Privacy policy
iDIERS app from iDIERS GmbH
1. Introduction
1.1. Responsible party
Provider of this app and responsible party in terms of data protection regulations is:
iDIERS GmbH
Leopoldstr. 175
80804 Munich
Germany
This means that iDIERS GmbH decides on the purposes and means of processing personal data of the app users („user data“) and is in turn responsible for their security and compliance with applicable laws. As the responsible party, we are also subject to information obligations, which we would like to fulfill with this privacy policy.
1.2. Intended use
DICAM-iDIERS is a software that provides the physician with information/choices for creating an exercise plan for the prevention and relief of musculoskeletal pain based on the physician’s diagnosis.
The software is not intended to provide information that can be used to make decisions for diagnostic or therapeutic purposes, nor is it intended to control physiological processes.
iDIERS App is a software that provides patients with individualized exercise recommendations for the prevention and relief of musculoskeletal pain for autonomous home use.
The app is not intended to provide information that can be used to make decisions for diagnostic or therapeutic purposes, nor is it intended to control physiological processes.
1.3. General information
iDIERS GmbH observes the principles of data protection by design and data protection by default in the development and operation of the app. The same applies in the course of the further development of our apps and in the implementation of new legal requirements.
In general, we process your personal and -related data in accordance with the requirements of the European Union‘s Data Protection Regulation (GDPR). Under no circumstances will we use your personal data for advertising or marketing purposes or pass it on to third parties outside iDIERS GmbH without your consent.
2. Use of your data (purposes of processing)
The iDIERS App from iDIERS GmbH can generally be used without entering personal data. It only collects data for documenting and optimizing the course of therapy, such as the training units completed or not completed, any existing pain in the postural and musculoskeletal system, and physical fitness (effort level). All information is voluntary. The iDIERS app does not send any data to iDIERS GmbH.
In connection with the use of the iDIERS App, data is collected for the following purposes:
– to the intended use of the digital health app by the users
Personal data such as name or date of birth are not evaluated during processing (in the sense of Art. 4 No. 2 GDPR) in connection with the iDIERS App (so-called personal data). The processing includes:
Information through the QR code (provided by your doctor):
- Doctor ID
- Patient ID
- Voucher
- Prescription period
- Activity level
- Options
- Exercises ID
Data stored on the cell phone:
- Videos, pictures and instructions regarding the exercises
- Settings: email address, voucher expiration date, training level, etc.
- Your comments
Data stored on the iDIERS server:
- User
- Patient ID
- Email address (hash, anomysed, only for password loss)
- Password (hash, anonymized, only for password loss)
- Date account creation
- Vouchers
- Doctor ID
- VoucherCode
- VoucherFriendlyCode
- Creation date
- Activation date
- Validity period
- Voucher ID
- Trainings
- Training ID
3. Place of storage and data deletion
The data entered in the course of use is only stored and managed locally on your mobile device by the iDIERS app and thus remains in your hands. To delete all user data irretrievably, you only need to delete the iDIERS app from your mobile device.
If you delete the iDIERS app from your mobile device, your usage data will be permanently lost, as this data is not stored on the iDIERS server. However, you have the option to export the data before deleting the app.
Note: When using cloud-based backup functions of the operating system of your end device (smartphone), your data may still be available in the backup storage despite deletion of the app. Please refer to the operating instructions of the respective operating system.
You have the option of importing data from „Apple Health“ and „Google Fit“ into your iDIERS app. This imported data is also only stored locally on your mobile device.
We ensure that your personal data that is incorrect with regard ft he purposes ft he processing is deleted or corrected without delay.
3.1 Deletion concept (excerpt)
When you uninstall the iDIERS app, all user data on your mobile device will be deleted. We have no influence on the uninstallation process of the operating system. We cannot guarantee that all data, including caches and temporary files, will be deleted.
If you do not inform iDIERS of the deinstallation of the app (as a rule), all data on the iDIERS server will be deleted from the server by default after one year of inactivity.
