Website Privacy Policy

Responsible body in terms of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

heyPatient AG
Regula Spühler-Hofmann
8405 Winterthur

Email: dpo@heypatient.com
WebSite: http://www.heypatient.com/datenschutz

 

General remark

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Confederation (Data Protection Act, DSG), every person is entitled to protection of their privacy and protection against misuse of their personal data. The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

In cooperation with our hosting providers, we strive to protect the databases as well as possible from outside access, loss, misuse or counterfeiting.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. It is not possible to completely protect data from third-party access.

By using this website, you agree to the collection, processing and use of data as described below. This website can generally be visited without registration. Data such as pages viewed or the name of the file accessed, date and time are stored on the server for statistical purposes without this data being directly related to you personally. Personal data, in particular name, address or email address, are collected on a voluntary basis as far as possible. The data will not be passed on to third parties without your consent.

 

Processing of personal data

Personal data is all information that relates to a specific or identifiable person. A data subject is a person who is used to process personal data. Processing includes all handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, procurement, deletion, storage, modification, destruction and use of personal data.

We process personal data in accordance with Swiss data protection law. In addition, we process - insofar as and insofar as the EU GDPR is applicable - personal data in accordance with the following legal bases in connection with Art. 6 Para. 1 GDPR:

  • lit. a) Processing of personal data with the consent of the data subject.

  • lit. b) Processing of personal data to fulfill a contract with the data subject and to carry out corresponding pre-contractual measures.

  • lit. c) Processing of personal data to fulfill a legal obligation to which we are subject according to any applicable law of the EU or according to any applicable law of a country in which the GDPR is fully or partially applicable.

  • lit. d) Processing of personal data in order to protect the vital interests of the data subject or another natural person.

  • lit. f) Processing of personal data in order to protect the legitimate interests of us or third parties, provided that the fundamental freedoms and fundamental rights as well as the interests of the data subject do not prevail. Legitimate interests are in particular our business interest in being able to provide our website, information security, the enforcement of our own legal claims and compliance with Swiss law.

We process personal data for the duration that is necessary for the respective purpose or purposes. In the case of longer-term storage obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.

 

Privacy policy for cookies

This website uses cookies. These are small text files that make it possible to store specific, user-related information on the user's device while using the website. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, analyze behavior of page usage, but also make our offer more customer-friendly. Cookies remain stored at the end of a browser session and can be called up again when you visit the site again. If you do not want this, you should set your internet browser so that it refuses to accept cookies.

A general objection to the use of cookies used for online marketing purposes can be found on a large number of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ be explained. Furthermore, cookies can be saved by switching them off in the browser settings. Please note that not all functions of this online offer can then be used.

 

Data protection declaration for contact form

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

 

Data protection declaration for newsletter data

If you would like to receive the newsletter offered on this website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter . Further data is not collected. We only use this data to send the requested information and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter.

 

Data protection declaration for comment function on this website

For the comment function on this website, in addition to your comment, information about the time the comment was created, your email address and, if you do not post anonymously, the user name you selected will be saved.

Storage of the IP address

Our comment function stores the IP addresses of users who write comments. Since we do not check comments on our site before activation, we need this data in order to be able to act against the author in the event of legal violations such as insults or propaganda.

Subscribe to comments

As a user of the site, you can subscribe to comments after registration. You will receive a confirmation email to verify that you are the owner of the email address you provided. You can unsubscribe from this function at any time via a link in the info mails.

 

Paid services

For the provision of chargeable services, we ask for additional data, such as payment details, to process your order or. To be able to carry out your order. We store this data in our systems until the statutory retention periods have expired.

 

Use of Google Maps

This website uses Google Maps. This enables us to show you interactive maps directly on the website and enables you to conveniently use the map function. When you visit the website, Google receives the information that you have accessed the corresponding subpage of our website. This takes place regardless of whether Google provides a user account that you are logged in to or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your profile to be assigned to Google, you must log out before activating the button. Google stores your data as user profiles and uses them for the purposes of advertising, market research and / or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, but you must contact Google to exercise them. For more information on the purpose and scope of data collection and its processing by Google, you can find further information on your rights in this regard and setting options to protect your privacy at: www.google.de/intl/de/policies/privacy .

 

Data protection declaration for Facebook

This website uses functions of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. When you access our pages with Facebook plug-ins, a connection is established between your browser and the Facebook servers. Data is already being transferred to Facebook. If you have a Facebook account, this data can be linked to it. If you do not want this data to be assigned to your Facebook account, please log out of Facebook before visiting our site. Interactions, in particular the use of a comment function or the clicking of a "Like" or "Share" button are also passed on to Facebook. Find out more at https://de-de.facebook.com/about/privacy .

