Privacy Policy


 

 

 

See Privacy Notice for California Residents further below

 

Effective: April 6, 2020

 
 

INTRODUCTION

 

Dr. Ansay AU-Schein GmbH (collectively referred to as "DrNote", "we", "us", or "our") owns and operates various publicly available websites, including without limitation, www.DrNote.com and various mobile web applications (collectively, the "Website" or "Websites"). Through these Websites we offer various online services that enable visitors to the Websites ("you" or "Visitors") to receive access to various types of healthcare information and information about our services ("Services").

 


APPLICABILITY OF THIS PRIVACY POLICY

 

This Web and Mobile Privacy Policy ("Privacy Policy") describes what information DrNote collects about Visitors on the publicly available portions of the Websites and how that information is used.

 

This Privacy Policy does not apply to information collected from Visitors ("Members") to the password/PIN protected and secure portions of our websites and mobile applications ("Secure Platforms"). These Secure Platforms allow Members to perform certain transactions (e.g. download a doctor´s note) and use our Services. All information stored and collected by DrNote or added by our Members into such Secure Platforms is identifiable, protected health information (PHI) and therefore governed by the Health Insurance Portability and Accountability Act ("HIPAA"). How DrNote uses and discloses such PHI shall be in accordance with our Notice of Privacy Practices.

 

 

AGREEMENT TO THIS PRIVACY POLICY

 

Your access and use of the Websites is subject to your agreement with this Privacy Policy and the Web and Mobile Terms and Conditions. By using the Website, you expressly agree to the terms of this Privacy Policy and consent to the collection and use of information as discussed in this Privacy Policy.

 

If you do not agree with this Privacy Policy, please do not use or access the Websites for any purpose. Please print a copy of this Privacy Policy for your records.

 

 

MODIFICATIONS TO THIS PRIVACY POLICY

 

DrNote may revise this Privacy Policy regarding the collection of information at any time. Should this Privacy Policy change materially, DrNote will give notice to you by posting a notice regarding the new policy on the Websites. The revised Privacy Policy will be effective as of its posting unless otherwise stated.

 

By accessing or using the Website after such changes are posted you agree to all such changes.

 

 

COLLECTION, USE AND DISCLOSURE OF INFORMATION


(a) When visiting our website

When you visit our website, information is automatically sent to the server of our website by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

 

IP address of the requesting computer,

Date and time of access,

Name and URL of the retrieved file,

Size of the transferred data,

Specifies whether the download was successful,

Website from which the access takes place (referrer URL),

the browser used and, if applicable, the operating system of your computer and the name of your access provider.

 

We process the above-mentioned data for the following purposes:

 

To ensure a smooth connection of the website,

Guarantee a comfortable use of our website,

Evaluation of system security and stability and

for other administrative purposes.

 

The legal basis for the data processing is Art. 6 para. 1 sentence 1 letter f DSGVO. Our legitimate interest follows from the above-mentioned purposes for data collection. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.

 

(b) When registering for our newsletter

 

If you have given your consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO, we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an e-mail address. You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can send your unsubscribe request at any time by e-mail.

 

c) When using our medical services as a patient

 

In order to carry out the service you have commissioned, we require the following data from you, which you enter in the input fields provided for this purpose:

- your telephone number

- your email address

- Your address (street, house number, postcode, city, country)

- Information about your symptoms

- Information on any risk circumstances

- Type of your insurance (private/legal)

- All the information that appears on your insurance card

- Payment details

 

We process the above-mentioned data for the following purposes:

- secure storage of health data

- Sending an order confirmation

- Sending an email with order number & a SMS code to download & decrypt the sick note

- Processing of the payment of the medical service and the service fee

 

The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. a and Art. 9 para. 2 lit. a DSGVO.

 

The payment process is carried out exclusively with the online payment service PayPal. PayPal enables online payments to be made to third parties. The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg. If you choose PayPal as your payment method, your data required for the payment process will be automatically transmitted to PayPal. This regularly involves the following data:

 

Name

Address

Company

E-mail address

Phone and mobile number

IP address

 

The data transmitted to PayPal may be transmitted by PayPal to credit reporting agencies. The purpose of this transmission is to verify identity and creditworthiness. PayPal may also pass on your data to third parties if this is necessary to fulfil contractual obligations or if the data is to be processed on behalf of PayPal. You can read PayPal's privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full/.

 

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b DSGVO. Our legitimate interest follows from the above listed purposes for data collection.

 

TRANSFER OF DATA

 

Your personal data will not be transferred to third parties for purposes other than those listed below.

