Skip to main content
Skip table of contents

Data Protection Declaration for the UNITY Platform including the UNITY OUTCOME App

Scope

This Data Protection Declaration applies to the UNITY platform including the UNITY OUTCOME App.

Contact information

Responsible provider in terms of the data protection law

RAYLYTIC GmbH
Gottschedstraße 4
04109 Leipzig, Germany
info@raylytic.com

Contact data of the Data protection officer

N. Spuling
RAYLYTIC GmbH, Gottschedstraße 4
04109 Leipzig, Germany
dataprotection@raylytic.com

Purpose

This Data Protection Declaration informs you about the type, scope and purpose of the collection and use of your data by the responsible provider. Compliance with the legal provisions on data protection is a matter of course for us.

Legal Basis

The processing of your data takes place on the following legal basis:

  1. In relation to data you provide in forms etc., with your consent, art. 6 paragraph (1) lit. a) GDPR

  2. With regard to services that you make use of for the execution of a contract with you, Art. 6 para. (1) lit. b) GDPR

  3. In relation to data to safeguard the legitimate interests of the data controller on the basis of Art. 6 paragraph (1) lit. f) GDPR. In this processing of your data we pursue interests that serve to improve our offer, protection against misuse, the creation of usage statistics and error correction.

Treatment of personal data

We process your personal data only to the extent necessary to provide the services requested by you, to the extent that you have consented to the processing of your data or to the extent that the provider is authorized or obliged to do so by law. For the processing of your data, we obtain your consent explicitly, e.g. by confirming a consent check box. This electronic consent is logged by the responsible provider. You can revoke your consent at any time by sending an e-mail to dataprotection@raylytic.com or withdraw it by deleting your stored data within the UNITY platform.

Transfer of data

Processing is carried out in accordance with the current state of the art for data protection and in accordance with the provisions of the GDPR. The UNITY platform and the UNITY OUTCOME App communicate with the server via encrypted connections using SSL (Secure Socket Layer), which prevents third parties from reading your data without authorization.

Firewall

The servers we use are located behind a firewall, so that they are protected in the best possible way against unwanted access.

ISO 27001 Certification

Our data center is certified according to ISO 27001, an internationally recognized standard for information security.

Capture of personal and general information

Your personal data and your health data are collected during the use of the UNITY Platform and the UNITY OUTCOME App by you providing them to us.

Other data is collected automatically by our IT systems after your consent. With each access, usage data is automatically collected by the UNITY OUTCOME App and the UNITY Platform or the server for the delivery of web pages and stored in log files, the so-called server log files. This usage data is of a general nature and does not allow any conclusions to be drawn about your person. Without this data, it would not be technically possible to deliver and display the contents of the website, to correct errors and to ensure the security of the application.

The UNITY Platform and the UNITY OUTCOME APP process health data. Access to this highly sensitive data is limited to as few authorized individuals as possible. To ensure lawful access, we collect personal data from users of the platform (e.g., physicians or persons charged with conducting clinical trials) by which these individuals can be uniquely identified:

  • Last name, first name, academic degree, company and department, job title, the (company) address, telephone numbers, email address.

  • The assignment to one or more study(s) as well as access authorization settings, language preference(s) and information for adapting the application to your language area

  • IP address of the accessing computer (this is not stored in the audit log for accesses by patients)

Among other things, the following are recorded:

  • Any file upload, data entry, deletion or correction.

  • Web page(s) or sub-pages that a user accesses.

  • Files that the user accesses, if applicable

  • App settings used (language settings, notifications).

  • Time, date and duration of use

  • Date and time of retrieval and dwell time on individual pages

  • User rating data for our app or services

  • The amount of data transferred

  • Operating system, web browser and web browser version

  • Domain name of your Internet provider

  • The so-called referrer URL (the page from which you accessed our offer).

