eHautarzt

Privacy policy for the platform

Status: 16.08.2025

1. Controller

eHautarzt – [Insert company/practice name]
[Street, number]
[Postcode, city, country]
Phone: [Phone number]
E-mail: [Data protection contact]
(“we”/“us”)

2. Data protection contact

[Name, and company name if applicable]
[Address]
E-mail: [privacy contact e-mail]
Phone: [privacy contact phone]

3a. Roles (separate responsibilities)

Platform (controller):

We are responsible for operating the website and platform, including user accounts, support, security measures, payment processing and collecting and forwarding the data needed for treatment to the treating doctor.

Treating doctors (separate controllers):

Medical processing – review of your information and images, diagnostics, creation of the medical report and any prescription, and storage of the patient record – is carried out independently by each treating doctor. The doctor provides their own privacy information, which we link to in the portal or medical report.

Technical hosting as processor:

If the platform stores or provides medical content (for example photos, reports) for doctors, the platform does so on their behalf and according to their instructions. This is governed by a written data processing agreement.

Transfer between separate controllers:

Transfer of your data that is required for medical treatment to the treating doctor takes place between separate, independently responsible parties.

Case-based assignment:

The assignment of the treating doctor is made per case from a vetted pool of doctors. Before assignment, no medical processing takes place outside the platform. Once assignment has taken place, we inform you in the portal or by e-mail about the doctor’s name and contact details and provide a link to their privacy information.

Treatment by the platform operator (special case):

In some cases the treating doctor may be employed by or work directly for the operator of the platform. In this situation, the operator is also responsible for medical processing and storage of the patient record. This will be clearly shown to you when the case is assigned.

4. Categories of personal data

Depending on how you use the service, we process in particular the following categories of data:

4.1 Treatment and health data

  • Medical history information: Start and duration of symptoms, type of symptoms (for example itching, pain, none), previous treatments, suspected causes, course of the condition, previous therapies, similar complaints, allergies (including medication, nickel, latex), pregnancy or breastfeeding status for female patients.
  • Image data: Three required photos (overview from about 30 cm, close-up from about 10 cm, and one from an alternative angle).
  • Basic data: First name, last name, date of birth and biological sex.

4.2 Billing and contact data

  • Billing address (street, number, postcode, city), insurance status (for example public/private) and, if needed, your insurance number.
  • Contact data: e-mail address and/or mobile number.
  • Account data for your user account (registration after payment; password chosen by you).

4.3 Payment data

  • Payment method (Apple Pay, Google Pay, credit or debit card, PayPal, voucher). Further payment data are processed directly by the chosen payment provider, as far as possible.

4.4 Technical usage data (web)

  • Server log data (date and time, IP address, request headers, referrer, browser type).
  • Cookie and consent data (for example which cookies you allowed).

Note on in-product privacy hints: During registration and when sending confirmation codes, we display short explanations in the interface (for example “To view your medical report, please log in or create a secure account” or “We have sent a code to your e-mail address/phone number …”).

5. Purposes and legal bases for processing

5.1 Online dermatology service and medical diagnostics

Purpose: Review of your information and images, specialist assessment, preparation of a medical report and, where appropriate, a private prescription.

Legal basis: Processing is necessary to provide the medical service you requested and to fulfil the treatment contract, in line with applicable health and data protection laws for handling health data.

5.2 Billing and legal retention duties

Purpose: Billing, accounting and compliance with financial and medical record retention duties.

Legal basis: Processing is necessary to fulfil our contractual and legal obligations, including mandatory retention periods for medical and billing documents.

5.3 Account creation, authentication and communication

Purpose: Creating and managing your user account, sending one-time codes by e-mail or SMS, communicating about your case (for example follow-up questions, medical report, prescription) and providing support.

Legal basis: Processing is necessary for the performance of the user and treatment contracts and for our legitimate interest in ensuring secure access and preventing misuse.

5.4 Payment processing via providers

Purpose: Accepting and processing payments and preventing fraud by the payment provider.

Legal basis: Processing is necessary for performance of the payment contract and for the legitimate interest of secure payment handling. We do not send medical details to payment providers.

5.5 Website operation, logs and security

Purpose: Providing and stabilising the website and platform, diagnosing errors, detecting misuse or attacks (for example denial-of-service or automated abuse) and investigating security-relevant events.

Legal basis: Processing is based on our legitimate interest in running a secure and reliable online service and on legal obligations to protect personal data.

5.6 Processing based on consent

If we ask for your consent for specific purposes (for example sending your prescription directly to a pharmacy you choose, or receiving a newsletter), processing is based on your consent. You can withdraw consent at any time with effect for the future.

6. Obligation to provide data

The information and mandatory photos requested in the form are necessary to provide an online dermatology assessment. Without this data, we cannot offer a safe and meaningful medical opinion. There is no further legal obligation to provide data, but we must store certain information once treatment has taken place due to legal retention duties.

7. Source of the data

Most data come directly from you via forms and uploads. Technical usage data are generated when you visit our website. Payment data are collected mainly by the respective payment provider.