 

We will only pass on your personal data to third parties if:

 

- you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a and Art. 9 para. 2 lit. a DSGVO,

- the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

- in the event that there is a legal obligation to pass on the data in accordance with Art. 6 para. 1 sentence 1 lit. c DSGVO, and

- this is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 S. 1 lit. b DSGVO.

 

The forwarding of your data to the doctor for the purpose of carrying out the commissioned service is encrypted.

 

 

CONSENT TO THE USE AND DISCLOSURE OF YOUR INFORMATION

By continuing to use the Websites, you hereby consent to the use and disclosure of your Information as set forth below:

 

    within DrNote or with our service providers such as a cloud service provider in Germany or the United States for data storage;

    with our financial, insurance, legal, accounting or other advisors that provide professional services to us;

    to respond to a subpoena, order, legal process, or government request;

    to protect, establish or exercise our legal rights or defend against legal claims;

    to investigate, detect, suppress, prevent or take action regarding illegal or prohibited activities, suspected fraud, situations involving potential threats to the reputation or physical safety of any person;

    if we are to be sold, merged, or amalgamated or substantially all of our assets are to be sold or disposed of, your personal information may be transferred to a potential purchaser if, and to the extent necessary, it is required for the purposes of deciding whether to proceed with the proposed transaction and completing it. If such a sale, merger, acquisition, or disposal is completed, we will use reasonable efforts to direct the transferee to use personal information you have provided to us in a manner that is consistent with this Privacy Policy. Following such a sale or transfer, you may contact the entity to which we transferred your personal information with any inquiries concerning the processing of that information; or as otherwise required by law.
 

DATA SECURITY

 

We use the common SSL (Secure Socket Layer) method in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

 

We also use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. In the event of the collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously improved in line with technological developments.

 

 

COOKIES

 

We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans or other malware.

 

Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we are immediately informed of your identity.

 

The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site.

 

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again to make use of our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

 

On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimising our services for you (see section 5). These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined time.

 

The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO.

 

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.

 

ANALYSIS TOOLS

 

(a) Tracking tools

 

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures used, we want to ensure that our website is designed to meet the needs of our customers and is continuously optimised. On the other hand, we use the tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified in the sense of the aforementioned regulation.

 

The respective data processing purposes and data categories can be taken from the corresponding tracking tools.

 

 

a. 1) Google Analytics

 

This website uses Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Through the IP- anonymization on this website, your IP-address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services related to the use of the website and the internet to our company. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

 

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser add-on.

 

 

SOCIAL MEDIA PLUG-INS

 

We do not use social plug-ins from social networks on our website.

 

 

a. eKomi - Widget - Customer rating

 

Our website uses a JavaScript code of the company eKomi Ltd., Markgrafenstr. 11 in 10969 Berlin. The usage is based on an order agreement according to art. 28 DSGVO. eKomi enables us to integrate customer reviews on our website. If you have activated JavaScript in your internet browser and have not deactivated the JavaScript blocker, personal data may be transmitted to eKomi. However, we do not know which data eKomi receives and how this data is used by eKomi. Further information can be obtained directly from eKomi at http://www.ekomi.de/de/datenschutz

 

 

b. Facebook Connect

 

On our website, you can log in to create a customer account or to register using the social plugin "Facebook Connect" of the social network Facebook, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook"), using the so-called single sign-on technique, if you have a Facebook profile. You can recognize the social plugins of "Facebook Connect" on our website by the blue button with the Facebook logo and the inscription "Connect with Facebook" or "Log in with Facebook" or "Sign in with Facebook".

 

If you call up a page of our website that contains such a plugin, your browser will establish a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there. These data processing operations are carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of Facebook's legitimate interest in the display of personalised advertising based on surfing behaviour.

 

By using this "Facebook Connect" button on our website, you also have the possibility to log in or register on our website using your Facebook user data. Only if you give your express consent in accordance with Art. 6 Para. 1 letter a DSGVO prior to the registration process on the basis of a corresponding note on the exchange of data with Facebook, will we receive the general and publicly accessible information stored in your profile when you use the "Facebook Connect" button from Facebook, depending on your personal data protection settings on Facebook. This information includes the user ID, name, profile picture, age and gender.

 

Please note that following changes to the Facebook Privacy Policy and Terms of Use, if you give your consent, your profile pictures, your friends' user IDs and your friends list may also be transferred if they have been marked as "public" in your Facebook privacy settings. The data transmitted by Facebook will be stored and processed by us to create a user account with the necessary data, if you have given your consent on Facebook (title, first name, last name, address data, country, email address, date of birth). Conversely, data (e.g. information on your surfing behaviour) can be transferred by us to your Facebook profile based on your consent.

