Data privacy statement for customers
With the internet software, samedi GmbH (referred to in short as “samedi”) provides web software for in-house data processing via the internet platform app.samedi.de and app.samedi.cc (including all associated top level, country and sub-domains). This web software is accessed exclusively via a web browser or samedi® apps.
The applications are supplied to natural and legal persons as customer-user accounts for their own online data pro-cessing in samedi® applications. The personal and medical data that is saved on samedi® is highly sensitive and is therefore protected by samedi with the highest levels of effectivity and security. Germany’s data protection laws (such as the TMG (Telemedieng-esetz [Telemedia Act]), the BDSG (Bundesdatenschutzgesetz [Federal Data Protection Act]), the data protection law provisions of the TKG (Telekommunikationsgesetzes [Telecommunications Act])) and the legislative provisions at EU level should therefore ensure that the right to self-determination is preserved, including where the data of samedi®’s users and customers is concerned, and that the privacy of every individual is preserved. samedi ensures compliance with these data protection laws and is subject to monitoring and supervision by the Berlin Commissioner for Data Protection and Freedom of Information.
The data recorded by users and customers in their personal user accounts is highly sensitive and is therefore pro-tected by samedi to very high security standards. samedi has therefore developed a comprehensive data protection and security concept regarding (1) data access, (2) data processing, (3) data transfer and (4) data storage, which is appropriate to the sensitivity of the data.
1 Data access in samedi®
All data is entered and updated by the individual customers of samedi themselves in a personal samedi user ac-count. samedi’s customers alone decide which data to enter and save. The customers can delete individual parts or all of their data at any time. Access to their data is only possible via a username freely chosen by the customers and a freely chosen password. As additional protection, samedi offers an SSL client certificate for the customer-user account in order to limit access to the specific computers used by the customer and to prevent misuse. The certificate is generated by the browser and login is only permitted with this certificate.
The username is the name samedi’s customers use to open their personal samedi user account and therefore per-mits access to their data saved there. In accordance with the data protection recommendations, customers are prompted to choose as secure a password as possible (i.e. one containing at least 6 characters, a combination of numbers, symbols and letters rather than a combination of words). samedi recommends that customers keep the access data (username and password) as securely as a valuable item and that they regularly change their password. The customer is, however, responsible for its own computer and software, and must ensure they are appropriately protected. Due to samedi®’s strong encryption architecture which prevents both third parties and samedi itself from reading the customer’s data, samedi cannot restore the account or the data saved in the account if the customer loses its access data. samedi therefore offers customers the opportunity to create a “master key” initially. This “master key” or "master user account" cannot be used by the customer operationally; rather it is used to create new log-in accounts. samedi recommends that its customers protect this “master key” particularly securely (for example “physically in a safe”). It is possible to restore access with a two-stage TAN procedure with the email address and mobile phone number pro-vided by the user. After successfully inputting both TANs, the customer can create a new password but cannot ac-cess patient data. For this purpose an administrator account must first issue decryption rights via its login. The ad-ministrator can deactivate and activate individual accounts, as well as create new passwords for the accounts.
2 General data processing
In data processing, samedi distinguishes between four different data categories: (a) public data, (b) direct samedi customer data, (c) data from samedi customers which is particularly sensitive (for example, patient or medical data) and (d) cookie data. (a) Public data The customer’s public data, which can also be obtained from the customer’s homepage or business directory entries (for example, its own description of practice or clinic address), is displayed on the samedi® platform to other cus-tomers/ users. The customer can independently change the public profile on the samedi platform, add additional information or remove it completely. (b) Direct samedi customer data Address data, comments from samedi service employees for customer services as well as contact details such as email addresses or mobile phone numbers are stored in an internal samedi® customer database which is only ac-cessible to samedi’s employees. samedi requires this data in order to contact the customers and to be able to pro-vide services and support. This data continues to be stored after the end of the customer relationship due to legal liability risks. For contractual relationships with customers involving payment obligations, personal and payment details which are necessary for the performance of the contractual obligations are also stored. This data is only used by samedi in the context of this contractual relationship.
samedi sends newsletters to the customers for the purposes of communicating important contractual changes, tech-nical developments or general customer information. The customer may unsubscribe to the newsletter in its user account, however, in doing so, the customer excludes itself from important information. Thereby any liability for con-sequential losses is excluded. (c) Data from samedi customers which is particularly sensitive In accordance with Section 3 (9) BDSG, the personal data stored by the customers in their personal user accounts, such as patient or medical data, is deemed to be particularly sensitive. This customer data is encrypted locally on the customer’s computer and is only available in a decoded form on the customer’s computer. The customer's own par-ticularly sensitive data can therefore only be viewed locally by the customer. samedi does not keep thepersonal data in plain text, but rather as cryptographic data (“crypto-data”) on the samedi severs. In contrast to anonymised data (Section 3 (6) BDSG) and pseudonymised data (Section 3 (6a) BDSG) samedi’s crypto-data does not contain any individual details about personal or factual circumstances and is effectively empty in terms of its information content. For this purpose, samedi specially designed and implemented a client-sided encryption solution. This procedure ensures that the data can only be decoded in the client system by the authorised users. This approach is compliant with the specifications of the conference of the Federal and State Data Protection Commissioners on “Data protec-tion and telemedicine - Requirements for medical networks 2002“ (cf. http://www.datenschutz.hessen.de/download.php?download_ID=145, dated November 2015), which on page 7 states that “if it can be ensured that external third parties (contractors) cannot access any personal medical data (e.g. for digital external archiving concepts, for which it is envisaged that all information is encrypted), there is no breach of the duty of doctor-patient confidentiality” in accordance with Section 203 StGB (Strafgesetzbuch [German Criminal Code]). Likewise, the protection of objects not subject to seizure in accordance with Section 97 (2) Sentence 2 StPO (Strafprozessordnung [Code of Criminal Procedure]) is also applicable to samedi as a cloud service provider using the encryption technology, since this protection for persons in healthcare professions extends to service providers (like samedi), provided that they process sensitive data.
