The app contains an inbox for messages by SOPHIA. You can also receive messages from SOPHIA via push function. This function is initially activated, but can be deactivated by choice. Push notifications can be deactivated in the system settings of your device.
The Provider does not guarantee the availability, reliability, functionality or suitability of the app for your purposes. Any liability is excluded, unless mandatory liability exists under the Product Liability Act, due to intent, gross negligence, injury to life, body or health, due to the assumption of a guarantee of quality, due to fraudulent concealment of a defect or due to the violation of fundamental contractual obligations. Fundamental contractual obligations are all those obligations which must be fulfilled in order for a contract to be properly executed and which the parties to the contract may regularly rely on being fulfilled. Compensation for damages due to the violation of essential contractual obligations is limited to the foreseeable damage typical for this type of contract, unless there is intent or gross negligence.
The operator SOPHIA cloud application and responsible body in terms of data protection is
SOPHIA GmbH & Co KG
Trinidad Street 15a
Industrial area Hohenesch
27356 Rotenburg (Wümme)
e-mail address: email@example.com
We process your personal data in compliance with the data protection laws of the Federal Republic of Germany and the European data protection basic regulation. Under no circumstances will we pass on your personal data to third parties for advertising or marketing purposes without your consent.
In our company, compliance with the legal regulations and this declaration is monitored by our data protection officers. Our employees have been trained in the handling of personal data and have been committed in writing to comply with the data protection regulations.
The use of our SOPHIA cloud application is usually possible without providing personal data. As far as personal data (e.g. name, address or e-mail addresses) are collected on our pages, this is always done on a voluntary basis, as far as possible.
We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. We try to protect your data from unauthorized access by third parties by taking precautions such as pseudonymization, data economy, observance of deletion periods and taking into account the current state of technology. Despite these protective measures, however, we cannot completely rule out unlawful processing by third parties.
When you visit the SOPHIA Cloud application, our web servers temporarily store each access in a log file. The following data is recorded and processed until it is automatically deleted:
Name of the retrieved file and transferred data volume, as well as date and time of the retrieval,
IP address of the requesting computer, as well as device ID or individual device ID and device type,
Message about successful retrieval,
Description of the type of Internet browser used and, if applicable, the operating system of your end device as well as the name of your access provider,
Your browser history and your standard weblog information,
Location data, including location data from your mobile device. Please note that on most mobile devices you can control or disable the use of location services in the mobile device's settings menu.
When using the SOPHIA cloud application for purely informational purposes, SOPHIA GmbH & Co KG only collects the personal data that is technically necessary for the display, the use of the SOPHIA cloud application (connection establishment), the system security, the system stability, the technical administration of the network infrastructure and the optimisation of the internet offer. The legal basis for this is a legitimate interest of SOPHIA GmbH & Co KG (Art. 6 para. 1 p.1 lit. f DSGVO).
You have the possibility to object to this data processing. If you object to the use of your data, we would like to point out that only a limited use of our services may be possible.
Beyond the cases mentioned above, these personal data will not be processed unless you expressly consent to further processing.
Your personal data is collected by SOPHIA GmbH & Co KG exclusively for the purpose of registering for our SOPHIA cloud application. Your registration data is stored and verified in our central authentication system via encrypted connections.
You must enter the following data:
To use the SOPHIA Cloud application you have to register once. For this purpose you have to enter some personal data which we store as well as process and use within SOPHIA GmbH & Co KG.
The following mandatory information must be provided where applicable:
Company / Hospital
Our legitimate interest in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO to collect the data is based on the following purposes: ensuring a smooth connection and comfortable use of the website, evaluation of the system security and stability as well as for other administrative purposes.
Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.
Your data will be stored by SOPHIA GmbH & Co KG only as long as they are required for specific purposes. Consequently, your data will be deleted by SOPHIA GmbH & Co. KG when:
The corresponding legal basis for processing your data no longer exists,
The purpose of processing your data no longer exists,
you revoke your consent to the processing of your data,
A legal obligation that makes deletion necessary, or
you have objected to the processing of your personal data,
unless there are legal retention periods. For example, the German Fiscal Code (AO) or the German Commercial Code (HGB) provides for certain retention periods. Only then the SOPHIA GmbH & Co KG may finally delete your data.
Excepted from this are data whose deletion would represent a disproportionate effort. In such a case, SOPHIA GmbH & Co KG has a legitimate interest in the sense of the German Data Protection Act. Art. 6 paragraph 1 lit. f DSGVO for the storage of your data.
In order to use the software, it is necessary to provide at least a user name and a password. This is provided in the context of the business relationship with your employer.
