The protection of your personal data is very important to us. As part of your treatment at our cooperating radiology practice, a supplementary image-based analysis is carried out by the AI-supported systems of Floy GmbH. This additional analysis can identify health risks at an early stage and provides your medical team with important information for your care.

1. Who is responsible for data processing?
Your treating practice is responsible for processing your data. It remains your point of contact for all data protection issues at every stage of diagnosis and treatment. The practice is technically supported by Floy GmbH (Ludwigstraße 9, 80539 Munich), which carries out AI-supported analyses of medical image data.
‍
2. What data is processed?
Imaging data from your examination, e.g. from MRI, CT or mammography, is processed. This data may be combined in pseudonymized form with demographic data such as gender and age to enable a well-founded analysis. All data is processed exclusively for medical purposes.

3. What is your data used for?
Your image data is processed to carry out a supplementary risk analysis by AI. The aim is to detect abnormalities or risk factors that may not be detected in the primary findings. The legal basis is Art. 6 para. 1 lit. b GDPR (treatment contract) and Art. 9 para. 2 lit. h GDPR (medical diagnostics).

4. Who receives your data?
Your data will only be transmitted to Floy GmbH if this is necessary for the analysis. Beyond this, your data will not be passed on to third parties.

5. Can your data be used to improve the software?
Only if you have expressly consented can your anonymized image data also be used to further develop the AI technology. No personal data such as name, date of birth or other
identifying characteristics will be transmitted.

6. How will you be informed about results?
We use the service provider Sinch AB (St.-Martin-Straße 63, 81669 Munich, Germany; website: https://sinch.com
Data processing agreement: https://sinch.com/de/legal/terms-and-conditions/other-sinch-terms-conditions/data-protection-agreement/) to inform you about the status of your additional analysis (e.g. by SMS or email). Your e-mail address and/or telephone number may be processed for technical notification purposes. This is done on the basis of our legitimate interest in efficient patient communication (Art. 6 para. 1 lit. f GDPR). It is ensured that Sinch AB works in compliance with data protection in the sense of the GDPR. Compliance with data protection regulations is regularly reviewed, in particular with regard to technical and organizational measures.

‍7. What rights do you have?
‍Youhave the right to information, correction, deletion or restriction of the processing of your personal data. You can also lodge a complaint with a data protection supervisory authority at any time.

‍8. Minors.
‍Ourservices are not directed at children under the age of 13. We do not knowingly collect information from children under the age of 13. If you are under the age limit, do not use the Services and do not provide us with any Personal Data. If you are a parent of a child under the age limit and you become aware that your child has provided us with personal data, please contact us directly so that we can take the necessary steps, such as blocking or deleting the data.

‍9. Further information.
‍For detailedinformation, please refer to our complete privacy policy at: https://www.floy.com/datenschutz

‍
‍