Data Privacy
We take the protection of your personal data very seriously. So we use them solely according to the DSGVO (GDPR) and other national data protection laws. This is necessary to offer a functional website, together with our contents and performances.
In principle, personal data is only processed with your explicit permission, except when such a permission cannot be obtained, due to special reasons of if the processing is lawful.
It is lawful if at least one condition of Art. 6 para. 1 GDPR is fulfilled. We delete your data as soon as the purpose to record them is not applied or a legally required deadline (usually 7 days) is exhausted. It is possible to disagree further data processing at any time. Please send us a written revocation via mail or e-mail.
Controller
Controller of the data processing for the purpose of Art. 4 GDPR is
Flying Health GmbH
Friedrichstraße 68
10117 Berlin
Fon: +49 30 22 05 60 20
Fax: +49 30 22 05 60 20
Email: info@flyinghealth.com
Managing Director: Dr. Lilia Kotchoubey
Log Files
If you enter our website, our system automatically collects data and information of your computer. This includes
IP-address of the requesting computer
date and time of the visit
name and URL of the end of file
website origin (referrer-URL)
used browser and, if applicable, your computer operating system as well as the name of your access provider.
This data is collected in the logfiles of our system. We do not connect this data with other users’ personal data. The collection of the logfiles ensures the functional capability of our website, optimizes it and makes our informational/technical systems more secure. We do not use them for marketing purposes.
These are the reasons for our legitimate interest on data processing according to art. 6 para. 1 lit. f GDPR. The collected data will be deleted as soon as their purpose is fulfilled. This is the case if the data is necessary to provide our website and their purpose is fulfilled when the session is closed. Because of the necessity of the logfiles for providing the website there is no possibility for you to revoke.
Contact form
Flying Health Incubator GmbH provides a contact form on its website for users to get into contact with us. If they do so, we collect the data from the input mask (name and e-mail address). The processing of this information is only to get into contact and therefore voluntarily. As soon as possible the data will be deleted when they are no more necessary. The conversation is closed when it is evident that the circumstances are completed. Users are able at any time to revoke their permission, send an e-mail to info@flyinghealth.com.
Application portal
On our website you will find a link to our application portal. This portal is managed by Personio (Personio GmbH, Buttermelcherstr. 16, 80469 München). Personio processes all data entered by you there on the basis of an order processing contract in compliance with Art. 28 GDPR. Details about how your data will be processed, can be found here: https://flyinghealth-jobs.personio.de/privacy-policy?language=en.
Cookies
On our website we use so-called “cookies”, text files which are stored on your terminal. Some of them – so-called session-cookies – are deleted when you close your browser. Other cookies are retained on your terminal and offer us – and others – to recognize your browser at a later use of our website (persistent cookies). Set cookies are processed individually and collect data eg as browser and porition data as well as IP addresses. Persistent cookies are deleted automatically after a prescribed time.
Cookies are used to create our website more attractive and to enable the use of certain functions. As far as we use persistent cookies for processing of personal data it is according to Art. 6 para.1 lit. f GDPR based on contract purposes or legally regarding our legitimate interest to offer a user-optimized website.
You can install your browser in a way that you are informed about setting of cookies so that you can bloc them particularly or generally exclude their acceptance in certain cases.
Use of Google Analytics
We use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre parkway, Mountain View, CA 94043, USA; further: “Google”). Google Analytics uses so-called “cookies”, text files that are recorded on the users’ computer to offer an overview on the use of the website regarding information as:
browser type /version
operating system
referrer URL (previous site used)
host name of the visiting computer (IP address)
time of server request
Usually this information is transmitted to a Google server in the USA and stored there on a website with activated IP-anonymization. That means an abbreviation of the users’ IP address from members of EU states or other contracting states. Only exceptionally the complete IP address is transmitted to Google / USA and shortened then. On behalf of the website operator Google uses this information to evaluate the users’ website, to collect website activities and to offer further services regarding use of website or internet in general towards the website operator. Google Analytics does not connect your IP address (transmitted by your browser) with other Google data. With the help of appropriate setting of the browser software user can prevent a retaining of the cookies. This often – however – implies that if so the users are not able to use all website functions to the full extent. Besides that users can avoid Google’s processing of their data via installing of the browser plug-in of the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively to the browser-add-on or within browsers of mobile equipments please click this link to avoid further compilation on this website by Google Analytics. If you deleted your cookies you have to click this link again. For further Information regarding using conditions and data protection see http://www.google.com/analytics/terms/de.html resp. https://www.google.de/intl/de/policies/. Google Analytics uses this supply also to evaluate data from AdWords and double-click-cookies statistically. If users do not agree they can deactivate it by using the notification manager (http://www.google.com/settings/ads/onweb/?hl=de).
