Privacy Policy
Controller for the processing of personal data
Aware Health GmbH
Zionskirchstr. 73 A
c/o Maschinenraum
10119 Berlin
Germany

Further information about our company and the persons authorized to represent it can be found in our impressum.

A few notes in advance: Legal basis of data processing
As Aware Health GmbH, we are subject to the regulations of the General Data Protection Regulation (GDPR).

The GDPR provides several legal bases with which we as "Aware" may process your personal data.

We process your personal data on the basis of the following legal bases:

– Consent (Art. 6 para. 1 lit. a) GDPR) 
– for the fulfillment of contracts (Art. 6 para. 1 lit. b) GDPR) 
– on the basis of a balancing of interests (Art. 6 para. 1 lit. f) GDPR) 
– for the fulfillment of a legal obligation (Art. 6 para. 1 lit. c) GDPR)

In order to make it easier for you to assign the data, we point out the respective legal basis in the following further notes on data processing – insofar as this is necessary and helpful.

If your personal data is processed on the basis of your consent, you have the right to revoke your consent at any time with effect for the future.

If we process data on the basis of a balance of interests, you as the data subject have the right to object to the processing of personal data, taking into account the requirements of Article 21 of the GDPR.

Data processing when visiting our website

Access data
When you visit our website, personal data is processed in order to display the content of the website on your terminal device. In order for the pages to be displayed in your browser, the IP address of your terminal device must be processed. In addition, further information about the browser of your end device is processed. We are obliged by data protection law to guarantee the confidentiality and integrity of the personal data processed with our IT systems.

For this purpose and out of this interest, the following data is logged on the basis of a balancing of interests: 

– IP address of the end device (for a maximum of 14 days)
– Operating system of the end device 
– Browser version of the end device 
– Name of the retrieved file 
– Date and time of the retrieval 
– Amount of data transferred referring URL

The IP address is deleted after 14 days from all systems used in connection with the operation of this website. We can then no longer establish a personal reference from the remaining data. The access data is also used to identify and correct errors on the website.

Cookies
Cookies are used on our website. Cookies are small pieces of text information that are stored in your terminal device via your browser. The cookies are necessary to enable certain functions of our website. We use session cookies, which are automatically deleted from your browser immediately after you have finished visiting our website. These cookies are absolutely necessary for the operation of our website. The use of cookies that are not absolutely necessary requires your consent.In these cases, you will be shown a corresponding consent form in the so-called "cookie banner" on the website. You also have the option of preventing the setting of cookies by making the appropriate settings in your browser.

However, we would like to point out that the use of our website may then only be possible to a limited extent. Cookies do not install or start any programs or other applications on your computer.

Web analysis
This website uses the web analysis tool "Google Analytics", a service offered by Google Ireland Limited. The purpose of its use is the "needs-based design" of this website, which is carried out on the basis of a balancing of interests. The web analysis also enables us to detect and correct errors on the website, e.g. due to faulty links. Google Analytics uses so-called "cookies", to which you have given your consent via the so-called "cookie banner". If you do not give your consent, no cookies will be set by Google Analytics. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Since we have activated the so-called IP anonymization on this website and concluded a corresponding order processing agreement with Google, your IP address will, however, be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. An adequate level of data protection is guaranteed by Google through the use of the so-called EU standard contractual clauses. For more information about the terms of use of Google Analytics and privacy notices, please visit: [https://policies.google.com/privacy]


Purposes of the processing of personal data
We process the aforementioned data for the operation of our website and for the fulfillment of contractual obligations to our customers or the protection of our legitimate interests. In the case of inquiries from you outside of an active customer relationship, we process the data for the purposes of contract initiation, sales and advertising. You can object to the use of your personal data for advertising purposes at any time.

Voluntary data
If you voluntarily provide us with data, e.g. in forms, and this data is not required for the fulfillment of our contractual obligations, we process this data on the assumption that the processing and use of this data is in your interest.

Recipients / Disclosure of data
Data that you have provided to us will not be disclosed to third parties, unless this is necessary for the performance of our contractual obligations or our services. In particular, your data will not be passed on to third parties for their advertising purposes. However, we do use service providers for the operation of this website or for other products or services of ours. Here it can happen that a service provider receives knowledge of personal data. We select our service providers carefully – especially with regard to data protection and data security – and take all measures required by data protection law for permissible data processing.

Service providers
We use the following service providers to offer this website and our services via the Internet and/or apps:

– Amazon Web Services, Inc. (data center Frankfurt a.M.)

We have entered into data order processing agreements with all service provider:s, incorporating the EU standard contractual clauses. We consider data processing in the respective third country (here: USA) to be permissible given the need to protect the data and the actual risk of unauthorized access to the data by third parties.

Data processing outside the European Union
Insofar as personal data is processed outside the European Union, you can see this in the previous explanations.

Data protection officer
We have appointed a data protection officer.You can reach him as follows:

Aware Health GmbH
Data Protection Officer
Zionskirchstr. 73 A
c/o Maschinenraum
10119 Berlin
Germany

E-Mail: datenschutz@aware.app​

Your rights as a data subject
You have the right to obtain information about the personal data concerning you. You can contact us for information at any time. In the case of a request for information that is not made in writing, we ask for your understanding that we may require evidence from you that proves that you are the person you claim to be.Furthermore, you have a right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law. Finally, you have a right to object to processing within the scope of the law. A right to data portability also exists within the framework of data protection law.

Deletion of data
We delete personal data in principle when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfill contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after expiry of the respective retention obligation.

Right of complaint to a supervisory authority
You have the right to complain about the processing of personal data by us to a supervisory authority for data protection.

Changes to this privacy policy
We will revise this privacy policy whenever changes are made to this website or whenever other circumstances make this necessary. You will always find the current version on this website.

Status: October 23rd, 2021