We’re Skleo

We’re here to eliminate preventable blindness.

We’re Skleo

We’re here to eliminate preventable blindness.

Privacy policy

How we process your data.

Last update: 13 March, 2025.

1. Controller

Skleo Health GmbH
Brehmstrasse 3
40239 Düsseldorf
Email: info@skleo.de
Represented by the Managing Director(s): Dr. med. Steffen E. Künzel; Dipl. Ing. Fabien Vogl; Dr. Alex Michael Hein

2. General Information on Data Processing

We process personal data exclusively in accordance with the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable regulations.

Processing takes place only to the extent necessary for providing our services, fulfilling contractual or legal obligations, safeguarding legitimate interests, or where consent has been granted.

3. Categories of Personal Data

We may process the following categories of personal data:

  • Basic data (e.g., name, address, contact details)
  • Usage data (e.g., IP address, access logs)
  • Health data (special category data under Art. 9 GDPR, e.g., screening results, medical findings, images) where required to deliver our services.

4. Purposes and Legal Bases of Processing

We process personal data for the following purposes:

  • Provision and documentation of screening services
  • Transmission of screening results to the data subject and—if consent is given—to treating physicians or healthcare providers
  • Administration of partner relationships (e.g., opticians, pharmacies, corporate partners)
  • Compliance with legal obligations, including under medical device law, tax law, and commercial law
  • IT security and prevention of misuse
  • Marketing and communication, where consent has been obtained

 

Legal bases:

  • Art. 6(1)(b) GDPR (contract performance)
  • Art. 6(1)(c) GDPR (legal obligation)
  • Art. 6(1)(f) GDPR (legitimate interest)
  • Art. 9(2)(h) GDPR (processing of health data for medical purposes)
  • Art. 9(2)(a) GDPR (explicit consent)

5. Recipients of Personal Data

Data will be shared only as legally permitted or required, including with:

  • Treating physicians and medical professionals (subject to consent)
  • Contractual partners (e.g., opticians, pharmacies, corporate partners) where necessary for service delivery
  • IT service providers, hosting providers, and other processors under Art. 28 GDPR
  • Public authorities and regulators, where legally required

6. Data Retention

Personal data will be stored only as long as required for the purposes outlined or where statutory retention obligations apply. After this period, data will be deleted or anonymised.

7. Rights of Data Subjects

You have the following rights under GDPR:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to withdraw consent at any time with future effect (Art. 7(3))
  • Right to lodge a complaint with a supervisory authority (Art. 77).

The competent authority is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen.

8. Data Security

We apply appropriate technical and organisational measures in accordance with Art. 32 GDPR to protect personal data against loss, misuse, unauthorised access, and unlawful disclosure.

9. Cookies and Tracking

Where our online services use cookies or similar technologies, they are employed either on the basis of Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (legitimate interest). Details are provided in our separate Cookie Policy.

10. International Data Transfers

Transfers of personal data to third countries occur only if an adequacy decision by the European Commission exists or if suitable safeguards in line with Art. 46 GDPR are in place.

11. Updates to this Privacy Policy

We reserve the right to update this Privacy Policy as necessary. The version published on this website at the time of use shall apply.