Data protection declaration

Valid from 16 October 2023

We, Swiss Medical Network SA (hereinafter referred to as «we», «us» or «the Group»), headquartered in Genolier, Switzerland, strive to protect your privacy and continually improve the services we offer you. This data protection declaration applies to the websites of Swiss Medical Network SA and its clinics and to the online portals they contain (hereinafter referred to as «portal» or «website»).

Introduction

We are subject to Swiss and, where applicable, international regulations. Consequently, we comply with the principles recognised at the Swiss and, where applicable, international level to guarantee data protection and security. This declaration informs you in particular about how we collect the personal data to which we have access via our website, the purposes for which it is used, to whom it may be transmitted and what your rights are in relation to the processing of your personal data.

This data protection declaration is an integral part of the Swiss Medical Network SA policy.

Consent

By accessing our website and using the services and products we offer, you declare that you have carefully read this data protection declaration and accept the processing of personal data described herein. Any questions regarding this data protection declaration can be sent at any time by e-mail to dataprotection@swissmedical.net. If you do not agree with this declaration, you must refrain from accessing the portal and using our services and products.

Who is responsible for your personal data?

The Controller within the meaning of data protection legislation is Swiss Medical Network SA, Route du Muids 3. 1272 Genolier, e-mail: dataprotection@swissmedical.net

Swiss Medical Network SA determines the purposes and means of processing your personal data and is therefore responsible for processing and using your personal data in accordance with this data protection declaration. If you have any questions or concerns about this data protection declaration or the processing of your personal data, please contact us at any time by sending an e-mail to dataprotection@swissmedical.net.

How we process personal data?

We collect and process personal data with care and for the purposes described in this data protection declaration. In accordance with applicable legal regulations, we may also use your personal data in a manner different from that described in this data protection declaration. In this case, we will provide you with specific data protection statements or disclosures at the time of collection and, where appropriate, we will seek your consent. We will always make reasonable efforts to collect personal data in an anonymous or pseudo-anonymised form so that your identity is not identified or identifiable.

Which personal data do we collect for which processing purposes?

Personal data is collected automatically through the use of the portal

Swiss Medical Network SA collects and saves the information that your browser automatically transmits to us in «server log files» when you visit our website. The data is collected based on your willingness and interest to visit our website and our legitimate interest in operating our website. This data may include:

Type and version of Internet browser used;
Computer systems used;
Reference URL (the website previously visited);
Host name of the computer accessing our site;
Date and time of the server request;
Internet Protocol address (IP address);
Amount of data transmitted;
Other data and similar information are used to maintain the functionality of our website and the security of the system.

This personal data is not cross-referenced with other personal data and is kept separate from any other personal data transmitted by the user. It is deleted no later than three months after collection.

Swiss Medical Network SA processes the personal data collected automatically for the following purposes:

enable consultation, operation and proper functioning of the portal;
to ensure the stability and security of the system;
to improve and protect our services;
for statistical purposes, in the event of an attack on the network infrastructure on which our website is made available.

Personal data transmitted to us by the user

Swiss Medical Network SA collects and processes personal data that users voluntarily transmit via an online form directly on the portal, via our contact e-mail address, via any other applications linked to the portal, by telephone or in any other way. This information includes in particular the following personal data:

Full name, postal address, e-mail address, telephone number, date of birth, gender;
Your message or request.

Personal data is provided expressly and voluntarily. Without said personal data, we will not be able to provide the services requested by the user in the desired quality, or at all.

Swiss Medical Network SA processes the personal data provided by users for the following purposes:

provide, maintain, protect and optimise the services and information offered;
communicate with you and provide you with the best personalised information (for example, about our products and services);
offer you new services and information and to offer you personalised services and information which may be of interest to you;
comply with legal or other regulatory requirements and internal directives;
to establish, exercise and/or defend existing or potential legal claims, investigations or similar proceedings;
for other legitimate purposes, if such processing was indicated at the time of collection or arose from the circumstances.

On what legal basis do we process your personal data?

