Privacy policy Blood Pressure DB
1. Data privacy at a glance
Blood Pressure DB is designed to support an individual patient in dealing with diagnosed high blood pressure. For this purpose, BlutdruckDaten allows the recording of blood pressure data and optionally other health data. The data is stored and can be retrieved, furthermore evaluations such as statistics or progress diagrams are created. With the use and storage of data, you consent to the processing. You can revoke this consent at any time. You can also delete the user account directly in the service. In doing so, all stored data will be deleted. You can also retrieve all data directly via the service and make corrections if necessary. Personal data is all data with which you can be personally identified. For detailed information on the subject of data protection, please refer to the following sections of this data protection declaration.
The privacy policy applies to the website and our app for the various operating systems. Since the web app is a part of our website, we have decided to create a common and uniform privacy policy for the website and app for the different operating systems. This should make it easier for you to keep track of.
No collection of data that is not absolutely necessary for the service or its operation (principle of data economy).
It is possible to use the Blood Pressure Data service pseudonymously or anonymously*.
No unsolicited disclosure of data to third parties
We only collect anonymised statistical usage data for the website and app, no so-called "profiling".
*) A date is considered personal if we can assign it to the same person. Of course we assign your data to you, that is the purpose of a user account. However, we cannot infer you directly from a given e-mail address and a freely chosen user name and therefore consider the account to be a pseudonym. You are welcome to use a new e-mail address that has no other connection to you. In the case of guest access, we do not have this information either and regard the use as anonymous. When contacting our servers, we always have your IP address, this is considered personal data. However, we have no way of inferring a person from the IP address.
There are also a few external services that we use. From a data protection point of view, this is all OK and of little concern. But we think you should know:
We use Google Analytics on the website. This is done with IP anonymisation.
We use the VG Wort tracking pixels to enable our authors to participate in the exploitation rights programme.
We use YouTube for videos. So Google knows when you play a video or visit a page that has a video embedded.
We use the Amazon affiliate programme. This means that Amazon knows that the links come from us. Occasionally we also use other affiliate programmes.
The apps for Android and Apple are available via the respective app stores. The operators Google and Apple know when you download and use an app.
We use third-party providers for sending letters and products and processing orders. When purchasing the premium membership as an in-app purchase, the app store operator receives data about the purchase.
We note image views when receiving our Infomail to remove recipients who do not view an email for a long time.
The apps can keep an internal log, which can be transmitted to us. However, this only takes place in consultation and with consent in the specific individual case.
But that's it. For our support, we use tools that run on our servers and to which no third party has access. Even employees only have access to statistical data for use. This also applies to accounting data. These are not stored on an online server.
We welcome questions and feedback on data protection.
Who is responsible for data collection?
The data processing is carried out by the manufacturer. You can find their contact details in the imprint.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a form. This also includes health data that is stored and processed at BlutdruckDaten. Primarily, this is blood pressure data, but you can optionally enter other health-related data.
Other data is automatically collected by our IT systems when you visit the website and use the app. For more information, please refer to the section "Server log files" in Chapter 4.
What data is collected or can be collected in the app?
in each case incl. date and time
username
e-mail address
blood pressure
pulse measurement
measure point
weight
glucose
temperature
input/output
personal notes on measurements
events
medication schedule
What do we use your data for?
Some of the data is collected to ensure error-free provision of the website and app. Other data may be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have a right to request the correction of the deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time at the address given in the imprint with regard to this and other questions on the subject of data protection.
Analysis tools an Third-party analysis tools
When visiting our website, your surfing behaviour can be statistically evaluated. This is done primarily with cookies and so-called analysis programs. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following data protection declaration.
2. hosting
External hosting
The services are hosted by an external service provider (hoster). The personal data collected on this website and in the app is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a service.
The hoster is used for the purpose of contract fulfilment vis-à-vis our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).
Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data. The server is located in Germany.
Further information can be found on the following website of the hoster: https://docs.hetzner.com/de/general/general-terms-and-conditions/data-privacy-faq/
3. General notes and mandatory information
Data protection
The operators of these pages and apps take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
Note on the responsible body
The responsible body for data processing is:
klier.net GmbH & Co. KG, Horst Klier, Schwabach
You can reach our data protection officer at the email address: dsb@klier.net.
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
Data Protection Officer:
IITR Datenschutz GmbH, Dr. Sebastian Kraska, Marienplatz 2, 80331 München, Telefon: 089-18917360
Note on data transfer to the USA
Among other things, tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this.
It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to the collection of data in specific cases and to direct marketing (Art. 21 GDPR)
IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO WITHDRAW YOUR CONSENT AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR CIRCUMSTANCES.
THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) OF THE DATA PROTECTION ACT).
IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 DSGVO).
Right of appeal to the competent supervisory authority
In the event of violations of data protection law against the GDPR, the data subject shall have a right of appeal to the competent supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The competent supervisory authority in matters of data protection law is the State Data Protection Commissioner of the federal state in which our company has its registered office. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html. The right of appeal is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as data entry, orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, a right to correction or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Right to restrict processing
You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your interests and ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data may - apart from being stored - only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
Objection to advertising e-mails
The use of contact data published within the scope of the imprint obligation to send advertising and information material that has not been expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
4. data collection on our website and in the apps
Cookies
Our internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behaviour or to display advertising.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 (1) lit. f DSGVO, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 para. 1 lit. a DSGVO); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. With the
Deactivating cookies may limit the functionality of this website.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this data protection declaration and, if necessary, request your consent.
