We value our customers trust
1. Responsible body & data protection officer
Autonom Health Gesundheitsbildungs GmbH
Siedersgraben 2/2
3400 Klosterneuburg, Austria
Hereinafter referred to as Autonom Health .
Phone: +43 699 122 000 01
E-mail: office@autonomhealth.com
Data Protection Officer: Daniel Lohninger
2. Collection, processing and use of personal data
2.1 Analysis Portal
The analysis portal is the central element of our service. It is used to process health data of our customers. We do not use any third-party cookies and tracking in the analysis portal. Cookies are used in the analysis portal merely to ensure its functionality. As a result, no personal data is stored.
We treat the data that you provide to us for analysis with great care. Your data will never be passed on to third parties. We only use these to calculate comparative values, and continuously improve the effectivity and comparability of our analyses. Only so-called “aggregated” data and no personal data are used for this purpose.
Individuals who have a private account with independently uploaded measurements have the possibility to grant one or more HRV professionals access to their measurements and analyses through the networking page. However, this is only done at request and active consent of the private individual.
2.2 Customer Account
We use cookies on our website only to improve the functionality and pay attention to your personal data protection.
For all other third-party tracking cookies, we have implemented an opt-in, i.e. When you visit the website, you can choose whether these tracking pixels are loaded at all. In our case, this concerns Facebook and Twitter cookies.
2.3 accounts.autonomhealth.com – Single-Sign-On
We use cookies on our website only to improve the functionality.
For all other third-party tracking cookies, we have implemented an opt-in, i.e. When you visit the website, you can choose whether these tracking pixels are loaded at all. In our case, this concerns Facebook and Twitter cookies.
2.4 Community
The community uses Google Maps to geographically represent our partners. Thus, your IP address and your browser information are sent to Google when you visit this page due to technical reasons.
2.5 Activity App
The activities documented by you in our activities app during a measurement are uploaded to our HRV analysis portal via an encrypted SSL connection and linked to the uploaded data of the respective measurement in your account.
2.6 Log-Data
When you visit a website or service, your browser automatically transmits usage data and stores it in so-called “server log files”. The date, time, name of the page accessed, IP address, referrer URL, the amount of data transferred and data of the browser used (type and version) are stored in these log files.
Server log files are analyzed to find errors and improve server capacity. A merging or analysis of personal data does not take place.
2.7 Newsletter
On our homepage and when registering in the analysis portal, it is possible to subscribe to our newsletter.
With our newsletter, interested parties receive regular information about our developments and news about HRV. We take great care not to flood you with e-mails and send out only a maximum of one newsletter per month.
We handle all information conscientiously and strictly in accordance with the applicable rules and laws. This means that data (e.g. name, address, telephone number, e-mail, etc.) may be used to send appropriate information based on the information, seminar attendance and interests.
Newsletters are only sent by us after registration for the newsletter via homepage or e-mail, after consent during registration in the analysis portal, or to existing customers. If someone no longer wishes to receive a newsletter, they can unsubscribe from it at any time using the unsubscribe link in the footer of each newsletter.
The objection can also be sent at any time to our contact address from point 1 “Responsible body” by post or e-mail.
2.8 Use of location data
Our mobile apps “My Autonom Health” and “Aktivitätentracker” require permission to access the location data on your device. It is important to note that this permission is only required for communication between the app and the Bluetooth sensor.
#We do not use, process or store any of our users’ location data. Requiring this permission is a technical requirement of the Android operating system for Bluetooth communication and is not used to collect or use your geographic location.
We are committed to protecting the privacy of our users and ensuring that location data is not used or collected for purposes other than those described above.
3. Customer Account
If you have a customer account for this service or website, it is password-protected. In this so-called “account”, data such as orders or customer data can be viewed and changed. You undertake to treat the personal access data confidentially and not to make it accessible to unauthorized third parties. We cannot accept any liability for misused passwords, unless we are responsible for the misuse.
We collect, store and process your data for the entire processing of any purchases, for our services, technical administration and our own marketing purposes. Your personal data will only be passed on to third parties if this is necessary for the purpose of contract processing or billing or if you have given your prior consent and only to the extent that the data is necessary for third parties. If there are exceptions to this, they will be mentioned below in this text.
The data passed on may only be used by service providers to fulfil their task. Any other use of the information is not permitted. For this obligation, we have legally binding contracts from all service providers cooperating with us.