The processing of personal data is based on at least one of the following legal grounds:

your consent, only if it can be revoked at any time (e.g. if you sign up for our newsletter or other marketing communications)
to enter into or perform a contract with you (e.g., when applying via our job application portal or booking an appointment)
to comply with a legal obligation (e.g., for tax purposes or the purposes of investigations or legal proceedings);
to protect our legitimate interests (e.g., the protection and security of our products and services, systems or property; compliance with legal, regulatory and contractual obligations; the establishment, exercise and/or defence of legal claims; the maintenance and efficient organisation of business activities; the improvement and development of our services and the sale and marketing of our products and services).

Where the processing is based on your consent or our legitimate interests, you may revoke your consent or object to such processing at any time by contacting us directly at dataprotection@swissmedical.net.

Please note, however, that revoking your consent does not affect the legitimacy of the processing based on consent before its revocation.

With whom do we share your personal data?

Swiss Medical Network SA takes the necessary measures to ensure that only our authorised staff and auxiliaries with the required expertise have access to your personal data in order to achieve the purposes for which your personal data was collected.

We may transfer your personal data to the following categories of possible recipients, in accordance with the purposes and legal bases for processing described above, insofar as this is necessary for the intended processing of the data:

Other companies in the Group;
Service providers who process personal data on behalf of and on the instructions of Swiss Medical Network SA (hereinafter referred to as «Processors «, e.g., in the areas of IT, hosting and support);
Customers, partners, suppliers, insurance companies and other business partners;
Marketing agencies, the public, including users of the Group's websites and social media;
Industry organisations, associations and other bodies;
Buyers or parties interested in acquiring business units, companies or other parts of the Group;
Courts, conciliation bodies, law enforcement authorities, supervisory authorities, lawyers and other parties to current or potential legal proceedings, where necessary to comply with the law or to establish, exercise or defend legal rights and/or claims.

All these categories of recipients may in turn use third parties, so your data may also be accessible to them.

We carefully select our partners and processors and only choose them if we have sufficient guarantees that they have implemented appropriate technical and organisational measures in accordance with legal requirements.

Our Processors may only process personal data on our documented instruction. They are all subject to confidentiality requirements and may only use your personal data to the extent necessary to achieve the purposes for which your personal data was collected unless otherwise required by law.

Transfer of personal data to countries outside the EEA

Personal data collected via our website is mainly stored in Switzerland and the European Economic Area (EEA). However, if it is necessary for the data processing described in this data protection declaration and in accordance with the applicable legislation, we may also transfer personal data to service providers and other recipients who are located outside this area or who process personal data outside this area, in principle in any country in the world.

If we transfer data to a country that does not have adequate legal data protection, we will, as required by law, ensure an appropriate level of protection through the use of adequate contracts (including based on the European Commission's standard contractual clauses) or binding corporate rules, or we will rely on legal exceptions (including in particular consent).

For more information on our appropriate security measures, please contact us by e-mail at dataprotection@swissmedical.net.

How long do we keep your information?

In principle, personal data is deleted as soon as it is no longer necessary for the processing purposes for which it was collected, unless longer conservation is necessary to comply with applicable legal obligations (e.g., retention and documentation obligations), contractual or pre-contractual obligations or our legitimate interests (e.g., to assert, exercise or defend legal claims).

On this basis, we generally process personal data in compliance with the following rules and obligations:

Personal data that you have automatically transmitted to us when using our portal for the purposes of consulting, evaluating and ensuring the proper functioning of the portal will be deleted within three months.
Personal data that you have transmitted to us in connection with the use of our services and products offered on our portal or that you have communicated to us in any other way via the e-mail contact address will normally be retained until you ask us to delete it, revoke your consent to its storage or until the processing purposes for which it was collected have been fulfilled (e.g. once the processing of your request has been completed).
Personal data relating to a contract (including commercial documents and communications) is kept for as long as the contractual relationship exists, and then for a further ten years after the end of the contractual relationship, unless (i) a shorter or longer legal retention obligation applies in a particular case, (ii) retention is necessary for evidential purposes or another legitimate reason under the applicable legal regulations.

