Last updated: 19th of July, 2019
General information and mandatory information
Responsible body for the data processing on this website:
MEDIGO GmbH (www.medigo.com) | Rosenthaler Str. 13 | 10119 Berlin
Managing Directors: Ugur Samut, Ieva Soblickaite & Pawel Cebula
The responsible person(s) decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).
Medigo has appointed a Data Protection Officer:
Mein-Datenschutzbeauftragter.de | Hafenstraße 1a | 23568 Lübeck
Phone: +49 451 16085-226 | E-mail: email@example.com OR firstname.lastname@example.org
MEDIGO GmbH SERVICES
The user can use individual services (“special services”) of MEDIGO. For this purpose, it is necessary that the user consents to the collection, processing, and use of his/her personal data and, if applicable, also of special personal data. This applies in particular to the special services listed below:
- MEDIGO operates an online platform which enables the user to contact a medical provider as well as third-party providers and associated companies (e.g. travel agencies, customer service agencies, payment service providers, or translators) whose services are advertised via our platform.
- If a medical service provider concludes a medical treatment contract with the user, the user agrees that the medical service provider shall inform MEDIGO of the type and date of the medical treatment as well as the amount to be paid and the date of the invoice transmitted by the medical service provider to the user (and, if required by law, that the medical service provider shall transmit the corresponding data to MEDIGO).
- If a third-party provider concludes a contract with the user for certain services, the user authorizes the third-party provider to inform MEDIGO of the amount and date of the invoice transmitted by the third-party provider to the user.
- If the user is the policyholder of an insurance partner of MEDIGO (“insurer”), the user authorizes the medical service provider, the third-party provider, and the insurer to inform MEDIGO of the specific personal data relating to the medical treatment of the user as well as the amount and date of the invoice transmitted by the service provider to the user or to the insurer.
- Forums will be set up on the platform or on the websites of associated companies to enable the exchange of experiences and opinions between users.
- The user is offered a regular newsletter.
- MEDIGO uses the personal data for its own advertising purposes and sends the user information about MEDIGO, new products and services, medical service providers, etc., by email, phone call, SMS, or post.
PURPOSE OF USE AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
We process personal data required for the establishment, implementation, or processing of our range of services on the legal basis of Art. 6, Para. 1, lit. b or f, DSGVO. If you have given us your consent to process personal data for specific purposes, we will process it on the basis of your consent pursuant to Art. 6, Para. 1, lit. a, DSGVO.
If we use external services in the context of order data processing, the processing is carried out on the legal basis of Art. 28, DSGVO.
Personal data is collected, processed, and used by us exclusively for the following purposes:
|Purpose of data processing||Legal basis for data processing|
|for contact and related correspondence||on the basis of your consent|
|for processing your request and for any further advice you may require||on the basis of your consent|
|to display comments in our blog function||on the basis of legitimate interests|
|to contact us to verify your data||on the basis of your consent|
|to ensure that our website is presented to you in the most effective and interesting way possible (e.g. through anonymous evaluation)||on the basis of legitimate interests|
|for the technical realisation of our offers||on the basis of legitimate interests|
CONSENT OF THE USER
By clicking on the appropriate box during the request and order process, the user agrees to the following forms of data processing:
- The user agrees that MEDIGO collects, stores, and uses the personal data and special personal data transmitted during the inquiry process for the following purposes:
- To provide the data to the medical service provider designated by the user (clinics, hospitals, dentists, or specialists established in the EEA or in other countries) or, if no medical service provider has been designated, to up to three medical service providers selected by MEDIGO according to fixed criteria (state of health, preferred country, language of the medical service provider and the user, reaction of the medical service provider in previous cases, and “best price” for the procedure requested by the user) in order either to request an offer or to book a service from the medical service provider,
- Passing on this data to third parties, partners, and affiliated companies within and outside the European Economic Area (EEA) who provide customer service, advertising, or payment services on behalf of MEDIGO in accordance with MEDIGO’s instructions and in compliance with the data protection declaration and corresponding confidentiality and security measures of MEDIGO,
- For any service for which the user has registered on this website, and
- For internal price calculation and offer examination, in each case to the extent necessary for this purpose.
COLLECTED AND PROCESSED PERSONAL DATA
We collect and process your personal data only if you provide them voluntarily and with your consent, e.g., by filling out our forms (free offer) or by sending emails. Within the framework of the available forms or messages, this is primarily the following data:
Data of interested parties for services:
- first name
- email address
- telephone number
- the agreement to the data protection declaration
- the consent
The collection and storage of special personal data (such as information on medical status, health, sex life, habits, and religion) is carried out for the conclusion of a corresponding agreement, for the opening of a customer account, or for establishing contact with MEDIGO or a medical service partner of MEDIGO.