Your aforementioned personal data will only be stored on the iDIERS server for as long as they are absolutely necessary for the provision of the promised functionalities of the digital health application or for other purposes resulting directly from legal obligations. After fulfilling these purposes – after a year without activities, i.e. without extending your exercises – the personal data on the server will be deleted.
The deletion is documented. It is clear who deleted what and when. These logs are kept for three years.
The management of iDIERS GmbH is responsible for the deletion; a review is carried out by the data protection officer of IDIERS GmbH.
Upon your request or your revocation of your consent, all data in your user account will be deleted immediately on the iDIERS server.
Before deleting the user account, you will be informed of any data that may be lost and of the right to data transfer in accordance to Article 20 of Regulation (EU) 2016/679.
4. Security of processing
The iDIERS App has been developed in accordance with current security standards and extensively tested to ensure optimal protection of your data.
We would like to point out that data transmission on the Internet (e.g., when you send exported data by e-mail) may have security vulnerabilities. We try to protect your data from unauthorized access by third parties by taking precautions such as pseudonymization, data economy, observance of deletion periods and taking into account the current state of technology. Despite these protective measures, unlawful processing by third parties cannot be completely ruled out.
It is ensured that the communication of the iDIERS App with other services is technically restricted to such an extent that no unauthorized data communication can take place from the iDIERS app via which personal data is sent.
For the data stored on the iDIERS server, we have taken security precautions that, among other things, exclude the transmission of your data to a third country.
No personal data will be disclosed to third parties via the iDIERS App or iDIERS unless this is directly necessary for the fulfillment of purposes pursuant to Section 4 (2) number 1 or the fulfillment of legal requirements and is limited to these purposes. The only parties involved in the processing of your data on the iDIERS server are:
Hardware:
Hewlett Packard (service exclusively via LOGIN)
Qnap (service exclusively via LOGIN)
Software:
Microsoft Server 2019 (no data transfer to vendor)
VMWare (no data transfer to manufacturer, support / maintenance via LOGIN. Infrastructure software, no access to operating system data).
Veeam (no data transfer to manufacturer, support / maintenance via LOGIN, no access to operating system data)
Securepoint Antivirus
Service provider:
LOGIN SystemHaus GmbH
Hetzner Online GmbH (data center)
Securepoint GmbH (status messages AV, no transmission of personal data)
5. Your rights as a data subject
Als Betroffener haben Sie gemäß den Vorgaben der Datenschutzgrundverordnung (DSGVO) verschiedene Rechte, auf die wir Sie hinweisen möchten:
As a data subject, you have various rights in accordance with the requirements of the General Data Protection Regulation (GDPR), which we would like to point out to you:
§ Right to information:
You have the right to obtain information about the personal data stored about you to the extent set out in Article 15 of Regulation (EU) 2016/679.
§ Right to erasure and rectification:
You have the right to have rectification of inaccurate personal data concerning you and to completion of incomplete personal data concerning you.
To irretrievably delete all therapy-related data, you simply need to delete the iDIERS app from your mobile device. Information on this can be found in the operating instructions for your mobile end device.
All personal data stored on the iDIERS server will be deleted immediately upon your request or processed only in a restricted manner.
We will notify all recipients to whom your personal data has been disclosed of any rectification or erasure of the personal data or restriction of processing pursuant to Article 16, Article 17(1) and Article 18 GDPR, unless this proves impossible or involves a disproportionate effort. We will inform you about these recipients if you request this.
§ Right to object:
You have the right to object at any time, on grounds relating to your particular situation, rdert processing of personal data concerning you which is carried out on the basis of Article 6(1)€ or (f) DSGVO; this also applies to profiling based on these provisions. iDIERS will no longer process the personal data unless we can demonstrate compelling legitimate groun rdert the processing which override your interests, rights and freedoms, or the processing rdert the establishment, exercise or defense of legal claims.
§ Right to data portability:
In accordance with Article 20 of the GDPR, you have the right to read your therapy data collected using the app in a structured, machine-readable form–t – for example, rdert o to continue using it with another software. Under the menu it„m „Data trans“er“, the iDIERS app offers the option of exporting all therapy data or any subset as a PDF- or JSON-file.