Server log files
The provider of the websites automatically collects and stores information in so-called server log files, which your browser or our app automatically transmits to us. These are:
Browser type and version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address
This data is not merged with other data sources.
The basis for data processing is Art. 6 (1) lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. In addition, the collection of this data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - for this purpose, the server log files must also be collected.
Request by e-mail and telephone
If you send us enquiries by e-mail or telephone, your details, including the contact data you have provided, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f DSGVO) or on your consent (Art. 6 para. 1 lit. a DSGVO) if this has been requested.
The data you provide will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal provisions - in particular retention periods - remain unaffected.
Registering on the website or app and using the service
You can register on our website or in the app to use our service. We only use the data entered for this purpose for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise we will reject the registration. The data entered during use will only be used by us for the purpose of the service. It will not be passed on or evaluated without your consent.
The data is stored locally on the respective device in the areas provided for this purpose by the respective system or browser. Online, the storage takes place on our own servers, which serve no other purpose than the operation of the service.
For important changes, for example in the scope of the offer or in the case of technically necessary changes, we use the e-mail address provided during registration to inform you in this way.
The processing of the data entered during registration and use is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing already carried out remains unaffected by the revocation.
The data collected during registration and use will be stored by us for as long as you are registered with us and will then be deleted. Statutory retention periods remain unaffected.
Unused accounts will be deleted after 2 years of non-use. You will receive corresponding notices by e-mail beforehand. Unused guest accounts will be deleted after one year. Unfortunately, it is not possible for us to contact you in this case.
You can delete your user account including all data at any time within the app. Important note: Uninstalling the app does NOT delete your account with us. We do not know on how many devices you use the app to access an account with us.
In order to provide a high quality of service, the app creates logs that can be transferred to us in case of support. These are only transmitted in consultation with our support team or must be sent to us proactively by you via email. An exception is the detection of serious errors (exeptions). Here, the transmission of error details to us is also possible without consultation.
Processing data (customer and contract data)
We collect, process and use personal data only insofar as they are necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our websites (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user. Furthermore, personal data may be collected to demonstrate positive effects on care as part of a trial pursuant to §139e (4) of the Fifth Book of the German Social Code.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transmission upon conclusion of the contract for the shipment of goods
We only transmit personal data to third parties if this is necessary in the context of processing the contract, for example to the companies entrusted with the delivery of the goods or the institution commissioned with processing the payment. Further transmission of data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
Data transmission upon conclusion of a contract for services and digital content
We only transmit personal data to third parties if this is necessary for the processing of the contract, for example to the institution commissioned with the processing of payments.
No further transmission of data will take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
5. application SciTIM
When using the telemonitoring function via SciTIM to forward your data to the attending physician, prior consent is required (Art. 6 para. 1 lit. a DSGVO). The type of data includes the blood pressure and pulse values with the time of acquisition. The processing takes place exclusively in Germany.
6. Analysis tools and advertising
VG Wort tracking pixel
We use "session cookies" from VG Wort, Munich, to measure access to texts in order to record the probability of copying. Session cookies are small units of information that a provider stores in the RAM of the visitor's computer. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. Session cookies cannot store any other data. These measurements are carried out by Kantar Deutschland GmbH according to the Scalable Central Measurement Method (SZM).
They help to determine the copy probability of individual texts for the remuneration of legal claims of authors and publishers. We do not collect personal data via cookies.
In this way, we enable our authors to participate in the distributions of the VG Wort, which ensure the statutory remuneration for the uses of copyrighted works in accordance with § 53 UrhG.
It is also possible to use our offers without cookies. Most browsers are set to automatically accept cookies. However, you can deactivate the storage of cookies or set your browser to notify you as soon as cookies are sent.
7. Infomail
To save unnecessary data transfer, graphics in our Infomail are only loaded when viewed. We also note this to recognise when a recipient does not open the emails for a longer period of time.
The data entered in the Infomail registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the email address and their use for sending the Infomail at any time, for example via the "unsubscribe" link in the Infomail. The legality of the data processing operations already carried out remains unaffected by the revocation. However, the email address remains stored in order to secure the history incl. confirmation of subscription and unsubscription and emails sent.
The data you provide us with for the purpose of receiving the Infomail will be stored by us until you unsubscribe from the Infomail and will be retained for legal reasons even after you have unsubscribed. Data stored by us for other purposes (e.g. email addresses for the members' area) remain unaffected by this.
8. plugins and tools
YouTube
Our website uses plugins from the YouTube site operated by Google. The operator of the site is Google Ireland Limited, Gordon House, Barrow, Street, Dublin 4, Ireland.
We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the disclosure of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube establishes a connection to the Google DoubleClick network - regardless of whether you watch a video.
When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube may store various cookies on your end device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts.
If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no influence.
YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) f DSGVO. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
Further information on the handling of user data can be found in YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy.
9. Online Marketing and Partner Programmes
Amazon Affiliate Program
The operators of the pages participate in the Amazon EU affiliate programme. On our pages, Amazon includes advertisements and links to the Amazon.de site, from which we can earn money via reimbursement of advertising costs. Amazon uses cookies to track the origin of orders. This enables Amazon to recognise that you have clicked on the partner link on our website.
The storage of "Amazon cookies" is based on Art. 6 lit. f DSGVO. The website operator has a legitimate interest in this, as the amount of its affiliate remuneration can only be determined through the cookies.
For more information on Amazon's use of data, please see Amazon's privacy policy: https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401.