  • If applicable, messages as to whether the retrieval of a page or information was successful

  • Hardware and/or software used (UNITY OUTCOME App version), manufacturer and model of the user device)

For statistical purposes, the above data can be anonymized. This means that the assignability of information to a person is eliminated by deleting direct references and selecting indirect references (e.g. time or date ranges) in such a way that the assignment of information to a single or a few persons is no longer possible. Data anonymized in this way helps RAYLYTIC to optimize its services and technology and is mainly analyzed automatically. RAYLYTIC reserves the right to manually check the log files retrospectively in case of suspicion of illegal use of our offer and to prosecute actions that violate our terms of use or applicable laws.

The legal basis for the temporary storage of data or log files is Art. 6 para. (1) lit. f) GDPR.

Data processing

In addition to your e-mail address and the IP address, the UNITY platform also collects data relevant to billing for the use of the UNITY platform (time of use, remuneration information, offer and order information, prices, bank details, tax features, language and currency preference, recipe number) (see also applicable terms and conditions), if necessary for the purpose of fulfilling a possible contract.

In this case your data will be processed based on your consent in accordance with Art. 6 paragraph (1) lit. a) and in the case of contract fulfillment in accordance with Art. 6 paragraph (1) lit. b) GDPR.

Further data collected by us can be related to you via your e-mail address and the IP address. Therefore, RAYLYTIC will treat your data strictly confidential. Therefore, these data are stored in a strongly encrypted form and are only accessible to authorized users or automated processing. We treat your personal data in accordance with the law. If you do not wish to provide us with the required data, RAYLYTIC will not be able to provide the described product services. In this case your data will be processed based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, § 4 para. 2 sentence 1 DiGaV.

Health information

Your health data is collected and processed by the UNITY platform with the UNITY OUTCOME App. The UNITY platform collects personal data when “creating a user account” and the UNITY OUTCOME App collects health data when using the “questionnaire function”. The collection of data is necessary to fulfill the purpose of UNITY OUTCOME App and to provide the services described. Your information is voluntary, but the UNITY platform and UNITY OUTCOME App can only function if the information provided is complete and correct.

Creating a user account

In order to use the UNITY platform and the UNITY OUTCOME App, a user account (for clinical users) must be created. The personal user account allows the user to be authenticated in the clinic (physician or assistant*in) when using the UNITY platform or the UNITY OUTCOME App on multiple end devices. When creating the user account, the entry of the personal e-mail and the assignment of a personal password are required to protect the user account. We also need your e-mail address in order to inform you about security-relevant product features. Patients receive individual log-in data from their attending physician or therapist for the duration of use of the UNIITY OUTCOME App.

Questionnaire feature

When using the questionnaire function in the UNITY OUTCOME App, you provide health-related data about your personal condition and treatment. The information you provide is voluntary and serves your optimal treatment and aftercare.

Contacting and support

RAYLYTIC itself collects personal data when you contact us, e.g. via contact form or e-mail. Which data is collected depends on your information and the contact data you have provided or released. The data will be stored for the purpose of processing your inquiry and in case of follow-up questions. In this case the processing of your data is based on your implied consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. Under no circumstances will we pass on your data to third parties without your consent. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f GDPR and, if applicable, Art. 6 para. 1 lit. b GDPR, if your request is for the conclusion of a contract. Your data will be deleted after the final processing of your inquiry, provided that this does not conflict with any statutory retention obligations. We assume that the data will be processed conclusively if it can be concluded from the circumstances that the matter in question has been finally clarified.

Duration of data retention

Unless otherwise stated, RAYLYTIC will only store personal data for as long as it is necessary to fulfill contractual or legal obligations. After this period, personal data will be deleted, unless RAYLYTIC needs the data for evidence purposes for civil law claims or due to legal obligations to retain data until the expiration of the statutory limitation period. Irrespective of the storage period, the user has the possibility to initiate the deletion of the data at any time, provided that there are no legal obligations to store the data.

Dissemination of data

We do not disseminate your data to third parties without authorization, unless

  • We are legally obliged to do so

  • You have given us your consent

  1. Your consent includes permission for sending your data to data center providers for storing and electronic processing of your data (see section Location of data storage), which is necessary to provide our services.