8. Recipients and categories of recipients

  • Treating doctors as independent medical providers (subject to medical confidentiality).
  • Billing or accounting service providers, if used.
  • Payment service providers (for example Stripe, PayPal, providers of Apple Pay or Google Pay).
  • IT service providers under data processing agreements (for example hosting providers, data centres/CDNs, e-mail/SMS delivery services, monitoring and consent-management tools).
  • Pharmacies, but only at your explicit request to redeem a private prescription.
  • Public authorities or courts, where required by law.

Medical processing under the doctor’s responsibility

The data needed for diagnostics and treatment are transferred to the treating doctor, who is independently responsible for medical processing and for keeping the patient record. The doctor decides how long medical records are stored, in line with local medical laws. For each case, we inform you about the doctor’s name, contact details and their separate privacy information.

8.1 Key service providers and data processing (overview)

Hosting and infrastructure

  • Hetzner Online GmbH (data centres in the EU): Hosting of application servers, databases and storage services in certified data centres within the European Union. A written data processing agreement is in place.
  • ALL-INKL.COM – Neue Medien MĂĽnnich (EU-based provider): Domain, mail and infrastructure services for web operations within the EU, under a data processing agreement.

Communication and authentication

  • Spryng B.V. (EU-based SMS provider): SMS gateway for one-time codes (for example 2FA) and transactional notifications, under a data processing agreement.

Payments (independent providers)

  • Stripe Payments Europe, Ltd.: Payment processing for card payments and digital wallets. Stripe acts as an independent controller for payment data and may process data in data centres outside your country. Stripe uses internationally recognised safeguards for such processing, as described in its own privacy policy.

9. Data processing outside the European Union

Some service providers may process data outside the European Union or European Economic Area (for example in the United States). In these cases we use appropriate safeguards, such as contractual clauses and technical measures, to ensure an adequate level of protection. You can contact us at any time for more information about these safeguards.

10. Security of processing

We protect your data with a level of security appropriate to the sensitivity of health information. Measures include in particular:

  • Encryption of all web connections (TLS).
  • Hardening of servers and applications, role-based access and “need-to-know” access control.
  • Separate storage of sensitive medical data from technical and usage data where possible.
  • Logging of security-relevant events without storing the content of your medical record in these logs.
  • Regular backups and tested restore and disaster-recovery procedures.
  • Data minimisation and pseudonymisation where this is medically feasible.
  • Two-factor authentication for access to your account.

11. Storage periods and deletion

  • Patient record (including important medical images and the medical report): As a rule, your medical record is stored by the treating doctor according to the legal retention periods that apply in the doctor’s country (often for many years).
  • Billing and accounting records: Billing documents are stored for the periods required by tax and commercial law (in many countries typically around 10 years).
  • User account: We store your account data until you request deletion of your account. Essential medical and billing documents may be kept longer if required by law.
  • Server logs: Security and operational logs are usually stored for 7–30 days on a rolling basis and, beyond that, only where needed as evidence after a security incident.
  • Abandoned cases or drafts without account creation: Cases that you start but do not complete are automatically deleted after a maximum of 30 days, unless longer storage is required by law.
  • Records of consent and objection: We store information about your consent or objections for as long as we need it to prove compliance with data protection laws, usually for several years.

12. Cookies, local storage and consent

We use technically necessary cookies and similar technologies (for example session cookies, a cookie to remember your consent settings) to provide the website, authentication and security. Optional cookies or tracking for analytics are only used if you agree. Details about each tool (provider, purpose, storage period) are shown in the cookie banner and settings.

13. Minors

Online medical services for minors are only provided with the consent of their legal guardians. We do not knowingly collect data from children under 16 without the necessary consent.

14. No fully automated individual decisions

We do not use fully automated decision-making that produces legal effects for you or significantly affects you in a similar way.

Note: Payment providers may carry out their own fraud and risk checks. These are carried out under their own responsibility and described in their privacy notices.

15. Your rights

Within the limits of applicable law, you have in particular the following rights:

  • Right of access to your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure of data, where conditions are met.
  • Right to restriction of processing in certain cases.
  • Right to receive personal data in a commonly used format and to transmit it to another provider where technically feasible.
  • Right to object to processing based on legitimate interests, where applicable.
  • Right to withdraw consent at any time with effect for the future.

To exercise your rights, simply contact us using the contact details above.

16. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority, in particular in your country of residence or at the place where an alleged infringement occurred.

17. Medical confidentiality

Medical confidentiality applies independently of data protection law. All staff and contracted assistants who have access to medical data are bound by strict confidentiality obligations.

18. Internal records and risk assessments

Because we process sensitive health data, we maintain internal documentation describing our processing activities. We also regularly assess whether special data protection risk assessments are required for new or changed processing operations and carry them out where necessary.

19. Personal data breaches

In the event of a personal data breach, we assess the situation, take corrective action and, where required by law, inform the competent authority and the affected individuals in clear and understandable language.

20. External links

Our website may contain links to external websites and services. The respective providers are solely responsible for those sites and their data processing.

21. Changes to this privacy policy

We may update this privacy policy from time to time to reflect changes in our processing, legal requirements or technical developments. The latest version is always available on this page.

Questions? If you have any questions about data protection, please contact our privacy contact.