 

The consent given can be revoked at any time by sending a message to the person responsible named at the beginning of this statement. Facebook Inc. with headquarters in the USA is certified for the us-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU.

 

For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights and setting options for protecting your privacy, please refer to the Facebook data protection information: http://www.facebook.com/policy.php

 

If you do not want Facebook to assign the data collected via our website directly to your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the loading of the Facebook plugins with add-ons for your browser, e.g. with "Adblock Plus" (https://adblockplus.org/de/).

 

 

c. Facebook Custom Audience

 

The website also uses the remarketing function "Custom Audiences" of Facebook Inc. ("Facebook"). This allows users of the website to be presented with interest-related advertisements ("Facebook Ads") when they visit the social network Facebook or other websites that also use the procedure. In this way, we pursue the interest in displaying advertisements that are of interest to you in order to make our website more interesting for you.

 

Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Facebook Custom Audiences, Facebook receives the information that you have called up the corresponding website of our Internet presence or clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, there is a possibility that the provider will find out and save your IP address and other identifying features.

 

The deactivation of the "Facebook Custom Audiences" function is possible for logged in users at https://www.facebook.com/settings/?tab=ads#_möglich.

 

Further information on data processing by Facebook is available at https://www.facebook.com/about/privacy.
 

YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION

 

Amendment. You have a right to request that DrNote amend or delete the Personal Information it collects from your use of the Websites if you believe it is incorrect or incomplete, and you may request an amendment or deletion for as long as the Personal Information is retained by DrNote. You must submit your request in writing to DrNote and must not provide a reason to support the requested amendment. DrNote will, under no circumstances, deny your request.

 

 

WITHDRAWAL OF CONSENT.

Subject to applicable law, you may withdraw your consent to uses and disclosures of Personal Information as outlined in this Privacy Policy. You must submit your request in writing to DrNote. Withdrawing consent does not invalidate consent to any collection, use or disclosure of Personal Information to which you consented before consent was withdrawn. If you withdraw consent, or refuse further consent, DrNote's ability to offer services to you may be limited.

 

HOW TO CONTACT US?

 

Questions or comments regarding this Policy should be submitted to the DrNote Privacy Officer by mail or electronic means as follows:


Responsible for privacy issues:

Dr. Ansay AU-Schein GmbH

DrNote Privacy Officer

Hartungstrasse 14,

20146 Hamburg
Germany

 

privacy@DrNote.com

 

 



Additional privacy policy according to European and German law:

DrNote acts in accordance with the data protection regulations, in particular Regulation (EU) 2016/679 (DSGVO), the German Federal Data Protection Act (=”Bundesdatenschutzgesetz”, “BDSG”) and the German Telemedia Act (=”Telemediengesetz “, “TMG”).


The company data protection officer of DrNote is Mr. Olaf Mangliers and can be contacted at the above address or by e-mail to datenschutz@AU-Schein.de or www.datenschutzbeauftragter-hamburg.com. 
 

 

RIGHTS OF THE AFFECTED PERSONS

 

You have the right:

- to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned duration of storage, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details thereof;

- in accordance with Art. 16 DSGVO, to demand without delay the correction of incorrect or incomplete personal data stored by us;

- pursuant to Art. 17 DSGVO to demand the deletion of your personal data stored with us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

- pursuant to Art. 18 DSGVO, to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing pursuant to Art. 21 DSGVO;

- in accordance with Art. 20 DSGVO, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party;

- in accordance with Art. 7 para. 3 DSGVO, to revoke your consent to us at any time. As a result, we may no longer continue data processing based on this consent in the future and

- to complain to a supervisory authority in accordance with Art. 77 DSGVO As a rule, you can turn to the supervisory authority of your usual place of residence or workplace or to our office.

 

 

RIGHT OF OBJECTION

 

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without indicating a special situation.

 

If you wish to exercise your right of revocation or objection, simply send an e-mail to ​info@DrNote.com.

 

 

 

 

 

PRIVACY POLICY FOR CALIFORNIA RESIDENTS

 

Effective Date: April 5, 2020

 

This Web and Mobile Privacy Policy for California Residents ("Notice") supplements and is expressly made part of the information contained in the DrNote Web and Mobile Privacy Policy and applies solely to visitors ("Visitors") on the publicly available portions of our websites ("Websites") and who reside in the State of California "You" or "Visitors"). We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (CCPA). Any terms defined in the CCPA have the same meaning when used in this Notice.

