Version 1.0, 05/27/2024
Thank you for your interest and for visiting our app offers. Alcedis GmbH has been commissioned by the sponsor of the study to provide you with the patient information digitally using the electronic documentation system of Alcedis GmbH and to obtain your consent to participate in the study in digital form. In this respect, Alcedis GmbH acts as a processor for the sponsor of the study and processes your data exclusively on its instructions and not for its own purposes. As the operator of this app, Alcedis GmbH takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations.
This data protection statement provides you with information on the nature, scope and purpose of personal data processing within our application and its associated features and content, as soon as you, as a user, download, install or run the app; receive content through the app; or use additional services. With regard to the terms used, such as "personal data", "processing" or "controller", please refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
The app is provided for download in third party portals (Apple's iTunes App Store, Google's Play Store).
The HEARTBEAT app of Alcedis GmbH is used to view and sign the consent form in the HEARTBEAT study. The app is intended for the digital collection and transmission of the digital signature from the patient to the physician which is required for participation in the study. Additionally, the app is for the digital collection and transmission of patient reported outcomes which are entered by the users. The app offers learning content in form of text, videos and other media formats. The app sends push notifications to the users. The app visualizes user’s health data.
This data protection statement applies to all services offered through the app.
For any question you may have with respect to data privacy, please send an email to heartbeat@tulane.edu or contact our company data protection officer at the following address:
Data Protection Officer: Jeremy Pelegrin
Phone: (504) 988-8500
Address: 1555 Poydras Street, 14th Floor, New Orleans, Louisiana
70112
The operator of the app and processor for the sponsor of the study is the:
Alcedis GmbH
Winchesterstr. 3
35394 Gießen
Tel: +49 641-94436-0
Fax: +49 641-94436-70
Email: info@alcedis.de
Managing Directors: Mr. Hanno Härtlein, Mr. Alexander Heinz, Mr. Dr.
Bernhard Remes
The Data Protection Officer for Alcedis GmbH is:
Gds Gesellschaft für Datenschutz Mittelhessen mbH
Auf der Appeling 8
35043 Marburg
Tel.: 06421 80413 10
Email: datenschutz@gdsm.de
In order to install the app, you may need to first enter into a user agreement with a third party provider (Google Inc., iTunes SARL, hereinafter referred to as "third party provider") by accessing a third party portal or online shop (iTunes App Store, hereinafter referred to as "third party portal").
By downloading the mobile app, required information will be transferred to the app store, including but not limited to your account username, email address and customer number, time of download, payment information, and individual device ID. We have no influence on this data collection and are not responsible for it. We will only process the data to the extent necessary to download the mobile app to your mobile device.
Alcedis GmbH is not a party to such an agreement and has no influence on the data processing by the third party provider. You can find out which data is processed by the third party and in what manner during the registration to the Third Party Portal, if applicable, in the third party provider's data protection statement.
In order to use the app, you must have been included by your physician into the electronic documentation system of Alcedis GmbH as a participant in the context of the HEARTBEAT study. This is a prerequisite for a user to log into the app, as a personal verification code is transmitted. We require the data collected during registration in the electronic documentation system to enable access to the services and support.
Entering a password when prompted protects the app against third party access. User credentials are stored in encrypted form.
1. Once you use or attempt to use any of the services through the app, your mobile device will establish an online connection to the server of Alcedis GmbH and its service providers. The transmission of the log-in data to the server is required for the user to be able to retrieve content on their mobile device.
Alcedis GmbH generally processes personal data of the users of its app only to the extent necessary to provide a functional app as well as its contents and services.
While you are using the app, Alcedis GmbH and determined service providers of Alcedis GmbH will process data necessary for intended access to and use of the services:
2. In addition, when you log in, we process your last and first name as well as your email address or telephone number, as well as information about whether or not you have consented to participate in the study and, if applicable, the time of consent.
Depending on the version of your device’s operating system, you will be asked for permission to use various functions the first time you access it. If you decline these, you will not be able to use the features. You may later grant or revoke permission in the operating system settings.
An internet connection is required for proper operation of the app.
The use of mobile data allows the data to be retrieved outside of Wi-Fi.
This app may contain hyperlinks to third party websites. If you follow a hyperlink to one of these websites, please note that we cannot accept any responsibility or guarantee third party contents or data protection conditions. Please refer to the applicable data privacy conditions before submitting any personal information to these websites. Only their operators are responsible for the content of linked pages. At the time of linking, there was no indication that the contents of the page being called up do not comply with legal provisions or that they violate common decency. The licence and conditions of use of the respective operators of the internet service apply.
We do not share any personal data with third party providers as part of the linking process.
The transmission of sensitive data is encrypted.
This app uses SSL encryption for security purposes and to protect the transmission of confidential content. If SSL encryption is enabled, the data you transmit to us cannot be read by third parties.
The legal basis for the processing of the data mentioned under IV 1. is Art. 6 para. 1 letter f) GDPR (legitimate interest). The processing of this data is necessary to provide you with the features of our mobile app and to ensure its stability and security. The legal basis for the processing of the data mentioned under IV 2. is your consent according to Art. 6 para. 1 letter a) GDPR as well as the legal obligation of the aforementioned controller to be able to prove your consent to participate in the study (Art. 6 para. 1 letter c) GDPR in conjunction with Art. 5 para. 2 GDPR). The legal basis for the processing of health data in the context of this app is your express consent within the meaning of Art. 9 para. 2 lit. a GDPR.
The data mentioned in number IV 1. will only be stored temporarily during the use of the app. The data processed according to number IV 2. will be stored for the duration of the study period in order to be able to prove you to the competent authorities upon request.
Subject to the respective regulations, you may be entitled to the following rights vis-à-vis the supervisory authority:
You have the right to complain to a data protection supervisory authority about the processing of your personal data.
The competent supervisory authority for the controller is:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
[Hessian Commissioner for Data Protection and Freedom of
Information]
Gustav-Stresemann-Ring 1
65189 Wiesbaden
https://datenschutz.hessen.de/
To exercise your rights in relation to the data referred to in IV, you may also contact Alcedis GmbH. Alcedis GmbH will then immediately forward your request to the controller.
We amend our security and data protection measures to the extent required by technical and legal development, and adjust the privacy guidelines accordingly. Please therefore refer to the current version.
Status of the data protection statement: 05/27/2024