Valid from 31 August 2023
We, Swiss Medical Network SA, based in Genolier, Switzerland, are committed to protecting your privacy and continuously improving the services we offer you. This Information Security and Privacy Statement applies to the websites of Swiss Medical Network SA and its clinics and the online portals contained therein (hereinafter portal, website, we or us).
We are subject to Swiss and, where applicable, international regulations. Accordingly, we observe internationally recognised principles to ensure data protection and data security. In particular, this declaration informs you about how we collect personal data that becomes available to us via the website, for what purposes it is used, to whom it may be disclosed and what your rights are in connection with the use of your personal data by us.
Personal data is any information relating to an identified or identifiable natural or legal person, e.g. surname, first name, address, e-mail, date of birth in combination with postcode or telephone number. The responsible party within the meaning of data protection legislation is Swiss Medical Network SA, Route du Muids 3. 1272 Genolier, e-mail: email@example.com.
Personal data automatically transmitted via the use of the portal
Swiss Medical Network SA collects and stores information that your browser automatically transmits to us in «server log files» when you visit our website. The data collection is based on your will and interest to visit our website and our legitimate interests to operate the website. This may include the following data:
This personal data is not merged with other personal data and is stored separately from any other personal data transmitted by the user. They are deleted by us after three months at the latest.
Swiss Medical Network SA uses the personal data collected automatically to fulfil the following purposes:
Personal data that the user transmits to us
Swiss Medical Network SA collects and processes personal data that the user voluntarily transmits to us by means of an online form directly on the portal, via our contact e-mail address, via any other applications linked to the portal, by telephone or in any other way. This information includes, for example, the following personal data:
The provision of this personal data is solely on a voluntary basis. Without this personal data, however, we will not be able to provide the services requested by the user in the desired quality or at all.
Swiss Medical Network SA uses the personal data provided by the user to fulfil the following purposes:
The processing of this personal data is based on the following legal bases:
If the processing is based on your consent or our legitimate interests, you can withdraw consent or object to this processing at any time by contacting us directly at firstname.lastname@example.org. Please note, however, that the withdrawal of your consent does not affect the lawfulness of the processing based on the consent prior to its withdrawal.
Swiss Medical Network SA takes the necessary measures to ensure that only our authorised personnel and auxiliaries who have the necessary knowledge have access to your personal data in order to fulfil the purposes for which your personal data was collected.
We may disclose your personal data to the following possible categories of recipients in accordance with the purposes and legal bases of processing described above, to the extent necessary for the intended data processing:
We select our partners and order processors carefully and only with sufficient assurance that they have appropriate technical and organisational measures in place in accordance with legal requirements. Our order processors can only process personal data on documented instructions from us. They are all subject to confidentiality requirements and may only use your personal data to the extent necessary to fulfil the purpose for which your personal data was collected, unless otherwise required by law.
If data is transferred to countries that do not ensure an adequate level of protection, we ensure adequate data protection by taking appropriate safeguards, such as
contractual safeguards (e.g. based on EU standard clauses):
For more information about our reasonable security measures, please contact us by email at email@example.com.
In principle, personal data is deleted as soon as it is no longer required to achieve the purpose for which it was collected, unless longer retention is necessary to fulfil legal obligations (e.g. retention and documentation obligations), contractual or pre-contractual obligations or justified business interests of us (e.g. to assert, exercise or defend legal claims).
On this basis, we generally process personal data in compliance with the following rules and obligations:
When you access or use the website, we may place so-called cookies – small text files – or similar tools on your computer. We use these cookies to recognise you as a user of the website, to customise content, to improve the performance of the website and to enhance its usability.
Categories of cookies we use
Depending on their function and purpose, the cookies we use can be divided into the following categories: functional cookies, performance cookies and advertising cookies.
These cookies may be placed by us or a third party on our behalf. For more information about cookies and their use, please visit: http://www.allaboutcookies.org/.
The legal basis for the data processing results from your consent (Art. 6 para. 1 lit. a DSGVO).
You can configure your browser settings so that no cookies are stored on your computer. Complete deactivation of cookies may mean that you cannot use all the functions of our website.