 

 

INFORMATION WE COLLECT

 

Through your use of our Website, we may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Visitor ("personal information"). The only personal information that our websites have collected from Visitors and used or disclosed for business purposes during the last twelve (12) months is no information since our service is not available at this time. After availability of our service we will collect IP Address and information that Visitors have directly provided to us through the Website such as when seeking additional information. While IP Address may be considered a personal identifier, DrNote cannot link IP Address to a particular consumer or household.

 

Personal information does not include:

 

    Publicly available information from government records.

    Deidentified or aggregated consumer information.

    Information excluded from the CCPA's scope, like:

    health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data (which means if you are a member of DrNote and you log into the secure portion of our website, this Policy does not apply to the information collected or used on the secure portals);

    personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

 

DrNote obtains the categories of personal information listed above from the following categories of sources:

 

    Directly from you. For example, from information you submit contact information on the Website.

    Indirectly from you. We collect IP Address from you in order to observe your actions on our Websites.

 

 

USE OF PERSONAL INFORMATION

 

First and foremost, DrNote does not sell and has not sold any Personal Information in the preceding twelve (12) months.

 

We may use or disclose the personal information we collect for one or more of the following business or marketing purposes:

 

    To supervise, administer and monitor the Websites.

    To measure and improve the quality, the effectiveness and the delivery of our Websites.

    Market DrNote's services to you

    To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

    To provide, support, personalize, and develop our Websites.

    To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Websites and third-party sites.

    To respond to your direct inquiries.

 

DrNote will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

 

DISCLOSURE OF PERSONAL INFORMATION

 

Your personal data will not be transferred to third parties for purposes other than those listed below.

 

We will only pass on your personal data to third parties if:

 

- you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a and Art. 9 para. 2 lit. a DSGVO,

- the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

- in the event that there is a legal obligation to pass on the data in accordance with Art. 6 para. 1 sentence 1 lit. c DSGVO, and

- this is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 S. 1 lit. b DSGVO.

 

The forwarding of your data to the doctor for the purpose of carrying out the commissioned service is encrypted.

 

YOUR RIGHTS AND CHOICES

 

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

 

 

RIGHT TO REQUEST ACCESS TO INFORMATION

 

You have the right to request that DrNote notifies you of the personal information about you that we have collected and used. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:

 

    The categories of personal information we collected about you.

    The categories of sources for the personal information we collected about you.

    Our business or commercial purpose for collecting that personal information.

    The categories of third parties with whom we shared that personal information.

    The specific pieces of personal information we collected about you

    If we disclosed your personal information for a business purpose a list disclosing:

    disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

 

 

RIGHT TO REQUEST DELETION OF INFORMATION

 

You have the right to request that DrNote deletes any of your personal information that we collected about you and retained. Once we receive your request and verify who you are, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

 

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

 

    Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.

    Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

    Debug products to identify and repair errors that impair existing intended functionality.

    Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

    Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).

    Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.

    Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

    Comply with a legal obligation.

    Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

 

 

EXERCISING YOUR RIGHTS

 

To exercise the rights listed above, please submit a request in writing to DrNote via the contact information listed in the Contact Information section.

 

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a request related to your personal information. You may also make a request on behalf of your minor child.

 

You may only make a request for access twice within a 12-month period. Your request must:

 

    Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

    Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

 

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

 

Making a request does not require you to create an account with us.

 

We will only use personal information provided in a request to verify your identity or authority to make the request.

 

 

RESPONSE TIMING AND FORMAT

 

We endeavor to respond to a request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

 

For Requests to Access, our response will only cover the 12-month period preceding the request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

 

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

NON-DISCRIMINATION

 

We will not discriminate against you for exercising any of your CCPA rights. We will not:

 

    Deny you goods or services.

    Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

    Provide you a different level or quality of goods or services.

    Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

 

 

OTHER CALIFORNIA PRIVACY RIGHTS

 

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Websites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@DrNote.com.

 

CHANGES TO OUR PRIVACY POLICY

 

DrNote reserves the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated Privacy Policy on the Websites and update the Privacy Policy's effective date. Your continued use of our Websites following the posting of changes constitutes your acceptance of such changes.

 

CONTACT INFORMATION

 

If you have any questions or comments about this Privacy Policy, the ways in which DrNote collects and uses your information described above, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

 

Dr. Ansay AU-Schein GmbH

DrNote Privacy Officer

Hartungstrasse 14,

20146 Hamburg
Germany

 

privacy@DrNote.com

Any questions?

  • Schwarz Facebook Icon
  • Schwarz Twitter Icon

© 2020 - DrNote.com