We undertake to treat the information provided by you at all times with the greatest care, the greatest sense of responsibility and in compliance with the applicable data protection regulations.
Responsible person within the meaning of the General Data Protection Regulation and other applicable data protection laws and regulations is:
The state of Delaware is located at 16192 Coastal Highway, Lewes, Delaware 19958, County of Susses.
If you have any questions regarding the processing of your personal data or would like to exercise your rights in terms of the General Data Protection Regulation, please contact us.
You have the following rights in relation to us regarding personal data relating to you:
You also have the right to lodge a complaint about our processing of your personal data. To exercise your rights regarding the personal data concerning you, please contact us using [Insert e-mail address].
Storage and use of personal data when using the Signs app
Data collection on user behaviour when using the app for the first time
An abbreviated IP address is created for anonymisation, which is carried out automatically immediately after transmission to TheSignsCO, L.L.C., so that it is no longer possible to draw conclusions about your person. The full IP address transmitted to us is deleted during this process. This process takes place immediately after receipt of the data on the TheSignsCO, L.L.C. server (usually within one second). The shortened IP address is used to determine an approximate location ("IP geolocation", maximum first 3 digits of the postcode). This usually happens within a few seconds, in exceptional cases within a maximum of one hour. Afterwards, the shortened IP address is also automatically deleted.
When you use the Signs app on your end device, the data you enter is stored on our servers in encrypted form.
When you set up the Signs app, the data inserted is transferred to the TheSignsCO, L.L.C.. Depending on the scope of the data you insert, these may include, but are not limited to:
Data transmission to/from used services
Your IP address is transmitted with every active internet connection. Without this, data transmission is technically not possible.
Data collection in the Google Play Store or Apple App Store
When you download the app, the required information is transferred to the Play Store or App Store, i.e. in particular the user name, e-mail address and customer number of your store account, the time of the download, payment information and the individual device identification number.
We have no influence on this data collection and are not responsible for it. For more information on this data transfer, please contact your store provider directly.
TheSignsCO, L.L.C. does not receive any information about your App Store or Google Play account, nor does it receive any payment data.
Use of the available health care providers function
When you perform a search on available health care providers, the following data is transmitted:
Data transmission to TheSignsCo, L.L.C
After onboarding, the Signs app sends its technical data, data on user behaviour and the user's data concerned to the TheSignsCO, L.L.C. servers for each user action. This is always done in encrypted form and only in accordance with your express consent. The purpose of this transmission is the anonymisation of the transmitted data as described below. Only after this anonymisation will the data be used for analyses.
If you use the Signs app via a push-enabled device, you can consent to the "push notification" option. This allows us to send you notifications as needed: e.g. information about updates, useful tips. For secure assignment of the messages to your end device, only a unique connection number randomly generated from your device ID (so-called push token) is transmitted to TheSignsCO, L.L.C.. The identity of the end device and the user is therefore not known to us.
Data transmission in the context of contact requests
In the context of contact enquiries via the app, you transmit the following to us
Without this data, a contact request in the Signs app and the processing of your request is not possible. We use the data to process your query and thus answer your questions and solve your problems. If you contact us by e-mail or telephone, we will only receive the data that you transmit to us.
Release of data to third parties
The user has the possibility to share the health care providers’ details by active release. The responsibility for sharing and allowing access to the data lies solely with the user.
If you us our services to contact our selected health care providers directly,we will process your personal data exclusively for the purpose of connecting you to the relevant service provider. The legal basis for this is Art. 6 Para. 1 b) GDPR, in order to fulfil the corresponding contract or on the basis of Art. 6 Para. 1 f) GDPR in the legitimate interest of answering to answer questions addressed to us. We delete this data when we no longer legal obligation or when it is no longer required for the assertion, exercise or defence of claims, assertion, exercise or defence of legal claims within the framework of the regular data retention requirements.
Deletion of data
Disclosure and transmission of data
If, in the course of our processing, we disclose data to other persons and companies (order processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) (b) GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents). e.g. when using agents, hosting providers, tax, business and legal advisors, customer care, accounting, billing and similar services that allow us to efficiently and effectively fulfil our contractual obligations, administrative tasks and duties).If we commission third parties to process data on the basis of a so-called "processing agreement", this is done on the basis of Art. 28 GDPR.
We may transfer (assign) our obligations and rights under this policy to a third party (this may happen, for example, if we sell our business). If this occurs you will be informed by us in writing. Your rights under this policy will not be affected and our obligations under this policy will be transferred to the third party who will remain bound by them.
We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons;
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, input, disclosure, ensuring availability and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, deletion of data and response to data compromise.
Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).
The security measures include in particular the encrypted transmission of data between your device and our server.
Relevant legal basis
Your rights as a data subject
Withdrawal of your consent - As a data subject, you have the right to withdraw your consent once given to TheSignsCO, L.L.C. at any time in accordance with Art. 7 (3) of the GDPR. This means that we may no longer process your personal data. After revocation of consent, processing that was lawful in the past remains lawful.
Objection - Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, if there are reasons for doing so which arise from your particular situation. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is shown in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done.
In the event of your justified objection, we will review the merits of the case and either cease processing the data, amend it or show you our compelling legitimate grounds for continuing to process it.
You can lodge your objection by post or by sending a simple e-mail. Of course, you can also object to the processing of your personal data for the purposes of advertising and data analysis at any time. We will also inform you of how you can object at the time of use.
Information - In accordance with Art. 15 of the GDPR, you can obtain information about your personal data processed by TheSignsCo free of charge upon request. The information will inform you about:
Correction - In accordance with Article 16 of the GDPR, you can request correction if we store your personal data incorrectly or incompletely.
Erasure - Pursuant to Art. 17 GDPR, you may request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the assertion, exercise or defence of legal claims.
Restriction - Pursuant to Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 GDPR.
Data portability - In accordance with Art. 20 GDPR, you will receive your personal data that you have provided to us in a structured, common and machine-readable format. You may request their transfer to another controller, provided that this is technically possible for us.
Complaint - You are entitled to complain to a supervisory authority under Article 77 of the GDPR if you consider that the processing of your personal data infringes the GDPR. As a rule, you can contact the supervisory authority at your usual place of residence, place of work or the place of an alleged breach.
In order to run our business economically, to identify market trends, customer and user wishes, we analyse the data available to us on business transactions, contracts, enquiries, etc. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of the above stated regulations, whereby the persons concerned include customers, interested parties, business partners, visitors and users of the online offer. The analyses are carried out for the purposes of business management evaluations, marketing and market research.
In doing so, we may take into account the profiles of registered users with details, for example, of their purchasing transactions. The analyses serve us to increase user-friendliness, to optimise our offer and business efficiency and are not disclosed externally, unless they are anonymous analyses with summarised values.
If these analyses or profiles are personal, they will be deleted or made anonymous upon termination by the user, otherwise after two years from conclusion of the contract. In all other respects, the macroeconomic analyses and general trend determinations are prepared anonymously wherever possible.
From time to time we may use the personal information we collect from you to identify particular products offers which we believe may be of interest to you. We may contact you to let you know about these products and services and how they may benefit you.
You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or relationship with us.
Direct Marketing from generally takes the form of e-mail but may also include other less traditional or emerging channels. Every directly addressed marketing form sent or made by us or on our behalf should include a means by which customers may unsubscribe (or opt out) of receiving similar marketing in the future. You can ask us to remove or amend any previous consent you provided by contacting us.
Queries and Complaints
Any comments or queries on this policy should be directed to us using the following contact details.
The state of Delaware is located at 16192 Coastal Highway, Lewes, Delaware 19958, County of Susses.