Tracking with fusedeck
The tracking solution fusedeck of Capture Media AG (hereinafter «Capture Media») is integrated on this website. Capture Media is a Swiss company based in Zurich that measures the use of this website on behalf of engagements and events. The tracking is anonymous, so that no reference to specific or identifiable persons can be made.
Further information on data protection as well as on the rights of data subjects in connection with fusedeck including the «opt-out» option (possibility to object) can be found in this supplementary data protection declaration and objection policy of Capture Media AG.
This website uses the Meta visitor action pixel for conversion measurement. The provider of this service is Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Meta, the data collected is also transferred to the USA and other third countries.
In this way, the behaviour of page visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook or Instagram ad. This allows the effectiveness of the meta ads to be evaluated for statistical and market research purposes and future advertising measures to be optimised.
The data collected is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Meta so that a connection to the respective user profile is possible and Meta can use the data for its own advertising purposes in accordance with the Meta data usage policy. This allows Meta to enable the placement of advertisements on pages of Meta as well as outside of Meta. This use of the data cannot be influenced by us as site operator.
The use of meta pixels is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in effective advertising measures including social media. If a corresponding consent has been requested (e.g. consent to store cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381. In Meta's data protection information, you will find further information on protecting your privacy: https://de-de.facebook.com/about/privacy/. You can also deactivate the «Custom Audiences» remarketing function in the Ad Settings section at https://accountscenter.facebook.com/ad_preferences. You must be logged in to Facebook to do this. To do this, you must be logged in to Facebook. If you do not have a Facebook account, you can disable usage-based advertising from Facebook and Instagram on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.
On our website you will find links to social media networks. These are not plugins provided by the social media network, which already transmit data to the provider when the page is loaded, without the user having any influence. The buttons to the social media networks merely provide a link to our presence on the social media network. No user data is transmitted from the website to the social media network.
When you call up a link to one of our social media profiles, a direct connection is established between your browser and the server of the social network concerned. This provides the network with the information that you have visited our website with your IP address and accessed the link. If you call up a link to a network while you are logged into your account with the network in question, the content of our site may be linked to your profile with the network, which means that the network can assign your visit to our website directly to your user account. If you would like to prevent this, you should log out before clicking on the corresponding links. An assignment will take place in any case if you log in to the relevant network after clicking on the link.
You have the option of using a contact form for general enquiries in order to get in touch with us. For this purpose, we usually require the following information (mandatory *):
You also have the option of using a contact form for event enquiries in order to get in touch with us and find out about the organisation of events. For this purpose, we usually require the following information (mandatory *):
We only use this data to be able to answer your contact request in the best possible and personalised way. The processing of this data is therefore necessary within the meaning of Art. 6 para. 1 lit. b DSGVO for the implementation of pre-contractual measures or is in our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO. The data will be deleted up to a maximum of 60 days after the event.
On our website we use the «SmartMaps» service of YellowMap AG, CAS-Weg 1-5, 76131 Karlsruhe.
This allows us to show you maps directly on the website and enables you to use the map function conveniently.
In order to be able to show you the maps, SmartMaps uses your IP address when the SmartMaps components are called up by the browser. This is kept in the memory of the web server for approx. 5 minutes to prevent DoS attacks. After that, it expires and is neither processed nor stored in any other way. YellowMap AG is therefore the recipient of data. However, it does not process the data for its own purposes, but exclusively on behalf of and on the instructions of the responsible body.
We use the YouTube embedding function on our website, which enables us to display and play videos on our website. YouTube is a streaming service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter «Google»).
To protect your data, we use a so-called consent banner in connection with our embedded YouTube videos. With the help of this banner, we can prevent your data from being processed by YouTube not when you access the page on which the YouTube video is embedded, but only with your consent. In addition, we use the extended data protection mode on our website, which means that your viewed videos are neither used for personalising your surfing on YouTube nor for personalising advertising. When playing a video on our website, YouTube uses Local Storages. As part of this service, Google processes the IP address, browser and device information (e.g. the operating system), the referrer URL, as well as information about the videos viewed.
