Data protection

 

The following data protection declaration applies to the use of the website [www.covidtest-mallorca.com] (hereinafter "website").

We attach great importance to data protection. The collection and processing of your personal data takes place in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). We collect and process your personal data in order to be able to offer you the above-mentioned portal. This declaration describes how and for what purpose your data is collected and used and what options you have in connection with personal data.

By using this website, you consent to the collection, use and transfer of your data in accordance with this data protection declaration.

 

The test date is booked via our ticketing service provider ticketPAY and collected, processed and stored on our behalf in accordance with the principles of the GDPR.

 

Your health data (= test result) will be saved in the test center, uncoupled from our service provider's appointment booking system. The sole purpose of the processing is the safe and fast transmission of the test result (negative / positive / no result) to the person concerned. Only the doctors involved, their laboratory staff authorized for this purpose and the test person himself have time-limited access to the test result. The data is then deleted for retrieval and securely archived in accordance with the statutory retention requirements.

In the event of a positive test, this does not affect any existing reporting obligation to the local health department by the operator of the test center, which is based on the legal obligation according to Art. 6 Paragraph 1 (c) GDPR.

 

We use the Zendesk CRM system to process user inquiries. The provider is Zendesk, Inc., 1019 Market Street in San Francisco, CA 94103 USA.

We use Zendesk to process your inquiries quickly and efficiently. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit.f GDPR.

We have signed a data processing agreement (DPA) with Zendesk. This ensures that Zendesk only uses the user data within the framework of EU data protection standards to process requests and does not pass them on to third parties.

You can only send inquiries by specifying your email address and without specifying your name. The messages sent to us remain with us until you ask us to delete them or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - especially retention periods - remain unaffected.

Zendesk has Binding Corporate Rules (BCR) approved by the Irish Data Protection Agency. These are binding internal company regulations that legitimize internal company data transfer to third countries outside the EU and the EEA.

You can find details here: https://www.zendesk.de/blog/update-privacy-shield-invalidation-european-court-justice/

If you do not agree to our processing of your request via Zendesk, you can alternatively communicate with us by email or telephone. Further information can be found in Zendesk's data protection declaration: https://www.zendesk.de/company/customers-partners/privacy-policy/.

 

 

1. Name and contact details of the person responsible for processing

 

The responsible body for the collection, processing and use of your personal data within the meaning of the GDPR is:

CoronaCare SL
Carer Patronage 30
07006 Palma de Mallorca

Email: nfi@covid-testzentrum.de

 

2. Collection and storage of personal data as well as the type and purpose of their use

 

a) When visiting the website

When you visit our website www.covidtest-mallorca.com, the browser used on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until it is automatically deleted:

  • IP address of the requesting computer,

  • Date and time of access,

  • Name and URL of the file called up,

  • Website from which access is made (referrer URL),

  • Browser used and, if applicable, the operating system of your computer and the name of your access provider.

 

The data mentioned will be processed by us for the following purposes:

  • Ensuring a smooth connection to the website,

  • Ensuring comfortable use of our website,

  • Evaluation of system security and stability as well as

  • for further administrative purposes

 

The legal basis for data processing is Art. 6 Para. 1 S. 1 lit.f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

In addition, we use cookies and analysis services when you visit our website. You will find more detailed explanations under Sections 4 and 5 of this data protection declaration.

b) When using our contact form

To create an offer, we offer you the option of contacting us using a form provided on the website and providing us with the information required there. This includes your surname, your first name, your telephone number and your e-mail address, details and your event. You can find information on how to delete this data under item 8.

The data processing for the purpose of establishing contact takes place in accordance with Art. 6 Paragraph 1 Sentence 1 lit.

The personal data collected by us for the use of the contact form will be deleted in the event of an order on our part after the statutory retention periods have expired, otherwise immediately after the rejection of your request.

c) For email contact

If you contact us by email, we will save your details to process the request and in the event that follow-up questions arise. We only store and use other personal data if you consent to this or if this is legally permissible without special consent.

 

3. Transfer of data

 

A transfer of your personal data to third parties for purposes other than those listed below does not take place.

