Privacy policy

This privacy policy informs you about the processing of personal data in connection with the medical services provided by our company. This includes in particular the organization, coordination and execution of worldwide patient transports on scheduled flights, including medical care before, during and after the transport. The declaration applies to all phases of service provision – from the initial contact and medical assessment through to the transportation and aftercare – as well as to the use of our online services and the associated communication. The terms used are to be understood as gender-neutral.

Person responsible

Dr. med. Stephan Klose

E-mail: office(at)amtras.de

Legal basis

We process data on the basis of the GDPR and, where applicable, supplementary national regulations. Depending on the purpose, the following legal bases may apply
– Consent (Art. 6 para. 1 lit. a GDPR)
– Contract and pre-contractual measures (Art. 6 para. 1 lit. b GDPR)
– Legal obligation (Art. 6 para. 1 lit. c GDPR)
– Protection of vital interests (Art. 6 para. 1 lit. d GDPR)
– Legitimate interest (Art. 6 para. 1 lit. f GDPR)
We only process special categories of data in accordance with Art. 9 GDPR if there is a corresponding legal basis or explicit consent.

Scope of the GDPR and Swiss DPA

This declaration meets the requirements of both the GDPR and the Swiss Data Protection Act (DPA). For better comprehensibility, we use the terms of the GDPR.

Processed data types and purposes

For example, contact, contract, content, usage and communication data are processed. The purposes include in particular
– Fulfillment of contractual services
– Communication and support
– security measures
– Reach measurement and marketing
– IT operation and optimization

Security measures

We take technical and organizational measures in accordance with the state of the art to ensure an appropriate level of protection.

Disclosure and transfer to third countries

Personal data will only be passed on if this is permitted by law or is necessary for the fulfillment of the contract. Data will only be transferred to third countries (outside the EU/EEA) if there is an adequacy decision, suitable guarantees or your express consent. In the context of international patient transportation, it may be necessary to transfer data to countries outside the EU, in particular when communicating with medical staff, airlines or local authorities.

Rights of the data subjects

You have the following rights:
– Information about your stored data
– Correction of incorrect data
– Deletion or restriction of processing
– Data portability
– Objection to the processing
– Revocation of consents granted
– Complaint to a data protection supervisory authority

Cookies and web analysis

We only use cookies with your consent, unless they are technically necessary. Analysis and marketing tools (e.g. reach measurement) are only used with your prior consent. Consent can be revoked at any time.

Storage duration

Data is only stored for as long as is necessary for the purposes for which it is processed or for as long as there are statutory retention obligations.

Communication

If you contact us by e-mail, telephone or form, we will process your details in order to deal with your inquiry. The information may be stored in a CRM system.

Medical services

In the context of medical care, we process health data only on the basis of legal obligations or your consent. Data may be passed on to authorized third parties (e.g. laboratory, billing, authorities). In the case of patient transportation on scheduled flights, data is processed for medical preparation, accompaniment and aftercare. This includes, in particular, the transmission of medical information to the airlines involved, ground and air personnel and medical specialists in Germany and abroad. Data is always transferred to third countries on the basis of statutory regulations or your consent and in compliance with applicable data protection law.

Web hosting and server log files

When you visit our website, access data (e.g. IP address, time, browser type) is automatically stored in server log files. This data is used for security and technical administration and is deleted regularly.

Online presence in social media

We operate profiles in social networks. When using them, the data protection conditions of the respective provider apply.

Changes to this privacy policy

We reserve the right to amend this privacy policy in the event of changes to the legal situation or our services. The current version is always available on our website.

Use of processors

To provide our services, we use service providers bound by instructions (so-called processors) in accordance with Art. 28 GDPR, e.g. in the areas of IT operations, hosting, communication, billing and document management. Contracts for order processing are in place with all processors to ensure the protection of your data.

Consent

If the processing of personal data is based on your consent, this is voluntary, informed and documented – e.g. by signing prior to transportation or by active consent during patient admission. Consent can be withdrawn at any time with effect for the future.

Consent management for cookies

We use a consent management tool to obtain and manage consent for the use of cookies and third-party services. This is displayed the first time you visit our website and allows you to set your preferences individually.

No automated decisions

There is no automated decision-making including profiling within the meaning of Art. 22

Storage duration by data type

Health data is generally stored for a period of ten years. Billing-related data is subject to a ten-year retention period under tax law. Communication data and other administrative documents are stored in accordance with the statutory periods and subsequently deleted or anonymized.