The protection of personal data is the essence of this project. Only data that is absolutely necessary to operate the service is collected. Below is detailed information about the collection and use of personal data. The details of the operator with contact details can be found in the imprint.
1. Collection, processing and forwarding of data
No personal data is collected when you visit the homepage alone.
When requesting a MaskID, it is necessary to provide your own mobile number, name and in some countries the address for the purpose of providing the service. The IP address of the computer used is also logged for legitimate reasons to protect against misuse. When registering a visit, the MaskID (which is an anonymised form of the telephone number) is saved, as is the IP address of the computer used for documentation purposes. Visit data will be automatically deleted after the legally required retention period. Collected data (name, address when necessary, telephone number and visiting hours) will be given to health authorities on request, because it is the purpose of this service and required by law.
2. Data security
The data made available to us is secured by taking all technical and organisational security measures to ensure that it is inaccessible to unauthorised third parties. The use of data encryption (SSL) ensures that no data can be changed or recorded during the Internet connection from the client to the server.
If personal data has been collected, the right to view or adopt it exists. Furthermore, the deletion, correction or blocking of the data can be demanded. However, a request for deletion does not include the data that we are required to keep due to administrative, legal or security requirements. For example, the MaskID can only be deleted when the legal retention period of all visits registered with it has expired. We may request appropriate documents (e.g. identity card) to verify identity in the event of enquiries, and we may charge an expense allowance for repeated enquiries. In the event of disputes, you have the right to contact the local data protection authority.
4. Third-party applications
Cookies are used to store the MaskID on the local device (180 days) and the details of the last registered visit (1 week). These cookies (LMASK, LMASKR) can be deleted at any time, but the corresponding information will be lost. Cookies are not shared with or made available to third parties.