Privacy Policy
Last updated: June 2026. This policy covers the website www.klinikfuchs.de
and the KLINIKFUCHS app (Bundle ID com.dermcore.dermcoreV2).
The German version is authoritative.
1. Controller
Controller pursuant to Art. 4(7) GDPR:
Dr. Pascal Bafteh
Corneliusstr. 81, 40215 Düsseldorf, Germany
Email: support@klinikfuchs.de
2. This website (www.klinikfuchs.de)
Hosting: The site is hosted on Google Firebase Hosting (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland). Technically necessary server log files (IP address, date/time, requested file, browser type) are processed on access. Legal basis: Art. 6(1)(f) GDPR (secure operation). A data processing agreement is in place; logs are kept for a maximum of 30 days.
Analytics (Plausible): We use Plausible Analytics, a cookie-free, privacy-friendly statistics tool. It sets no cookies and stores no personal data; IP addresses are not stored permanently. No consent is therefore required (Art. 6(1)(f) GDPR).
Cookie consent & Google Analytics: Via a consent banner you may optionally allow Google Analytics (Google Ireland Ltd.). Google Analytics is loaded only after your explicit consent and then sets cookies for audience analysis (legal basis: Art. 6(1)(a) GDPR – consent). Without consent, Google Analytics is not loaded. You can withdraw your consent any time via the "Cookie settings" link in the footer.
Fonts: Fonts are served locally from our server; there is no connection to Google Fonts or other third parties.
The website itself sets no tracking cookies and embeds no external content (e.g. YouTube, Maps, social plugins).
3. The KLINIKFUCHS app
3.1 What we collect
a) Account data (Firebase Authentication): email address (entered at signup or received via Google/Apple Sign-In), auth UID (generated by Firebase), optional display name and avatar, optional sign-in provider identifier (Apple/Google sub-claim).
b) Profile data (Firestore): role (student, doctor, medical assistant, nurse, etc.), optional region/state, optional exam date, optional referral code.
c) Learning progress (Firestore): flashcard confidence ratings (1–5, "show again" markers), MC answers (correct/incorrect, timestamps), Spot-the-Diagnosis scores, learning-path progress, streak counters, card-shop state, practice-game state.
d) Local settings (iOS UserDefaults / browser localStorage): selected language, dark mode/theme, jargon setting, disclaimer acknowledgment flag.
e) Optional user-uploaded content: if you use the optional AI lesion differential-diagnosis feature, clinical images you explicitly upload. Such images are not stored permanently; they are forwarded to the Gemini API for the duration of a single Cloud Functions call and then discarded.
We do NOT collect: location, contacts, HealthKit data, advertising identifiers (IDFA, no ATT prompt), browser history, or cross-app trackers.
3.2 Purposes (Art. 6(1) GDPR)
Providing the personalized learning experience, authentication/account management, cross-device progress storage and spaced repetition (each lit. b – contract performance); optional push notifications for study reminders (lit. a – consent, revocable any time in iOS Settings); security and fraud prevention (lit. f – legitimate interest).
3.3 Storage location and third parties
| Provider | Purpose | Data | Region |
|---|---|---|---|
| Google Firebase (Auth, Firestore, Storage, Functions) | Backend infrastructure | Email, name, UID, progress | EU (europe-west3) |
| Google Sign-In | Optional login | Email, name | EU |
| Apple Sign-In | Required alternative on iOS | Email (possibly relayed), name | EU |
| Google Gemini (via Cloud Functions) | Optional AI differential diagnosis | Only the explicitly uploaded image + prompt | Global |
Google is certified under the EU-U.S. Data Privacy Framework; EU Standard Contractual Clauses apply additionally. Data remains within the EU where possible. There are no other third parties: no Facebook SDK, no Google Analytics in the app, no Crashlytics, no ad networks.
3.4 Retention
Account data until you delete your account; anonymized technical logs max. 30 days; cache
data temporary (auto-cleaned by iOS/browser). You can delete your account any time via
Profile → Delete Account; the deleteOwnAccount Cloud Function
removes the auth record and all Firestore documents under users/{uid}/.
3.5 Cookies and local storage
The app uses iOS UserDefaults / browser localStorage only for language, theme/dark mode and the disclaimer flag. No tracking cookies are used.
4. Your rights (Art. 12–22 GDPR)
You have the right of access (Art. 15), rectification (Art. 16), erasure (Art. 17, available directly in the app), restriction (Art. 18), data portability (Art. 20, JSON export on request), objection (Art. 21) and withdrawal of consent (Art. 7(3)). Requests to support@klinikfuchs.de.
California (CCPA/CPRA): We do not sell or share your personal information. You have the right to know, delete, opt-out and non-discrimination.
5. Right to lodge a complaint
You may complain to a data protection authority, usually the one at your place of residence (California: the California Privacy Protection Agency).
6. Security
TLS 1.2+ for all connections, Firestore Security Rules restrict read/write per UID, secure token rotation via Firebase Auth, no plaintext password storage.
7. Children
KLINIKFUCHS is not directed to children under 16. If you believe a child provided personal data, contact support@klinikfuchs.de and we will delete the account.
8. Changes
We may update this policy when laws or technology change. Material changes are surfaced in the app via a re-consent dialog.
Imprint · Terms · Support · Deutsche Version