For the Breathment App
This Privacy Policy applies to Breathment's products and services, including Breathment's mobile application for patients ("Breathment App") and Breathment's web interface for healthcare professionals ("MyClinic"). Breathment's products and services are based on the scientifically sound concept of pneumological rehabilitation. Breathment combines various approaches that together have proven to be particularly effective. The therapy begins after an initial consultation with a physiotherapist to assess and record the patient's physical performance. The physiotherapists in charge draw up an individual training plan based solely on the patient's statements and the diagnosis of the doctor in charge. Breathment supports patients over the age of 18 with a diagnosis of J44: Other chronic obstructive pulmonary disease, provided that contraindications and other causes requiring special therapy have been excluded. Breathment cannot diagnose illness or injury and cannot be used as a substitute for medical advice.
Further information on our products and services can be found in the Breathment instructions for use.
The controller pursuant to Art. 24 GDPR is Breathment GmbH, Bahnhofstraße 35a, 79206 Breisach am Rhein, phone: +49 176 80839544, email: info@breathment.com.
You can reach our data protection officer at the following contact details: Zell Medical Consulting UG, e-mail: datenschutz@breathment.com.
You have the following rights vis-à-vis us with regard to your personal data:
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
This processing serves to manage and document your consents.
We process consent data as data that can be related to you.
The legal basis is our obligation to provide evidence pursuant to Art. 6 para. 1 subpara. 1 lit. c in conjunction with Art. 7 para. 1 GDPR.
The storage period for this processing of the above-mentioned data relating to you is until you withdraw your consent. We keep a deletion log for three years to comply with our obligation to provide evidence.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
This processing serves to ensure the trouble-free operation of the app.
We process session data (access data and end device data) as types of data that can be related to you.
The legal basis is our legal obligation to ensure the secure processing of personal data in accordance with Art. 6 para. 1 subpara. 1 lit. c in conjunction with Art. 24 and 32 GDPR.
The storage period is 30 days for logging access to the interface between the app and server and two months for the transmission of system crashes.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
This processing serves the technical support of the app users.
We process your user ID, the identifier of your treatment request, the content of your request and any other information you provide to us as types of data relating to you.
The legal basis is our legal obligation to ensure the secure processing of personal data in accordance with Art. 6 para. 1 subpara. 1 lit. c in conjunction with Art. 24 and 32 GDPR.
The storage period lasts until your request has been processed.
The above-mentioned data relating to you will be transmitted to our e-mail hosting service provider Twilio Germany GmbH, Rosenheimer Str. 143C, 81671 Munich, Germany.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
This processing serves the security of the user administration.
We process user account data, session data and logging data as types of data that can be related to you.
The legal basis is our legal obligation to ensure the secure processing of personal data in accordance with Art. 6 para. 1 subpara. 1 lit. c in conjunction with Art. 24 and 32 GDPR.
The storage period for the processing of user account data is until you withdraw your consent to the use of our app.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
We use Twilio Germany GmbH, Rosenheimer Str. 143C, 81671 Munich, as our e-mail hosting service provider.
This processing serves the intended use of the app.
We process master data (first name, surname, e-mail address, password), medical history data, evaluation data and treatment plan as types of data that can be related to you. These data are health data as a special category of personal data.
The legal basis is your consent to the user contract ("General Terms and Conditions") for the "Breathment" application pursuant to Art. 6 para. 1 subpara. 1 lit. b GDPR in conjunction with your express consent to the processing of health data for the purpose of implementing the user contract ("General Terms and Conditions") for the "Breathment" application pursuant to Art. 9 para. 2 subpara. 1 lit. a GDPR.
The processing of the above-mentioned data relating to you is necessary for the provision of your telemedical treatment, i.e. for the execution of the user contract ("General Terms and Conditions") with us for the "Breathment" application.
The storage period for this processing of the above-mentioned data relating to you is until you withdraw your consent. We keep a deletion log for three years.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
You have the option of making your (health) data available to your responsible healthcare professional, who does not yet have access to your data, by means of an individual and temporary release. This gives your healthcare professional a better overview of your state of health and allows them to adjust your treatment if necessary. Access to your data expressly requires your individual data release. On Android devices, the user data policy of the Google API services, including the requirements for restricted use, are complied with. Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, is also the recipient of the above-mentioned data relating to you as a processor and the above-mentioned data relating to you will in this case be transferred to the USA as a third country with an adequacy decision pursuant to Art. 45 GDPR.
You have the right to withdraw your consent at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.
You can withdraw your consent to this processing activity at any time by sending an email to info@breathment.com.
You can revoke your consent to this processing activity at any time in your account settings by deleting your user account.
The purpose of this processing is to reimburse you for the costs of using the app via your health insurance.
We process billing data as data that can be related to you.
The legal basis for this processing of the above-mentioned data relating to you for the above-mentioned purpose is the selective contract between you, us and your health insurance company in accordance with Art. 6 para. 1 subpara. 1 lit. b GDPR in conjunction with your express consent to the processing of your health data in the form of your billing data for the purpose of implementing the selective contract between you, us and your health insurance company in accordance with Art. 9 para. 2 lit. a GDPR.
The processing of the above-mentioned data relating to you is necessary for the implementation of the selective contract between you, us and your health insurance company.
The storage period for the above-mentioned data relating to you is three years, starting at the end of the calendar year in which the billing data was created.
