Privacy Policy for the Preventicus App Heartbeats

The protection of your personal data is important to us, especially with regard to the protection of your personal rights if it comes to our data processing of your data with the App Heartbeats. With the provisions of this data protection declaration, PREVENTICUS also wishes to ensure the confidentiality of your data entrusted to us under strict compliance of the applicable laws.

The Controller within the meaning of the Data Protection Act is the Preventicus GmbH, located at Tatzendpromenade 2, 07745 Jena.

In using our Services, you consent to the processing of your health and user data as described herein.

What we collect

With Heartbeats, you can measure your pulse and document it with your smartphone and with the app. With the information thus provided, Heartbeats can automatically detect and classify cardiac arrhythmias (e.g. atrial fibrillation) as far as sufficiently accurate and valid measurement series were provided (“health data”).

In order to classify the measurement results, other sensor data of your smartphone are used as well, for example to take into account vibrations affecting the measurement. In addition, your year of birth and gender help to classify the results.

We do not collect your name or other contact information, but save your data without name (pseudonym) on our systems. Processing shall be performed exclusively on servers in Germany.

However, you have the option to enter your first and last name in the full version of the app. This appears in the PDF report generated on your device and is used to assist you in passing on to your doctor. You yourself can also use a free-text field to store the occasion of the measurement and/or symptoms (stress level, skipped heartbeats, dizziness, shortness of breath, chest pain).

In addition, we may collect and store generated crash reports and other statistical usage data about the use of the app pseudonymous.

We commissioned the App Analysis service Adjust (adjust GmbH, Saarbrücker Str. 38a, 10405 Berlin) with that task. The Adjust service has been tested and certified according to the ePrivacyseal (European Seal for Your Privacy). Adjust connects IP address, other information from the user agent string and an application-specific addition to a concatenated string. This string is only used to collect usage data about the function and use of the app from our customers (“usage data”).

What we do with that data

We analyze these usage data by creating anonymous evaluations and graphs regarding the number of visits, the number of pages accessed per user, and so on.

The analyzes are used exclusively for the purpose of market research, as well as for the optimization of the app. It is not possible to identify a person (usage data).

Your measurements and usage data are stored on our servers for the purpose of continually expanding and improving the app and measuring systems.

Preventicus may also process, use or publish anonymized data for scientific and statistical purposes. Such anonymized data lacks any personal reference.

The health data of the Heartbeats app stored in our system cannot identify you as person. This data is not merged with other data and data sources.

Therefore we do not provide any personal data of you to third parties.

It is left to you own discretion to transmit the analyses generated by the app to third-parties. For example, you can use one of the technical partner of PREVENTICUS, like a telecare center. In this regard, please observe Article 6 of the General Terms and Conditions governing the “Telecare-Center” package.

Data processing using the full version for payment processing

If you want to use the full version, only your app-store operator will process your payment data.

Your contact and payment data will not be transmitted to us. Please refer to the privacy policy and terms of use of your app-store operator, Apple App Store and Google Play.

Consent and Revocation

When you consent to the terms and conditions of this declaration, you are agreeing to the regulated use of your personal data.

You can consent or refuse by clicking or not clicking on the corresponding box below the reference to these terms and conditions or by accepting the General Terms and Conditions of the Telecare Center Services. The user can access its contents at any time in the settings menu under Terms of Use.

You have the right to revoke your consent at any time and thereby have your account, along with your personal data, deleted.

How you can assert your rights against us

You may request free information about the scope, the origin and the recipients of the stored data as well as the purpose of the storage. In addition, you may at any time request that incorrect data to be corrected.

For information about your personal data or other questions concerning data protection, please contact data protection @ preventicus.com

You may also request the deletion of your data via this contact address if we are not obliged by law to keep them.

Data security

We restrict access to the data to those employees and third parties who need access to the service in order to accomplish their task.

In order to protect your data, we maintain appropriate physical, electronic and procedural security, devices such as firewalls, individual passwords, encryption and authentication techniques; In addition, we will take all other necessary and reasonable administrative, organizational, technical, personal and physical measures to protect the data against unauthorized or unlawful processing and use, accidental destruction, destruction or damage, theft or alteration, and to ensure your integrity.

Please note that data transmitted via an open network, such as the Internet or via e-mail, can be accessible to everyone. We cannot guarantee the confidentiality of communications and information transmitted through such an open network, and are therefore not responsible either.

General information

Please note that PREVENTICUS uses encryption software that can be subject to export controls.

The site may contain links to websites or materials not operated by PREVENTICUS. Such websites are not subject to this privacy policy, and PREVENTICUS assumes no responsibility whatsoever for the content and correctness of these websites or for the rules applied there to the processing of personal data and information. Access to such websites is at your own risk. We recommend that you review the TOS and review the privacy policies used by these websites to protect your personal data and information there, and whether those sites are trustworthy.

The present data protection regulations are adhere to German law. Disputes arising out of or in connection with the present data protection regulations are subject to the exclusive jurisdiction of the courts in Jena, Germany. You agree to this Agreement of Jurisdiction and waive the objection to the jurisdiction.

Change reservation

Preventicus is entitled to amend the data protection policy at any time, in particular to adapt changes in the legal situation by law or jurisprudence. The latest version can be viewed here. Changes to the privacy policy will be effective on the day of their publication on the PREVENTICUS website or in the App.

Jena, May 22. 2017