Children
Our offer is not addressed to children under 16 years. We do not collect consciously data about people under 16 years. If we get to know that we got data about a person younger than 16 years we will not use or record them without permission of the parents or Legal guardians. In case that we however processed data from a child we will take any efforts to eliminate them from our system.
Data subjects rights
The applicable data protection law grants users as data subject to the controller comprehensive data subject rights (information and intervention rights):
Right to confirmation, Art. 15 para. 1 sentence 1 GDPR
The data subject has the right to ask the controller for a confirmation of the processing of the personal data concerned.
Right to information, Art. 15 para. 1 sentence 2 GDPR
If the personal data of the data subject are processed, they have the right to inform about this personal data and to the following information:
the processing purposes;
the categories of personal data being processed;
the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations;
if possible, the planned duration for which the personal data are stored or, if this is not possible, the
criteria for determining that duration;
the existence of a right to rectification or erasure of the personal data concerning them, or to the
restriction of processing by the controller or a right to object to such processing;
the existence of a right of appeal to a supervisory authority;
if the personal data are not collected from the data subject, all available information on the source of the
data;
the existence of automated decision-making including profiling as referred to in art. 22 para. 1 and 4 GDPR and, at least in these cases, meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject.
Right to correction and completion, Art. 16 GDPR
The data subject has the right to demand from the person responsible without delay the correction of incorrect personal data concerning him.
In consideration of the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.
Right to cancellation (right to be forgotten), Art. 17 GDPR
The data subject has the right to require the person responsible to delete personal data concerning him or her without delay, and the person responsible is obliged to delete personal data immediately, if one of the following reasons applies:
The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
The data subject withdraws the consent on which the processing referred to in Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR was based and lacks any other legal basis for the processing.
The data subject shall object to the processing in accordance with Art. 21 para. 1 GDPR and there are no legitimate grounds for processing, or the data subject shall submit, in accordance with Art. 21 para. 2 GDPR.
Objection to the processing.
The personal data were processed unlawfully.
The erasure of personal data is necessary to fulfill a legal obligation under Union or national law to which the controller is subject.
The personal data were collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.
However, the above does not apply if the processing is done for legal purposes.
Right to restriction of processing, Art. 18 GDPR
The data subject has the right to require the controller to restrict the processing if one of the following conditions is met:
the accuracy of the personal data is disputed by the data subject for a period allowing the controller to verify the accuracy of the personal data;
the processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data;
the controller no longer needs the personal data for the purposes of the processing, but the data subject requires them to assert, exercise or defend legal claims; or
the person concerned has lodged an objection to the processing referred to in Art. 21 para. 1 GDPR, pending determination of whether the legitimate grounds of the controller prevail over those of the data subject.
Therefore, if the processing has been restricted, these personal data may only be stored with the consent of the data subject or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important public interest Union or a Member State.
An affected person who has restricted processing will be notified by the controller before the restriction is lifted.
Right to Data Transferability, Art. 20 GDPR
The data subject has the right to receive personal data relating to him or her provided to a controller in a structured, common and machine – readable format and has the right to transfer that information to another person, without interference from the controller to whom personal data provided if:
the processing is based on a consent in accordance with Art. 6 para. 1 lit. a GDPR or Art.9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR; and
the processing is done using automated procedures.
In exercising their right to data portability, the data subject has the right to obtain the personal data to be transferred directly from one controller to another responsible party where technically feasible.
Right to objection, Art. 21 GDPR
The data subject has the right at any time, for reasons arising from his / her special situation, against the processing of personal data relating to him / her which, pursuant to Art. 6 para. 1 lit. e and f GDPR, to object; this also applies to profiling based on these provisions. The controller no longer processes the personal data unless he can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
Right to revoke the consent granted, Art. 7 para. 3 GDPR
The data subject has the right to withdraw their consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation. The data subject will be informed before the consent is given. The revocation of consent must be as simple as the granting of consent.
Right to appeal, Art. 77 para. 1 GDPR
Without prejudice to any other administrative or judicial remedy, any data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the habitual residence, place of work or place of alleged infringement, if the data subject considers that the processing concerns him / her personal data breaches this Regulation.