Cookies

When you access or use our site, we may place «cookies» - small text files - or similar tools on your computer. We use these cookies to recognise you as a user of our site, to adapt the content, to improve the performance of our site and to make it more user-friendly.

Categories of cookies we use

Depending on their function and use, the cookies we use can be classified into the following categories: functionality cookies, analytical cookies and advertising cookies.

Necessary cookies: these cookies are used for a multitude of purposes relating in particular to the presentation, functionality and performance of a website and, in particular, to enhance visitors' experience and enjoyment of the website. They enable a website to remember information already provided (e.g. user name, location or language choice) and offer visitors enhanced and more personal functionality. Functionality cookies are used, for example, to remember certain information, such as your access data. These cookies cannot track your movements on other websites.
Performance cookies: these cookies are used to collect information about how a website is used - for example, how you arrived at our website, which pages you open most often, how you navigated our website during your visit and whether you receive error messages from a page. We may also use these cookies to collect certain statistical and analytical information, for example, to establish statistics and traffic volumes. These cookies are used to monitor the level of activity on the site and to improve its performance.
Marketing cookies (sometimes referred to as «third-party» cookies) enable us or a third-party supplier to serve ads on our website or on third-party websites offering products you like so that the advertising you see is more relevant to your preferences and interests. It may also be used to measure the effectiveness of advertisements and promotions.

These cookies may be placed by us or by a third party on our behalf. For more information on cookies and how to use them, please visit http://www.allaboutcookies.org/.

The legal basis for data processing is your consent.

You can configure your browser settings so that no cookies are stored on your computer. Complete deactivation of cookies may prevent you from using all or some of the functions of our website.

By continuing to use our website and/or accepting this data protection declaration, you consent to us setting cookies and to personal usage data being collected, stored, used and processed in this way, even after the end of the browsing session. You can revoke this consent at any time by activating your browser's settings to refuse cookies.

Tracking with fusedeck

The fusedeck tracking system developed by Capture Media AG (hereinafter referred to as «Capture Media») is integrated into our website. Capture Media is a Swiss company based in Zurich that measures the use of our website for digital offers and campaigns on behalf of its clients. Tracking is carried out anonymously so that no link can be established with identified or identifiable persons.

Further information on data protection and the rights of data subjects in connection with fusedeck, including the opt-out option, can be found in this additional data protection declaration and opt-out information from Capture Media AG.

Meta Pixel

Our website uses Meta Pixel to measure visitor actions, also known as conversion tracking. The provider of this service is Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Meta, the data collected is also transferred to the United States and other third countries.

This makes it possible to track the behaviour of page visitors after they have been redirected to the provider's website by clicking on a Facebook or Instagram ad. This makes it possible to evaluate the effectiveness of Meta-advertising for statistical and market research purposes and to optimise future advertising measures.

The data collected is anonymous for us as the operator of this website, so we cannot determine the identity of users. However, the data is stored and processed by Meta so that a link can be made to the profile of the user concerned and Meta can use the data for its own advertising purposes in accordance with Meta's data usage guidelines. This enables Meta to serve advertisements on Meta pages and outside Meta. We do not influence this data processing.

The transfer of data to the United States is based on the European Commission's standard contractual clauses. You can find more details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Further information on protecting your privacy can be found in Meta's data protection information: https://de-de.facebook.com/about/privacy/. You can also deactivate the «Custom Audiences» remarketing function in the «Settings» section of the adverts at https://accountscenter.facebook.com/ad_preferences. To do this, you need to be logged in to Facebook. If you do not have a Facebook account, you can deactivate advertising based on the use of Facebook and Instagram on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

Social Networks

Our website contains links to social networks. These are not plugins provided by the social network which, without the user having any influence, already transmit data to the provider when the page is loaded. The social network buttons are merely links to our presence on the relevant network. No user data is transmitted by the website to the social network.