You also have the right to receive the personal data concerning you that is stored on the iDIERS server in a structured, common and machine-readable format, and you have the right to transfer this data to another responsible party without hindrance from iDIERS.
§ Right to complain to the supervisory authority:
We are legally obliged to inform you that you have a right of appeal to the supervisory authority.
6. Tracking
We do not use tracking tools.
7. Abrufbarkeit der Datenschutzbestimmungen
You can access this privacy policy at any time in the iDIERS app under Info > Privacy Policy.
8. Your contact persons
In our company, compliance with the legal provisions and this statement is monitored by our company data protection officer. The administrators of the app have been trained in the handling of personal data and have been obligated to comply with data protection regulations. For questions regarding data protection, you can contact our data protection officer:
iDIERS GmbH
Datenschutzbeauftragter
Leopoldstr. 175
80804 Munich
datenschutz@idiers.de
The external contact on the subject of data protection is the responsible supervisory authority:
Bavarian State Office for Data Protection Supervision
Promenade 18
91522 Ansbach
Germany
Phone: +49 (0) 981 180093-0
Fax: +49 (0) 981 180093-800
E-mail: poststelle@lda.bayern.de
Status: 02 November 2023, Version 5
Terms of use for the iDIERS app
1. Scope of application
The contract for the use of the iDIERS app and the functions offered therein comes into effect with the download or the first use of the iDIERS app.
The use of the service offer of the iDIERS app requires the download of the iDIERS app from an app store and the acceptance of the terms of use.
The right to use the iDIERS app ends automatically in the event of a breach of the terms of use or if iDIERS withdraws use at its own discretion. This can be done without giving any reasons.
2. Application instructions
The iDIERS app offers the possibility of individual medical training, which a therapist has created for the user after detailed anamnesis and measurements.
The iDIERS app allows you to keep an electronic diary to document the course of pain, any pain that occurs and the effort level for each individual training session.
The entries saved in the training diary can be exported as a PDF and thus sent to third parties and also saved locally.
The digital health application iDIERS actively supports the accessible functions under Android and iOS and can thus in principle also be used by patients with limitations (hearing, vision, motor skills).
Exclusively for reasons of better readability, the masculine form is used in texts of the app, the website and in other communication.
3. Technical requirements
Hardware compatibility iOS App: Compatible with iPhone 5S, iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone SE (1st generation), iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone XS, iPhone XS Max, iPhone XR, iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, iPhone SE (2nd. Generation), iPad Air, iPad Air WiFi + Cellular, iPad mini 2, iPad mini 2 WiFi + Cellular, iPad Air 2, iPad Air 2 WiFi + Cellular, iPad mini 3, iPad mini 3 WiFi + Cellular, iPad mini 4, iPad mini 4 WiFi + Cellular, 12.9″ iPad Pro, 12.9″ iPad Pro WiFi + Cellular, 9.7″ iPad Pro, 9.7″ iPad Pro WiFi +Cellular, iPad (5th Generation), iPad (5th Generation) WiFi + Cellular, 12.9″ iPad Pro (2nd. Generation), 12.9″ iPad Pro (2nd Generation) WiFi + Cellular, 10.5″ iPad Pro, 10.5″ iPad Pro WiFi + Cellular, iPad (6th Generation), iPad WiFi + Cellular (6th Generation), 11″ iPad Pro, 11″ iPad Pro WiFi + Cellular, 12.9″ iPad Pro (3rd Generation), 12.9″ iPad Pro (3rd Generation) WiFi + Cellular, iPad mini (5th Generation), iPad mini (5th Generation) WiFi + Cellular, iPad mini (5th Generation) WiFi + Cellular. Generation) WiFi + Cellular, iPad Air (3rd Generation), iPad Air (3rd Generation) WiFi + Cellular, iPad (7th Generation), iPad (7th Generation) WiFi +Cellular, 11″ iPad Pro (2nd Generation), 11″ iPad Pro (2nd Generation) WiFi + Cellular, 12.9″ iPad Pro (4th Generation), 12.9″ iPad Pro (4th Generation) WiFi + Cellular and iPod touch.