The online offer of the SOPHIA GmbH & Co KG can contain links to the internet pages of third parties, on whose contents the SOPHIA GmbH & Co KG has no influence. After clicking on a link you leave the area of responsibility of the SOPHIA GmbH & Co. KG. The following processing of your data will no longer take place within the sphere of influence of SOPHIA GmbH & Co KG.
The Internet is a worldwide open platform. Due to the Internet's inherent operating mode and the system-related risks, all data transmissions initiated by you are at your own risk. For your security we offer our services exclusively via the encrypted transmission path.
We will only transfer your data to countries outside the European Economic Area (third countries) if
it is necessary for the execution of your orders,
it is required by law, or
you have given us your consent.
If we transfer your data to a third country or to an international organization, this is always done in accordance with the provisions of the DSGVO. Furthermore, in accordance with the principle of data minimization, we only transfer data that is limited to the minimum necessary.
In some cases, we use service providers whose headquarters, parent company or sub-service provider is located in a third country. Your data will only be transferred if the European Commission has decided that an adequate level of protection exists in this third country (Art. 45 DSGVO), appropriate guarantees are provided (e.g. standard contractual clauses issued by the European Commission) and enforceable rights and effective remedies are available to you as the data subject. We have contractually agreed with the service provider on compliance with the European basic data protection regulation and its provisions.
Our SOPHIA cloud application also uses so-called cookies. Cookies are small text files that are stored on your computer and saved by your browser. They do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Some cookies (so-called "functional cookies", e.g. for language settings and ordering processes) are those that are absolutely necessary to guarantee essential functions of the SOPHIA cloud application. Without these, the SOPHIA cloud application cannot be used as intended.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.
Within the scope of Matomo's coverage analysis, the following data is processed: the type and version of browser you use, the operating system you use, your country of origin, date and time of the server request, the number of visits, your time spent on the SOPHIA cloud application and the external links you activated. The IP address of the user is anonymized before it is saved.
Users can object to the anonymous data collection by the Matomo program at any time with effect for the future by clicking on the link below. In this case, a so-called opt-out cookie will be stored in their browser, which means that Matomo will no longer collect any session data. However, if users delete their cookies, the opt-out cookie will also be deleted and must therefore be reactivated by users.
Logs with the users' data will be deleted after 6 months at the latest.
If we ask users to give their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Art. 6 para. 1 letter a. DSGVO. Otherwise, the personal data of the users will be processed on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) are processed.
We have taken extensive precautions to protect the security of your data. Your data transmitted to us, which you have entered e.g. in HTML pages, are transmitted in encrypted form (SSL - Secure Socket Layer) via the public data network to SOPHIA GmbH & Co KG and processed.
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as site operator. You can recognize an encrypted connection by the fact that the address line of your browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Your personal data will not be passed on to third parties unless you have given us your prior consent. Excluded from this are service providers for contract initiation and contract processing, such as IT service providers or the hosting service provider for the SOPHIA cloud application. These companies work for SOPHIA GmbH & Co KG within the scope of so-called order processing and may only use the personal data in accordance with our instructions.
By contract, SOPHIA GmbH & Co KG has committed these service providers to the European data protection level and monitors them.
In all these cases, the data will be transmitted in accordance with the applicable national and European data protection regulations; the scope of the transmitted data will be limited to the necessary minimum.
You have the right at any time to:
A free information about your stored personal data, their origin and recipient and the purpose of data processing as well as
to limit the processing of the data,
Deletion of this data,
The preservation of your data in a structured, common and machine-readable format (right to data portability),
Revocation of your consent to the processing of your personal data,
Complaint to the competent supervisory authority
Objection to processing on the grounds of legitimate interest
You also have the right to object to the processing of your personal data at any time if this is done by SOPHIA GmbH & Co KG GmbH out of a legitimate interest (according to Art. 6 Par. 1 letter f DSGVO). As a consequence, the processing of your data will be stopped unless SOPHIA GmbH & Co. KG GmbH can justify a continuation of the processing due to legal requirements or due to interests worthy of protection. This is the case, for example, if data is still needed to be able to enforce legal claims.
Opposition to processing for the purpose of direct marketing
You can object to the processing of your personal data for the purposes of advertising and data analysis at any time ("advertising objection").
You can contact us for this and other questions on the subject of personal data under "Your contacts in data protection matters".
If you have any questions regarding the processing of your personal data, you can contact our data protection officer directly, who is also available in cases of requests for information, applications or complaints:
Data protection officer
SOPHIA GmbH & Co KG GmbH
Trinidad Street 15a
Industrial area Hohenesch
27356 Rotenburg (Wümme)
e-mail address: contact@sophia. online
If you wish to exercise your right to complain to the relevant regulatory authority, please contact the following address:
The State Commissioner for Data Protection of Lower Saxony
You can access and print out these data protection provisions in the SOPHIA cloud application of SOPHIA GmbH & Co KG under the link https://app.sophia.online/legal.
