This privacy policy describes the collection and use of personal data in connection with the use of our website https://www.doctorly.de/ ("Website") in accordance with the requirements of the General Data Protection Regulation ("GDPR"). Processing activities that are not covered by this data protection declaration may be supplemented by further data protection declarations, which must be observed separately.
The responsible person in the sense of the GDPR is:
doctorly GmbH ("doctorly"/”we”/“us“)
Richardstraße 85/86
12043 Berlin
Germany
We have appointed an external data protection officer through Simpliant. Simpliant advises us as an external data protection officer and on the implementation and maintenance of our data protection management system. For more information about Simpliant, please visit https://simpliant.eu/.
You can reach our appointed data protection officer
doctorly GmbH
- Data Protection Officer -
Richardstraße 85/86
12043 Berlin
Germany
You may exercise the following rights:
To exercise your rights, you may contact us by email at dataprotection@doctorly.de.
For identification purposes, please provide the following information:
In individual cases, further information may be required for unique identification. The processing of your request and the identification of your person is based on Art. 6 para. 1 c) GDPR.
You may at any time, pursuant to Art. 77 GDPR in conjunction with § 19 of the German Federal Data Protection Act ("BDSG"), file a complaint with a supervisory authority, e.g. with the competent supervisory authority of the federal state in which you reside or with the authority responsible for us.
We process your personal data in accordance with the provisions of the GDPR and the BDSG.
The legal basis of all our processing activities is based on Art. 6 para. 1 GDPR. You will receive further information in the context of the presentation of the individual processing activities.
We will take all reasonable steps to ensure that your personal data is processed only for the period required by the purpose of processing in each case. If the storage period is not specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage ceases to apply. Personal data will not be deleted if storage is required by law (e.g. § 257 HGB, 147 AO). Furthermore, we may store your personal data until the expiry of the statutory limitation periods (usually 3 years; in individual cases, however, up to 10 years or longer), provided that this is necessary for the assertion, exercise or defense of legal claims.
To protect the security of your data during transmission, we use technical and organizational security measures, in particular the encryption of our website to prevent unauthorized access by third parties. Our security measures are continuously improved and adapted according to technological developments.
We use service providers for the provision of our offers. These service providers act only according to our instructions and are contractually obligated to comply with the provisions of Art. 28 GDPR.
Unless otherwise stated below, your data will not be transferred to a third country outside the European Union. Your personal data will only be transferred to third countries if the requirements of Art. 44-49 GDPR are met, in particular by standard contractual clauses, binding corporate rules or adequacy decisions of the EU Commission.
There is no legal or contractual obligation to provide us with data. However, some services can only be provided if the required data is provided by you. Your personal data will not be used for automated individual decision making including profiling.
Our website offers different areas with different functionalities for the visitor, which are described in more detail below.
When you access our website, information of a general nature is automatically collected. This information, known as server log files, includes:
· IP address
· Name of access provider
· Browser type, browser software version and browser language
· Operating system
· Date and time of access
· Access content
· Amount of data transferred
· Access status (successful transmission/error)
· Website(s) to which access was redirected
· Websites visited
The processing is carried out for the following purposes:
· Ensuring trouble-free connection to the website
· Ensuring smooth use of our website
· Assessment of system security and stability
The processing is carried out pursuant to Art. 6 para. 1 f) GDPR based on our legitimate interest to host the website and to improve and monitor the security, stability and functionality of the website.
The recipient of the data is a technical service provider who is responsible for the operation and maintenance of our website. As a processor on our behalf, the service provider is obliged to process the data only within the scope of our instructions.
As part of the order processing, there is a transfer of data to the USA. There is an adequacy decision of the EU Commission for the USA and the service provider is certified according to the Privacy Framework.
Retention period:
The server log files are deleted after 7 days at the latest.
Our website uses cookies for various processing activities for which your consent is required. In order to obtain and store such consent, we use a so-called "cookie banner." As part of this, a cookie - a small text file - is set on your terminal device to register your selection/consent. For this purpose, we process your IP address, among other things.
The processing is based on our legitimate interest in documenting compliance with the provisions of the GDPR pursuant to Art. 6 para. 1 f) GDPR and to fulfill a legal obligation (including § 25 TTDSG) pursuant to Art. 6 para. 1 c) GDPR.
For more information, see the section "Cookies and third-party tools.”
In order to provide you with the best possible support in the context of using our offers, we offer you the possibility of contacting us in the form of a contact form on the website, by telephone number or by e-mail. In this context, we process your request, your e-mail address and, if applicable, further contents of your request, such as your name or your telephone number.
The data is processed for the implementation of pre-contractual measures (Art. 6 para. 1 b) GDPR). It is also processed to protect our legitimate interests (Art. 6 para. 1 f) GDPR) to provide our customers with an uncomplicated customer service.
