QuantOn Cal

Terms & Conditions

Company contact details

Preventis GmbH

Stubenwald-Allee 8a

64625 Bensheim, Germany

Tel.: +49 6251 . 70711 - 0

Fax: +49 6251 . 70711 - 299

E-Mail: info@preventis.com


Contact details for the data protection officer

Thomas Ott

Telefon: +49 1515 2886186

E-Mail: info@datenschutz-ott.de


Welcome to our "QuantOn Cal" app and portal. The protection of your personal data is very important to us. Therefore, we show you below how we process your personal data.

This privacy policy covers both the processing of your data by using the "QuantOn Cal" app, as well as the associated portal. Insofar as the explanations do not explicitly refer to one service, this information applies to both.


App Store and Google Play

We use the "App Store" and "Google Play" services to distribute our app.

The "App Store" is a digital distribution platform for application software provided by the US company Apple Inc, One Apple Park Way, Cupertino, California.

"Google Play" is also a digital distribution platform, but by the US company Google LLC, 1600 Amphitheatre Parkway, Mountain View, California.


Information on the data protection practices of the respective services can be found in the following links:


App Store - https://support.apple.com/en-us/HT210584

Play Store - https://policies.google.com/privacy


Categories of data; data sources

Basically, we process the personal data that you provide to us in the context of a request, a pre-contractual relationship or a contractual relationship. In individual cases and insofar as this is necessary within the framework of the fulfilment of the contract, we also process personal data that has been taken from publicly available sources (eg trade register, debt directories, Internet) in a permissible manner or is permitted by third parties (eg credit reference agencies). were transmitted.

This may be personal data (name, birthday, legally authorized representative), address data (address, e-mail address, contact person), financial data (name of the account holder, IBAN, BIC), contract data (contract duration, services purchased, cancellations), Communication data (correspondence, e-mail traffic), advertising data (advertising letters) and other comparable categories of personal data.

However, the use of the services in itself does not require the provision of this data. Rather, processing may occur when there is further correspondence beyond the use of "QuantOn Cal" and it is necessary for this data to be processed in order to properly respond to or make a decision about an inquiry or to resolve a problem.


Processing of personal data after consent (Art. 6 para. 1 p. 1 lit. a) GDPR, Art. 9 para. 2 No. 1 GDPR)

In individual cases, we will obtain consent from you for specific purposes expressly identified in connection with data collection. This includes, in particular, the processing of your health data.


A data processing takes place only if you give us the consent. It is possible that the processing of your request without your consent is not possible and therefore must be made dependent on it. The processing of the data takes place exclusively for the purpose (s) expressly stated.


You can revoke your consent with effect for the future at any time. The revocation has no influence on the legality of the processing until the time of revocation.


Processing of personal data for the execution of contracts (Art. 6 para. 1 p. 1 lit. b) GDPR)

If a contract is concluded with us, we use personal data as far as this is necessary for the execution of the contract or for the execution of pre-contractual measures. The purposes of the data processing are based on the concrete contract contents, which you can refer to the contract documents.

If a contract already exists between us, we process your data in order to verify that you are our contractual partner and in order to properly provide the contractual service owed.


Processing of personal data in the context of a balance of interests (Art. 6 para. 1 p. 1 lit. f) GDPR)

We process personal data according to balance of interests, as far as this is necessary for the protection of our legitimate interests or the interests of third parties.

Examples of such purposes are:

          Ensuring the IT security and integrity of our systems,

          Prevention and investigation of criminal offences,

          Assertion or defense of legal claims.


Categories of data processed

Within the scope of using the "QuantOn Cal" service and the associated web portal, we generally only process the following categories of data:

·       Test ID

·       Test date

·       Patient number (pseudonym)

·       Competence Center

·       Test result

·       Test image

·       Device information (model and operating system)

Please note that the photo you provide must only show the test result. Insofar as other personal data is recorded and transmitted, which does not show the test result, this data is processed on the basis of a legitimate interest (Art. 6 para. 1 p. 1 lit. f) GDPR) in being able to properly display the image created by you on our portal. We ask you not to include and transmit sensitive data in the sense of Art. 9 para. 1 GDPR, with the exception of the test result.


Data processing and access rights of the "QuantOn Cal" app

For proper use of the service, it is necessary for the app to have permissions to the following interfaces:

·       Read/write to the device memory space

·       Camera

In this context, processing only takes place insofar as this is necessary for the proper provision of the services.


General processing of visitor data on our portal

The use of our portal is generally possible without providing personal data.

However, we would like to point out that access data is also collected in this case and stored in the server log files. In particular, this involves the following data:

·       Browser type / your browser version,

·       Operating system,

·       Date and time of your visit,

·       Your username (when logged in),

·       Your IP address.

We generally evaluate this information in anonymized form to defend against attacks and to improve our offer (processing of personal data in the context of a balancing of interests pursuant to Art. 6 para. 1 p. 1 lit. f) GDPR) and subsequently delete it. The data is regularly not traceable to your person and is not merged with other data.

