Introduction
Dear user of application Dermi,
The protection of your personal data is not only important to you, but also to us, the persons responsible for the “Dermi” application. We appreciate your trust that we will handle your personal data conscientiously, confidentially, and in accordance with the law.
With this statement, we do not only want to comply with our legal obligations, but we also want to describe to you in an understandable way what personal data is processed when you use this application and how we handle it. Panthera Digital d.o.o. processes and uses personal data that is processed during the installation and use of the application in accordance with the regulations on data protection valid in the Republic of Croatia.
1. General information
This Personal Data Protection Statement for the Dermi application applies from May 26, 2024 and refers to the collection and processing of your personal data within the Dermi application.
By registering to use the Dermi application, you agree to the method of data collection and processing described in this Statement. This Statement describes which of your data we collect, how we process it and for what purposes we use it, as well as your rights related to your data.
By accepting this Statement, you also confirm that you are over 18 years old, or if you are not, that your parents/guardians are aware that you are using the Dermi application.
2. Data collection and processing
In order to provide you with the service within the Dermi application, below we present the personal data we process, as well as the purpose for which we process it:
Name and contact information (including your address, city, country, date of birth and email)
By entering personal data or attaching documentation in the fields provided for this purpose, you give your consent for the said data to be used for the purpose for which it was provided.
Panthera Digital d.o.o. may use the specified data to provide you with more efficient customer service, facilitate the use of the Dermi application.
We collect and process personal data:
- When registering to use our services: first and last name, e-mail, date of birth, address, city, country, etc.
- When registering with an account in the role of a doctor, namely: first and last name, name of the clinic, e-mail, etc.
- When sending an inquiry (creating a new case): name and surname, e-mail address, photos, and the result of your questionnaire, findings, and documentation that you yourself decide to send us.
- When using the Dermi application, data that you yourself decide to provide us, date of birth, medical documentation, etc.
- We will also use your personal data for the purpose of processing the payment of the amount you are required to pay for using the application. Sometimes you will be entitled to a refund, so we will use your personal data for these purposes as well.
- In case you submit a complaint, complaint, or inquiry to us.
- Through consent for direct marketing, which can be given, for example, by e-mail or directly by signing a consent form.
By providing your consent, we will send you email newsletters with information about new products, services, promotions, and recommendations. We use Mailchimp for our email marketing campaigns. Mailchimp is a third-party service provider, and by subscribing to our newsletter, you acknowledge that your information will be transferred to Mailchimp for processing. Please review Mailchimp’s privacy policy for more information on how they handle your data.
In the case where we process your data based on consent, if you revoke the given consent, we will stop processing your data and will no longer use them for the given purposes, but this may result in the impossibility of using some additional benefits related to them.
Data that the application automatically collects are: IP address, type of device with which you access the application, operating system, information about the Internet access service provider, service access time, and session information.
These data are processed for the purpose of providing a better service, better customer support, easier application login, and easier submission of queries by eliminating the need to repeatedly enter the same data.
The password you enter is visible only to you, and it is stored in encrypted form in the system.
Panthera Digital d.o.o. reserves the right to provide personal data about Dermi application users to third parties (polyclinics), but with the obligation to maintain confidentiality and solely for the purpose of performing the requested service within the application, for the purpose for which it was provided. Then Panthera Digital d.o.o. partners with a contractual obligation to keep data confidential may allow access to the necessary personal data for the purpose of ensuring the functionality of the platform for providing the service and eventual user support.
Here we list additional circumstances in which we will share your information with authorized third parties and additional purposes for which we use your information:
- Providing information to Google Inc.
Google collects information through our use of Google Analytics on our website. Google uses this information, including IP addresses and cookie data, for several purposes, such as improving Google Analytics. The information is shared with Google on an anonymous basis. To learn more about what information Google collects, how it uses that information, and how to control the information sent to Google, see Google’s privacy policy partner page. You can opt out of Google Analytics by installing the following browser add-on: https://tools.google.com/dlpage/gaoptout
Then any such third party, if it processes your data, is obliged to do so in accordance with the Personal Data Protection Act.
The processor for the Dermi application and platform is Panthera Digital d.o.o.
3. Security of your personal data
Data on computer servers is stored in a controlled, secure environment, protected from unauthorized access, use, or disclosure.
