Privacy Policy – Transfer as a Service [TaaS]
Siemens Healthineers is committed to protecting and respecting the privacy of your personal data. This Privacy Policy explains how Siemens Healthineers processes your personal data in compliance with the EU General Data Protection Regulation (GDPR) when registering for or using the Siemens Healthineers Transfer as a Service service.
Controller
Siemens Healthineers AG, Siemensstr. 3, 91301 Forchheim, Germany (“Siemens Healthineers“) will process your personal data as the data controller in accordance with this Privacy Policy when registering for or using our Transfer as a Service service.
Categories of personal data processed
Siemens Healthineers may process the following categories of personal data about you when using our Transfer as a Service service:
· Contact information, such as your name, e-mail address, telephone number, that you provide to us
· Information that is automatically sent to us by your web browser or device, such as your IP-address, device type, browser type, referring site, sides accessed during your visit, the date and time of each visitor request.
· Files you are uploading for transfer
Purposes for processing your personal data
Siemens Healthineers processes your personal data for the following purposes:
· To provide the the Transfer as a Service (TaaS) services you request
· To process your individual requests
· To offer the website’s services and functions and to administer your use of the website
· To customize the site according to user preferences (e.g., language setting)
· To verify your identity (if you registered to a service offered via the website)
· To fulfil our obligations under contracts concluded between you and us
· To enforce our Terms of Use
· To assert or defend legal claims
· To prevent and deter fraudulent or similar acts, including attacks on our IT infrastructure
Legal basis for the processing
The legal basis for Siemens Healthineers processing your personal data is that such processing is necessary for the purpose of safeguarding the legitimate business interests of Siemens Healthineers (Art. 6 (1) lit. f GDPR). The legitimate interest of Siemens Healthineers lies in the processing of your personal data for the purpose of providing our offerings and services, ensuring the technical stability and security of our services, establishing and maintaining our business relationships with you. Where Siemens Healthineers relies on its legitimate interests for processing personal data, Siemens Healthineers has determined that, after a balancing of interests, its legitimate interests are not overridden by your interests and rights or freedoms. More information on the balancing of interests can be obtained by contacting the Siemens Healthineers Data Privacy Organization.
Cookies and other similar technologies
Siemens Healthineers and our partners use cookies and other similar technologies to operate the Siemens Healthineers websites.
For TaaS, only technically necessary cookies are used. The cookies are deleted after the end of the session.
Links to other websites
Siemens Healthineers websites may contain links to third party websites and applications. This Privacy Policy, however, only applies to Siemens Healthineers websites and does not cover how third-party organizations process personal data. For information on their processing of your personal data, we encourage you to read their data privacy policies.
Recipients and transfer of personal data
Siemens Healthineers may share your personal data with the following recipients, if and to the extent such transfer is necessary:
· Siemens Healthineers group companies which process personal data to support in fulfilling our contractual or legal obligations or internal functions such as customer services,
· other recipients such as business partners or (IT-) service providers which process personal data as part of their service provision for Siemens Healthineers (e.g., hosting or IT maintenance and support services),
· third parties in connection with complying with legal obligations or establishing, exercising, or defending rights or claims or in relation to corporate transactions (e.g., for court and arbitration proceedings, to law enforcement authorities and regulators, to attorneys and consultants).
Sometimes a recipient to whom Siemens Healthineers transfers personal data is in a country in which applicable laws do not provide the same level of data protection as the GDPR. In such cases and unless permitted otherwise by applicable law, Siemens Healthineers only transfers personal data if appropriate and suitable safeguards for the protection of personal data are implemented, in particular, if the recipient entered into the EU Standard Contractual Clauses for the transfer of personal data to third countries with us or if the recipient has introduced approved Binding Corporate Rules in its organization.
Further information on the safeguards in place is available by contacting the Siemens Healthineers Data Privacy Organization.
Siemens Healthineers will store your personal data for 90 days after your last login unless legal obligations or the establishment, exercise or defense of legal claims make a longer retention necessary.
Your rights
Under the GDPR, you have specific rights in relation to your personal data. In particular, and subject to the statutory requirements, you may be entitled to:
· obtain confirmation as to whether Siemens Healthineers processes personal data about you and, where that is the case, obtain access to your personal data processed by Siemens Healthineers as well as other information,
· obtain the rectification of your inaccurate personal data processed by Siemens Healthineers,
· obtain from Siemens Healthineers the erasure of your personal data processed by Siemens Healthineers,
· obtain from Siemens Healthineers restriction of processing of your personal data,
· obtain a copy of your personal information that you have provided to Siemens Healthineers or request that your personal information be transmitted to another recipient,
· object on grounds relating to your particular situation to the processing of your personal data by Siemens Healthineers insofar as the processing of your personal data is based on legitimate interests.
· To receive more information regarding these rights or to exercise any of your rights, please contact the Siemens Healthineers Data Privacy Organization.
Data Protection Officer, Siemens Healthineers Data Privacy Organization
The Siemens Healthineers Data Protection Officer and the Siemens Healthineers Data Privacy Organization provide support with any data privacy related questions, comments, concerns, or complaints or in case you wish to exercise any of your data privacy related rights. The Siemens Healthineers Data Privacy Officer and the Siemens Healthineers Data Privacy Organization may be contacted at: dataprivacy.func@siemens-healthineers.com.
The Siemens Healthineers Data Privacy Organization will always use best efforts to address and settle any requests or complaints brought to its attention. In addition, you may also contact a supervisory authority with requests or complaints. The competent lead supervisory authority for Siemens Healthineers is: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany, lda.bayern.de/de/index.html