Print [Print]

PRIVACY STATEMENT
Trignostics GmbH

valid from August 2023


1.    General

 

Trignostics GmbH, Traungasse 14-16, 1030 Vienna, e-mail: service@trignostics.com ("Trignostics GmbH", "we", "us") takes the protection of personal data very seriously. Thus, compliance with the provisions of the Data Protection Act is a matter of course for us. Since the trust and satisfaction of our patients and customers are the highest good, personal data is collected only to the extent necessary.
We will inform you about the data we collect and store as well as your rights as a data subject. To this end, we have taken technical and organizational measures to ensure that the regulations on data protection are observed both by us and by external third parties as our service providers.

The following statement provides you with an overview of how we ensure this protection and what type of personal data is collected for what purpose.

You are welcome to contact our data protection officer at datenschutz[ät]trimedicum.com.

 

2.    What is personal data?

Personal data is information about your identity, such as your name, address, telephone number, e-mail address and social security number, and, as a specially protected category, your health data.

3.    What personal data do we collect from you and for what purpose?

3.1.    Website and Webshop

3.1.1.    Orders via the webshop


For the purpose of contract processing, we will store the information provided in the webshop (address, telephone number, e-mail address, payment data) and the selected goods of the orderer. The data provided by you is necessary for the fulfillment of the contract or for the implementation of pre-contractual measures. Without this data we cannot conclude the contract with you. As a matter of principle, no data is transmitted to third parties, with the exception of the transmission of the address to the shipping company commissioned by us for the delivery of the goods, to selected laboratories for the evaluation of tests, to payment service providers for the processing of payments and to our tax advisor for the fulfillment of our tax obligations. However, for reasons of our obligations under tax and company law to retain data, we generally store your personal data provided in connection with orders for seven years after fulfillment of the contract.

3.1.2.    Newsletter

Provided that you have given us your consent, we will use the newsletter to inform you of news about our current offers as well as the medical services, events and updates of the Trimedicum group, consists of Trignostics GmbH, Trinicum GmbH and the Trinicum Lab GmbH. Responsible for this data processing are exclusively the Trinicum GmbH, Trignostics GmbH and the Trimedicum GmbH. If you would like to receive the newsletter, we require your full name, your gender, academic title and an e-mail address. Further data will not be collected. This data is only used for sending the newsletter and will not be passed on to third parties. When you register for the newsletter, we store your IP address and the date of registration. This storage serves solely as evidence in the event that a third party misuses an e-mail address and registers to receive the newsletter without the knowledge of the authorized person(s). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time free of charge, without giving reasons and with effect for the future. The revocation can be done, for example, quickly via a link in the newsletters themselves or by notifying our team, such as at datenschutz[ät]trimedicum.com. We store your personal data until your revocation, but not longer than three years from the last contact with us.

3.1.3.    Cookies

Cookies are small files that make it possible to store specific, device-related information on the user`s access device (PC, smartphone, etc.). On the one hand, they serve the user-friendliness of websites and thus the users (e.g. storage of login data or contents of shopping baskets). On the other hand, they are used to collect statistical data on website usage in order to be able to analyze it for the purpose of improving the offer. We only use the latter if you have given us your consent to do so. You can also revoke your consent at any time, free of charge, without giving reasons and with effect for the future.

The analysis software "Matomo" is used on this website. We host "Matomo" ourselves on a server in the EU. The last characters of your IP address are stored anonymously, and tracking cookies for counting returning visitors are not set without consent.

Opt-Out link for Matomo
On the one hand, you can revoke your decision to consent made in the cookie banner at any time by calling the cookie settings [/php/block-analytics.php]. In addition, a complete deactivation of the analysis software is also possible in another way: click on this link to completely prevent the collection by the analysis software "Matomo" still within this website in the future. In this case, an opt-out cookie will be placed on your device. If you delete your cookies, you must click this link again.

3.1.4.    Integration of third-party services and content

It may happen that third-party content as well as RSS feeds or graphics from other websites are integrated within this online offer. This always requires that the providers of this content (hereinafter referred to as "third-party providers") are aware of the IP address of the user, because without the IP address they would not be able to send the content to the browser of the respective user. The IP address is thus necessary for the display of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. Insofar as this is known to us, we inform the users about it. The processing is carried out for the presentation of our online offer, is therefore technically necessary and based on our legitimate interests or for the fulfillment of contracts.

