Personal data are any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. Personal data includes e.g.name, email address or telephone number. Personal data also includes information about hobbies, memberships or websites viewed by someone else. Personal data includes e.g. name, email address or telephone number. Personal data also includes information about hobbies, memberships or websites viewed.
We will only collect, use and/or pass on personal data if this is permitted by law or if the User consents to the data processing. Consent of the data subject means any freely given, specific, informed and unambiguous indication of the person’s (data subject) wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. Applicable legal provisions are in particular those of the regulation (EU)2016/679 of the European Parliament and Council of 27 April 2016, repealing the directive 95/46/EC, on the protection of individuals with regard to the processing of personal data, on the free movement of such data (“General Data Protection Regulation”, GDPR) as well as in the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the German Telemedia Act (Telemediengesetz, TMG).
Visiting the Website
If you browse our website www.medicus.ai the provider of the website collects and stores information automatically in so-called “server-log-files” that your browser transfers to us. These are:
time of the server request and server request. We do not save your IP address.
We use these data only for statistical analysis for the purpose of operation, security and optimization of our Website. However, we reserve the right to check these data retrospectively if there is a justified suspicion of illegal use based on concrete indications. These data is then stored because this is the only way to prevent the misuse of our Website and, if necessary, allow us to investigate any crimes committed. The storage of these data is necessary in order to protect us as the person responsible for processing the data. As a matter of principle, these data will not be passed on to third parties unless there is a legal obligation to pass it on or the transfer of data serves criminal prosecution purposes. This data processing is based on Art. 6 (1) f. GDPR or TMG and we wish to achieve the legitimate interests of stabilizing and improving our Website, quality insurance and fraud prevention.
Registration for the Medicus App
Contacting us / Feedback through the Medicus App
When contacting us via the ‘feedback’ button in the Medicus App or by email, the User’s details are stored for the purpose of processing the enquiry and, if applicable, follow-up questions based on Art. 6 (1) b. GDPR.
Further Use of Data
Health Data for the Use of the Medicus App
For the use of the Medicus App you may enter certain biometric data, such as:
height, weight, age
For the further use of the Medicus App you may enter more medical data depending on the way of use of our Service, such as:
medical history details, test results, information about lifestyle, conditions, medications taken, etc.
In order to offer you a convenient online service featuring numerous functions, our Website uses text files (“Cookies”) containing information to identify returning visitors for the time of their visit to our Website. Cookies are usually saved on your device and do not cause any harm. Cookies facilitate the transfer of specific content, such as entering data, which has already been supplied, and help us identify popular sections of our Website. The processing of data when using Cookies is based on our legitimate interests of a statistical analysis of the User relationship for marketing and quality assurance purposes according to Art. 6 (1) f. GDPR or TMG.
Use of Google Firebase for the Medicus App
Use of Google Fabric for the Medicus App
We use “Fabric”, a software-related crash reporting, analytics and monitoring service offered by Google LLC, Mountain View, CA, USA. Fabric uses User’s data for the purpose of stabilizing our Service via creating and analyzing crash-reporting as well as analyzing and monitoring user behavior in order to optimize our Service. Data collected are transferred and used by Fabric and send to servers located in the USA. If the data are not anonymized the processing of data is based on our legitimate interests of a statistical analysis of the User relationship quality assurance purposes according to Art. 6 (1) f. GDPR. Google LLC, USA is certified according to the EU-US agreement “privacy shield”, which guarantees the level of data protection applicable in the EU.
We will transfer your personal data to a third party only within the scope of legal provisions, i.e. if we are obliged to transfer the data due to a government or court order, or, if applicable, legal provisions authorize the transfer or if you give your explicit consent. Your data may be transferred outside the EU as follows:
Medicus Group and Cloudappers FZ-LLC
When using our Service, your data may be transferred outside the EU to the controllers of the Medicus Group as set forth above and to CloudAppersFZ-LLC, Dubai Media City Blg. 8, 523 Dubai, UAE, registration number 16778. All companies belonging to Medicus as well as CloudAppers FZ-LLC have agreed to comply with data protection standards applicable in the EU via EU standard contractual clauses.
Use of Google Firebase and Fabric
Your data may be transferred to Google Firebase and Google Fabric as set forth above.
Use of Scanning Services; Consent
In the event you choose to use our ‘scanning service’ via the Medicus App your data will be transferred to our scanning team with your explicit consent for the purpose of the scanning service only based on Art. 6 (1) a. GDPR or Art. 9 (2) a. GDPR. The use of the scanning service is optional for each User. For convenience purposes, you may choose the option to upload your medical reports and/or related data (“Report Data”) instead of typing these data in the Medicus App yourself. After you have clicked the button ‘I agree’ within the Medicus App the Report Data provided for scanning within the Medicus App will be uploaded and transferred to the Google Cloud located on servers in Belgium. CloudAppers FZ-LLC, our employees and/or freelancers, also located outside the European Union (EU) and/or the European Economic Area (EEA) will then be able to access those Report Data through the Google Cloud, extract and verify those data and safe them in the Google Cloud with your explicit consent. You may access those Report Data through the Medicus App without having to type in those Report Data one by one. After the Report Data have been typed in, uploaded again to the Google Cloud and received by the respective User on his/her device, all Report Data will be deleted from our servers (Google, Belgium).
The scanning service uses an SSL connection. System logins by our employees and/or freelancers also located outside the EU/EEA include a 2-factor authentication to ensure that only verified persons may gain access.
Via clicking the button ‘I agree’ you give your explicit consent to use your uploaded medical reports and related data for the purpose of our scanning service based on Art. 6 (1) a. GDPR. This means you give your consent to (i) transferring and saving, processing and using those data in the cloud (Google, Belgium) on behalf of Medicus AI GmbH, (ii) displaying those data to our employees and/or freelancers also located outside the EU/EEA, who will then use this data to extract and verify and send the data back to the cloud server and to your account.
Instead of using those scanning services you may also type in those Report Data yourself without uploading any reports, data and/or information. We will delete such data after we have provided them to you in the MedicusApp.
OPT-OUT: You may withdraw your consent in regard to the use, processing and transfer of these Report Data (of there are considered personal data) anytime via notice to us, for example via email to email@example.com. In the event of withdrawing your consent, if not already done so, we will delete your data stored without hesitation.