Data Protection Declaration according to DSG/GDPR
We take very seriously the protection of your personal data. We handle your personal data confidentially and compliant with the Swiss Federal Law on Data Protection (Schweizer Datenschutzgesetz DSG) and where applicable compliant with the General Data Protection Regulation (GDPR) of the European Union.
This data protection declaration explains to you the type, scope and reason for processing personal data within our online offers and their connected websites, functions and contents. The Data Protection Declaration is valid irrespective of the used domains, systems, platforms and equipment (e.g. desktop computer or mobile phone) where the online offers are processed.
This data protection declaration provides insight into the use of your personal data on this website. The gathering of personal data follows from your individual interaction during your visit to this website. The personal data are captured, processed, analyzed and saved. The operator/owner of this website is responsible for careful handling of your personal data. You will find his contact data in the imprint of this website.
Your data will not be transferred to a third party without your permission. By the use of this website, you agree explicitly with the conditions of this data protection declaration. Should you access other websites via links, then the data protection declarations of these other websites are valid.
1. WHAT RIGHTS DO YOU HAVE IN RELATION TO YOUR DATA?
Basically you have the rights over: disclosure, correction, deletion, restriction of processing, data portability, objection, withdrawal of permission and complaint. If you have questions to these or other aspects of data protection you can contact us at any time:
BioMed Center Sonnenberg AG
Sonnenberg 16
CH-9053 Schwellbrunn AR
| Phone: | ||
| E-Mail: | info@biomed-sonnenberg.com |
If you are of the opinion that the processing of your data is against data protection law or your data protection rights have been injured in any way then please contact us at info@biomed-sonnenberg.com
2. YOUR RIGHTS
RIGHT OF DISCLOSURE
You have the right to know if and which personal data belonging to you are processed.
RIGHT TO CORRECT
You have the right to demand the correction of any incorrect personal data and where appropriate to request the completion of any incomplete personal data of yours in our systems.
RIGHT TO DELETE
You have the right to request that your personal data be deleted, for example when the data for the pursued purposes are no longer required. If however we are obliged or authorized for legal or contractual requirements to hold your personal data, then we can only as far as possible restrict or block your personal data.
RIGHT TO RESTRICT THE PROCESSING
You have the right to request that we restrict the processing of your personal data.
RIGHT OF DATA PORTABILITY
You have where appropriate the right to demand that your personal data, which on the basis of your consent or for the purpose of the contract, have been automatically processed, be delivered to you in a structured, standard and machine readable format or rather to request the transfer of these data to a third party. If you request the direct transfer of your personal data to another responsible party then this will follow only if it is technically possible.
RIGHT TO OBJECT
You have the right to object to the processing of your personal data at all times according to the statutory requirements of objection. Especially, you have the right to object to the processing of your personal data for the reason of direct advertising.
RIGHT TO WITHDRAW THE PERMISSION
You have the right at any time to withdraw the permission for the processing of your personal data, fundamentally with an impact for the future.
RIGHT TO COMPLAIN
If the GDPR is applicable you have the right to complain to a responsible regulatory authority, if you believe that the processing of your personal data infringes data protection regulations.
If you have questions relating to our processes for handling data protection and/or if you require information relating to your rights, and how to exercise them, you can contact us at the above given contact details. If necessary we reserve the right to check your identity in an appropriate way before any processing of your request.
3. REASONS FOR PROCESSING YOUR DATA
Your personal data are processed for the following purposes:
- To enable us to advise and treat you medically according to our contractual relationship and to generally exercise or use respectively the associated rights and obligations
- To maintain your patient file
- For legal requirements reference accounting and archive uses
- To communicate with you or health insurance providers in conjunction with technical insurance aspects
- To communicate news including promotional activities you could be interested in
- To display and optimize the contents of our website
4. WHO CAN ACCESS YOUR PERSONAL DATA?
The operator of the website, external authorized representatives (content editors) and technical administrators have access to your personal data on this website.
5. TRANSFER OF PERSONAL DATAN
We handle your personal data confidentially and only transfer these data if you have explicitly agreed, if we are legally bound to transfer data or if it is necessary in order to follow through on our rights, notably to assert claims arising from the contractual relationship. Further we may disclose your personal data to a third party insofar as it is required or appropriate within the framework of the use of the website or in order to deliver to you the requested services (also outside the scope of the website).
The legal rules for transfering of personal data to a third party are of course observed. If we appoint a processor to provide our services, we take appropriate legal arrangements as well as appropriate technical and organizational measures so as to protect your personal data according to the relevant legal requirements. The medical secrecy and the data protection remain safeguarded.
If the level of data protection in any country where the data are processed is not in accordance with the applicable data protection regulations, we establish contractually that the protection of your personal data will always conform to the regulations applicable in Switzerland or to those in the European Economic Area (EEA).
6. WHICH PERSONAL DATA ARE PROCESSED?
Basically you can use this website without giving personal data. Any personal data is captured as soon as you have, by your own free will, used the possible functions of this website. Personal data are:
Web- and e-mail
The data from the fields that you have filled in (name, e-mail, telephone, address, etc.) are used, and accordingly saved, for the communication and for internal purposes.