MEDIGO’s medical service providers are essentially clinics, hospitals, dentists or established specialists in the EEA or in other countries.
These data will be used exclusively for the aforementioned purposes, unless the user expressly permits MEDIGO to use them for other purposes. In this case, the data will be used only to the extent necessary for the respective purpose, e.g., conclusion, execution, and performance of the contract.
Personal data and its contents provided by you remain exclusively with us and our affiliated companies. We will only store and process your data for the purposes stated. Any use beyond the stated purpose requires your express consent.
The data processing by our partners is subject to their data protection regulations.
The personal data will be deleted immediately in case of revocation of your consent or if the purpose of data use no longer exists.
DISCLOSURE OF PERSONAL DATA
MEDIGO uses a variety of third-party providers and affiliated companies to offer services via the platform. These third parties and affiliates may originate in the European Economic Area (“EEA”) or in other countries. The third-party providers and affiliates may assist MEDIGO with the following:
- the verification or confirmation of the user’s identification;
- the comparison of information with public databases;
- background checks, fraud prevention, and risk assessments; or
- the provision of after-sales services, advertising, or payment services.
Since the disclosure of personal data and special personal data to third parties is not permitted under the above provisions, personal data and special personal data shall be disclosed to third parties only in the following cases:
- We pass on personal data and special personal data to our partners and affiliated companies (within the meaning of § 15 ff. AktG) in order to enable a service that MEDIGO cannot provide itself (e.g. a payment service). This is done according to MEDIGO’s instructions and in compliance with MEDIGO’s data protection declaration and corresponding confidentiality and security measures.
REVOCATION OF YOUR CONSENT TO DATA PROCESSING
Some data processing operations are only possible with your express consent. A revocation of your already given consent is possible at any time. To revoke your consent, send an informal email to email@example.com. Enter your name, address and (if applicable) user name. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
RIGHT TO APPEAL TO THE COMPETENT SUPERVISORY AUTHORITY
In the event of a breach of data protection law, you as the party concerned, have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority with regard to data protection issues is the data protection officer of the federal state in which our company has its registered office. The following link provides a list of data protection officers and their contact details: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
RIGHT TO DATA TRANSFERABILITY
You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The information is provided in a machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.
RIGHT TO INFORMATION, CORRECTION, BLOCKING, DELETION
You have the right to free information about your stored personal data, the origin of the data, its recipients, the purpose of the data processing and, if applicable, the right to correction, blocking, or deletion of this data at any time within the framework of the applicable statutory provisions. In this regard and also for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.
SSL OR TLS ENCRYPTION
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that the data you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the “https://” address line of your browser and by the lock symbol in the browser line.
To send our newsletter, we need an email address from you. It is necessary to verify the email address provided and consent to receive the newsletter. Supplementary data is not collected or is voluntary. The use of the data takes place exclusively for the dispatch of the newsletter.
The data collected during newsletter registration will be processed exclusively on the basis of your consent (Art. 6, para. 1, lit. a, DSGVO). A revocation of your already given consent is possible at any time. To revoke your consent, send an informal e-mail or use the “unsubscribe” link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
Data entered to set up the subscription will be deleted if you unsubscribe. If this data has been transmitted to us for other purposes and elsewhere, it will remain with us.
SERVER LOG FILES
In server log files, the provider of the website automatically collects and stores information that your browser automatically transmits to us. These are:
- Visited page on our domain
- Date and time of the server request
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- IP address
These data are not merged with other data sources. The data processing is based on Art. 6, para. 1, lit. b, DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
STORAGE PERIOD OF CONTRIBUTIONS AND COMMENTS
Contributions and comments as well as related data, such as IP addresses, are stored. The content remains on our website until it has been completely deleted or had to be deleted for legal reasons.
Contributions and comments are stored on the basis of your consent (Art. 6, para. 1, lit. a, DSGVO). A revocation of your already given consent is possible at any time. An informal notification by email is sufficient for the revocation. The legality of data processing operations that have already taken place remains unaffected by the revocation.
MEDIGO collects and stores anonymous data for optimisation and marketing purposes, e.g., data on anonymous user profiles and user behaviour. Flash cookies may also be used for this purpose. Cookies and flash cookies are alphanumeric identification codes that MEDIGO stores on the user’s hard drive via the user’s web browser or other programs. If the user does not wish cookies to be stored, he can deactivate them in accordance with the manufacturer’s instructions for the browser in question.