3.1.5.    Social-Media-Plugins (Facebook, Instagram, LinkedIn, YouTube)

It can happen that social media plugins are integrated within this online offer. For data protection reasons, we use the 2-click solution. In other words, only when you click on the corresponding icon will the social media plug-ins from third-party servers be loaded and data such as your IP address or browser configuration transferred or third-party cookies saved on your computer or smartphone. To the best of our knowledge, in this case the social networks receive information about which of our websites you have currently and previously accessed. The plugins set a cookie with a unique identifier each time the website concerned is accessed. This enables the social network to create a profile of your usage behavior. It cannot be ruled out that such a profile can also be assigned to you in the event that you later register for the first time with the social network. Therefore, a data transfer to the social media operator does not take place without their prior consent. We store the data for a period of 6 months.
 

3.2.    City Test Center

3.2.1.    Contacting and making appointments

When the patient actively contacts Trignostics GmbH (e.g. by e-mail, via website form or by telephone), his/her data and information (name, e-mail address or telephone number) are processed for the purpose of processing the inquiry and making an appointment as well as for appointment reminders. The legal basis is their express consent pursuant to Art 6 para 1 lit a DSGVO.

3.2.2.    Evaluations of the SARS-CoV-2 infection status

Trignostics GmbH processes the identification number assigned to you as well as saliva samples in connection with the evaluation of your SARS-CoV-2 infection status. The sample material will be evaluated in Trinicum Lab GmbH or in a partner laboratory by medical professionals or under their responsibility using recognized state-of-the-art laboratory methods. The legal basis for the processing is your express consent pursuant to Art 9 para 2 lit a DSGVO.

If you choose the shipping method "Let sample pick up", your master and contact data will be forwarded to the named logistics service provider, who will further process these data on their own responsibility.

 

3.2.3.    Contacting for evaluations of the SARS-CoV-2 infection status

Trignostics GmbH processes your name, address, date of birth, e-mail address, cell phone number, social security number and your Covid-19 infection status in order to inform you about Covid-19 testing evaluations. The legal basis is your explicit consent according to Art 9 para 2 lit a DSGVO.

We send test results as SMS or e-mail. If you would like to be notified by postal service instead, please inform us at service[ät]trignostics.com. Please note that this will take a few days longer than the regular notification via SMS/email.

Based on your consent, we will store your data for a period of ten years. The consent is voluntary. You can therefore revoke your consent at any time, free of charge and with effect for the future, without giving any reasons. Please note, however, that the revocation results in the fact that the result of the testing can no longer be communicated to you by us.

 

3.3.    Operational test lanes

Trinicum diagnostics processes your name, address, date of birth, email address, cell phone number, social security number as well as the identification number assigned to you, your saliva samples and your Covid-19 infection status for the purpose of recording, evaluating and communicating Covid-19 testing. The legal basis is your explicit consent according to Art 9 para 2 lit a DSGVO.

Trinicum also has its own laboratory for the evaluation of the samples. Trinicum may also transfer your data for the purpose of Covid-19 testing to an available laboratory or a laboratory assigned to your region, which will further process the data under its own responsibility. The sample material will be evaluated in Trinicum`s laboratory or in a partner laboratory by medical professionals or under their responsibility using recognized state-of-the-art laboratory methods.  The legal basis for the processing is your express consent pursuant to Art 9 para 2 lit a DSGVO.

In case of a positive status, the laboratory is legally obliged to report the infection to the competent health authority. The legal basis for this is Art 9 para 2 lit i DSGVO in conjunction with the current version of the EpidemieG. In addition, we will contact you by telephone.

We send test results as SMS/email. If you would like to be notified by postal service instead, please inform us at diagnostics@trinicum.com. Please note that this will take a few days longer than the regular notification by SMS/email.

Based on your consent, we will store your data for a period of one year. The consent is voluntary. You can therefore revoke your consent at any time, free of charge and with effect for the future, without giving any reasons. Please note, however, that the revocation results in the fact that the result of the testing can no longer be communicated to you by us.
 

3.4.    Costumer data management

In addition, we process your non-sensitive customer data - i.e. no health data - in our CRM database. The legal basis for this is our legitimate interests pursuant to Art 6 para 1 lit f DSGVO in efficient customer care and management. We are jointly responsible with Trinicum GmbH and Trimedicum GmbH for the processing of data within the framework of the CRM database and the sending of the newsletter (see point 3.1.2.) on the basis of your prior consent to this. Accordingly, we have concluded an agreement with Trinicum GmbH and Trimedicum GmbH pursuant to Art 26 DSGVO ("Joint Controller Agreement"), which regulates the distribution of tasks and duties under data protection law. You have the right to assert your claims against any controller regardless of the Joint Controller Agreement. Trimedicum GmbH is responsible as the single point of contact for the exercise of data subject rights and assumes direct cooperation and communication with the supervisory authority.

You can reach the data protection officer of Trimedicum GmbH at datenschutz[ät]trimedicum.com.

