1.
Introduction
1.1.
Controller
The provider of this app and controller within the
meaning of data protection is:
B. Braun Melsungen AG
Carl-Braun-Straße 1
34212 Melsungen
This implies that B.
Braun Melsungen AG (hereinafter “B. Braun”) decides upon the purposes and scope
of processing the personal data of its app users (hereinafter “user data”) and
in return is responsible for their security and compliance with applicable laws.
As the controller, we are also subject to information requirements, which we fulfill
and comply with through this data protection policy.
1.2. General information
Data
protection is important to us and we take it very seriously. We rely on
trusting cooperation with you and endeavor to fully meet your requirements in
this respect. Naturally, this also applies to our handling of your personal
data. Our data protection policy will inform you whether and how your personal
data is processed and what rights you have in this regard. It supplements the
terms and conditions of the Omnitest App.
B. Braun observes the
principles of data protection throughout the development and operation of the app.
This is done by means of technology (privacy by design) and privacy-friendly
default settings (privacy by default). The same applies to further development
of our apps and the implementation of new legal requirements.
We categorically process your
personal data in accordance to the General Data Protection Regulation (GDPR) of
the European Union. In no case will we use your personal data without your
consent for advertising or marketing purposes, nor will we share it with third
parties outside of B. Braun.
2.
Use of
your data
The Omnitest App can
generally be used without having to enter personal data. It is designed solely
to collect data over the course of your treatment, such as readings,
medications, meals consumed, treatment-related limits or target values. All
information is voluntary.
Even if we do not usually
collect, process and store directly personal data with the Omnitest App, it
might be possible to draw conclusions on your person due to the use of tracking
technology which improves the overall quality of the app (see section 6).
3.
Place of
storage and data deletion
The
data entered in the course of use is only stored and managed locally on your
mobile device by the Omnitest App, which means that it remains in your hands.
You have the option of deleting individual data records within the app at any
time. Only measured values received from a paired blood glucose meter via
Bluetooth cannot be deleted individually, but instead marked as invalid. If you
wish to permanently delete all user data, just delete the Omnitest App from
your mobile device.
Note: If you are using cloud-based backup functions of
the operating system, your data may still be available in the backup despite
deleting the app. Please follow the operating instructions of the respective
operating system in this regard.
4. Security of processing
The Omnitest App was developed and tested thoroughly
in accordance with the latest security standards to ensure that your data is
optimally protected. Depending on the platform and version of the operating
system, your local database is either encrypted automatically when locking the
device, or this function can be activated in the settings. It is also possible
to activate a separate code lock to access the Omnitest App both for iOS and
Android; however, a separate app may be required for this.
Please note that data transmission on
the Internet (e.g. when sending exported data by email) may be subject to
security breaches. We try to protect your data from unauthorized access by
third parties. To do so, we use up-to-date measures such as pseudonyms, data
minimization, and consider deletion times. Despite these protective measures,
unlawful processing by third parties cannot be completely excluded.
5. Your rights as data subject
As data subject, you have various rights under the
General Data Protection Regulation (GDPR), which we would like to draw to your
attention:
§ Right to information: Since
we do not store any of your data (it is only saved on your device), this right
to information does not apply. If you would like to know which data is stored
about you, please exercise your right to information about data portability and
the associated export of your data (see the right to data portability).
§
Right to deletion and
correction:
You can delete or change your data yourself via the app at any time. Only
measured values received from a paired blood glucose meter via Bluetooth cannot
be deleted individually, but rather only marked as invalid. If you wish to
permanently delete all treatment-related data, just delete the Omnitest App
from your mobile device. You can find the relevant information in the operating
instructions of your mobile device.
§ Right to object: If
you no longer wish to use the Omnitest App, you can delete it from your mobile device
at any time.
§ Right to data portability: In
accordance with Art. 20 of the GDPR, you have the right to read your treatment
data collected with the help of the app in a structured machine-readable format;
for example, to use it further with different software. Starting with version
2.0, the Omnitest App offers you the option of exporting all treatment data or
any subset as a CSV file under the menu item “Data transfer”.
§ Right to lodge a complaint with
the supervisory authority: We are legally required to inform you that you have
a right to lodge a complaint with the supervisory authority.
6. Tracking
We
use the analytics technology of Flurry Inc. (www.flurry.com) to track our apps.
This allows us to collect and save usage details in a pseudo-anonymous manner.
With this analysis, we aim to optimize the user-friendliness of the Omnitest App
and improve it for you on an ongoing basis. This data is neither used to
identify visitors of this app nor to compare it to other data concerning the
owner of a pseudonym.
More
information about Flurry Analytics is available in the Privacy Policy of Flurry
Inc. at: https://policies.yahoo.com/us/en/yahoo/privacy/index.htm
You
may object to the use of tracking for your device at the following Internet
address at any time: https://aim.yahoo.com/aim/us/en/optout/index.htm
You
can access the data protection policy in the app under the screen info >Data
protection policy.
8. Your contact person
In our company, compliance with the statutory
regulations and with this policy is monitored by our company data protection
officer. The administrators of the app have been trained to handle personal
data, and undertake to comply with data protection rules. For questions about
data protection, please do not hesitate to contact our data protection officer:
B. Braun Melsungen AG
Data Protection Officer
Carl-Braun-Straße 1
34212 Melsungen
External
contact person on matters relating to data protection is the responsible
regulatory authority:
Data
protection officer of the federal state of Hesse
Prof. Dr. Michael Ronellenfitsch
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany
Telephone:
0611/1408 0
Telefax: 0611/1408 900
Email: poststelle@datenschutz.hessen.de
http://www.datenschutz.hessen.de
Version: 19/06/2018