Your personal data will be deleted after your request for deletion has been exercised, if the data is no longer required to fulfill the purpose for which it was stored and if the deletion does not violate any valid law or if deletion would be inadmissible.
4. Professionals & Partner
Certified HRV professionals and partners are healthcare providers who use our services for their clients and patients. We are required by law to enter into a contract with each affiliate account holder.
As a “contract data processor”, an HRV professional or partner is the owner and user of a partner account. He is also the contact person for all concerns of his clients concerning their HRV measurements.
In this case, we act as “controllers” because we have the “actual power” over the data because we have built and are managing the system.
“The “controller” is the “master of data processing”, he has the power to decide on the purposes and means of the specific processing activity. The decision is not to be misunderstood in the sense of a conscious cognitive process, but in the sense of a determination or, more precisely, a legal or factual influence on this determination. In practice, a question that is often easier to answer when assessing the role of controller is who has the decision-making power to terminate the specific data processing. Only those who can stop data processing at any time with their legal or factual influence can be the controller.” (Fritz, Gernot. DELIMITATION DIFFICULTIES IN THE DISTRIBUTION OF ROLES UNDER DATA PROTECTION LAW ACCORDING TO THE GDPR by Gernot Fritz).
The contact person for safeguarding the rights of data subjects is the above-mentioned responsible body or our data protection officer.
Partners and professionals are obliged to inform their clients or patients about the data processing, to obtain their consent and to document it.
5. Server locations
The servers for our applications are located in Germany and Vienna
6. Competitions, market – and opinion research
If you participate in contests, your data will be stored for the purpose of notifying the winners. For details, please refer to the terms and conditions of participation of the respective competition.
In the case of market and opinion research, your data will only be stored in anonymised form for statistical evaluations. The data obtained will not be passed on to third parties or will only be passed on to third parties with your permission in the respective case.
You can object to this point at any time. The objection can be sent at any time to our contact address from point 1 “Responsible body” by post or e-mail.
7. Cookies
Accepting cookies is a prerequisite for the use of our services and websites. We would like to point out that by rejecting cookies, certain services on the website will not have the desired function.
7.1 Welche Cookies werden von Autonom Health verwendet?
In addition to the cookies for the functionality of our websites and services, we use marketing cookies from Twitter and Facebook, which are only loaded if you agree to their use. For this purpose, a banner is loaded on the first visit to the website, which queries your settings and saves them for later visits.
7.2 Cookie Banner
To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/de/rcb/datenverarbeitung/.
Legal bases for the processing of personal data in this context are Art. 6 para. 1 lit. c DS-GVO and Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to manage the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide personal data. If you do not provide personal information, we will not be able to manage your consents.
7.3 Facebook – optional
We use plugins from the social network facebook.com.
Privacy Policy: https://www.facebook.com/about/privacy/
7.4 Twitter – optional
We use plugins from the social network Twitter.
Privacy Policy: https://twitter.com/privacy
7.5 Stripe – optional
We use Stripe to process all payments in the analysis portal as well as in the webshop
Privacy Policy: https://stripe.com/at/guides/general-data-protection-regulation
7.6 WPML – essenziell
WPML is a multi-language system for WordPress websites. The cookies store the user’s language and can redirect the user to the version of the website that corresponds to the language of the user’s browser.
8. Secure data transmission
In order to improve your protection, data transmissions to our services and website are carried out exclusively using Secure Socket Layer (SSL).
9. Rights of those affected
9.1 Recht auf Transparenz
You have the right to know which of the data you have disclosed to us and why. The purpose of this privacy policy is to provide this information.
9.2 Das Recht auf Löschung/Vergessenwerden
We do not delete your data ourselves, as we want to give you access to old measurements even after years in order to enable a comparison. Your HRV analyses are available to you for as long as you want. However, you can have your data deleted at any time. To do this, please contact the above-mentioned responsible body.
9.3 Recht auf Berichtigung
You have the right to have incorrect data corrected. You can change most of your data yourself in your account in the HRV analysis portal. In addition, you can contact the above-mentioned office in this regard.
9.4 Recht auf Datenportabilität
You have the right to “take your data with you”. In our case, this concerns your raw HRV data.
10. Complaints office
If you have something to complain about that you cannot solve with us, you are free to contact the Austrian Data Protection Authority:
Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna, Austria
Phone: +43 1 521 52-25 69
E-mail: dsb@dsb.gv.at