Therapeutic training at home
for back, knee and hip pain
As of 20 January 2021
Your data belongs to you and is controlled by you. By giving consent to the processing of your data, you enable us to offer you the best possible therapeutic Vivira-training.
The protection of your data and your privacy are very important to us. We’re aware of the sensitive character of your health information. Therefore, the legislator refers to certain health data as “special personal data”. Such data is in particular need for protection.
You can read the sections by clicking on the respective heading.
Our objective is to support you in conducting your therapeutic training at home as a complement to other treatment forms, while supporting you in reducing your knee-, hip-, or back-pain.
This includes the clinical validation of our product by research organizations using anonymized data.
The processing of your data serves these purposes exclusively.
Vivira Health Lab GmbH (“Vivira”) is located at Kurfürstendamm 54/55, 10707 Berlin, Germany. Vivira processes your personal data in connection with the Vivira-App (“App”) and the website www.vivira.com (“Website”). We’re “responsible” according to German Basic Regulation on Data Protection (Deutsche Datenschutz-Grundverordnung – “DSGVO”).
We process your data only to the extent necessary for the provision of the Vivira services requested by you, as long as you consent to the processing, or if we’re authorized to do so by data protection laws. For the processing of your data, we separately ask for your consent. You can consent e.g., by activating the consent-slider in the Vivira App. We will keep a record of your consents.
You may view and revoke your consents at any time in the Vivira App under Profile > Settings > Manage your data.
Requests can be sent to email@example.com. For further information regarding our company, see www.vivira.com. You may also address questions to our data protection officer: Mike Peter, mpP Group/yourprivacyfirst: firstname.lastname@example.org
On the one hand, your data is collected when you enter it into our systems. Other data is automatically collected by our IT systems after your consent.
Personal data is especially protected by law. Such data refers to information that refers to an identified or identifiable person.
With the exception of your email address and your IP-address, we do not collect any data that allows direct identification of your person. Nevertheless, the other data we collect become personalizable through your email address and IP address. A strictly confidential handling of all your data is therefore of great importance to us and we treat all data according to the same rules that apply to processing your personal data.
In case you do not wish to share necessary data with us, we’re unable to provide you with the services described in our terms and conditions.
In the Vivira App
Vivira consists of four main features, in each of which health data is collected. The collection of the data is required for serving the purpose of Vivira and for providing the services as described in our terms and conditions. The four main features are:
a) Onboarding and generation of user account
b) Wellbeing Journal and Movement Test
c) Personalized training program
d) Steps and other activities
Providing your data is optional. However, the Vivira App can only function if you provide the data completely and correctly.
By providing specific health data during Onboarding, you can exclude contraindications (are these present: yes/no) and enable the selection of the right Vivira program, while receiving general and specific information on Vivira in the context of the data you provide.
This requires data about possible contraindications, your demography (gender, age), your health condition (your problem areas, the severity and duration of your pain, medical diagnoses, movement limitations) and possible on-going treatment with physiotherapy and/or pain medication).
The generation of a Vivira user account is required e.g. for security reasons to be able to use the Vivira App. With your user account, you can use your Vivira program after signing out from the App and then signing back in, after deleting and then reinstalling the App (though not after blocking of your account), and you can use the App on multiple devices.
During generation of your user account, you will be asked for your email address and asked to define a personal password. This enables us to set up and protect your account. We need your email address also in case we have to inform you about security-relevant issues regarding the product. For purposes of data security, we require a complex password with at least 8 characters, including at least one small caps letter, one large caps letter, and at least one number.
Disclosure of your email address qualifies all data collected, processed and used by Vivira as “special personal data” pursuant to the DSGVO. It is protected accordingly as such.
The Wellbeing Journal and the Movement Test enable you to periodically register the status of your bodily condition. In the Wellbeing Journal, you provide Data concerning your condition and treatment (pain, limitations to quality of life, work, household, and leisure activities, physiotherapy, and pain medication). In the movement test, you go through certain movements and indicate whether the movements could be conducted and if they were painful.
The personalized therapeutic training program supports the reduction of your pain. Every day, you will receive several exercises that are explained by video, as well as information regarding the exercises. After each exercise, we will ask you questions regarding your ability and the pain you may have experienced during the exercise. Answering these questions enables us to adapt the exercises each day based on the answers you provided. We also give you the chance to exclude exercises in case of pain.
Providing steps and other activity enables you to keep an eye on your overall activity level over time.
The technical data we collect informs us about the hard- and software you use:
In the Vivira App
- Platform (e.g., iOS or Android)
- Version of the Vivira-App
- Manufacturer and model of your device
- Version of the operating system of your end device
Data regarding use
The data regarding use that we collect informs us how you use the App and Website:
In the Vivira App
- Time and frequency of use of App
- Area of App that is used
- Duration of use
- App-settings used (language settings, notifications)
- Feedback-data (incl. email-service)
We process your health data, technical data and data on use while you are using the App while you maintain a user account with Vivira that is not blocked.
Vivira will store your data for as long as we have your consent to do so in the context of the delivery of the Vivira services. In the case of your objection or revocation your consents, and in accordance with statutory requirements, Vivira will block and archive your data for a period of 3 years.
We do not share your data with third parties, unless:
- we are obliged to do so by law
- you have given us your explicit and specific consent to do so
It also includes sharing of anonymized data with research organizations, exclusively for purposes of clinical validation of our product. To receive a list of our current research organization partners, please send an email to email@example.com.
Only with your explicit and additional specific consent, we will transfer your data to certain doctors, therapists (“Providers”), Payors, or research institutions. In this case, Vivira acts as contract data processor pursuant to article 28 DSGVO and undertakes to comply with the legal regulations regarding data protection and data security.