When you click on a link to one of our profiles created on social networks, a direct connection is established between your browser and the server of the social network concerned. The network thus receives the information that you have visited our website with your IP address and that you have consulted the link. If you consult a link to a network while you are logged in to your account on the network concerned, the content of our site may be linked to your profile on the network, which means that the network may attribute your visit to our site directly to your user account. If you wish to prevent this, you must log out of your account on the relevant network before activating the corresponding links. An attribution takes place in all cases when you connect to the relevant network after clicking on the link.

Use of the contact form

You can use a contact form for general enquiries to get in touch with us. To do this, we generally need the following information (required *):

First name*
Surname*
E-mail*
Telephone number*
Country*
Message*

You can also use a separate contact form to get in touch with us and find out about events. To do this, we generally need the following information (required *):

Salutation*
Title
First name*
Surname*
E-mail*
Other details required for the event (hotel, car park, number of guests, date, address, telephone number)
Message*

We use this information only to be able to respond to your contact request in the best possible way and a personalised manner. The data will be deleted a maximum of 60 days after the end of the event.

Online appointment booking

To enable you to make an appointment with one of our doctors via our website, you can use the booking system of Medicosearch, Gerberngasse 27-31, 3011 Berne, based in Switzerland. This makes it very easy to book appointments online. Medicosearch's booking system is a software application integrated into our website, which displays available resources (such as free appointments) and enables you to book directly online. As a general rule, personal data about you is collected and stored.

There is no data processing outsourcing contract between us and Medicosearch. If you use Medicosearch's services, Medicosearch is solely and exclusively responsible for complying with data protection provisions. You will find further information on the Medicosearch website in their Privacy Policy.

Online map service

On our website, we use the «SmartMaps» service provided by YellowMap AG, CAS-Weg 1-5, 76131 Karlsruhe.

This enables us to display maps directly on our website and to allow you to use the map function.

To be able to display the maps, SmartMaps uses your IP address when the SmartMaps components are consulted by the browser. This address is stored in the web server's memory for approximately 5 minutes to prevent DoS attacks. It then expires and is not processed or recorded in any other way. YellowMap SA is the recipient of the data. However, YellowMap SA does not process the data for its purposes, but exclusively by order and on the instructions of the Controller.

For further information on YellowMap AG, please consult the privacy policy of this supplier.

Videos from YouTube

We use the YouTube integration feature on our website, which allows you to display videos on our website. YouTube is a streaming service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland («Google»).

To ensure that any processing of your data is preceded by your consent and to protect your personal data, we use a consent banner with our embedded YouTube videos. This banner prevents your data from being processed by YouTube when you visit the page on which the YouTube video is embedded and ensures that it is only processed after you have given your express consent. In addition, we use the extended data protection mode on our website, which means that the videos you watch are not used to personalise navigation on YouTube or to personalise advertising. When a video is played on our website, YouTube uses local storage. As part of this service, Google processes the IP address, browser and device information, the referring URL and information about the videos viewed.

Google itself is the Controller for the data processing described above. Please note that Google transfers the aforementioned information to Google servers in the USA (see section «Transfer of personal data outside the EEA»). You can revoke your consent at any time with effect for the future under the «Cookies» tab on our website.

For more information on Google's privacy policy, please visit their website.

You have the option to subscribe to our newsletter via our website. For this purpose, we need your e-mail address and your declaration that you agree to receive the newsletter. For verification purposes, the invitation to receive the newsletter will be sent to the e-mail address you have provided (double opt-in). After receiving this e-mail, you will have the opportunity to finally accept the terms and conditions and the sending of the newsletter and to register yourself via the registration form. As soon as the process is complete, you will receive the newsletter.

For internal and external communication, we use the newsletter provider Mailchimp, a US company whose servers are located in the USA. Mailchimp is certified under the EU-US Privacy Shield. This certification guarantees special protection rights for your data. Please note, however, that the protection of your data under EU law cannot be guaranteed.

You can revoke the consent given at any time and thus unsubscribe from the newsletter by clicking on the link provided for this purpose in each newsletter or by using the email address dataprotection@swissmedical.net.