The recipients of the data are technical processors. As processors on behalf, the service providers are obliged to process the data only within the scope of our instructions.
In principle, we process your data in the EU or the EEA. However, in the context of commissioned processing, there may be a transfer of data to the USA. The order processing contracts with the service providers contain standard contractual clauses approved by the EU Commission and appropriate safeguards that the data protection obligations are met. Our service provider in the USA is certified in accordance with the Data Privacy Framework.
We delete the data processed in this context as soon as storage is no longer necessary. This is usually after 8 months if the contact does not lead to a contractual relationship.
This website uses cookie-based technology to help us better understand how the website is used. We do this by compiling reports about activity on the website that do not identify specific individuals. Analytics cookies process your IP address and data about usage patterns on our website (e.g. which pages were visited and which buttons were clicked) for this purpose.
The processing is carried out with your consent in accordance with Art. 6 para. 1 a) GDPR.
For more information, see the section "Cookies and third-party tools.”
You have the option of applying to us (especially for open positions). Data about you is usually collected directly from you as part of the application process - on the occasion of your application for a specific job ad or your unsolicited application. In addition, we may also have received data from third parties (e.g. online job boards) if you have applied to us via such a platform. In addition, we may process personal data that we have permissibly obtained from publicly accessible sources (e.g. professional social networks).
In order to accept and evaluate your application and depending on the data you provide, we may process the following personal data:
Any information you submit about yourself, such as:
The processing of the data that you have provided to us as part of the application process is based on Art. 6 para. 1 b), Art. 88 GDPR in conjunction with § 26 para. 1 BDSG.
Only the departments and groups of people directly involved in the recruitment process have access to the data you provide. All employees involved have been obligated to treat your data confidentially.
In addition, the data is processed by service providers (e.g. IT applications or job/recruiting platforms). As processors on behalf, the service providers are obliged to process the data only within the scope of our instructions and on the basis of a data processing agreement pursuant to Art. 28 GDPR or - depending on the use of the service provider - as joint controllers pursuant to the GDPR.
In principle, we process your data in the EU or the EEA. In the context of commissioned processing, data may be transferred to the USA or other countries. For the states to which the data is transferred, there is either an adequacy decision by the EU Commission or standard contractual clauses approved by the EU Commission and, if applicable, obligations to take additional measures are concluded to ensure an adequate level of protection.
If we are unable to offer you a suitable position, the applicant data you submitted will be deleted no later than six months after completion of the application process. Further storage will only take place on the basis of your consent in accordance with Art. 6 para. 1 lit. a) GDPR (e.g. in order to be considered in later application rounds). In the event of employment, we will include the data provided in our personnel file. Invoices for any travel expense reimbursements will be archived in accordance with tax law requirements.
We offer the possibility to make appointments with our sales team to give you a virtual demonstration of our practice management system. In order to make an appointment, we need to process your name, email address, phone number, and any other data you may provide.
The data is processed exclusively on the basis of our legitimate interest in offering efficient communication channels to the public (Art. 6 para. 1 f) GDPR) or on the basis of the initiation of or communication in the context of an existing business relationship (Art. 6 para. 1 b) GDPR).
The recipient of the data is a processor working on our behalf in the United States. For this purpose, we have concluded the necessary data processing agreement in which the service provider is obligated to process the data only in accordance with our instructions.
In principle, we process your data in the EU or the EEA. However, in the context of commissioned processing, there may be a transfer of data to the USA or other countries. Unless there is an adequacy decision by the EU Commission, the order processing contracts with the service providers contain standard contractual clauses approved by the EU Commission and appropriate safeguards that the data protection obligations will be met.
We delete the data processed in this context as soon as storage is no longer necessary.
Our website uses so-called cookies. Cookies do not cause any damage to your device and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your terminal device and in your browser.
Most of the cookies we use are so-called session cookies. These cookies are automatically deleted at the end of the session. The session cookies are used to assign successive page views to individual users who access our website at the same time. Other cookies are stored on your device until you delete them. These cookies allow us to recognize your browser on your next visit.
If personal data is processed, the processing is based on Art. 6 para. 1 a) GDPR.
You can set your browser so that you are informed about the setting of cookies, decide on a case-by-case basis whether to accept them or exclude the acceptance of cookies for certain cases or in general, as well as activate the automatic deletion of cookies when closing the browser. In addition, it is possible to prevent the collection and processing of data generated by cookies in connection with the use of this website by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout.
AWS CloudFront is used to properly deliver the content on our website. AWS CloudFront is a service provided by Amazon Web Services, Inc. which acts as a content delivery network (CDN) on our website.