However, in the event of concrete indications of unlawful use, we reserve the right to evaluate the data retrospectively.


Use of cookies on our portal

As part of your visit to our website cookies can be used on various pages. These are text files that are placed on your computer and, among other things, allow a smooth process of visiting our website. We almost exclusively use cookies that are technically necessary for the operation of our website. We use these cookies exclusively on the basis of a legitimate interest, Art. 6 para. 1 p. 1 lit. f) GDPR. Most of the cookies we use are deleted from your computer after you close the browser (session cookies). Should the use of additional cookies be necessary for the use of certain non-essential functions of our website, we will obtain your consent to the placement of these cookies beforehand.


Web analytics and marketing

We do not use cookies or other tools that record and analyze your user behavior on our services.


Duration of Data Storage

Your personal data will be deleted by us immediately, as soon as the data are no longer needed for the fulfilment of the contractual and legal obligations or the purpose for which the data was processed is reached and the data is no longer needed for this purpose.

Personal data will be stored for at least as long as necessary to fulfill contractual obligations and to exercise contractual rights. This period may extend beyond the actual contract period, as the data may still be relevant under the statute of limitations after the end of the contract. In addition, deletion can only take place if any tax and commercial retention periods have expired.

For the portal, the following also applies: The criteria for the duration of the storage of cookies can be found in the corresponding section.

Data transfer

We transfer data to other third parties if and to the extent that we have delegated the fulfillment of tasks.

We collaborate with the following companies:

·       Liftric GmbH, Julius-Hatry-Strasse 1, 68163 Mannheim, Germany,

·       Immundiagnostik AG, Stubenwald-Allee 8a, 64625 Bensheim, Germany.

Furthermore, service providers can be entrusted with tasks in the following areas, for example:

·       IT maintenance,

·       IT development,

·       IT deployment,

·       Lawyers.

The transfer of data always takes place on the basis of a legal standard or a suitable contract according to Art. 26 or 28 GDPR, which ensures observance of all data protection requirements.

Otherwise, data is only transferred in the cases provided for by law, for example in the case of a legal obligation to provide information to law enforcement authorities. In these cases, the data transfer is legitimized according to Art. 6 para. 1 p. 1 lit. c) GDPR.


Data transfer to a third country

Data transfer to a third country is not intended.


Your rights as a data subject

As a person concerned with the processing of personal data, you have the following rights:

You have the right to request confirmation from us as to whether we are processing personal data relating to you. If this is the case, you have a right to information about the personal data and to the information listed in Article 15 GDPR in detail.

You have the right to demand that the responsible person immediately correct any incorrect personal data concerning you and, if necessary, complete any incomplete personal data (Art. 16 GDPR).

You have the right to demand that the person responsible delete personal data concerning you immediately if one of the reasons specified in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued (right to deletion).

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have lodged an objection against the processing pursuant to Art. 21 GDPR, for the duration of any inquiry as to whether our legitimate interests outweigh yours.

You have the right to receive in a structured, common and machine-readable format the personal data concerning yourself which you have supplied us, as well as the right to transmit these data to another controller without hindrance by us, provided that the processing of these data is based on your consent or on a contract and that the processing is carried out with the aid of automated procedures (Article 20 GDPR). When exercising the right to data portability, you have the right to have the personal data transferred directly from us to another controller, as far as this is technically feasible (right to data portability).

You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning your person, which may be processed on the basis of Art. The responsible party will no longer process the personal data unless it can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the affected party, or the processing is for the purpose of establishing, exercising or defending legal claims (Art. 21 GDPR).

With regard to the exercise of your rights, you can always contact us via the contact options offered in this document.


Right to object to direct advertising

In individual cases, we process personal data in order to conduct direct advertising. In this case, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising (Article 21 GDPR).

If you object to the processing for direct advertising purposes, the personal data will no longer be processed for these purposes.

The objection can be made form-free at any time via one of the contact options provided in this privacy policy.


Right to complain

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR (Article 77 GDPR). You may exercise this right before a supervisory authority in the member state in which you reside, work or where the suspected infringement takes place. In Hessen, Germany, the responsible supervisory authority is „Der Hessische Beauftragte für Datenschutz und Informationsfreiheit“.

You can find more information at the following link:


Of course, you can also contact us directly if you are dissatisfied or have questions about privacy. The quickest way to reach both our internal and external contact person on the subject of data protection under the following contact data:

Preventis GmbH

Tel.: +49 6251 . 70711 - 0

E-Mail: info@preventis.com


Requirement to provide personal data

There is basically no obligation to provide data. However, providing data may be required to use certain features or to enter into a contract. If you do not provide the necessary data, you will not be able to use certain features or services, or a contract may not be finalized.

Last updated as of May 20, 2021.


Copyright © 2021 Preventis, Inc.  All rights reserved.