Software compatibility iOS App: Requires iOS 10.0 or higher
Software compatibility Android App: Android OS version 7.0 or higher
Hardware compatibility Android App: Any hardware from version 7.0 Android for mobile phones as well as tablet
In order to be able to make full use of the iDIERS offer, the user must continuously update his software. It may also be that certain activations are required (e.g. Javascript).
For the use of the iDIERS App on mobile devices, the applicable terms and conditions of Apple (iOS App Store) and Google (Google Play) shall also apply in accordance with the operating system of the device used.
4. Medical requirements
The medical prerequisite for the application is a stable general state of health.
If pain, discomfort or loss of function occurs during or after use of the app, the program should be discontinued and, if necessary – at your own discretion – a therapist should be consulted.
The basic exclusion criteria (contraindications) for the use of the Digital Health Application iDIERS are:
• Uncontrolled high blood pressure
• Heart failure
• Acute myocardial infarction
• Cardiac arrhythmias
• Acute herniated disc
• Fresh vertebral body fractures
• Pregnancy
• Severe osteoporosis
• Acute or chronic infection
• Acute dizziness/discomfort
• Surgery in the last 3 months or on the spine/extremities in the last 12 months
• Suspicion of injuries to the spine
• Spinal tumor
• Spinal infections
• Acute severe pain in the musculoskeletal system
• Reduced control over the legs
• Gait insecurities
Furthermore, physiotherapeutic exercises, like all physical activities in principle, should not be performed during acute febrile illnesses.
Side effects when using the app as intended may include temporary, mild pain due to overuse of joints, muscles or tendons.
If any other adverse effect is noticed while using iDIERS, users should email idiers@diers.de or contact their therapist.
5. Content and services
iDIERS shall provide the services within the scope of these TERMS OF USE in accordance with the current state of the art.
iDIERS continuously develops the app and the programs. New functions can be introduced and existing ones replaced by new ones or removed without replacement.
In the event of a culpable breach of statutory provisions or these TERMS OF USE by the user or a third party attributable to the user, iDIERS shall be entitled to suspend the user’s customer account.
6. Use/payment
The duration of use is limited to the activated period when using the activation code. This type of use is not automatically extended or switched to a use for which the user is liable to pay costs. After the expiry of the activated period, the user will only be informed that the entry of a new activation code or the conclusion of a paid subscription is required for further use.
When taking out a subscription as a self-payer (without activation code), the respective selected term applies as the minimum term. The subscription ends automatically at the end of the selected term.
Payment of usage fees for self-payers shall be made in advance to the respective distribution channel (e.g. iOS App Store or Google Play) and, in the case of recurring fees, in accordance with the respective agreed billing cycle.
The use with cost coverage/reimbursement of a health insurance is limited in time and automatically ends at the end of the cost coverage or reimbursement period. This use does not lead to a subscription.
7. Right of withdrawal
The user has the right to revoke his declaration of intent to conclude the contract within 14 days without giving reasons. The revocation period is 14 days from the day of the conclusion of the contract. The day of the conclusion of the contract shall be deemed to be the conclusion of a paid subscription contract.
In order to exercise the right of withdrawal, the User must inform iDIERS of his/her decision to withdraw from the declaration aimed at concluding the subscription. The revocation must be sent to the following e-mail address, indicating a domestic current account: idiers@diers.de. The wording of the revocation is free, but must show a clear intention on the part of the user.
In order to comply with the withdrawal period, it is sufficient that the notification of the exercise of the right of withdrawal is sent before the expiry of the withdrawal period.
If the User has exercised his/her right of withdrawal, iDIERS will return all payments received without delay and at the latest within fourteen days of the date on which iDIERS received notification of the withdrawal and was able to confirm the identity of the User.
8. Obligations of the users
The user bears full responsibility for the security and confidentiality of the access data entered when setting up the iDIERS account.
The user guarantees the completeness and correctness of all options and data selected by him in the app.
In the event of deliberate incorrect selection and provision of incorrect data, iDIERS reserves the right to suspend the user’s customer account and demand compensation for any damage incurred as a result.
