This privacy policy provides information about the processing of your personal data in connection with our website https://www.radiology-ghostwriter.com/ and your rights as a data subject.
1. Controller and data protection officer
1.1. The controller responsible for this website is
Artificial Intelligence in Medicine UG (limited liability)
Zugspitzstr. 1, 82166 Gräfelfing, Germany
Email: contact@radiology-ghostwriter.com
Represented by: Prof. Dr. Thorsten Johnson
1.2. If you have any questions regarding the protection of your data, you can contact us by e-mail at privacy@radiology-ghostwriter.com
2. What personal data do we process and for what purposes?
2.1. Visiting the website
When you visit our website, we process so-called 'log data'. The following data is collected in this process:
• Date and time of access
• IP address of the accessing computer
• Host name of the accessing computer
• Website from which the website was accessed
• Websites accessed via the website
• User behaviour on our website (e.g. pages accessed and links clicked)
• Amount of data transferred
• Notification of whether the request was successful
• Information about the browser type and version used
• Operating system
We process the data in order to deliver the content of our website to you, to ensure the functionality of the website and the security of the information technology systems, and to prevent fraud and other misuse of the website.
We use so-called session cookies on our websites. Session cookies are only stored temporarily for the duration of your use of one of our websites. The purpose of these cookies is to identify your computer during a visit to our websites and to be able to determine the end of your visit. For technical reasons, it is necessary to allow session cookies in order to use the full functionality of our website. The session cookies are deleted as soon as you leave our websites or end your browser session.
We base the processing of the data on our legitimate interest (Art. 6 para. 1 lit. f GDPR). Our legitimate interest lies in the provision of the website and in ensuring its functionality and security.
2.2. Customer enquiries
As part of our customer support service, you have the option of contacting us by email. The data we process from you depends on how you contact us and what data you provide us with in your enquiry. As a rule, we process your name, your email address and/or your telephone number, as well as the content of your specific enquiry.
In the case of contract-related enquiries, we process your data on the basis of the contract with you (Art. 6(1)(b) GDPR). If the request is not contract-related or you are not in a direct contractual relationship with us (e.g. because you are an employee of one of our customers), we process your data on the basis of our legitimate interest (Art. 6 (1) (f) GDPR). In this case, the processing is carried out for the purpose of handling your request and improving our services.
2.3. User account and subscription
2.3.1. Registration and account use
When you create an account with us, we collect your first and last name, your email address and your password; when you log into your account, we process your email address and your password.
Your account also shows the number of reports you have purchased and already created, your invoices are stored there, as well as information about your recent activities in your user account.
We process your data in order to create your account and provide you with the options for use. We process your data on the basis of the contract with you (Art. 6 (1) (b) GDPR).
Your data is necessary for the conclusion and execution of the contract.
2.3.2. Purchase of reports
If you purchase reports, we process details of the specific purchase (e.g. number of reports, purchase price), your billing address and payment information. We process your data in order to store the number of reports activated in your account, to create the invoice and to process the payment.
We process your data on the basis of the contract with you (Art. 6 (1) (b) GDPR). Your data is required for the conclusion and execution of the contract.
2.3.3. Contract-related communication
From time to time, we will send you contract-related information, such as updates to our Terms of Use or our Privacy Policy. In doing so, we process your email address and, depending on the content of the message, information about your account and your purchases. We process your data in order to inform you about matters relevant to the contract.
We process your data on the basis of the contract with you (Art. 6(1)(b) GDPR). If you are not in a direct contractual relationship with us (e.g. because you are an employee of one of our customers), we process your data on the basis of our legitimate interest (Art. 6(1)(f) GDPR). Our legitimate interest lies in providing information about matters relevant to the contract.
2.3.4. Recommendations
You can recommend our services to other people via your account. We use the data collected in this process (e.g. number of recommendations, success of the recommendation, receipt of credit) for the purpose of implementing the recommendation function on the basis of our legitimate interest in acquiring new customers and rewarding your recommendations (Art. 6(1)(f) GDPR).
3. Who do we share your data with?
In performing our services and functions, we share your data with external service providers, some of whom operate globally (e.g. hosting service providers, other IT service providers, payment service providers).
We may disclose data to a competent law enforcement, supervisory or government authority, a court or third parties if disclosure is necessary due to applicable laws or regulations, to exercise, establish or defend our legal rights, or to protect your vital interests or those of other natural persons.
In addition, we may disclose your data to recipients for whom we have your consent to disclose.
4. Transfer of your data abroad
If we transfer data outside the EU/EEA to a third country, we will only do so if the third country has been deemed adequate by the EU Commission or if we have put in place appropriate safeguards to protect the data transfer, such as the conclusion of standard contractual clauses. We will provide you with a copy of the appropriate safeguards upon request.
5. How long do we store your data?
Your data will be deleted as soon as it is no longer required for the purpose for which it was collected. Longer storage may occur if and as long as this is necessary due to legal obligations (such as statutory retention obligations) or our legitimate interests (such as retention for the duration of warranty and limitation periods). For example, Section 147 of the German Fiscal Code (AO) in conjunction with Section 257 of the German Commercial Code (HGB) stipulates a retention period of 8 years for booking receipts and certain business documents.
6. What are your rights?
You have the following rights under data protection law:
• Right to information pursuant to Art. 15 GDPR;
• Right to rectification pursuant to Art. 16 GDPR;
• Right to erasure pursuant to Art. 17 GDPR;
• Right to restriction of processing pursuant to Art. 18 GDPR;
• Right to object pursuant to Art. 21 GDPR if the processing of your data is based on legitimate interest;
• Right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal;
• Right to lodge a complaint with a supervisory authority.