Privacy Policy (Datenschutzerklärung)

1. Data Controller
Andrei Mancu (Private Individual)
Distlhofweg 18 81369 Munich, Germany
Email: andrei.mancu@aeirmed.com
Phone: +49 (0) 162 2171920

2. Business Status and Scope

DEVELOPMENT PHASE:
aeirmed is an AI-powered research and development project for medical documentation. No registered company exists yet. This privacy policy covers:

  • Our website: www.aeirmed.com

  • Beta version of the physician platform (healthcare professionals only)

  • Communication related to product development


3. Types of Data We Collect

3.1 Website Visitor Data

  • IP address (automatically anonymized after 7 days)

  • Browser information (type, version, operating system)

  • Pages visited and time spent

  • Referrer URL

  • Device information

3.2 Registration and Contact Data

  • First and last name

  • Email address

  • Professional information (medical practice, specialty, license)

  • Phone number (optional)

  • Feedback and support requests

3.3 Beta Platform Usage Data (Physicians Only)

  • Login times and usage frequency

  • Features and functions used

  • System logs (automatically anonymized)

  • Performance metrics

3.4 Medical Documentation Data (Special Category)
HEALTH DATA PROCESSING: For physicians using our beta platform:

  • Voice Recordings: Processed in real-time and NOT stored

  • Generated Clinical Notes: Structured medical documentation

  • Patient-Related Data: Only for documentation creation, without audio data storage

Legal Basis for Health Data:

  • Art. 9(2)(a) GDPR: Explicit consent from physician

  • Art. 9(2)(h) GDPR: Healthcare provision under medical confidentiality

4. Legal Bases for Processing

  • Art. 6(1)(a) GDPR: Consent (contact forms, newsletter)

  • Art. 6(1)(b) GDPR: Contract performance (beta usage)

  • Art. 6(1)(f) GDPR: Legitimate interests (website operation, product development)

5. Purposes of Data Processing

5.1 Website Operation

  • Website provision and technical optimization

  • Usage statistics analysis via Google Analytics

  • IT security assurance

5.2 Beta Testing and Product Development

  • Function testing of AI-powered documentation software

  • User feedback collection for product improvement

  • Performance optimization of medical AI algorithms

5.3 Communication and Support

  • Processing inquiries and technical support

  • Information about product updates and new features

  • Clinical study coordination (LMU Klinikum)

6. Data Security and Technical MeasuresSecurity Standards:

  • Encryption: End-to-end SSL/TLS encryption

  • Server Location: Exclusively EU (France) - GDPR compliant

  • No US Cloud Services: Own server infrastructure

  • Proprietary AI Models: No external AI APIs or third-party services

  • Access Control: Multi-factor authentication

  • Audit Logging: Complete logging of all access

  • Backup Encryption: Encrypted, regular data backups

Special Security for Medical Data:

  • Audio data NOT stored (real-time processing)

  • Medical notes with AES-256 encryption

  • Separate systems for different medical practices

  • Regular penetration testing

7. Third-Party Services

7.1 Google Analytics
We use Google Analytics for website usage analysis:

  • Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

  • Purpose: User behavior analysis, website improvement

  • Data Transfer: EU-US Privacy Shield / Standard Contractual Clauses

  • IP Anonymization: Enabled (last octet removed)

  • Opt-Out: https://tools.google.com/dlpage/gaoptout

7.2 Future Product Analytics Tools
We reserve the right to implement additional analytics tools. You will be informed in advance of any changes.

8. Data Retention

  • Website logs: 7 days

  • Google Analytics data: 26 months (Google standard)

  • Contact/registration data: Until consent withdrawal

  • Beta usage data: Until end of beta phase + 3 months

  • Medical documentation: According to medical retention requirements (10 years)

  • Support communication: 3 years

9. Your Rights (Art. 15-22 GDPR)
You have the following rights at any time:

  • Right of access: Information about stored data

  • Right to rectification: Correction of incorrect data

  • Right to erasure: Deletion of your data ("right to be forgotten")

  • Right to restriction: Limitation of processing

  • Data portability: Receipt of your data in structured format

  • Right to object: Objection to processing

  • Withdrawal of consent: Possible at any time without reason

Exercise your rights: andrei.mancu@aeirmed.com

10. Supervisory Authority
For complaints, contact:

Bavarian State Office for Data Protection Supervision
Promenade 18, 91522 Ansbach, Germany
Email: poststelle@lda.bayern.de
Phone: +49 981 180093-0

11. No Data Transfer to Third Countries
All data is processed exclusively in the EU.
Exception: Google Analytics with appropriate safeguards.

12. Changes to This Privacy Policy
This privacy policy will be updated when there are significant changes to our data processing. We will notify you of significant changes by email.

13. Contact
For privacy questions:
Email: andrei.mancu@aeirmed.com
Phone: +49 (0) 162 2171920

Last updated: 22.05.202

Overview

Doctor platform

Patient app

Get early access

© aeirmed 2025. All rights reserved.

Legal Notice

Privacy Policy

Overview

Doctor platform

Patient app

Get early access

© aeirmed 2025. All rights reserved.

Legal Notice

Privacy Policy