Newsletter
Your registration for the newsletter is protected by the double opt-in procedure: You will receive an e-mail after the active order which you must again confirm. You can after receipt of every newsletter cancel the registration via a simple mouse click, your given data will remain stored. When you wish to have your data manually and permanently deleted please contact the operator of this website.
Social Media Plug-Ins
When you actively use social media sharing functions on this website there will be a direct connection established between your browser and the chosen social media server. Our website uses for this purpose the social media plug-ins from AddThis, 1595 Spring Hill Rd, Suite 300, Vienna, VA 22182, USA, http://www.addthis.com. Social media share functions are identified with an appropriate icon and are available for the following services:
|
|
Google+ |
|
|
|
|
YouTube |
|
|
|
User management / login area
This site may, in the future, be expanded with a login area. You will be able to see individual content pages via your personal registration. Your registration will occur either automatically or through a manual activation by the operator. Passwords that you use in your personal registration procedures are fundamentally encrypted and they are not visible to the operator nor to the administrators.
Online shop
The following data will be stored for the purpose of processing the contract: name, address, telephone number, etc. The data given by you serve to aid the completion of the contract respectively to allow the processing of the pre-contractual measures. We cannot complete the contract with you without these data. These data will not be disclosed to third parties except for the transferring of credit card data to the processing bank / payment service provider to enable the payment for the purchases and also the appropriate data to our chosen transport companies / shipping companies to enable the delivery of the products.
The following types of personal data are processed in the BioMed Center Sonnenberg:
- Personal details (e.g. names and addresses)
- Contact data (e.g. e-mail and telephone numbers)
- Content data (e.g. text entries)
- User data (e.g. visited websites, times of access)
- Communication data (e.g. IP addresses, information concerning devices
7. BASIS OF THE DATA PROCESSING
The basis for the processing of your personal data depends, in each case, upon the specific purpose of the data processing. Possibilities include:
- If legally required, your explicit permission which you can withdraw at any time. Sufficient is a notification by e-mail to us; no form required. The legal status of the processed data remains unaffected by the withdrawal process.
- The conclusion or fulfillment of a contract with you or the processing of the precontractual measures, especially to enable us to advise and treat you medically
- Protection of our legitimate interests, providing that your interests or fundamental rights and liberties are not outweighed.
- The compliance with legal obligations, expecially deriving from the health insurance rules and the medical duty of documentation
8. DURATION OF DATA STORAGE
Providing that the framework of this data protection declaration does not cover a longer period of data storage, your personal data are held only as long as it is required to fulfill our contractual and legal obligations or to allow the continuation of the data processing to enable the pursued purposes to be furthered; that is for instance for the duration of the complete treatment contract as well as for the legal data storage requirements (especially the public law governing health insurance legislation) and other legislation governing documentation. As soon as your personal data are not required any more for the above mentioned purposes, or a prescribed retention period expires, then your personal data are fundamentally and as far as possible deleted or blocked.
Upon receipt of your instructions we will of course delete your personal data providing we are not subject to legal or contractual obligations for data storage or data security affecting these data.
9. DATA SECURITY
We take technical and organizational steps to secure your personal data against manipulation, loss, destruction or access by unauthorized persons. The applied measures are expected to provide longterm security for the confidentiality and integrity of your personal data as well as the availability and resilience of our systems and services while processing your personal data. Additionally, they ensure the rapid retrieval of the availability of your personal data and the access to them in the case of a physical or technical incident.
An aspect of our safety measures is the encryption of your personal data. For transfer of your personal data we use an SSL encryption. All information that you give online is transferred via an encrypted transmission route. Therefore at no point can this information be accessed by unauthorized third parties.
Our safety measures are continually improved according to the technological developments. Also, we take our own company internal data protection very seriously. Our employees and our appointed service providers are bound to secrecy and to comply with our rules of data protection. Moreover they will be given acces to your personal data only if necessary.
WEBHOSTING & SSL ENCRYPTION
Your website is best protected from third party access by using SSL encryption. You recognize this security standard in the URL domaine name (HTTPS:// instead of HTTP://). This website is, unless stated otherwise, mainly operated on the servers of Host Europe GmbH, Hansestrasse 11, 51149 Cologne, Germany, and is subject to the data protection declaration of this company:
https://www.hosteurope.de/en/terms-and-conditions/privacy/
The provider collects automatically the following server log files transferred while you visit the site:
- Date and time of your website visit
- Your IP address
- Name and version of your web browser
- Information that you provide yourself by filling in web forms or completing a newsletter registration
These data will be processed for the following uses:
- to allow you use of this website
- for technical improvements and further developments
- for communication purposes
10. STORAGE OF COOKIES
When you activate a session on the website the browser will use so-called cookies during and after this session. It will be pointed out to you by a fade-in notification that cookies are in use. When you accept them you explicitely allow the processing and transfer or storage of information.
We use cookies based on our legitimate interests in our website. Cookies are small text files that are stored on your computer with the help of the browser. These do not cause any damage to your computer or execute programs or transmit viruses. Cookies serve to make our offer more user-friendly, more effective and safer.