- Cookies do not have to be accepted in order to access the MEDIGO website. However, if the user wishes to mark a clinic as a favourite or wishes to receive a reminder of the clinics visited, he/she must set the browser to accept cookies.
- Cookies and flash cookies are small files that are stored on the user’s hard drive and store the preferred settings and other data that the MEDIGO computer system requires for interaction with the browser. There are two types of cookies: session cookies, which are deleted when the user exits the browser, and temporary cookies, which are stored by the user’s browser for an extended period of time. Cookies help MEDIGO to adapt the platform to the user and to reflect preferences and usage habits. They also allow MEDIGO to store information entered so that the user does not have to re-enter it the next time he/she visits.
- MEDIGO cookies are not used to store personal data. Our cookies are not designed to identify an individual user. If a cookie is activated, it is given an ID number which is used for internal purposes and is not suitable for identifying the user or for accessing personal data such as names or IP addresses. The anonymous data from the cookies allow an assessment of which pages of the MEDIGO website are most frequently visited and which procedures and clinics are most popular.
- The MEDIGO website collects data that can be useful for the creation of advertisements and online offers for the user. This data is not used to identify you as a user, it is only used to optimise the platform. The data collected by these cookies are not stored together with the user’s personal data, they are only used to send the user advertising or messages about offers and services via click-stream analyses, which are tailored to his/her individual needs.
- MEDIGO uses retargeting techniques to tailor the online offering to the user. Retargeting technology allows MEDIGO to advertise recently accessed and similar clinics on partner websites, including those of other companies that may be relevant to the user. This data is anonymous, no personal data is stored and no user profiles are created.
You can prevent Google from collecting and using data (cookies and IP addresses) by downloading and installing this browser plug-in provided by Google.
Please note that on this website the Google Analytics code is supplemented by anonymizeIp() in order to enable anonymized collection of IP addresses (so-called IP masking).
USE OF FACEBOOK SOCIAL PLUGINS
Our website uses so-called social plugins (“plugins”) of the social network Facebook, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.
The plug-ins are marked with a Facebook logo or the addition “Social Plug-in of Facebook” or “Facebook Social Plugin.” You can find an overview of the Facebook plugins and their appearance here.
If you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook profile or are not logged on to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook profile. If you interact with the plug-ins, for example by clicking on the “Like” button or making a comment, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in Facebook’s data protection information.
If you do not want Facebook to associate the data collected through our website directly with your Facebook profile, you must log out of Facebook before visiting our website. You can also prevent the loading of Facebook plugins completely with add-ons for your browser, e.g this add-on for Mozilla Firefox, this add-on for Opera or this add-on for Chrome.
USE OF TWITTER PLUGINS (E.G. “TWITTER”-BUTTON)
Our website uses so-called social plug-ins (“plugins”) of the microblogging service Twitter, which is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). The plugins are marked with a Twitter logo, for example in the form of a blue “Twitter bird”. An overview of the Twitter plugins and their appearance can be found here.
If you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the Twitter servers. The content of the plugin is transmitted by Twitter directly to your browser and integrated into the page. Through the integration, Twitter receives the information that your browser has called the corresponding page of our website, even if you do not have a profile on Twitter or are not logged in to Twitter. This information (including your IP address) is transmitted directly from your browser to a Twitter server in the USA and stored there.
If you are logged in to Twitter, Twitter can assign your visit to our website directly to your Twitter account. If you interact with the plugins, for example by pressing the “Twitter” button, the corresponding information is also transmitted directly to a Twitter server and stored there. The information is also published on your Twitter account and displayed to your contacts there.
The purpose and scope of the data collection and the further processing and use of the data by Twitter as well as your rights in this regard and setting options to protect your privacy can be found in Twitter’s data protection information.
If you do not want Twitter to associate the data collected via our website directly with your Twitter account, you must log out of Twitter before visiting our website. You can also completely prevent the loading of Twitter plugins with add-ons for your browser, e.g., with the script blocker “NoScript“.
Our website uses features of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, MountainView, CA 94043, USA. Each time you visit one of our pages that contains LinkedIn features, a connection is established to LinkedIn servers. LinkedIn will be notified that you have visited our web pages with your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn will be able to associate your visit to our site with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn. Further information on this can be found in LinkedIn’s data protection declaration.
The aforementioned wording was provided by www.mein-datenschutzbeauftragter.de
CHANGES TO THE DATA PROTECTION DECLARATION