The above-mentioned data relating to you will be transmitted to your health insurance company.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
You have the right to withdraw your consent at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.
You can withdraw your consent to this processing activity at any time by emailing info@breathment.com.
You can revoke your consent to this processing activity at any time in your account settings under "Billing via your health insurance fund".
In accordance with the requirements of Regulation (EU) 2017/745, this processing serves to carry out post-market surveillance in accordance with Art. 83, including post-market clinical follow-up studies to ensure and evaluate the clinical safety and clinical performance of our product.
We process master data (first name, surname, e-mail address, password), medical history data, evaluation data and treatment plan and your user behavior as data that can be related to you. This data is health data as a special category of personal data.
The legal basis for this processing of the above-mentioned data relating to you for the above-mentioned purpose is the fulfillment of our legal obligations pursuant to Art. 6 para. 1 subpara. 1 lit. c in conjunction with Art. 9 para. 2 lit. i GDPR in conjunction with our obligation for clinical evaluation pursuant to Art. 10 para. 3 MDR.
The storage period for this processing of the above-mentioned data relating to you is until you withdraw your consent.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
This processing serves to remind you of the therapy.
The first time you run the app, your mobile device registers with the push notification service of the platform used by your device. For Android devices, this is the Firebase Cloud Messaging service of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. For iOS devices, this is the Apple Push Notification service provided by Apple Distribution International Ltd., 1 Hollyhill Industrial Estate, Hollyhill, Cork, Ireland.
When you register your end device with the push notification service of the platform used by your end device, a so-called "registration token" is stored on your end device, which uniquely identifies your device and is technically necessary so that our server can send the desired push notifications to your device via the push service of your platform.
The push notifications contain information about your training times and your training behavior. We process message content and message delivery data as types of data that can be related to you.
The legal basis for this processing of the above-mentioned data relating to you for the above-mentioned purpose is your express consent to the receipt of reminders to carry out the therapy in accordance with Art. 6 para. 1 subpara. 1 lit. a in conjunction with Art. 9 para. 2 lit. a GDPR, which contain health data.
The storage of the technically necessary "registration token" on your end device is your express consent to receiving reminders to carry out the therapy in accordance with Art. 6 para. 1 subpara. 1 lit. a in conjunction with Art. 9 para. 2 lit. a GDPR in conjunction with § 25 para. 2 no. 2 TTDSG.
The above-mentioned data relating to you will be stored until you withdraw your consent. We keep a deletion log for three years.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
The above-mentioned data relating to you will be transmitted to Apple Distribution International Ltd., 1 Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, or Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, depending on the operating system you use.
The above-mentioned data relating to you will be transferred to the USA as a third country with an adequacy decision pursuant to Art. 45 GDPR.
You have the right to withdraw your consent at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.
You can withdraw your consent to this processing activity at any time by emailing info@breathment.com.
You can revoke your consent to this processing activity at any time in your account settings under "Reminders".
This processing is used to pay for your use of the app.
We process payment data as types of data that can be related to you.
The legal basis is your consent to the user contract ("General Terms and Conditions") of the app pursuant to Art. 6 para. 1 subpara. 1 lit. b GDPR in conjunction with your express consent to the processing of health data pursuant to Art. 9 para. 2 subpara. 1 lit. a GDPR.
The processing of the above-mentioned data relating to you is necessary for payment processing as part of the user contract ("General Terms and Conditions") you have concluded with us for our app. If you do not provide us with the above-mentioned data relating to you, your user contract ("General Terms and Conditions") with us cannot be executed.
The above-mentioned data relating to you will be stored until you withdraw your consent. We keep a deletion log for three years.
The above-mentioned data relating to you will be transmitted to Stripe, 510 Townsend Street, San Francisco, CA 94103, USA, depending on the payment method selected.
The above-mentioned data relating to you will be transferred to the USA as a third country with an adequacy decision pursuant to Art. 45 GDPR.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
You have the right to withdraw your consent at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.
You can withdraw your consent to this processing activity at any time by emailing info@breathment.com.
This processing is used for product development in the form of user feedback on therapy via the app, user self-assessment and for our analysis of user behavior in the app, e.g. to determine the acceptance range of certain new features.
We process master data (first name, surname, e-mail address, password), medical history data, evaluation data and treatment plan and your user behavior as data that can be related to you. This data is health data as a special category of personal data.
The legal basis is your express consent to the processing of data relating to you for the purpose of product development pursuant to Art. 6 para. 1 subpara. 1 lit. a GDPR in conjunction with your express consent to the processing of health data for this purpose pursuant to Art. 9 para. 2 subpara. 1 lit. a GDPR.
The storage period for this processing of the above-mentioned data relating to you is until you withdraw your consent. We keep a deletion log for three years.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.
You have the right to withdraw your consent at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation.
You can withdraw your consent to this processing activity at any time by emailing info@breathment.com.
You can revoke your consent to this processing activity at any time in your account settings under "Product development".
This processing serves the data protection-compliant handling of data subject rights.
We process all of the above types of data relating to you where necessary, which includes health data as a special category of personal data where necessary.
The legal basis is Art. 6 para. 1 subpara. 1 lit. c GDPR in conjunction with Chapter III GDPR.
The storage period is three years.
We use Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany, as the hosting service provider for our app.