No content results match your keyword.
Content
You have successfully logged out.
Not registered yet?
No content results match your keyword.
Content
No product results match your keyword.
Products
Privacy Policy
The following privacy policiy applies to your use of the software application ForPatientApp.
Data protection is important to us, and we take it very seriously. We rely on a trusting cooperation with you and strive in every respect to completely satisfy you - this of course also applies to the handling of your personal data.
With this information on data protection, we inform you in accordance with the requirements of Article 13 of the General Data Protection Regulation (GDPR) about the processing of your personal data through registration on the ForPatientApp platform by your clinic and about the rights to which you are entitled. We process your personal data only on the basis of a legal permission or your consent (Art. 6 para. 1 lit. a GDPR) in compliance with the data protection laws of the Federal Republic of Germany and the European Data Protection Regulation (GDPR). Your consent to the processing can be revoked at any time with effect for the future.
Personal data is all data that can be related to you personally, for example, name, address, e-mail addresses, user behavior. With this Privacy Policy, we would like to inform you about how your personal data is processed when using the ForPatientApp. Our data protection declaration supplements the Terms of Use of the ForPatientApp.
Compliance with data protection regulations is monitored by the clinic's data protection officer. The app administrators have been trained in the handling of personal data and have been obligated to comply with data protection regulations.
In the course of the further development of our apps and the implementation of new legal requirements and new technologies or to improve our service for you, changes to this data protection declaration may become necessary.
1.1. Name And Address Of The Data Controller
The clinic on whose platform you registered and from which you have received a registration code is responsible. (Hereinafter referred to as the “clinic” or “we”)
1.2. Name And Address Of The App Owner
B. Braun SE
Carl-Braun-Straße 1
34212 Melsungen
Germany
and affiliated companies (Hereinafter “B. Braun”)
1.3. Name And Address Of The App Developer
Liquid State Pty Ltd.
11/96 Cleveland Street,
Greenslopes,
Queensland 4151
AUSTRALIA
(Hereinafter “Liquid State”)
When you download the ForPatientApp, you will transfer the required information to the app store you are using, in particular your username, email address and customer number for your account, time of the download, payment information and your individual device identifier. The clinic and B. Braun have no influence on this data gathering and are not responsible for it. FPA processes the data only to the degree that it is necessary to download the app to your mobile end-user device. Please therefore become familiar with the respective operator’s data protection declaration in the app store about working with your personal data.
This app accompanies you in the preparation before as well as in the time after a surgical intervention. In this app you will find information about your surgery, the time before and after. This is to keep you as well informed as possible about the course of your treatment. Your treating clinic can see which phase of the patient journey you are in. In addition, your clinic can, for example, ask digital queries about your state of health in relation to your treatment before and after the intervention. The results of the queries are transmitted digitally to the clinic and processed for scientific purposes and the continuous confirmation of the high product quality. However, it is not possible to draw any conclusions about your person.
Within the app, you will see information about your surgery, about your preparation for surgery, and about the time until rehabilitation. In addition, the app offers the possibility for your clinic to send you digital queries about your health status via questionnaires (scores). You will be asked to complete the digital questionnaires. The results of the questionnaires can be viewed by your treatment team in the software belonging to the app in the clinic. For this, the treatment team must log into the software via a password. The selection of the queries is up to your clinic. As a rule, you fill out questionnaires via the app that you would otherwise receive in paper form from your clinic. Through the app and platform, the clinic has the benefit of having all the required data digitally collected and stored in your profile. The answers from the questionnaires, as well as the data that you and the clinic have stored during registration (first name, last name, date of birth, surgical intervention, email address, and mobile phone number), help your clinic to assess your health status.
When you use the ForPatientApp, we collect the following data that is technically necessary for us to be able to offer you the functions of the app and to ensure its stability and security:
Our legal basis for processing your personal data lies in our previously described (functions of the app, stability, and security) legitimate interest (Art. 6 para. 1 lit. a GDPR in conjunction with Art. 9 para. 2 lit. a GDPR).
In order to use the app, the clinic will register you in the platform. This is only possible on the basis of your voluntary consent, which is therefore obtained in advance via the clinic. Only then will the clinic enter the following information into the platform as part of the initial registration: First name, last name, email address, mobile phone number, surgical intervention, surgery date, and optional data if required (address, date of birth, gender). You will then receive an access code by email, which you can use to log in to the app. When you log in, your access code, your e-mail address and a password are required to protect your app. You assign the password yourself and it must be at least 8 characters long, contain at least one capital letter and one number. No spaces are allowed. Before you can use the app, you must accept the Terms of Use and the Privacy Policy. Optionally, you can agree to the analysis of usage behavior.
After successful registration, the functions of the app are available to you.
Your personal data will be processed in the context of using the ForPatientApp based on your voluntary consent (Art. 6 para.1 lit. a and 9 para. 2 lit. a GDPR). You can revoke your consent at any time with effect for the future.
All your data provided in the profile (first name, last name, date of birth, surgical intervention, email address and mobile phone number) and possible optional data (e.g., address, date of birth or gender) are hosted in encrypted form on data servers of Liquid State after initial registration. Liquid State uses Amazon Web Services, Inc. for storage on servers. Your data is stored exclusively in encrypted form on servers within the Federal Republic of Germany (Frankfurt am Main). A transfer to third countries, for example in the context of a cloud computing service, is explicitly excluded. This guarantees a high level of data protection.
