Privacy Policy Dashboard

Choose your language:

BR | CS | DE | EN | ES | FR | IT | PT | TR

S4DX GmbH attributes key importance to privacy protection and observes the statutory data protection regulations. In the following, we explain how personal data is handled in our standard procedures.

I. Who is responsible?

Responsible for data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
S4DX GmbH
Rupert-Mayer-Str.44
D-81379 Munich
www.smart4diagnostics.com
contact@s4dx.com
Office: +49 (0) 89 724 018 40

As Data Protection Officer, we have appointed:
Data Protection Officer of IITR Datenschutz GmbH
Phone:  +49 (0) 89 724 018 40
E-mail:  Datenschutz@s4dx.com

II. What processing activities are carried out?

Personal data is only collected if provided to us upon accordance or if it is a contractual component. In addition, no personal data is collected. Any processing of personal data that goes beyond the scope of the statutory permission will only take place on the basis of an express consent.

Dashboard

Purpose, legal basis and legitimate interest
In the course of performing and abiding to the contract terms, we grant you access to the S4DX dashboard. To successfully gain access, you must log in with a username (email) and password. We process the personal data on the basis of contractual measures (Art. 6 para. 1 lit. b GDPR).

Recipients of the data
In order to ensure the availability of our S4DX web services, we use a technical service provider who acts as our processor.

Storage period
If the user account is set to Inactive, we store the corresponding data for 3 months. After this period, the log-in data is pseudonymized and stored in a separate database.

Provision required
The provision of personal data is contractually required. Without this data, usage is not possible.

Contradiction
Please read the information about your right to object according to Art. 21 GDPR below.

Usage of web browser scan

Purpose, legal basis and legitimate interest
In order to ensure order processing also for stationary users, we provide the use of our web browser scan feature. When you use the web browser scan, the following usage information is processed:

  • Your location, once it is stored in the system
  • Which samples were scanned in the workflow
  • When and by which person (according to log-in) were these samples scanned
  • Comments associated to the order

Recipients of the data
In order to ensure the availability of our S4DX web services, we use a technical service provider who acts as our processor.

Storage period
This data is stored for 10 years.

Provision required
The provision of the aforementioned personal data is contractually required.

Usage

Purpose, legal basis and legitimate interest
When you access our website, i.e. even if you do not register or otherwise submit any data, information of a general nature is automatically collected. This information (log files) includes domain, user name, time and date, IP address, browser and operating system. In particular, they are processed for the following purposes:

  • Ensuring a trouble-free connection to the website,
  • Ensuring a smooth navigation through our website,
  • Evaluation of system security and stability
  • other administrative purposes.

We also reserve the right to subsequently check the server log files if there are concrete indications of illegal use.
The processing takes place in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

Recipients of the data
We use technical service providers for the operation and maintenance of our website, who act as our processors.

Storage period
The data will be deleted after 3 weeks. Data used during navigation on the website is generally deleted when the respective session has ended.

Provision required
The provision of the aforementioned personal data is neither required by law nor by contract. However, without the IP address and the cookie identifier, the service and functionality of our website is not guaranteed. In addition, individual services may be unavailable or restricted.

Use of cookies

Like many other websites, we use so-called “cookies”.

I. Use of technically necessary cookies

Purpose, legal basis and legitimate interest
We use cookies to ensure the functionality of our applications.
Without this data, the service and functionality of our website is not guaranteed. In addition, individual services may be unavailable or restricted.

We use the following cookies:

  • Counter
  • ordersScanned
  • lastScannedBarcode
  • noSmartTubeforRouters

The processing takes place in accordance with Art. 6 para. 1 lit. b GDPR on the basis of a contractual agreement with our contracting party.

Recipients of the data
Recipients of the data are technical service providers who act as processors for the operation and maintenance of our website. For this purpose, we have concluded the corresponding order processing contracts with the providers.

Storage period
The technically necessary cookies are stored for 6 hours.

II. Use of technically unnecessary cookies

There is no use of non-technical cookies.

III. What are your privacy rights?

Every data subject has the right to information under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restrict processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR.

In the case of the right of access and the right of cancellation, the restrictions under Sections 34 and 35 of the German Data Code (BDSG) apply.

You may withdraw your consent to the processing of personal data at any time to us. This also applies to the withdrawal of declarations of consent given to us before the General Data Protection Regulation was applied, i.e. before 25 May 2018. Please note that the withdrawal will only work for the future. Processing carried out prior to your withdrawal is not affected.

In addition, there is a right of appeal to a competent data protection supervisory authority (Art. 77 GDPR i.V..m. Section 19 of the German Federal Data Protection Act). A list of supervisory authorities (for the non-public sector) with their respective addresses can be found at
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

IV. Data security

We only deal with personal data insofar as this is possible in accordance with data protection regulations. We also take all necessary technical and organisational security measures to adequately protect your personal data from unauthorized access and misuse.

Insofar as we store or process personal data, this is done within a high-security data center. In order to protect the security of your data during transmission, we use encryption methods (e.g. SSL) over HTTPS. Our servers are secured by firewall and anti-virus protection. Back-up and recovery procedures as well as role and authorization concepts are a matter of course for us.

Our employees are obliged to comply with the provisions of the GDPR and the BDSG when handling data.

Information about your right to object under Article 21 GDPR

You have the right, for reasons pertaining to your circumstances, to object at any time to the processing of personal data concerning you, which takes place pursuant to Article 6 (1) lit. f GDPR (data processing based on a balance of interests); this also applies to profiling based on that provision within the meaning of Article 4(4) GDPR.

If you object, we will no longer process your personal data unless we can prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise, or defend legal claims.

The objection may be informed with the subject “opposition” stating your name, address or other identifiers to:

S4DX GmbH
Rupert-Mayer-Str.44
D-81379 Munich
E-mail:  Datenschutz@s4dx.com