General privacy statement on telehealth services
The following is information on the use of the Telehealth software system of the AIT Austrian Institute of Technology GmbH in accordance with Art. 13 DSGVO.
Names and contact details
The AIT Austrian Institute of Technology GmbH (Giefinggasse 2, 1210 Vienna, +43 50550-0, office(at)ait.ac.at – “AIT” for short) provides its partners with the Telehealth Software System consisting of a central data management system (DMS) and a mobile application (app) as a data protection order processor. The Telehealth software system supports so-called telehealth services. As a user, you can use it to document your personal data (i.e. information that can be assigned to you such as name, address and health data such as blood pressure, body weight, blood sugar, etc.) and make it available to your authorised health service provider for further use.
The Telehealth software system was developed by AIT Austrian Institute of Technology GmbH.
Purposes and legal basis and storage period when using a telehealth service
The purpose is to collect your health-related data. This data will only be processed with your explicit consent.
To connect the smartphone app to the central data management system (DMS), you need individual, personal access data, which you will receive from the telehealth service operator. The prerequisite is that you give your express consent to the telehealth service to process your personal data and agree to the participation and registration of a user account in the DMS. Only after successful linking is it possible to transfer your data recorded on the smartphone to the central DMS of the telehealth service, where they are stored securely and can be viewed by your health service provider after appropriate authorisation and authentication. This enables the health service provider to get an overview of your recorded data and, if necessary, to send messages to you or contact you in some other way. Without a link to the central data management system (DMS), the data entered in the smartphone app is only stored in the smartphone app and cannot be viewed by third parties.
Categories of data processed
When using the telehealth service, the following data will be processed from you in particular:
– First name, last name
– Date of birth
Furthermore, the following categories of special data are processed after your explicit and voluntary consent:
– Health data (such as:)
o blood pressure
o Body weight
o Personal well-being
o Activity data (number of steps/day, information on physical activity)
o Blood sugar including additional information on diet and medication
o Blood oxygen saturation
o Body temperature
o Information on physical symptoms by means of questionnaires
You can see in the app at any time what data is being collected from you. Beyond that, no data is collected, processed or passed on in the background by the app.
Information on cookies
The web application of the Telehealth software system partly uses so-called cookies. These are used to make the application more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies used on this system are so-called “session cookies”. They are automatically deleted at the end of your visit. Cookies do not cause any damage to your computer and do not contain viruses.
– kiolasess – session authentication – end of session
– sectoken – CSRF token – Static/1 year
– cares_patlist_module_table Selected patient list – End of session
– kcho – Selected graphics – End of session
– epro_listtype – Selected measurement list type – end of session
– filter_name_* – Selected filter in measurement list – end of session
Information on the use of location-based services
To collect medical data, such as blood pressure, body weight or body temperature, from measuring devices that support automatic data transfer via Bluetooth, they can be paired with the smartphone app.
Locating Bluetooth devices is only possible under Android 6.0 or higher if location services are activated by the operating system. The smartphone app therefore requires the use of location services and the Bluetooth function.
The smartphone app only uses this facility to establish and manage connections to Bluetooth measuring devices. Location data is neither stored nor forwarded to third parties by the smartphone app.
Personal data will only be transmitted to third parties if you have given your prior consent to this. No personal data will be transmitted to third parties without your consent.
Transfers to third countries
Personal data will only be transferred to recipients in third countries if you have given your prior consent. No personal data will be transferred to recipients in third countries without your consent.
Your personal data will be stored until you withdraw your consent or the project or study is fully completed, whichever comes first.
You have the right to request information about the personal data we hold about you. Furthermore, you have the right to have data corrected or deleted. Under the more detailed conditions of the General Data Protection Regulation, you have the right to demand the restriction of the processing of your data or its transfer. Furthermore, you have the right to object to the processing of your data. If your data is processed on the basis of your consent, you can revoke this consent at any time. The revocation does not affect the lawfulness of the processing until the time of revocation. If you believe that the processing of your data violates data protection regulations, you can lodge a complaint with the data protection authority (www.dsb.gv.at).
For more information on AIT’s protection of personal data, please visit: www.ait.ac.at/datenschutz.
Contact and data protection officer
AIT Austrian Institute of Technology GmbH
Giefinggasse 4; 1210 Vienna; Austria
office(at)ait.ac.at; +43 50550-0
Data Protection Officer:
© 2020 AIT Austrian Institute of Technology GmbH. All rights reserved.