As of 22.06.2019
(Description of the standard services)
With the SOPHIA cloud application (hereinafter referred to as "SOPHIA"), Sophia GmbH & Co.KG provides the customer with standard services, the content and scope of which are described in the following service description, with the availability described in section 6. SOPHIA is ready for operation when Sophia GmbH & Co KG has informed the customer about the activation (access to a functioning SOPHIA platform).
The transfer point for software use is the router exit of the computer center used by Sophia GmbH & Co.KG to the Internet. The customer has to take care for the connection of the customer to the Internet, the provision or maintenance of the network connection to the data center as well as the procurement and provision of network access components for the Internet on the side of the customer. This is not part of the software use.
Create, modify, delete users
Assign, modify, delete various user roles
Assign, change, delete teams
Management of SOPs:
Create, modify, copy, delete
Structuring of SOPs in collections
Versioning of SOPs; Previous SOPs are saved as old versions and can always be retrieved and restored if necessary.
Events: Every change in the SOP directory is recorded and can be traced back exactly. So you always know exactly who has worked on what and when.
Approval / Publication of SOPs: SOPs go through an "Approval" process before publication to authorized users. After editing / creating an SOP, an authorized user must first approve the SOP for publication.
SOP release: Other clinics can release SOPs for you. If necessary, you can copy these SOPs directly into your own SOP directory. Conversely, you can also share SOPs with other clinics.
Data storage: SOPHIA includes its own cloud storage. Files in this storage can be linked to SOPs as desired (e.g. PDF, images, Word documents etc.)
Use of the free apps on mobile devices and linking to the SOPHIA SOP database; updating of the end devices The apps are available free of charge in the respective official app stores (Google Play, iTunes Store).
When using SOPHIA for the first time, the customer himself must generate a user ID and password which are necessary for further use of SOPHIA. The customer is obliged to keep user ID and password secret and not to make them accessible to third parties.
4.1 Sophia GmbH & Co.KG secures the customer data by a daily backup of the complete database on a suitable backup medium with up to 30 days backup time. Furthermore, a continuous versioning and backup of the data within the database of the SOPHIA system ensures maximum redundancy. A deletion of the customer data takes place after the termination of the contract upon written request of the customer.
4.2 Not included in the contractual scope of services is the long-term data backup for which the customer is responsible and which serves to comply with archiving obligations, e.g. those of a commercial or fiscal nature, unless the customer concludes a separate contract with Sophia GmbH & Co.
Requirements for the use of SOPHIA:
Broadband Internet Access
PC with Windows 10
For apps: current Android (from version 4.4.4 (API20)), iOS (from 12 )
For the web platform: always the latest version of Google Chrome
Important: Systems and/or software not included in this list may be supported by SOPHIA and the SOPHIA Apps.
The provision of these conditions as well as the telecommunication services including the transmission services from the point of transfer of services to the equipment used by the customer are not subject matter of this contract, but are the responsibility of the customer.
Should the customer use the data release option to share his data, he is obliged to provide only reasonable data that has been carefully checked to the best of his knowledge and belief. Sophia GmbH & Co KG does not guarantee or assume liability for the quality of the customer data provided.
The availability refers exclusively to the functionalities of SOPHIA described in paragraph 2.
Sophia GmbH & Co.KG provides the customer with the functionalities of SOPHIA as described in number 2 during the system runtime mentioned below, but excluding the times of planned unavailability as contractually agreed in number 8.
24 hours/day and 365 days/year with 98% system availability.
The system runtime is composed of the times of available usage and unavailability. The available usage includes the times in which the functionalities can be used:
The available use also includes the periods of time specified below during
Disturbances in or due to the condition of the infrastructure not to be provided by Sophia GmbH & Co.KG or its vicarious agents;
disturbances or other events which are not caused by Sophia GmbH & Co.KG or one of its vicarious agents, e.g. exceeding the threshold values according to clause 7.3;
insignificant reduction of the suitability for use according to the contract,
Non-availability shall be deemed to exist if the agreed functionalities are otherwise unusable.
Sophia GmbH & Co.KG is entitled outside the planned unavailability to service and maintain the software and/or hardware systems and to make data backups. Planned non-availability outside of the times mentioned must be agreed with the customer in text form (email) or by telephone. In the event of important reasons, the customer will not unreasonably refuse his consent.
If and as far as the customer can use SOPHIA in times of planned unavailability, there is no legal claim to this. If the use of SOPHIA in times of the planned unavailability results in a reduction or cessation of services, the customer has in particular no claim to warranty or compensation.