Cookies are small configured files allowing specific user and website functionalities. The most important cookie technologies are:
- Session cookies which are automatically deleted when the browser is closed
- Web beacons serving as tracking pixels for analysis purposes
- Third-party cookies for showing regional or theme specific banners
In each browser you can individually deactivate cookies. However, this can lead to limited functionality of the website.
11. WEB ANALYSIS
This website uses various services from Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043, for example:
- Google Analytics
- Google reCaptcha
- Google Maps
- Google Fonts
- Google Tag Manager
- Google Adwords
These services are for various uses, as for instance analysis of user behavior, the implementation of scripts, representation of route maps, security against automatic crawlers (bots) for web forms. They are integrated in this website via cookies or API keys (interfaces).
By implementing these services, your user behavior is registered and is transferred onto the servers of Google Inc. in the USA or other countries. Google assures that your IP address within the EU is shortened and only in exceptional circumstances transferred in its unshortened form.
If you wish to prevent Google Analytics using your data, you can download and install an add-on for your web browser.
This plug-in can be found here:
https://tools.google.com/dlpage/gaoptout?hl=en
The data protection declaration from Google Inc. can be found here:
https://policies.google.com/privacy?hl=en-US#enforcement
YOUTUBE
Based on our legitimate interests we use the provider YouTube for the integration of videos. YouTube is a service of YouTube LLC («YouTube»), 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube LLC is a daughter company of Google Inc. («Google»), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google is certified under the EU-US and Swiss-US Privacy-Shield agreement and offers therefore a guarantee that the European respectively Swiss data protection laws will be complied with
(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
When you access one of our websites equipped with a YouTube video you will be connected with one of the servers of YouTube. The YouTube server will recognize which of our sites you have visited. When you are logged into your YouTube account you enable YouTube to assign your surfing record directly to your personal profile. You can prevent this by logging out of your YouTube account.
You find further information concerning use of data by YouTube, possibilities of changing your settings and possibilities to object, under:
https://www.youtube.com/t/terms and https://policies.google.com/privacy?hl=en-US#enforcement.
12. LINKS
Our website may contain links to websites of other providers whose websites are not covered by this data protection declaration. When you click on these links we have no influence on the processing of data transferred to possible third parties (as for example IP address or the URL), as the conduct of third parties is naturally outside of our control. We cannot accept therefore any responsibility for the processing of your personal data by a third party. Insofar as the collection, processing or using of your personal data is connected with your use of websites from other providers please refer to the data protection information from such providers.
No illegal content was apparent at the time of establishing the links. A permanent control and checking of content of the linked websites without concrete indication of infringement of rights is however not reasonable. If it became known that there is any infringement of rights the respective links would be removed immediately.
13. USE OF THE WEBSITE BY MINORS
We process personal data within the scope necessary for completing our contractual and precontractual obligations and also in order to enable us to provide further services that you request, as it is described in this data protection declaration. The hereby processed personal data, the type, the scope and reason for the necessary processing, are determined in accordance with your agreed contract (including our General Terms of Business) or services requested by you.
If we store your personal data on the basis of a contractual arrangement then these data remain stored at least as long as the contractual arrangement lasts and maximum as long as statutory periods of limitation for possible claims by us are running or legal and/or contractual retention requirements exist.
14. DELIVERING OF CONTRACTUAL SERVICES
We process personal data within the scope necessary for completing our contractual and precontractual obligations and also in order to enable us to provide further services that you request, as it is described in this data protection declaration. The hereby processed personal data, the type, the scope and reason for the necessary processing, are determined in accordance with your agreed contract (including our General Terms of Business) or services requested by you.
If we store your personal data on the basis of a contractual arrangement then these data remain stored at least as long as the contractual arrangement lasts and maximum as long as statutory periods of limitation for possible claims by us are running or legal and/or contractual retention requirements exist.
15. RIGHT OF ACCESS AND RIGHT OF REFUSAL
Your trust is very important to us. Therefore, we wish to always be available to discuss and give answers over the processing of your personal data. You always have the right to check your personal data stored by us including the source, recipient and purpose for the storage. If you wish us to give you information about your data stored by us please contact us in writing and reference “Data protection disclosure”. We are legally obliged to correct, block or delete your stored personal data on your request providing that this does not contravene other legal rules (for example legal retention requirements).
To be able to process your written request we are obliged to carefully check your identity. We hope you understand that we reserve the right to seek further information or additional verification of identity depending on the sensitivity of the data. These procedures are aimed at protecting your data from unauthorized access by third parties.
The copy of your identification document (if sent) will be destroyed or deleted immediately after checking the details. If you have any questions or wish to exercise your right to object in any of the specified cases then please contact us at:
BioMed Center Sonnenber AG
Sonnenberg 16
CH-9103 Schwellbrunn AR
E-Mail: info@biomed-sonnenberg.com
We reserve explicitly the right to amend or change this data protection declaration at any time. You find the current valid version on our website.
If there is any dispute over the content of this Declaration the German language version takes precedence.
Valid as of January 2021