As part of the registration for the newsletter, we generally collect your e-mail address and, if you wish, also your name in order to be able to address you personally. In addition, further information such as first name, surname and interests may be collected in order to better tailor the content of the newsletter to your interests.

Chatbot

You can use a chatbot on our website. The provider of this service is aiaibot, a subsidiary of the Swiss company swiss moonshot AG based in Dübendorf. This company is subject to and complies with the applicable legal regulations on data protection. The following data is only stored when using the chatbot: messages entered, data from the browser and computer system used, referrer URLs and cookies.

The data is deleted after each use. The data is stored exclusively in Switzerland by Google's Swiss cloud provider cloud.google.com, which is ISO27001 and FINMA certified.

No automated individual decisions, including profiling with legal effect

We do not take any decision about you that is based exclusively on automated processing - including profiling - and that has legal consequences for you or significantly similarly affects you.

Security

Swiss Medical Network SA has put in place organisational and technical measures to safeguard the security of personal data and to protect them against any breach of data security resulting in the accidental or unlawful loss, alteration, deletion or destruction of, or unauthorised disclosure or access to, personal data.

Swiss Medical Network SA may use third-party data processors to collect and process your personal data. The Processors appointed by us will only process your personal data in accordance with our instructions and are required by law to take appropriate organisational and technical measures when processing personal data.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our utmost to protect your personal data, we cannot guarantee the security of the data you transmit to our website; each transmission is at your own risk. This is why you are always free to send us your personal data by other means, for example by telephone or by post. Once we have received your data, we apply strict procedures and rigorous security measures to prevent any breach of data security.

Confidentiality declarations from third-party suppliers

Please note that if you click on the link to a third-party website (for example, a social media site or another website), you will be redirected to a site that we do not control and our data protection declaration will no longer apply. Your browsing and interaction on another website is subject to the terms of use and privacy declarations and notices of those third-party websites. Furthermore, we cannot guarantee that these links are accurate or up to date.

We recommend that you read the terms of use and data protection declarations and notices of other websites carefully before transmitting personal data via our website. We are neither responsible nor liable for the information content and data processing of these third-party websites.

Children

Our website is not intended for children and, as far as we are able to detect, we do not collect, process or use personal data relating to children under the age of 16 unless we have obtained the express consent of their legal representatives. If we are informed or otherwise become aware that the personal data of a child under the age of 16 is being processed without the consent of the legal representatives, we will take all reasonably required steps to delete such personal data.

What are your rights?

You may ask Swiss Medical Network SA, with proof of your identity, whether personal data concerning you is being processed. In addition, you have the right to request the rectification, total or partial deletion or restriction of the processing of your personal data, as well as to object to the processing of your personal data. The deletion of your personal data may result in you no longer being able to use our services.

If processing is based on your consent or on our legitimate interests, you may withdraw your consent or object to such processing at any time by contacting us directly by e-mail at dataprotection@swissmedical.net. You may also request the return of certain personal data with a view to its transfer to another entity (a process known as «data portability»).

Any request in this regard should be addressed to Swiss Medical Network SA at the following e-mail address: dataprotection@swissmedical.net. We will inform you in advance if any costs are incurred.

Please note that we reserve the right to invoke any restrictions provided for by law, for example, if we are obliged to store or process certain data if we have an overriding interest in doing so (insofar as we are able to invoke it) or if we need to invoke rights.

If we refuse your request or if you are dissatisfied with our processing, you also have the right to complain to the competent authority. The competent authority is the Federal Data Protection and Information Commissioner (FDPIC) in Berne (http://www.edoeb.admin.ch).

Contact

If you wish to exercise your rights as described in this data protection declaration or if you have any questions or concerns about this declaration, please contact our Data Protection Officer.

Swiss Medical Network SA
Route du Muids 3
1272 Genolier
dataprotection@swissmedical.net

Changes to our data protection declaration

Swiss Medical Network AG reserves the right to amend, supplement or otherwise modify this privacy declaration at any time and without giving reasons. The current data protection declaration as published on the portal is authoritative.

Version: 16 October 2023

Hospitals

Centres

For patients

About us