Privacy Policy
This Privacy Policy explains the way we process your personal data when you or your company decide to cooperate with us, when you log in to our web application via our web portal: https://app.tegusmedical.com, or in other situations described herein.
Personal data is any information relating to identified or identifiable natural person, such is, for example, your name and surname, date of birth, email or physical address, phone number, payment card number, job position etc.
In case our website or application contain links towards other websites or services, we kindly ask you to acquaint yourself with separate privacy policies of such websites or services.
Who are we?
We are Tegus Medical GmbH, a company incorporated in Germany, with registered seat at Stresemannstrasse 375, Unit 11, 22761 Hamburg, Germany (hereinafter: “We” or “Tegus”). If you have any questions regarding your personal data we process, you can contact us via email address: sarinfo@tegusmedical.com
Tegus has developed a communication-based technology (audio/video software and hardware solution) which provides remote/virtual surgical support, mutual cooperation between medical professionals and their trainings globally (hereinafter: “Service”). In order to provide our Service, we cooperate with different third party partners (for instance, tech and medical companies, hospitals, health state authorities etc.) (hereinafter: “Partners”) either directly or indirectly, and therefore process certain personal data.
We process some types of personal data as a controller, in which case we determine the manner and the purpose of such processing. On the other hand, when cooperating with our Partners as the Service provider, we may process certain personal data as processors in accordance with their instructions and on their behalf.
Categories of personal data we collect and the purpose of processing
We collect several categories of personal data, in several different situations.
If we cooperate with a Partner which is your employer, we will, in a capacity of controller, process some of your personal data if you serve as your employer’s point of contact. In this case, we process your data in order to conclude a cooperation agreement and provide the Service to your employer, i.e. our Partner. Namely, we will for this purpose collect your name, surname, business email address, phone number, as well as an emergency contact (email or phone number) of your co-worker in case you are not available.
We will use the above mentioned data only to contact you as a contact person/account manager, in relation to our cooperation agreement with our Partner, so we are able to facilitate such cooperation and charge our Partner for the provision of our Service. We will not process or use your data for any other purpose other than this.
We do not collect categories of personal data, such are information on your race, ethnicity, political opinions, religious or philosophical beliefs, union membership, nor do we collect your genetic or biometric data, data on your health status, sexual life or sexual orientation.
Our relationship with our Partners
We might process certain personal data as processor to provide Service to our Partners.
For purpose of providing the Service to our Partners who have status of data controllers, medical professionals may access the website and the platform in accordance with their relations with such Partners. In order to enable the medical professionals to access the platform, our Partners can deliver to us medical professionals’ personal data so we are able to create platform user accounts for such medical professionals. Such data may include for example: name and surname, username, initial password (to be changed after the first platform log-in), medical professional’s organization or job title. Our platform also can accommodate processing of other personal data such are use of user profile picture, specification of gender or professional statements and descriptions.
Since we act as a processor in regard to medical professionals’ user data, if you are medical professional that has access to out platform, please contact you organization if you have any questions or requests in relation to personal data processing matters .
As processors, we have concluded necessary data protection agreements with our controllers, we have implemented appropriate technical and organizational measures in order to protect personal data’s integrity and prevent data breaches, and we act only per controller’s written instructions. Given that we act as a processor in relation to the platform user data, we kindly ask you to acquaint yourselves with separate privacy policy of the controller of such data.
Purpose of processing and legal basis of processing
We collect personal data in order to provide the Service to our Partners and charge them for the Service provision.
We process the above mentioned data based on conclusion or execution of an agreement with our Partners.
If it happens that we start processing some of your personal data based on your consent, you will have the right to withdraw your consent in any moment.
Who we share your personal data with
For purpose of provision of our Services, we use third party companies or individuals. These third parties, as our processors or sub-processors, have only access to personal data necessary for the performance of mentioned tasks and are contractually obligated not to disclose it and to protect their integrity to the fullest extent in accordance with any applicable laws.
If we are required by law or in response to valid requests by a competent public authority, we also may disclose requested data to such authority.
Protecting the integrity of your data
Tegus is making sure that your data is safe. We have implemented suitable technical and organizational measures in order to protect your data from unauthorized processing and accidental loss, damage or destruction.
Tegus protects the integrity of your data by using secure and encrypted authenticated and authorized access mechanisms, strong end to end encryption mechanisms, VPN, encryption of data in transit and/or at rest, backup and DR procedures/systems, strong password polices, closed and limited access to a backend systems and firewalls.
How long we process your personal data
Data which we process in a capacity of controller (your contact data in case you serve as a point-of contact of your employer-our Partner, so we are able to conclude a cooperation agreement and provide the Service to our Partner) we keep and process during the validity of cooperation agreement with our Partner and during the legal terms within which we may submit a claim against our Partners in case damages are caused, or vice versa. After these terms expire, we will delete your data and stop with the processing.
Transfer of data outside EU
Our servers are located in the EU. Our processors and sub-processors might be located outside EU, but we make sure that such transfers are safeguarded by an appropriate legal basis (including, notably, EU Commission’s Standard Contractual Clauses or other legal grounds, as applicable). For all details please email us at: sarinfo@tegusmedical.com.
Your rights
In our capacity of data controller, we will respond to any request for fulfilment of your legal rights. You have the following rights in connection to processing of your personal data:
- You can send us information request at any time, in relation to any matter that concerns our processing or your data, such are purposes of processing, legal basis, data retention periods, identity of our processors or subprocesses, or transfer of data to third counties;
- If you wish to access your personal data or you wish us to send you a copy of your personal data we process, you can contact us with such request;
- If you believe that your personal data which we process are inaccurate or incomplete, you can contact us with a request to rectify such data;
- If you wish to restrict the processing of your personal data, i.e. wish us to delete and stop with processing, you can contact us with the suitable request and we shall respond to it in accordance with the law;
- In cases in which we process your data based on your consent, you can withdraw your consent in any time, and we will stop with such processing;
- You have the right to request to receive your personal data in structured, commonly used and machine-readable format and have the right to transmit such data to another controller without hindrance, in accordance with the law;
- If you consider this to be justified, you have the right to file an objection to the processing necessary for the purpose of achieving our legitimate interests at any time, and we will stop with such processing, if there are legal grounds for this;
- You have the right to file an objection to processing of your personal data in cases of processing for direct marketing, including profiling, in any time.
The above rights you can exercise by contacting Tegus via email: sarinfo@tegusmedical.com
Competent authority
Authority competent for data protection is Federal Commissioner for Data Protection and Freedom of Information of Federal Republic of Germany, to whom you can file a complaint in accordance with the law.
You can contact the Federal Commissioner’s office via postal address: DerBundesbeauftragten für den Datenschutz und die Informationsfreiheit - Graurheindorfer Str. 153 - 53117 Bonn, Germany. Telephone:+49 (0)228 99 77 99-0 Fax:+49 (0)228 99 77 99-5550 E-mail:poststelle@bfdi.bund.de.
Cookies
Our website and platform do not use any cookies other than essential cookies which are necessary for the basic functioning of the website. We do not use marketing type of cookies to track your behavior.
Amendments of this Privacy Policy
If we decide to amend this Privacy policy, all the amendments shall be listed herein. If such amendments are significant, we can decide to inform our registered users via email. In case that Privacy Policy amendments demand new ways of processing of your personal data for which your consent is needed, we shall additionally ask you to grant us such consent.
All Rights Reserved.