Data Protection

Our quality standards incorporate responsible processing and rigorous protection of the data you entrust to us, ensuring it is safeguarded against any unauthorised access. We place particular importance on the protection and security of your data, in compliance with data protection regulations, notably Regulation (EU) 2016/679 (GDPR).

Medical Portal

Our online portal, accessible at www.medlydoc.com, allows doctors to provide online diagnoses, therapeutic recommendations, and, if necessary, sick leave certificates for patients exhibiting symptoms of covered illnesses.

Data Controller and Data Protection Officer

The processing of data is the responsibility of:

Data Protection Officer can be contacted by email at the address above.

Controller: Medly [email protected]

Collection and Storage of Personal Data

a) When Visiting the Website

When you visit our website, certain information is automatically sent by your browser to our server and temporarily stored in log files. This information includes:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the accessed file
  • Amount of data transferred
  • Status of the download
  • Referrer URL (site from which access originated)
  • Browser used and, where applicable, the operating system of your computer and the name of your access provider

This data is processed to ensure a smooth connection setup, facilitate comfortable use of the site, assess system security and stability, and for other administrative purposes. The legal basis is Article 6(1)(f) GDPR. Under no circumstances do we use this data to draw conclusions about your identity.

b) When Using Our Medical Services

To fulfil the requested services, we collect the following data through designated input fields:

  • Telephone number
  • Email address
  • Postal address (street, house number, postcode, city, country)
  • Information on symptoms
  • Information on any risk factors
  • Type of insurance (private/statutory)
  • Health insurance card details
  • Payment details

This data is processed for the secure storage of health data, the sending of order confirmations, payment processing, and to provide the requested medical service. The legal basis is Article 6(1)(a) and Article 9(2)(a) GDPR.

Payments are exclusively processed via Stripe. If you choose Stripe, the necessary payment data is automatically transmitted to Stripe. Please refer to Stripe’s privacy policy at the following link: Stripe Privacy Policy.

Data Transfer

Your personal data is only transferred to third parties in the following cases:

  • With your explicit consent (Article 6(1)(a) and Article 9(2)(a) GDPR)
  • If disclosure is necessary to assert, exercise, or defend legal claims (Article 6(1)(f) GDPR)
  • If there is a legal obligation to disclose (Article 6(1)(c) GDPR)
  • To process contractual relationships with you (Article 6(1)(b) GDPR)

Data transmission to doctors for the execution of the requested service is encrypted. Your data may be anonymised for scientific purposes.

Cookies

We use cookies to enhance your experience on our website and to optimise our services. Cookies are small files stored on your device that do not cause harm and do not contain malware.

Types of Cookies Used:

  • Session cookies: Recognise previous visits and are deleted after the session.
  • Temporary cookies: Improve usability and are stored for a fixed period.
  • Analytical cookies: Collect statistics on site usage to optimise our services.

The legal basis for using cookies is Article 6(1)(f) GDPR.

Analytics Tools

Google Analytics

This site uses Google Analytics to analyse website usage. The data collected via cookies is anonymised and transmitted to Google’s servers. You can prevent data collection by installing a browser add-on.

Rights of Data Subjects

Under GDPR, you have the following rights:

  • Access your personal data (Article 15)
  • Rectify inaccurate data (Article 16)
  • Erase your data (Article 17)
  • Restrict processing (Article 18)
  • Data portability (Article 20)
  • Withdraw your consent (Article 7(3))
  • Object to the processing of your data (Article 21)

To exercise these rights, please contact us at [email protected].

Data Security

We implement technical and organisational security measures to protect your data from manipulation, loss, destruction, or unauthorised access. We use SSL encryption when transmitting personal data.

Changes to the Privacy Policy

This privacy policy is effective from 01.01.2025 and may be updated in line with legal developments or changes to our website offerings. You can view the latest version at any time on our website.