Our project is based on trust. The following paragraphs provide an orientation how we are working with your data and how the access to your data is regulated. Furthermore the guideline defines the ethical standard for current and future developments of our project. Our guideline will be defined in versions. This will allow you to identify the changes over time.
Version 3.0 of March 9. 2018
(1) the project Glucosurfer.org is always working anonymously and free of charge. This means that we will not commercialize the project in the future.
(2) the collected data is owned by our users. This data can always be downloaded to the computer of our users as an XML file. Furthermore our users can request to delete their data at their will. This operation must be legitimated with the access data that is provided after user registration (ID card or printed ID document). Then we will delete the data on our server system. We have to admit that a deletion without leaving any residue is not possible. We are making backups of our database with WORM media (CD, DVD). This media can be written once and due to its technical nature it is not possible to remove data that has already been written to it.
(3) as a basic principle third parties have no access to your data. You control two exceptions for this principle:
1. with the sharing functionality you can invite groups of persons to take a look at your data.
2. in the settings you can decide if your data can be used for Diabetes Research. The Institute for Diabetes Research (address: Institut für Diabetesforschung, Hohenzollernring 70, 48145 Münster) can access the diary data on the basis of this permission. A transfer of data to other research institutions does not take place.
(4) our log protocols are not accessible for third parties.
(5) your data is saved in backups at regular intervals. All backup media and transmission paths are secured with proven encryption technologies like HTTPS and PGP.
(6) the physical access to our server and databases is restricted to ASSETARIS e.K. or its representatives. Employees of the data processing centre where the server is hosted have no maintenance access to our server.
(7) the server is always operating under German law and particularly the German data privacy law.
(8) on mobile devices the following data is collected: the log entries you create and the photos you add to these entries.
(9) via our Facebook fanpage we will receive regular usage data from Facebook. For this data Facebook has the primary responsibility. We will not share this data with other parties.
Version 2.0 of February 10. 2017
(1) the project Glucosurfer.org is always working anonymously and free of charge. This means that we will not commercialize the project in the future.
(2) the collected data is owned by our users. This data can always be downloaded to the computer of our users as an XML file. Furthermore our users can request to delete their data at their will. This operation must be legitimated with the access data that is provided after user registration (ID card or printed ID document). Then we will delete the data on our server system. We have to admit that a deletion without leaving any residue is not possible. We are making backups of our database with WORM media (CD, DVD). This media can be written once and due to its technical nature it is not possible to remove data that has already been written to it.
(3) as a basic principle third parties have no access to your data. You control two exceptions for this principle:
1. with the sharing functionality you can invite groups of persons to take a look at your data.
2. in the settings you can decide if your data can be used for Diabetes Research. The Institute for Diabetes Research Münster will select the trustable research facilities that are allowed to process this data. These affiliated facilities will be made public on our website.
(4) our log protocols are not accessible for third parties.
(5) your data is saved in backups at regular intervals. All backup media and transmission paths are secured with proven encryption technologies like HTTPS and PGP.
(6) the physical access to our server and databases is restricted to ASSETARIS e.K. or its representatives. Employees of the data processing centre where the server is hosted have no maintenance access to our server.
(7) the server is always operating under German law and particularly the German data privacy law.
(8) on mobile devices the following data is collected: the log entries you create and the photos you add to these entries.
Version 1.0 of June 16. 2008
(1) the project Glucosurfer.org is always working anonymously and free of charge. This means that we will not commercialize the project in the future.
(2) the collected data is owned by our users. This data can always be downloaded to the computer of our users as an XML file. Furthermore our users can request to delete their data at their will. This operation must be legitimated with the access data that is provided after user registration (ID card or printed ID document). Then we will delete the data on our server system. We have to admit that a deletion without leaving any residue is not possible. We are making backups of our database with WORM media (CD, DVD). This media can be written once and due to its technical nature it is not possible to remove data that has already been written to it.
(3) as a basic principle third parties have no access to your data. You control two exceptions for this principle:
1. with the sharing functionality you can invite groups of persons to take a look at your data.
2. in the settings you can decide if your data can be used for Diabetes Research. The Institute for Diabetes Research Münster will select the trustable research facilities that are allowed to process this data. These affiliated facilities will be made public on our website.
(4) our log protocols are not accessible for third parties.
(5) your data is saved in backups at regular intervals. All backup media and transmission paths are secured with proven encryption technologies like HTTPS and PGP.
(6) the physical access to our server and databases is restricted to Holger Schmeken. Employees of the data processing centre where the server is hosted have no maintenance access to our server.
(7) the server is operating under German law and particularly the German data privacy law.