  2. Your consent also includes the transfer of your medical data to your treating physician or therapist (“treating physician”) as well as billing-relevant data to the insurance company. In this case RAYLYTIC GmbH will act as data processor in accordance with Art. 28 GDPR using the UNITY OUTCOME App and undertakes to comply with the legal provisions on data protection and data security.

  3. RAYLYTIC may evaluate your data in pseudonymized or anonymized form for product improvement and for compliance with regulatory or reimbursement related purposes.

Place of data storage

All your data is stored on servers of our IT service provider OVH cloud GmbH, Christophstr. 19, 50670 Cologne, Germany within the EU, which processes it on our behalf and on the legal basis of Art. 28 DSGVO. OVH cloud is obliged to comply with the legal provisions on data protection and data security. The privacy policy of OVH cloud can be found at: Personal data protection

Your rights

In the following, you will find information on the rights of data subjects that the applicable data protection law grants you vis-à-vis the person responsible for processing your personal data:

Right to information, correction, revocation, complaint, deletion and blocking.

  • You have the right to request information as to whether and which of your personal data are processed by us. You also have the right to request the correction or completion of your personal data. Art. 15 GDPR, Art. 16 GDPR

  • Under certain circumstances, you have the right to request that your personal data be deleted. Art. 17 GDPR

  • Under certain circumstances, you have the right to request that the processing of your personal data be restricted. Art. 18 GDPR

  • You can revoke your consent to the processing and use of your data in full or in part at any time with effect for the future. Art. 21 GDPR

  • You have the right to receive your personal data in a common, structured and machine-readable format. Art. 20 GDPR

  • You can also contact our data protection officer in writing with questions, comments and complaints as well as requests for information in connection with our declaration on data protection and the processing of your personal data.

  • You also have the right to complain to the competent supervisory authority if you believe that the processing of personal data concerning you is in breach of the law. Art. 77 GDPR

Exercising your rights

Right of information

You have the right to information about your data stored with us. You can view this information at any time via the platform itself.

Right of revocation and deletion of the data stored by us

If you wish to exercise your right of revocation or objection and revoke your consent to data processing by UNITY OUTCOME App, you can exercise this right by deleting your data within the platform. Your user account will be removed when your data is completely deleted. From the moment of deletion, the UNITY OUTCOME App and your data are no longer available to you. The services offered by the UNITY OUTCOME App are no longer available to you and a reference to your user account can no longer be established or tracked. This also means that any remaining, possibly already paid for, usage period expires without the possibility of crediting or reimbursement. The deletion cannot be reversed. You can download the data, e.g. before deletion, to a device of your choice.

Should the deletion contradict other legal, contractual or fiscal or commercial storage obligations or other legally anchored reasons, only the permanent blocking of your account can be carried out instead of the deletion.

Right to object to data processing

You have the right to object to the processing of your data by the UNITY platform. To do so you must delete your data from the platform.

Right to deletion and correction of individual data and restriction or processing

Data entered incorrectly by the user can be corrected in the app. The full or partial deletion of your data or a restriction of data processing is possible in accordance with Art. 17 or Art. 18 GDPR. You can delete the data yourself.

Right of data transmission

Your data stored by the UNITY OUTCOME App can be transferred to you or to third parties authorized by you in a structured, common and machine-readable format. The prerequisite for transmission to authorized third parties is technical feasibility and the existence of your explicit and special consent for this.

Complaint contacts

Data protectionData protection-related complaints can be sent directly to dataprotection@raylytic.com. You may also contact the data protection authority responsible for your location https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html . Complaints related to the UNITY OUTCOME App can be directed to support@RAYLYTIC.com.

Changes to our privacy policy

In order to ensure that our privacy policy always complies with the current legal requirements, RAYLYTIC reserves the right to make changes at any time. This also applies in the event that the data protection declaration has to be adapted due to new or revised services, for example new services. The current version can be found here or at another appropriate, easily found place in the App and on the website.

Updated on 13 Sep 2023

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close