 

3.5.    Social media presences

We maintain online presences within social networks and process user data in this context in order to communicate with users active there or to offer information about us.
Trignostics GmbH has the following social media presences:


If you contact us by e-mail, telephone, post or via the message function of the social media platform, your voluntarily provided personal data (title, name, company, e-mail, telephone number), your user details (user name, IP address) and the content of your request will be stored by us for the purpose of processing it and in case of follow-up questions. We use this information in accordance with Art 6 para 1 lit f DSGVO to quickly complete and answer your request. We store this data for a maximum of six months after processing your request.

On Facebook, LinkedIn and YouTube, subscribers and other users can mark our posts with "like", comment on them, share them and save them. This provides the basis for communication to give customers and interested parties an insight into Trignostics GmbH through visual storytelling. We store the personal data voluntarily provided on our company pages (e.g. name, comment and other content, etc.) on the basis of legitimate interests on your part in expressing your personal opinion pursuant to Art. 6 (1) lit. f DSGVO, as long as you do not remove the "like" indication or delete the comment or it is lawfully deleted by the platform operator within the framework of the terms of use (e.g. in cases of abuse).

When you surf, register and interact on social media platforms such as Facebook (e.g. via any social plug-ins), the social media operators often also process your personal data for statistical and analysis purposes. We are jointly responsible with the social media operators, in this case Facebook Ireland Ltd, for the collection (but not the further processing) of your data on our Facebook page (so-called "Fanpage") iSd Art 26 DSGVO. We process this data on the basis of our legitimate interests pursuant to Art 6 para 1 lit f DSGVO. The data processed includes information about the types of content you view or interact with, or the actions you take, as well as information about the devices you use (e.g. IP addresses, operating system, browser type, language settings, cookie data). Facebook also collects and uses information to provide analytics services, called "Page Insights," to Page operators to provide them with insights about how people interact with their Pages and with content associated with them. We have entered into an agreement with Facebook which regulates in particular which security measures Facebook must observe and in which Facebook has agreed to fulfill the rights of data subjects (i.e. you can, for example, send information or deletion requests directly to Facebook). Your rights (in particular to information, deletion, objection and complaint to the competent supervisory authority), are not restricted by the agreements with Facebook. Further information can be found in the "Information on Page Insights".

We would like to point out that the social media platform operators on whose channels we operate a company page also receive your personal data. Your data may therefore also be processed outside the area of the European Union. This may result in risks for you because, for example, it could make it more difficult to enforce the rights of users.

Since you are a registered user of the aforementioned social media platforms, all other data processing (e.g. comment, like, share functions) is governed by the corresponding data protection notices of the relevant providers. For a detailed presentation of the respective forms of processing and the options to object (opt-out), we therefore refer you to the privacy statements and information provided by the operators of the respective networks:

4.    Security of your personal data

personal information you provide on our servers is kept in a controlled, secure environment, protected from unauthorized access, use or disclosure. The server locations of our IT service providers are in the EU (Austria and Germany).

5.    Use and disclosure of data

Trignostics GmbH will of course treat your data confidentially. In principle, we therefore do not make your data available to third parties unless you have given your express consent to do so. Insofar as we are obliged to do so by law or by court order, we will pass on your data to state institutions and authorities entitled to receive information. In addition, we also transfer your personal data to external vicarious agents or service providers to the extent necessary:

If personal data is transferred to recipients in third countries outside the EU and there is no adequacy decision by the EU Commission for the third country in question in accordance with Art. 45 DSGVO, the transfer will take place on a case-by-case basis subject to appropriate safeguards in accordance with Art. 46 DSGVO or, if applicable, by consent for specific purposes.

6.    Your data subject rights

You have the right to rectification and deletion, restriction of the processing of data as well as a right to data portability, objection and a right of appeal to the data protection authority (www.dsb.gv.at). You can also revoke your consent at any time with effect for the future (for example, by e-mail to datenschutz[ät]trimedicum.com)
For questions about this processing, exercising your rights or questions about data protection at Trignostics GmbH, please contact datenschutz[ät]trimedicum.com.

 

7.    Further information

Since your satisfaction and trust are important to us, you can contact us at any time if you have questions regarding the processing of your personal data or if you would like more detailed information on individual points of this data protection declaration. In this regard, please contact our team at datenschutz[ät]trimedicum.com.


8.    Changes to this privacy statement

Trignostics GmbH will change this privacy statement frome time to time to reflect new processes in compliance with applicable data protection laws. We therefore ask you to regularly inform yourself about the data processing procedures. 

In the event of any inconsistency between the German version and the English version the German version shall prevail.

 

Print [Print]