Storage on your device
To increase safety and provide the best possible user experience, we limit the data stored in encrypted form on your device to the following elements: Email address, current training program name, information if you are on a premium account, exercise data, feedback you provided after the exercises, and steps and burnt calories (only relevant for early users).
Storage on cloud-based server
Beyond this, all of your data will be stored on servers of Amazon Web Services („AWS“), our IT service provider Dienstleisters Hetzner Online GmbH, Gunzenhausen („Hetzner“) within the EU. Hetzner processes the data on our behalf and on the legal basis of article 28 DSGVO. Hetzner undertakes to comply with all relevant legal regulations regarding data protection and data security. To review Hetzner data protection regulations, please see: https://www.hetzner.de/rechtliches/datenschutz/
The Vivira App and the server communicate through encoded connections via SSL (Secure Socket Layer) to prevent unauthorized third parties from reading your data.
Our server is protected by a firewall in order to protect against unwanted access.
Our provider Hetzner is certified according to ISO 27001, an internationally recognized norm for information security.
Risk when using Vivira at your workplace or in multiple network environments
Please be aware that it is prohibited to use the internet for private purposes during working hours in certain work environments. Some employers systematically monitor prohibited internet activity at the workplace. Also, multiple network surroundings may pose a risk of unwanted access.
In addition to Hetzner (see above), Vivira contracts third-party providers for analysis of user data. We do this to be able to provide the services as described in our terms and conditions and/or constantly improve and further develop the App.
A transfer of your data to these service providers takes place only in connection with legally permissible contract data processing.
We have concluded data processing agreements with the service providers and in this context we implement the strict requirements of the German data protection authorities.
We use the following service providers:
Heinlein Support GmbH/mailbox.org
For data processing, Vivira uses services of mailbox.org of the company Heinlein Support GmbH, Berlin. Mailbox.org enables the receiving, processing, and answering of customer service queries, as well as the analysis of queries and their handling.
We use the web analytics service Matomo exclusively for communication with medical practices via our website when a practice orders Vivira information (i.e., not for communication with patients, not for health data, and not in the Vivira app). Matomo enables the recognition of the visitor to measure the reach of our online offers through browser fingerprinting. In this process, certain settings of the website visitor’s end device, e.g. browser version and software versions, are registered. Visitors are thus individually identifiable.
We use Matomo with privacy-friendly settings, i.e. the information collected by Matomo about the use of the website is stored on our server in Germany at ALL-INKL.COM – Neue Medien Münnich. The information collected is not passed on to third parties and does not leave the Federal Republic of Germany. The IP address is anonymized before storage. No profiling takes place. The data used for recognition is automatically deleted after 12 hours.
The use of Matomo is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the anonymized measurement of the reach of our offers in order to be able to assess visitor interest in individual contributions and to optimize our web offer. We only use the analysis for advertising purposes if visitors have explicitly given us consent to do so.
If you do not agree to this storage and use of your data, you can deactivate it here. In this case, an opt-out cookie will be stored in your browser, which prevents Matomo from storing usage data. If you delete your cookies, this will have the effect that the Matomo opt-out cookie will also be deleted. The opt-out must be reactivated when you visit this website again.
You have the right to receive information free of charge about the origin, recipients and purpose of your stored personal data at any time. You also have the right to demand the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. Furthermore, you have the right to demand the restriction of the processing of your personal data under certain circumstances. You also have the right to appeal to the responsible supervisory authority.
You can contact us at any time about this and other questions about data protection at firstname.lastname@example.org
You have the right to information regarding the personal data stored with us. In case your personal data is stored at Vivira, we are happy to provide you with a copy of this data upon request to email@example.com. This includes information about purpose of storage, category of data stored, recipients of the data, accessors, as well as, if possible, period of data storage and criteria for determination of this period.
If you wish to revoke your consents to data processing by Vivira and for your data stored by Vivira to be deleted, you may revoke your consents – without any consequences to the lawfulness of data processing that took place before the revocation – to data processing in the Vivira App under Profile > Settings > Manage your data and thereby block your account.
Your data will then be archived according to the statutory retention requirement for a duration of 3 years from the date of archiving. Beyond archiving, the data will no longer be processed and can no longer be accessed. After the end of the period, the data will be deleted.
From the moment the account is blocked, your program and data will no longer be available and Vivira will no longer be able to perform its services as descried in our Terms and Conditions. We will no longer be able to create any reference to your account, and accordingly will no longer be able to reproduce if you are or were a Vivira Premium user. Any remaining period of use, potentially already paid for, will expire without the possibility for refund or credit. The blocking cannot be reversed.
In case the deletion conflicts with other statutory, contractual, tax-based, or commercially-based storage requirements or other legislative reasons, the blocking of your account may instead be prolonged.
You may correct data that you incorrectly entered into the App on the same day that the original data entry was made. Questions or corrections needs that go beyond the described may be sent to firstname.lastname@example.org.
A partial deletion of your data or a restriction of the data processing is possible, if there is a legal basis for it according to Art. 17 or Art. 18 DSGVO. In this case please contact us at: email@example.com.
We have the possibility to transfer to you your personal data stored by Vivira in a structured, common and machine-readable format. Upon request, it is also possible to transfer this data directly to a third party insofar as this is technically feasible and insofar we have your explicit and specific consent to do so. In this case, send an email to firstname.lastname@example.org.
In case of appeals, complaints, or questions sent to email@example.com, we will do our best to resolve your issue to your fullest satisfaction.
You are also welcomed to contact our Data Protection Officer: Mike Peter, mpP Group/yourprivacyfirst: firstname.lastname@example.org.
Beyond this, you may get in contact with the data protection supervisory authority that is responsible for your location: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Vivira Health Lab GmbH
Kurfürstendamm 54/55, 10707 Berlin