1. What are Personal Data?

Personal data are any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Personal data includes e.g.name, email address or telephone number. Personal data also includes information about hobbies, memberships or websites viewed by someone else. Personal data includes e.g. name, email address or telephone number. Personal data also includes information about hobbies, memberships or websites viewed.

We will only collect, use and/or pass on personal data if this is permitted by law or if the User consents to the data processing. Consent of the data subject means any freely given, specific, informed and unambiguous indication of the person’s (data subject) wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. Applicable legal provisions are in particular those of the regulation (EU)2016/679 of the European Parliament and Council of 27 April 2016, repealing the directive 95/46/EC, on the protection of individuals with regard to the processing of personal data, on the free movement of such data (“General Data Protection Regulation”, GDPR) as well as in the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the German Telemedia Act (Telemediengesetz, TMG).

  1. How are my Data processed when visiting the Website and you contact us?

Visiting the Website

If you browse our website www.medicus.ai the provider of the website collects and stores information automatically in so-called “server-log-files” that your browser transfers to us. These are:

time of the server request and server request. We do not save your IP address.

We use these data only for statistical analysis for the purpose of operation, security and optimization of our Website. However, we reserve the right to check these data retrospectively if there is a justified suspicion of illegal use based on concrete indications. These data is then stored because this is the only way to prevent the misuse of our Website and, if necessary, allow us to investigate any crimes committed. The storage of these data is necessary in order to protect us as the person responsible for processing the data. As a matter of principle, these data will not be passed on to third parties unless there is a legal obligation to pass it on or the transfer of data serves criminal prosecution purposes. This data processing is based on Art. 6 (1) f. GDPR or TMG and we wish to achieve the legitimate interests of stabilizing and improving our Website, quality insurance and fraud prevention.

  1. How are my Data processed when using the Medicus App?

Registration for the Medicus App

We will use your submitted data when/after downloading the Medicus App (such as your device ID) to implement this privacy policy and the Terms of Service and carrying out the contractual relationship based on Art. 6 (1) b. GDPR or §§ 14, 15 TMG.

Contacting us / Feedback through the Medicus App

When contacting us via the ‘feedback’ button in the Medicus App or by email, the User’s details are stored for the purpose of processing the enquiry and, if applicable, follow-up questions based on Art. 6 (1) b. GDPR.

Further Use of Data

We may contact you via email if you send us a request as well as for purposes related to the use of the Service based on Art. 6 (1) b. GDPR or §§ 14, 15 TMG. We also use the information collected in order to improve and analyze your use of our Service based on §§ 14, 15 TMG, Art. 6 (1) b. and f. GDPR) and to ensure the technical functionality of our services fulfillment of contractual or pre-contractual obligations (based on §§ 14, 15TMG or Art. 6 (1) b. GDPR and as otherwise explained in this privacy policy. Regarding the data processing based on Art. 6 (1) f. GDPR we wish to achieve the legitimate interests of quality insurance, marketing and fraud prevention.

Health Data for the Use of the Medicus App

For the use of the Medicus App you may enter certain biometric data, such as:

height, weight, age

For the further use of the Medicus App you may enter more medical data depending on the way of use of our Service, such as:

medical history details, test results, information about lifestyle, conditions, medications taken, etc.

You may change and delete these data any time within Medicus App. All biometric, medical and further entered data will stay on the respective device of the User and will not be transferred to our servers or any third party. Therefore, these data are only stored, processed and used on the respective device used and are not transferred to Medicus or any other third party, except as set forth in this privacy policy (see “Use of Scanning Services” below). If such data are considered personal data, Medicus may process those data based on Art. 6(1) b. or f. GDPR or for health data Art. 9 (2) b. GDPR with your explicit consent. You have the option to download any entered and personal data in a structured, current and machine-readable format from within the Medicus App at any time.

 

  1. What Third Party Services, Cookies, Analytics and Social Plugins does the Website and Medicus App use?

Cookies

In order to offer you a convenient online service featuring numerous functions, our Website uses text files (“Cookies”) containing information to identify returning visitors for the time of their visit to our Website. Cookies are usually saved on your device and do not cause any harm. Cookies facilitate the transfer of specific content, such as entering data, which has already been supplied, and help us identify popular sections of our Website. The processing of data when using Cookies is based on our legitimate interests of a statistical analysis of the User relationship for marketing and quality assurance purposes according to Art. 6 (1) f. GDPR or TMG.

OPT-OUT: You can deactivate the use of Cookies in the settings of your browser at any time. To find out how to change the settings, please consult the help function of your browser. Users may also deactivate and manage a lot of online Cookies by different businesses on the US-web site http://www.aboutads.info/choices/ or the EU-web site http://www.youronlinechoices.com/uk/your-ad-choices/. However, we want to point out that without Cookies the use and comfort of use of our services may be restricted.