We only pass on your personal data to third parties if:

  • You have given your express consent in accordance with Art. 6 Para. 1 S. 1 lit.

  • the transfer according to Art. 6 Para. 1 S. 1 lit.f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,

  • in the event that there is a legal obligation for disclosure in accordance with Art. 6 Paragraph 1 Clause 1 lit.

  • this is legally permissible and required according to Art. 6 Para. 1 S. 1 lit. b GDPR for the processing of contractual relationships with you.

 

4. Cookies

 

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain any viruses, Trojans or other malware.

Information is stored in the cookie that results in connection with the specific device used. However, this does not mean that we are immediately aware of your identity.

The use of cookies serves on the one hand to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already visited us and what inputs and settings you have made so that you do not have to re-enter them.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for you in order to optimize our offer (see section 5). These cookies enable us to automatically recognize when you visit our site again that you have already visited us. These cookies are automatically deleted after a defined period of time.

The data processed by cookies are required for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit.f GDPR.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, if you completely deactivate cookies, you may not be able to use all the functions of our website.

 

5. Analysis tools (tracking tools)

 

The tracking measures listed below and used by us are carried out on the basis of Art. 6 Para. 1 S. 1 lit. With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use tracking measures to statistically record the use of our website and to evaluate it for you in order to optimize our offer. These interests are to be regarded as legitimate within the meaning of the aforementioned regulation.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

a) Google Analytics

We use Google Analytics, a web analysis service from Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymised usage profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this website such as

  • Browser type / version,

  • operating system used,

  • Referrer URL (the previously visited page),

  • Host name of the accessing computer (IP address),

  • Time of the server request,

 

are transmitted to and stored by Google on servers in the United States. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and internet usage for the purposes of market research and needs-based design of this website. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking).

You can prevent the installation of cookies by setting the browser software accordingly; however, we would like to point out that in this case not all functions of this website can be used to their full extent.

You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https: //tools.google.com/dlpage/gaoptout?hl=de) .

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie will be set which prevents the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de) .

b) Google Adwords Conversion Tracking

We also use Google Conversion Tracking to statistically record the use of our website and to evaluate it for the purpose of optimizing our website. Google Adwords will set a cookie (see section 4) on your computer if you have reached our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages on the Adwords customer's website and the cookie has not yet expired, Google and the customer can see that the user clicked on the ad and was redirected to this page.

Every Adwords customer receives a different cookie. Cookies cannot therefore be tracked via the websites of Adwords customers. The information obtained using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. The Adwords customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.

If you do not want to take part in the tracking process, you can also refuse the setting of a cookie required for this - for example via a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser so that cookies from the domain “ www.googleadservices.com ” are blocked. You can find Google's data protection information on conversion tracking here (https://services.google.com/sitestats/de.html) .

 

6. Rights of data subjects

 

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to lodge a complaint, the origin of your data, if we have not collected it, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information on their details;

  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;

  • to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;

  • In accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if you dispute the correctness of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert or exercise it or you need to defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;

  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another person responsible;

  • to revoke your consent given to us at any time in accordance with Art. 7 Para. 3 GDPR. As a result, we are no longer allowed to continue the data processing based on this consent in the future and

  • to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our office.

 

7. Right to Object

 

If your personal data are processed on the basis of legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit.f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for doing so which arise from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.

You have the right not to be subject to a decision based solely on automated processing - including profiling - which has legal effects on you or which significantly affects you in a similar manner.

You have the right to withdraw your consent to the processing of personal data at any time.

If you would like to exercise your right of revocation or objection, an email to info@medicare-logistic.de is sufficient .

 

8. Right to complain to a supervisory authority

 

You have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged violation, if you are of the opinion that the processing of your personal data is unlawful.

 

9. Data security

 

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

 

10. Topicality and changes to this data protection declaration

 

This data protection declaration is currently valid and was last updated in April 2020.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may be necessary to change this data protection declaration. You can call up and print out the current data protection declaration at any time on the website www.covidtest-mallorca.com under the menu item Data protection declaration.

 

Photo credits: www.123rf.com, www.shutterstock.com, www.stock.adobe.com/de/ and www.wix.com

Please note: This text was translated to English by Google Translate.