In order to provide you with all app functionalities, external service providers are used. These are carefully selected and commissioned in writing. Insofar as the processed data is personal data, appropriate contractual agreements and organizational measures have been made with these service providers in accordance with applicable law to ensure the security of your personal data. They process personal data exclusively in accordance with instructions (data processing agreements) and as described in this data protection declaration. In addition, regular monitoring of the service providers takes place. The service providers will also not disclose your data to third parties, unless there are legal obligations to disclose data in this regard.
The external service providers are:
| Name | Purpose | Headquarters | Location of Service Provision |
|---|---|---|---|
Liquid State Pty. Ltd. | App developer, data hosting, support | Brisbane, Australia | Australia |
B. Braun SE | App provider | Melsungen, Germany | Europe |
Amazon Web Services, Inc. | Data storage, server provider, authentification | Seattle, Washington, USA | Europe |
Mixpanel, Inc. | App tracking | San Francisco, California, USA | Europe |
OneSignal, Inc. | Sending push notifications | San Mateo, California, USA | Europe |
The pseudonymized data is deleted from the system whichever occurs first:
For the deletion of your data, please inform the clinic. Alternatively, you can request deletion of the data directly via the app in the settings. The clinic as the responsible party enters the request for deletion in the platform. As the app provider, B. Braun automatically receives information about this. This information contains only your pseudonym, so that B. Braun cannot establish any personal reference. B. Braun forwards the request via the platform to the app developer (Liquid State). The latter processes the request and implements the deletion. Deletion will be replaced by blocking if deletion cannot take place for reasons specified by law.
The personal data from the user authentication record (UAR), which is used for registration/login and contains the user's e-mail address, is permanently deleted. The personal data from the user profile (UP), which contains encrypted demographic data of the user, is permanently deleted. Upon deletion, the UAR and UP data will be immediately and permanently deleted, but the encrypted UP data may be retained in database backups for up to 14 days prior to final deletion. All other stored data, such as form input, is pseudonymized to limit the storage of personal data. An exception to this is uncontrolled free-text responses that the user enters the solution's forms and questionnaires. Deletion of personal data collected in free text responses is the responsibility of the issuing clinic.
The following diagram shows the process flow of the request:
You always have the right to:
Objection To Processing On The Basis Of Legitimate Interest
You also have the right to object at any time to the processing of your personal data based on the exercise of legitimate interests (Article 6(1)(f) GDPR). As a result, the processing of your data will be terminated, unless legal requirements or interests worthy of protection in a continuation of the processing are opposed to this. This is the case, for example, if personal data is still required to be able to enforce legal claims, if necessary.
Right Of Appeal To The Supervisory Authorities
Without prejudice to any other administrative or judicial remedies, you have the right to lodge a complaint with a data protection supervisory authority. You can contact the data protection supervisory authority at your usual place of residence, or any other data protection supervisory authority.
If you have any questions regarding processing your personal data, you can contact the clinic Data Protection Officer or his team directly. They are also available in cases of requests for information, applications or complaints.
In addition to data protection, data security is also very important to us. Our high standard for IT security includes numerous measures: All communication between the app and the backend system takes place via SSL encryption. The data stored in the backend system is also encrypted. The backend system itself is set up in accordance with the clinic's security concept, which is also applied to the clinic's other systems. In addition, there are, among other things, physical protection measures and organizational protection measures such as access only for responsible employees. Your personal data is thus protected against unauthorized access.
You can and must also contribute to data security yourself. You must choose a password that is at least 8 characters long and must contain at least one capital letter and one number.
We would like to point out that data transmission on the Internet (e.g., communication by e-mail) can have security leaks. We try to protect your data from unauthorized access by third parties by taking precautions such as pseudonymization, data minimization, compliance with deletion periods and considering the current state of technology. Despite these protective measures, however, we cannot completely rule out unlawful processing by third parties.
Despite the security measures implemented by us, we would like to point out that these external service providers operate in countries with a lower level of data protection than in the EU. As a result, it is possible that your rights as a data subject according to the GDPR (6) may be restricted or not enforced at all and that there may be a possible loss of control over your data due to extensive monitoring options on the part of the authorities.
The apps can contain links to third-party websites. The clinic has no influence on these. You leave the clinic area of responsibility after clicking on such a link.
We use analytics technology from Mixpanel Inc. (www.mixpanel.com) to track app user behavior. This provides collection and storage of usage data via an assigned user ID (“pseudonym”). We use this analysis to optimize our app’s usability and continuously improve it for you. The data are not used to identify visitors to this app and are not compared to other data relating to the owner of a pseudonym. The legal basis for this processing is your voluntary consent when registering which you must give within the app for tracking. You can also revoke your consent to tracking for your device at any time at the following Internet address: https://mixpanel.com/optout/
You can find details on Mixpanel Analytics’ English data protection provisions at: https://mixpanel.com/legal/privacy-policy/.
You can access this data protection declaration in the app under 'settings’.
Date created: 13/04/2023
Your feedback matters! Participate in our customer survey to help us enhance our website, products and services. Thank you for your support!