Use of Google Firebase for the Medicus App

In order to track information related to the use of the Medicus App we use the tool “Google Firebase”, a real-time database offered by Firebase Inc., 22 4th St. Suite 1000 (10th Floor), San Francisco, CA94103, USA (“Firebase”), a company related to Google LLC, Mountain View, CA, USA (“Google”). Google Firebase is a real-time database, which may embed real-time information on our Medicus App. Data (such as device information, gender, age) are hereby only transferred and used in anonymized form to Firebase to servers that are for example located in the USA. If the IP address is not anonymized (which should not be the case) the processing of data is based on our legitimate interests of a statistical analysis of the User relationship for marketing and quality assurance purposes according to Art.6 (1) f. GDPR. Google LLC, USA is certified according to the EU-US agreement “Privacy Shield”, which guarantees the level of data protection applicable in the EU. The data processed by Google may be affected by an automated decisionmaking via “profiling”. The privacy policy for Firebase is available athttps://www.firebase.com/terms/privacy-policy.html. The privacy policy of Google is available at https://policies.google.com/privacy?hl=de.

Use of Google Fabric for the Medicus App

We use “Fabric”, a software-related crash reporting, analytics and monitoring service offered by Google LLC, Mountain View, CA, USA. Fabric uses User’s data for the purpose of stabilizing our Service via creating and analyzing crash-reporting as well as analyzing and monitoring user behavior in order to optimize our Service. Data collected are transferred and used by Fabric and send to servers located in the USA. If the data are not anonymized the processing of data is based on our legitimate interests of a statistical analysis of the User relationship quality assurance purposes according to Art. 6 (1) f. GDPR. Google LLC, USA is certified according to the EU-US agreement “privacy shield”, which guarantees the level of data protection applicable in the EU.

The data processed by Google may be affected by an automated decisionmaking via “profiling”. The terms of Fabric are available athttps://fabric.io/terms?locale=en-us&utm_campaign=fabric-marketing&utm_medium=natural. The privacy policy of Google is available athttps://policies.google.com/privacy?hl=de.

 

  1. Are my Data transferred to Third Parties? Are my data transferred outside the EU?

We will transfer your personal data to a third party only within the scope of legal provisions, i.e. if we are obliged to transfer the data due to a government or court order, or, if applicable, legal provisions authorize the transfer or if you give your explicit consent. Your data may be transferred outside the EU as follows:

Medicus Group and Cloudappers FZ-LLC

When using our Service, your data may be transferred outside the EU to the controllers of the Medicus Group as set forth above and to CloudAppersFZ-LLC, Dubai Media City Blg. 8, 523 Dubai, UAE, registration number 16778. All companies belonging to Medicus as well as CloudAppers FZ-LLC have agreed to comply with data protection standards applicable in the EU via EU standard contractual clauses.

Use of Google Firebase and Fabric

Your data may be transferred to Google Firebase and Google Fabric as set forth above.

Use of Scanning Services; Consent

In the event you choose to use our ‘scanning service’ via the Medicus App your data will be transferred to our scanning team with your explicit consent for the purpose of the scanning service only based on Art. 6 (1) a. GDPR or Art. 9 (2) a. GDPR. The use of the scanning service is optional for each User. For convenience purposes, you may choose the option to upload your medical reports and/or related data (“Report Data”) instead of typing these data in the Medicus App yourself. After you have clicked the button ‘I agree’ within the Medicus App the Report Data provided for scanning within the Medicus App will be uploaded and transferred to the Google Cloud located on servers in Belgium. CloudAppers FZ-LLC, our employees and/or freelancers, also located outside the European Union (EU) and/or the European Economic Area (EEA) will then be able to access those Report Data through the Google Cloud, extract and verify those data and safe them in the Google Cloud with your explicit consent. You may access those Report Data through the Medicus App without having to type in those Report Data one by one. After the Report Data have been typed in, uploaded again to the Google Cloud and received by the respective User on his/her device, all Report Data will be deleted from our servers (Google, Belgium).

The scanning service uses an SSL connection. System logins by our employees and/or freelancers also located outside the EU/EEA include a 2-factor authentication to ensure that only verified persons may gain access.

Via clicking the button ‘I agree’ you give your explicit consent to use your uploaded medical reports and related data for the purpose of our scanning service based on Art. 6 (1) a. GDPR. This means you give your consent to (i) transferring and saving, processing and using those data in the cloud (Google, Belgium) on behalf of Medicus AI GmbH, (ii) displaying those data to our employees and/or freelancers also located outside the EU/EEA, who will then use this data to extract and verify and send the data back to the cloud server and to your account.

The use of this service is optional, you may also type in your data by yourself. You may receive information about such data and withdraw your consent for sending such data for the future anytime, for example, via email to: dataprivacy@medicus.ai. We will delete such data after we have provided them to you in the Medicus App. For further information please refer to our privacy policy.

Instead of using those scanning services you may also type in those Report Data yourself without uploading any reports, data and/or information. We will delete such data after we have provided them to you in the MedicusApp.

OPT-OUT: You may withdraw your consent in regard to the use, processing and transfer of these Report Data (of there are considered personal data) anytime via notice to us, for example via email to hello@medicus.ai. In the event of withdrawing your consent, if not already done so, we will delete your data stored without hesitation.