Consequently, your data is stored on a secure server and can only be accessed by a very limited number of persons who have special access rights to such systems, and are obliged to keep such data confidential.
We apply a range of security measures whenever a user places an order, enters, submits, or accesses their information in order to maintain but the security of your personal data.
In the communication between the device and the server, the data is encrypted to bring a higher level of security and privacy to the service. We protect data with multiple security layers, including leading HTTPS encryption technology.
4. Use of cookies
The Dermi website uses the so-called cookies – a set of data generated by the website server and saved by the web browser on the user’s disk in the form of a small text file. The files are created when the browser on the user’s device loads the visited web destination, which then sends data to the browser and creates a text file (cookie).
Cookies are used for a better user experience with full functionality of the used application, and they can be temporary (they are stored only during visits to websites) or permanent (they remain stored on the user’s computer even after the visit).
Dermi uses third-party cookies to:
– obtaining statistical data on attendance and usage of our application and website. The data that is collected includes the user’s IP address, browser data, operating system data, and other standard data that is collected and analyzed exclusively in anonymous and bulk form. For the stated purposes, statistics from the Google Analytics service are used. Please refer to the following links for policies on cookies used by third parties:
Google Analytics
https://policies.google.com/privacy
5. Preventing cookies
If you do not agree to their use, you can easily delete (or prevent) cookies on your computer or mobile device using the settings of the browser you are using. You can find more information about cookie management on the pages of the browser you are using or at http://www.allaboutcookies.org/
Since the purpose of cookies is to improve and enable the use of our application as well as websites and their processes, please note that by preventing or deleting cookies, you may disable the functioning of some features or cause them to work and look differently in your browser.
6. Storage period
The processing manager keeps the collected personal data until the user account is deleted or until the service is terminated, or until legal deadlines, if any.
7. Statement on the security of credit card purchases
The confidentiality of your information is protected and ensured using SSL encryption. Online payment pages are secured using the Secure Socket Layer (SSL) protocol with 128-bit data encryption.
SSL encryption is a process of encoding data to prevent unauthorized access during data transmission. This enables secure data transfer and prevents unauthorized access to data during communication between the user and the Payment Gateway, as well as in the reverse direction.
Payment Gateway and financial institutions exchange data using their virtual private network (VPN), which is also protected against unauthorized access. Corvus is a PCI DSS Level 1 authorized payment service provider.
The merchant does not store credit card numbers, and they are not accessible to unauthorized persons.
8. User rights
We hereby also inform you that you have the right and the possibility of direct access to your personal data that is being processed, the right to their correction (except for your e-mail address) and the right to subsequently revoke your consent and delete the collected personal data.
You exercise your right to correct personal data by contacting us via e-mail at [email protected] with the title: Request for correction of personal data, and that in the content of the message you must specify your e-mail address and the data you would like to correct.
You exercise your right to delete personal data or the right to revoke your consent by deleting your user account through the settings within the Dermi application. If you delete your user account, your personal data will be deleted and you will no longer be able to use the Dermi application in the part that requires registration. When deleting, part of the data is anonymized, which permanently removes all links to a specific person.
You can also exercise your right to delete personal data or the right to revoke your consents by sending an e-mail message to [email protected] with the Subject: “Request to delete user account”.
If you want to give your consent again, you can do so by registering again.
9. Terms and changes
The terms of this Privacy Statement govern the use of cookies and all data collected during the application of the Statement, except for third-party cookies. Panthera Digital d.o.o. reserves the right to change this Statement and cookie policy at any time.
Panthera Digital d.o.o. will notify its users of any change that affects the way and scope of personal data collection.
10. Other information
In order to comply with fair practices regarding the collection of personal data, we will take the following appropriate actions in the event of a personal data breach:
We will inform users about this as soon as possible, via e-mail and by highlighting the notification on the websites themselves, and we will take all necessary actions without delay in accordance with the applicable regulations from areas of personal data protection.
Panthera Digital d.o.o. will gladly receive your comments and suggestions regarding this Statement, as well as inquiries regarding your rights as a user of the Dermi application.
The following is responsible for data processing:
Panthera Digital d.o.o.
Hermana Bužana Street 6
10000 Zagreb
The data protection officer is available via the e-mail address: [email protected]
In Zagreb, May 29, 2024.