Google itself is responsible for the data processing described above. Please note that Google transmits the above information to Google servers in the USA (see chapter Data transmission to third countries). The data collection is carried out in accordance with § 25 para. 1 TTDSG, the downstream data processing in accordance with Art. 6 para. 1 lit. a DSGVO based on your express consent. You can revoke your consent at any time with effect for the future under the item «Cookies» at the end of our website.
You have the option of subscribing to our newsletter via our website. For this we need your e-mail address and your declaration that you agree to receive the newsletter. For verification purposes, the invitation to receive the newsletter will be sent to the e-mail you have provided. When you receive this e-mail, you have the option of finally agreeing to the terms and conditions and the newsletter provider and registering yourself via the sign-up form. For internal and external communication, we use the newsletter provider Mailchimp, a US company whose servers are located there. Mailchimp is certified by the EU-US Privacy Shield. This guarantees special protection rights for your data. However, we must point out that the protection of your data cannot be guaranteed according to the latest European data protection laws. Upon completion of the process, you will receive the newsletter. You can withdraw your given consent for the newsletter subscription at any time through the unsubscribe link in the newsletter or via the email address firstname.lastname@example.org. Your data related to the newsletter distribution will be subsequently deleted as soon as possible, unless we are required to retain it for longer due to legal requirements. You generally have the rights to information, correction, restriction, data portability, objection, deletion, and, in certain cases, the right to lodge a complaint with a competent supervisory authority.
For newsletter registration, we usually collect your email address and optionally your name to address you personally. Further details such as first name, last name, and interests can also be collected to better tailor the newsletter content to your needs.
You can use a chatbot from the supplier aiaibot on our website. Aiaibot is a subsidiary of the Swiss company «swiss moonshot AG» based in Dübendorf. This company itself complies with the Data Protection Act. When using the chatbot, the following data is only stored for the time of use: messages entered, browser and operating system data, URLs and cookies. The data is deleted after each use. The data is stored exclusively in Switzerland by Google's Swiss cloud provider cloud.google.com, which is ISO27001 and FINMA certified.
We will not make any decision about you based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Swiss Medical Network SA has implemented organisational and technical measures to maintain the security of personal data and to protect it against unauthorised or unlawful processing, accidental loss, alteration, disclosure or access.
Swiss Medical Network SA may use third parties as data processors to collect and process your personal data. The data processors we use will only process your personal data in accordance with our instructions and are required by law to take strict security precautions when handling personal data.
Unfortunately, the transmission of information over the Internet is not completely secure. Although we do our utmost to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. For this reason, you are always free to submit your personal data to us by other means, e.g. by telephone or by post. Once we have received your data, we apply strict procedures and stringent security measures to prevent unauthorised access.
Our website is not intended for children and we do not knowingly collect personal data from children under the age of 16 unless we have the express consent of their parents. If we are notified or otherwise learn that personal data of a child under 16 has been improperly collected, we will take all reasonable steps to delete that personal data.
You can request information from Swiss Medical Network SA, with proof of your identity, as to whether personal data about you is being processed. In addition, you have the right to request the correction, destruction or restriction of personal data about yourself and to object to the processing of your personal data. Where processing is based on your consent or our legitimate interests, you may withdraw consent or object to such processing at any time by contacting us directly by email at email@example.com. In certain cases, you have the right to receive personal data generated by the use of online services in a structured, common and machine-readable format so that further use and transfer to any third party provider is possible.
Requests in this regard should be addressed to Swiss Medical Network SA via the following e-mail address: firstname.lastname@example.org. Swiss Medical Network SA reserves the right to limit your rights under applicable law and, for example, not to disclose comprehensive information or to delete personal data. Please note that even after a request to delete your personal data, we must retain it in whole or in part within the framework of legal and contractual retention obligations. Deletion of your personal data may result in you no longer being able to use our services.
If we reject your request or you are not satisfied with our processing, you are also entitled to lodge a complaint and appeal with the competent supervisory authority. The competent authority is the Federal Data Protection and Information Commissioner (FDPIC) in Bern (http://www.edoeb.admin.ch).
Swiss Medical Network SA
Route du Muids 3
Swiss Medical Network SA reserves the right to adapt, supplement or otherwise change this personal data protection declaration at any time and without stating reasons. The current personal data protection statement as published on the portal shall apply.
Version: 31 August 2023