Who is responsible for data collection and processing?

 

When using the HealthifiCraft app, we, ArtifiCraft GmbH, process your data. If you have any questions about data protection, please contact us as follows:

ArtifiCraft GmbH, Schellingstr.109a, 80798 München, Germany

info@artificraft.com

ArtifiCraft GmbH & Partners is considered to be the data controller and determines the purposes and means of the processing of personal data.

What data do we collect and how and why do we process your data?

 

 

Principles

Our privacy policy is based on the following privacy principles:

• The processing of personal data is lawful;

• Personal data may only be collected to fulfill the order;

• The collection of personal data must be adequate, relevant and limited to what is necessary in relation to the purpose for which it is processed;

• The personal data must be correct and, where necessary, kept up to date;

• All reasonable measures are taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;

• Personal data will be kept in a form that permits identification only for as long as is necessary for the purpose for which the personal data is processed;

• All personal data will be treated confidentially and stored in a manner that ensures adequate security;

• You have the right to access and correct or delete your personal data, to restrict processing or to object to processing, and the right to data portability.

 

 

Collection and use of personal data

If you use our services and want to transmit information to us, you may be asked to provide personal data so that we can carry out the order. Personal data may be transmitted via our app, website, email, other electronic means or software solutions supported by us, post or telephone. All personal data is collected in compliance with the GDPR. We only process personal data to the extent necessary for a specified, explicit and legitimate purpose or for a purpose required by law in the places where we operate.

The following personal data are processed:

Names, dates of birth, addresses, e-mail addresses, telephone numbers, whereabouts and state, insurance number and medical history. We combine this data of the respective user with personal data in order to transmit the necessary information to the doctor and to inform the user about update from the doctor with a prescription of lab results. We also collect personal data for other purposes, e.g. B. for statistics, management and communication, IT and security administration, physical security, authentication and authorization systems, support systems, collaboration on internal projects and organizational teams and activities.

Use of Personal Data

We use personal data for the purpose for which it is collected and do not store the data for longer than is necessary for this purpose. We may retain your information for as long as your account is active or as necessary to provide services, to comply with our legal obligations, or for any of the purposes set out above. Access to the Personal Data is strictly limited to those employees and contractors who have appropriate authorization under a binding agreement with the Firm and have a clear business need for the data.

 

 

In the following you will find a more detailed description of the data processing that can take place when using the app. This concerns in detail:

Creating a patient account: Registration is required to create a patient account on HealthifiCraft.

Add medical history: is a serie of questions needed to give the doctor a general image about the patient health and medical history. 

Add Payment data: the application has a wallet that is filled using the patient credit card, based on the type of treatment the doctor will charge the insurance company or the patient wallet. 

Book and appointment or a consultation: The patient is able to check the availabitly of the doctor on the application and select a suitable slot for an appointment or an online consultation. When booking, patient data are recorded.

Access permissions: In order for the app to work, certain access permissions to data or functions of the operating system are technically necessary.

Technical access authorizations for Android up to and including version 5:

     Storage access: Network access: get internet data, network connections retrieve, full network access, retrieve Wi-Fi connections to allow the app to retrieve the information.

     Device-specific access: disable sleep mode, control vibrating alert to signal the arrival of push messages.

     Camera/Gallery: To add Lab results, prescriptions or to connect over the camera with the doctor.

Microphone: For online consultation to speak with the doctor. 

Technical access authorizations for Android from version 6:

     Contacts: Find accounts on the device (to enable push messages, such as travel notifications).

Miscellaneous:

     Access all networks, wake up, read google service configuration, run at startup, get internet data, control vibrator, get network connections, get wifi connections.

     Camera/Gallery: To add Lab results, prescriptions or to connect over the camera with the doctor.

Microphone: For online consultation to speak with the doctor.

Technical access permissions for iOS

     Cellular data: Internet data obtained outside of a Wi-Fi range to enable the app to retrieve the information on the go.

     Camera/Gallery: To add Lab results, prescriptions or to connect over the camera with the doctor.

Microphone: For online consultation to speak with the doctor. 

The legal basis for data processing is Article 6 Paragraph 1 Letter b) GDPR.

push notifications

We are interested in informing you about significant events and results within our service, even if you do not have our app open. For this we use so-called push notifications.

The app only sends messages if you have expressly consented to them. When you start the app for the first time, we ask if you want the news to be displayed on your mobile device. With Android versions, approval takes place after confirmation and when the app is downloaded. With iOS versions, a dialog window appears when the app is called up for the first time.

The legal basis for the use of push services is Art. 6 Para. 1 lit. ab) GDPR. You can deactivate the sending of push notifications in the app settings or in the device settings and thus revoke your consent at any time.

Are cookies used?

Our app and our partners use cookies or similar technologies to ensure the best user experience and to analyze trends, administer the app, track users' movements within the app, and gather demographic information about our user base as a whole. Cookies are small text files placed on your device to track usage patterns and record preferences. Our cookies do not contain any information that can directly identify individuals. We collect certain information automatically through the use of cookies and tracking technologies such as Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referrer/exit pages, data viewed (e.g. HTML pages, graphics), operating system, date/time stamp and/or clickstream data in order to analyze trends and manage them. You can control the use of cookies, but disabling cookies may limit the use of certain features.

Will data be passed on?

We only share personal information with third parties under the following conditions:

• if you have given your consent or if this is not required;

• for purposes directly related to the purpose for which the personal data was originally collected;

• if it is necessary for the preparation and performance of the agreement with you;

• if there is a legal obligation, a court order or an official order to do so;

• if necessary to protect legal rights or to enforce them;

• when necessary to respond to lawful requests from security and law enforcement agencies and when required to do so;

• to prevent misuse or other unlawful activities, such as intentional attacks, to ensure data security.

Occasionally we register with other companies or business partners in and outside the European Economic Area to act on our behalf, such as technology companies for the processing and delivery of systems and technologies to improve our products and services. In these cases we pass on the necessary information. Before we share personal information, we enter into written agreements with recipients that include privacy policies that protect your information. Service providers may only receive personal data that they need to provide their services. We do not share information with third parties so they can market their products or services to you.

What rights do users of the HealthifiCraft app have?

You have the right to access and rectify or delete at any time of your personal data, to restrict processing or to object to processing and the right to data portability. To help us keep Personal Information up to date, we encourage you to notify us of any changes or inconsistencies. We will respond to your request within a reasonable time.

You have the right to lodge a complaint about the processing of your personal data. All inquiries and complaints will be processed by us in a timely manner. Complaints can be emailed to info@artificraft.com.

In the unlikely event that you consider that our processing of your personal data infringes the GDPR or any other data protection law, you may also lodge a complaint with a supervisory authority.

How up-to-date is this data protection notice?

We adapt the data protection notice to changed functionalities or changed legal situations. We therefore recommend that you take note of the data protection notice at regular intervals.

As of October 23, 2023

Version 1.0