A CDN helps to provide content of our online offer, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Amazon Web Services, Inc., whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the purposes stated above and to maintain the security and functionality of AWS CloudFront. For more information, please see the AWS CloudFront Privacy Policy: https://aws.amazon.com/de/privacy/.
Calendly is a software that allows companies to organize external meetings. It is a service of Calendly LLC, 1315 Peachtree St NE, Atlanta, GA 30309, United States, which we use for our website. When data is transferred from the EU to third countries, Calendly uses standard contractual clauses approved by the EU Commission for secure transfers. Please note that you are not required to use Calendly to make an appointment with us. You may, if you wish to prevent data transfer to Calendly, LLC, use other contact methods.
To implement a cookie banner we use Cookie Script, a service provided by Objectis Ltd, Laisves st. 60, LT-05120 Vilnius, Lithuania. According to Objectis, no data is transferred to countries outside the EU. When using our website, Cookie Script sets cookies on your terminal device.
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. ("Google"). With your consent to Google services, data may be transferred to the USA. In this case, the data is transferred on the basis of the EU Commission's adequacy decision. For secure data transfer to third countries, especially to the USA, Google has been certified according to the Data Privacy Framework.
Google Analytics uses cookies that enable the website to analyze your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in Ireland and stored there. In principle, IP addresses on our website are automatically anonymized by Google by shortening them. Only in exceptional cases are IP addresses transferred to Google servers in the USA and anonymized there by shortening. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
As an alternative to the browser add-on described above or when visiting our website on mobile devices, you can prevent tracking by Google Analytics on our pages by clicking on this link:
This will install an opt-out cookie on your device and prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.
For more information on the processing of your data, please refer to the provider's privacy policy: https://policies.google.com/privacy?hl=de
In order to ensure the use of Google Analytics on our website, we use Google Tag Manager, an offer from Google, to implement it. This allows us to implement code snippets such as tracking codes or conversion pixels on our website. The Tag Manager records interactions that are made on our website. It then sends these on to the connected tools. The evaluation of your data is not possible with the Tag Manager, but happens in the respective analysis tool (e.g. Google Analytics).
More information about this service can be found here: https://marketingplatform.google.com/intl/de/about/tag-manager/features/.
On our website we use Webflow, a service of Webflow, Inc. Webflow is a software that is used to create websites. Furthermore, it is possible to have the website hosted by Webflow. For secure data transfer to third countries, especially to the USA, Webflow has been certified according to the Data Privacy Framework. More information about the handling of personal data can be found in Webflow's privacy policy: https://webflow.com/legal/privacy.
We have integrated Clarity on our website. Clarity is a service of Microsoft Corporation and provides optimization tools that analyze the behavior and feedback of users of our website through analytics and feedback tools.
Clarity uses cookies and other browser technologies to evaluate user behavior and to recognize users. This information is used, among other things, to compile reports on website activity and to statistically analyze visitor data. Furthermore, Clarity records clicks, mouse movements and scroll heights in order to create so-called heat maps and session replays. In this case, your data is passed on to the operator of Clarity, Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399, United States. The use of Clarity is based on your consent pursuant to Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TTDSG. More details about the processing is described here: https://clarity.microsoft.com
If you consent to this processing, personal data will be transferred to the USA. The data transfer to the USA is based on the adequacy decision of the European Commission. Our service provider is certified according to the Data Privacy Framework.
We use Loom, a service of Loom, Inc. 5214F Diamond Heights Blvd #3391 San Francisco, California 94131 as a video messaging tool. If you consent to this processing, personal data may be transferred to the USA. The data transfer to the USA is based on the adequacy decision of the European Commission. Our service provider is certified according to the Data Privacy Framework.
We operate pages on the following social media channels:
When you visit our social media pages, data is processed both by us and by the respective social media provider as the responsible party.
The respective social media provider assumes the data protection obligations towards you as a user, such as providing information about data processing, and is the contact for your rights. This results from the fact that such a provider has direct access to the relevant information on the social media site and the processing of your data.
Data processing is carried out with your consent or for the purpose of responding to your inquiry (Art. 6 para. 1 a), b) GDPR) or on the basis of legitimate interest in improving services and external presentation (Art. 6 para. f) GDPR).
When using the services, the data may also be processed outside the EU.
We reserve the right to adapt this privacy policy at any time so that it always complies with the current legal requirements or to make changes to our offers in the privacy policy. The current version of the privacy policy applies in each case.
doctorly is supported by the program Investitionsbank Berlin Pro FIT in the development of an open and flexible operating system for the healthcare sector for the purpose of patient-oriented care. The project is co-financed with funds from the European Regional Development Fund (ERDF).
© Copyright 2023 doctorly GmbH.
All rights reserved.
