We would like to inform you about the processing of personal data in connection with our AI-based assistant features, the so-called AMBOSS Assistants. To the extent that data processing is not described differently here, our general Privacy Policy applies.
Purposes of Processing and Legal Basis
We process users' User ID and IP address as well as inputs and associated meta/communication data when using AMBOSS Assistants in order to provide the various assistant functions. The scope of functionality also includes that we create automated learning suggestions based on the inputs in order to improve the user's learning experience. The legal basis for the processing activities is the performance of our contract with you (Art. 6(1)(b) GDPR).
AMBOSS Assistants serve exclusively for medical education and knowledge transfer for study and continuing education. The assistants are not intended to be used for the diagnosis, treatment, relief or prevention of diseases in humans and do not constitute medical advice. Users must not enter patient data or other personal data into AMBOSS Assistants.
We reserve the right to modify, suspend, or discontinue AMBOSS Assistants at any time without notice. Features and functionality may change during the beta period.
Interactions with AMBOSS Assistants are stored for product optimization. They will at the latest be deleted after the respective user account has been deleted. During the beta phase, users do not have the ability to delete individual interactions.
To document the user's decision regarding the use of AMBOSS Assistants, we use so-called local storage technology. The preference is stored on the user's device and the pop-up window is therefore not displayed again each time AMBOSS is opened.
Third-Party Technologies
We use the following third-party technologies for AMBOSS Assistants. The respective providers act on our behalf based on a data processing agreement.
OpenAI
We use technology from OpenAI Ireland Ltd and/or its affiliates, located at 1st Floor, The Liffey Trust Centre, 117-126 Sheriff Street Upper, Dublin 1, D01 YC43, Ireland. The provider processes the text inputs transmitted as part of AMBOSS Assistants as well as meta/communication data.
We use OpenAI to process the user's text inputs in the assistants and to enable interaction between users and artificial intelligence. We do not transmit the user's User ID or IP address to the provider in order to protect the user's personal data.
The provider performs data transfers to third countries (including the United States of America). Where no decision by the EU Commission on an adequate level of data protection in the relevant country should exist, the transfer is based on so-called EU Standard Contractual Clauses, which aim to ensure that the rights and freedoms of data subjects are adequately protected and guaranteed.
Further information is available in OpenAI's Privacy Policy.
Anthropic
We use technology from Anthropic PBC, located at 548 Market Street, PMB 90375, San Francisco, CA 94104-5401, USA. The provider processes the text inputs transmitted as part of AMBOSS Assistants as well as meta/communication data.
We use Anthropic to process the user's text inputs in the assistants and to enable interaction between users and artificial intelligence. We do not transmit the user's User ID or IP address to the provider in order to protect the user's personal data.
The provider performs data transfers within the United States of America. Data processing is governed by Anthropic's Commercial Terms and Data Processing Addendum.
Further information is available in Anthropic's Commercial Terms and Data Processing Addendum.
MongoDB Cloud Services
We use MongoDB Cloud Services for the storage and management of databases necessary for the operation of AMBOSS Assistants. The provider is MongoDB Ltd, located at Building 2, Number 1 Ballsbridge Shellbourne Road, Ballsbridge, D04 Y3X9, Dublin, Ireland. The provider processes the data transmitted via AMBOSS Assistants, such as the user's User ID and IP address as well as content, usage, meta/communication data.
The provider performs data transfers to third countries. Where no decision by the EU Commission on an adequate level of data protection in the relevant country should exist, the transfer is based on so-called EU Standard Contractual Clauses, which aim to ensure that the rights and freedoms of data subjects are adequately protected and guaranteed. The data is stored on servers in the United States of America. The data recipient MongoDB, Inc. is certified under the so-called EU-US Data Privacy Framework, the UK extension and the Swiss-US Data Privacy Framework. The EU, Switzerland and UK recognize that companies certified under these legal frameworks provide an adequate level of data protection in the USA.
Further information is available in MongoDB's Privacy Policy.
Your Rights and Additional Information
Additional information about data processing and your rights can be found in our general Privacy Policy.