In order to show customers the date of last access when they access data and, if necessary, to be able to start re-minder and deletion procedures after a longer period of inactivity, these dates are processed by samedi. However, no corresponding user or customer profiles will be created for this; instead the customer is only shown a kind of general logbook of its past logins. This does not show and/or save what the customer did or changed specifically, but will only show in general whether it was active in the personal user account.
samedi will not pass on any personal data unless the customer has given its express consent to this, or samedi is obliged to disclose it, for example due to a legal or official order. The data saved in the user account is deleted per-manently when the contractual relationship between the customer and samedi is terminated.
samedi also uses ‘session cookies’. Session cookies are small files stored in the customer’s computer, in order to assist the session concept of the samedi® platform. A randomly-generated clear identification number is stored in the session cookie. These session cookies cannot store any other data. This therefore only involves so-called tempo-rary files which are automatically deleted when the customer ends the current samedi® session. Under no circum-stances do third parties have the opportunity to leave cookies with the users/customers via samedi’s websites.
3 Encryption of data transfer and communication
The transfer of data from the customer’s computer to samedi’s servers, and vice versa, data downloaded from samedi’s servers to the user’s/customer’s computer, is encrypted. For this, samedi uses the current encryption standard SSL (Secure Socket Layer, Version 3.0). This proven cryptographic procedure is used worldwide as stand-ard for highly sensitive transactions on the internet, for example in online banking and for sensitive internet applica-tions in the health sector. It combines a 2048 bit long public key with a random symmetrical key 256 bits in length. The padlock symbol in the browser window shows whether or not the information is protected when transmitted, and which key length is supported by the browser. The authenticity of samedi’s encryption code is confirmed by the StartSSL.com certificate. By double clicking on the padlock symbol at the top of the screen the user can find out more about the certificate.
4 Encryption of data storage
All data saved on the samedi servers is stored on encrypted hard discs (AES-256). Moreover, data which is subject to doctor-patient confidentiality obligations is first encrypted locally on the customer’s computer and only then trans-ferred to the samedi servers. A multi-stage system of symmetrical and asymmetrical encryption algorithms is used for this, so that neither samedi’s administrators and employees, nor third parties can read this data in plain text. To decode the key needed for this, the user name and password for the user account must be known. All cryptographic algorithms used comply with the Technical Guideline TR-02102 (“Cryptographic Procedures: Recommendations and Key Lengths”) of the German Federal Office for Information Security (BSI).
For secure, physical safekeeping of the user/customer data, samedi works with a large external internet provider (currently: filoo GmbH, Moltkestraße 25a, D-33330 Gütersloh). The servers provided by this provider are located in Germany. Only specially authorised persons (for example from service companies for maintenance work) have access to the secured rooms. Because of the encrypted data storage, these persons cannot access the customer data. The provider guarantees the use of modern firewall technology and physically secured equipment.
The provider’s area of responsibility only includes ensuring the availability of the infrastructure of the computer cen-tre (electricity, internet, routing), as well as the hired hardware (e.g. replacing defective components). Only samedi’s administrators have access to the server itself.
5 Right to information and right of revocation
The customer may receive information about its customer data stored by samedi free of charge and at any time, without giving any reasons (see Section 2.b). It may have the data collected by samedi blocked, changed or deleted at any time. It may also revoke the permission given to samedi to collect and use data at any time without providing any reasons for this.
Should you have any further questions, please contact us at: samedi GmbH, Hessische Str. 11, D-10115 Berlin, Tel. +49 (0)30 21230707-0, Email: firstname.lastname@example.org.
samedi regularly and consistently reviews compliance with these data protection provisions and allows an inde-pendent external company to review this (currently: legitimis GmbH). If samedi receives formal letters of complaint, it will contact the writers about their concerns in order to resolve any complaints about the use of personal data. For this, samedi undertakes to work in cooperation with the appropriate authorities, including local data protection authorities.An offer of samedi GmbH
Hessische Str. 11
Telefon: +49 (0)30 21230707-0
Fax: +49 (0)30 21230707-9
Represented by: Prof. Dr. Alexander Alscher, Katrin Keller
Commercial register number: Amtsgericht Berlin Charlottenburg/HRB: 112862 USt-IdNr: DE260137799
VAT No.: Center for Regional Tax Office III - Sales Tax Number. DE260137799