authorized for access. Every action is logged.
By default, doctors have access to the health data released by the user for 90 days, but at least for the duration of the treatment contract. Thereafter, the access authorization expires and only becomes active again when the treatment or care relationship is renewed for treatment.
The period of 90 days is intended for the retrieval of further information on the specific treatment or care case, e.g. if findings or further consultations are still pending after a health service has been provided.
4.1 Registration for our e-mail newsletter
If you subscribe to our e-mail newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your e-mail address.
By registering, you give us your consent to the use of your personal data in accordance with Art. 6 para. 1 lit. a GDPR. When registering for the newsletter, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when registering for the newsletter will be used exclusively for purposes of advertising by means of the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending us a corresponding message. After unsubscribing, your e-mail address will be deleted immediately from our newsletter distribution list.
4.2 Sending the e-mail newsletter to existing customers
If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services, such as those already purchased, from our range by e-mail. According to § 107 TKG, we do not have to obtain any separate consent from you for this. In this respect, data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 para. 1 lit. f GDPR and § 174 TKG. If you have initially objected to the use of your e-mail address for this purpose, we will not send an e-mail. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying us.
Use of payment service providers (payment services)
Apple PayIf you choose the "Apple Pay" payment method from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment is processed via the "Apple Pay" function of your device operated with iOS, watchOS or macOS by charging a payment card stored with "Apple Pay". Apple Pay uses security features built into your device's hardware and software to protect your transactions. For the release of a payment, it is therefore necessary to enter a code previously defined by you and to verify it using the "Face ID" or "Touch ID" function of your end device. For the purpose of payment processing, your information provided during the ordering process, along with the information about your order, will be transmitted to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before transmitting the data to the payment service provider of the payment card stored in Apple Pay to process the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the originating website to confirm payment success.If personal data is processed during the described transfers, the processing takes place exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR. Apple retains anonymized transaction data, including the approximate purchase amount, the approximate date and time, and whether the transaction was successfully completed. The anonymization completely excludes a personal reference. Apple uses the anonymized data to improve Apple Pay and other Apple products and services.When you use Apple Pay on your iPhone or Apple Watch to complete a purchase you made through Safari on your Mac, your Mac and authorization device communicate over an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that identifies you. You can turn off the ability to use Apple Pay on your Mac in your iPhone's preferences. Go to "Wallet & Apple Pay" and uncheck "Allow payments on Mac". Further information on data protection at Apple Pay can be found at the following Internet address: https://support.apple.com/de-de/HT203027
PayIf you choose the payment method "Google Pay" of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), payment is processed via the "Google Pay" application of your mobile device operated with at least Android 4.4 ("KitKat") and having an NFC function by the Charging a payment card or a payment system verified with Google Pay (e.g. PayPal). For the release of a payment via Google Pay in the amount of more than 25, - € the previous unlocking of your mobile device by the respective set up verification measure (such as facial recognition, password, fingerprint or pattern) is required. For the purpose of payment processing, your information provided during the ordering process, together with the information about your order, will be passed on to Google. Google then transmits your payment information stored in Google Pay in the form of a one-time transaction number to the originating website, which is used to verify a payment made. This transaction number does not contain any information about the real payment data of your payment methods stored with Google Pay, but is created and transmitted as a one-time numeric token. For all transactions via Google Pay, Google only acts as an intermediary to process the payment process. The transaction is carried out exclusively in the relationship between the user and the originating website by debiting the means of payment stored with Google Pay.If personal data is processed during the described transmissions, the processing takes place exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR. Google reserves the right to collect, store and evaluate certain transaction-specific information for each transaction made via Google Pay. This includes the date, time and amount of the transaction, merchant location and description, a description provided by the merchant of the goods or services purchased, photos you attached to the transaction, the name and email address of the seller and buyer or the sender and recipient, the payment method used, your description of the reason for the transaction and, if applicable, the offer associated with the transaction.According to Google, this processing takes place. exclusively in accordance with Art. 6 (1) (f) GDPR on the basis of the legitimate interest in proper accounting, the verification of transaction data and the optimization and maintenance of the Google Pay service.Google also reserves the right to merge the processed transaction data with other information collected and stored by Google when using other Google services. The terms of use of Google Pay can be found here: https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Further information on data protection at Google Pay can be found at the following Internet address: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
StripeIf you choose a payment method from the payment service provider Stripe, payment is processed by the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will provide your information provided during the ordering process together with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 para. 1 lit. b GDPR. Further information on Stripe's data protection can be found at the URL https://stripe.com/de/privacy#translation. Stripe reserves the right to carry out a credit check on the basis of mathematical-statistical procedures in order to safeguard the legitimate interest in determining the solvency of the user. Stripe may transmit the personal data necessary for a credit check and received in the context of payment processing to selected credit agencies, which Stripe discloses to users upon request. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Among other things, but not exclusively, address data is included in the calculation of the score values. Stripe uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the right to use the selected payment method.You can object to this processing of your data at any time by sending a message to Stripe or the commissioned credit agencies. However, Stripe may still be entitled to process your personal data if this is necessary for contractual payment processing.
MatomoCertain user information is collected and stored on this website using the web analysis service software Matomo (www.matomo.org), a service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand ("Matomo"). From this information, pseudonymised user profiles can be created and evaluated. The information collected with Matomo technology (including your pseudonymised IP address) is processed on our servers. This website uses Matomo exclusively without the use of cookies, which means that Matomo does not set cookies on your device at any time. All processing described above, in particular the reading of information on the terminal device used, will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website
7.1 The applicable data protection law grants you comprehensive data subject rights vis-à-vis the controller with regard to the processing of your personal data, about which we inform you below:
7.2 Right to object
If your personal data is processed on the basis of our overriding interest, you have the right at any time to object to this processing with effect for the future. However, we reserve the right to further processing if there are compelling reasons for further processing.
To optimize your healthcare and provide more personalized medical recommendations, we may share certain health data with healthcare providers such as doctors, clinics, and other medical institutions. Additionally, we want to inform you that we may also share your data with other trusted partners who assist us in conducting business operations, delivering our services, or enhancing your experience. These third-party partners are contractually obligated to maintain the confidentiality and security of your information and may use this data exclusively for the specific services we have commissioned them to perform. Any use of your data for other purposes is strictly prohibited to ensure that your privacy is always protected.
By sharing these data with selected partners, we ensure seamless and efficient service delivery and maintain a high level of data privacy and security. Below is an overview of the types of data that may be shared and their significance:
By integrating these data into your healthcare management, we aim to provide a more comprehensive understanding of your health status and support the delivery of personalized medical care. We place great emphasis on protecting your data and use it solely in your best interest and within the intended scope.
The duration of the storage of personal data is determined on the basis of the respective legal basis, the processing purpose and the respective statutory retention period (e.g. medical, corporate and tax retention periods).
When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a GDPR, this data will be stored until the data subject revokes his consent. Personal data will be stored in your account until you delete this data or ask us to do so. Printouts of the data are automatically destroyed after one year of storage.
If there are statutory retention periods for data that are processed within the framework of contractual or quasi-contractual obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after expiry of the retention periods, provided that they are no longer required for the fulfilment or initiation of the contract and/or there is no legitimate interest on our part in further storage.
When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data will be stored until the data subject exercises his right of objection pursuant to Art. 21 para. 2 GDPR.
Translations of this policy into languages other than German are provided for convenience only.
This cookie policy has been created and updated by the Cookie Consent Tool.