9. Copyright, licensing and trademark rights
The design of the iDIERS app (insofar as it does not concern standard app elements) and the texts, images, graphics, layouts, sounds, animations, videos and databases contained herein are protected by copyright or are subject to other laws for the protection of intellectual property. Unless otherwise indicated, they are the property of iDIERS.
The offer of the iDIERS App shall not be construed as conferring by implication, estoppel or otherwise any licence or title to any copyright, patent, trade mark or other proprietary right of iDIERS or any third party.
Saving or archiving programs and content provided in the app outside the app is not permitted.
Passing on or offering the programs (in whole or in part) to third parties is not permitted. Any commercial reproduction of the copyright-protected content or commercial distribution to third parties is not permitted and will be pursued by iDIERS with legal action.
The user is prohibited from removing copyright notices, trademarks and other legal reservations from downloaded content.
10. Liability of the Provider
The training therapy plan in the iDIERS app is based on a biomechanical analysis and medical diagnosis by a therapist. The information or data collected within the iDIERS app, statistically evaluated and visually illustrated in the form of diagrams, cannot directly serve as a basis for therapy and does not constitute medical advice.
The physical condition of each user is different. The health of each individual depends on many specifics. The success of the programs also depends on numerous factors which iDIERS has no influence over. Consequently, no guarantee can be given for the success of the programs.
iDIERS does not assume any liability or guarantee for the intended functioning and availability of the programs. iDIERS does not owe any concrete success.
Any liability on the part of iDIERS for ensuring that the functioning and availability of the programs meet the medical needs of the user is excluded, in particular in the event that the user has provided incorrect or incomplete information about his or her person, health, current treatments or symptoms at the beginning of or during the use of the app.
iDIERS accepts no liability for damage to health suffered by users as a result of improper execution of the program content and/or as a result of recognized or undetected pre-existing conditions.
iDIERS shall not be liable for damages incurred by the user due to unavailability or technical malfunction of the programs. Any reduction of the user fee paid shall remain unaffected by this.
iDIERS excludes any liability for negligent breaches of duty. Damages resulting from injury to life, body or health as well as guarantees remain unaffected by this.
The aforementioned exclusions of liability also apply in each case to breaches of duty by iDIERS‘ vicarious agents and their legal representatives.
For all claims against iDIERS for damages or reimbursement of futile expenses, a limitation period of two years applies from the time at which the user becomes aware of the damage. Irrespective of this knowledge, claims for damages become statute-barred at the latest after three years from the time of the damaging event. This does not apply to liability in the event of intent or gross negligence or personal injury.
11. Amendment of the terms of use
iDIERS reserves the right to change the terms of use at any time and without giving reasons. The new terms of use will be displayed the next time the iDIERS app is launched.
The user has the option of objecting to the amendment of the TERMS OF USE. If the user does not object to the amendments within two weeks, they shall be deemed accepted. The period begins on the day on which the amended TERMS OF USE come into force.
In the event of a timely objection, iDIERS shall be entitled to extraordinarily terminate the usage relationship with effect from the time at which the amended TERMS OF USE come into force. Proportionate fees up to the regular end of the contract will be refunded in this case.
12. Data protection; storage
Information on the handling of personal data is documented in the data protection regulations, available in the iDIERS app under Info > Data protection regulations.
13. Data backup
It is the user’s responsibility to regularly secure data and information relevant to him or her against loss, damage and modification at a technical level appropriate to the importance of the data. In particular, iDIERS does not assume any guarantee or liability that data created by the user in the iDIERS app will be permanently preserved or backed up.
14. Jurisdiction, choice of law
The exclusive place of jurisdiction for all disputes arising from the use of the iDIERS app is Munich. The law of the Federal Republic of Germany shall apply exclusively.
15. Final provisions
Should individual clauses of the above Terms of Use be or become invalid in whole or in part, this shall not affect the validity of the remaining provisions. The omitted provision shall be replaced by a provision that comes as close as possible to it in economic terms in a legally permissible manner. The same shall apply in the event of a loophole.
Status: 02 November 2023