 

Data protection declaration for LinkedIn

This website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click the "Recommend" button from LinkedIn and are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account. We would like to point out that, as the provider of the website, we have no knowledge of the content of the transmitted data or its use by LinkedIn.

Further information can be found in LinkedIn's data protection declaration at: https://www.linkedin.com/legal/privacy-policy

 

External payment service providers

This website uses external payment service providers, the platforms of which users and we can carry out payment transactions. For example about

In the context of fulfilling contracts, we use the payment service providers on the basis of the Swiss data protection regulation and, if necessary, Art. 6 Para. 1 lit. b. EU GDPR. For the rest, we use external payment service providers based on our legitimate interests in accordance with Swiss data protection regulation and, if necessary, according to Art. 6 para. 1 lit. f. EU GDPR in order to offer our users effective and secure payment options.

The data processed by the payment service providers include inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as the contract, sums and recipient-related information. The information is required to complete the transactions. However, the data entered is only processed and stored by the payment service providers. We as the operator do not receive any information on (bank) account or credit card, but only information on the confirmation (acceptance) or rejection of payment. The data may be transmitted by the payment service provider to credit reporting agencies. The purpose of this transmission is to verify identity and creditworthiness. We refer to the terms and conditions and data protection information of the payment service providers.

The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions, which can be called up on the respective website or transaction applications. We also refer to these for further information and assertion of cancellation, information and other data subject rights.

 

Newsletter - Mailchimp

The newsletter is sent using the mail service provider 'MailChimp', a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA. You can view the data protection regulations of the shipping service provider here . The Rocket Science Group LLC d / b / a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European level of data protection ( PrivacyShield ). The shipping service provider is based on our legitimate interests. Art. 6 para. 1 lit. f GDPR and an order processing contract in accordance with 28 para. 3 sentence 1 GDPR.

The shipping service provider can use the recipient's data in pseudonymous form, ie without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the shipping and presentation of the newsletter or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass the data on to third parties.

 

Order processing in the online shop with customer account

We process our customers' data in accordance with the data protection provisions of the federal government (data protection law, DSG) and the EU GDPR, in the context of the ordering processes in our online shop, to enable you to select and order the selected products and services, as well as their payment and delivery, or execution.

The processed data include master data (inventory data), communication data, contract data, payment data and the people affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services in the context of operating an online shop, billing, delivery and customer services. We use session cookies, e.g. for storing the contents of the shopping cart, and permanent cookies, e.g. for storing the login status.

Processing takes place on the basis of Art. 6 Para. 1 lit. b (Execution of order processes) and c (Archiving required by law) GDPR. The information marked as required is required to justify and fulfill the contract. We only disclose the data to third parties in the context of delivery, payment or within the scope of legal permits and obligations. The data will only be processed in third countries if this is necessary for the fulfillment of the contract (e.g. at the customer's request for delivery or payment).

Users can optionally create a user account, in particular by viewing their orders. As part of the registration, the required mandatory information is communicated to the users. The user accounts are not public and cannot be indexed by search engines such as Google. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention for commercial or tax law reasons in accordance with Art. 6 Para. 1 lit. c GDPR necessary. Information in the customer account remains until it is deleted with subsequent archiving in the event of a legal obligation. It is the responsibility of the users to back up their data if the termination is successful before the end of the contract.

As part of the registration and renewed registration and use of our online services, we save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the user's protection against misuse and other unauthorized use. This data is not passed on to third parties, unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with. Art. 6 para. 1 lit. c GDPR.

The deletion takes place after expiry of statutory warranty and comparable obligations, the necessity of storing the data is checked at irregular intervals. In the case of statutory archiving obligations, deletion takes place after its expiration.

 

Copyrights

The copyrights and all other rights to content, images, photos or other files on the website belong exclusively to the operator of this website or the specifically named rights holders. The written consent of the copyright holder must be obtained in advance for the reproduction of all files.

Anyone who commits a copyright infringement without the consent of the respective rights holder can be punished and, if necessary, liable to pay damages.

 

General disclaimer

All information on this website has been carefully checked. We strive to offer our information in a current, correct and complete manner. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, accuracy and timeliness of information, including journalistic and editorial content. Liability claims based on material or immaterial damage caused by the use of the information offered are excluded unless there is evidence of willful or gross negligence.

The publisher can change or delete texts at his own discretion and without notice and is not obliged to update the content of this website. Use or access to this website is at the visitor's own risk. The publisher, his clients or partners are not responsible for damage, such as direct, indirect, accidental, to be determined in advance or consequential damage, which allegedly resulted from visiting this website and are therefore not liable for this.

The publisher also assumes no responsibility and liability for the content and availability of third-party websites that can be reached via external links on this website. The operators of the linked pages are solely responsible for their content. The publisher therefore expressly distances himself from all third-party content that may be relevant under criminal law or liability law or that violates common decency.

 

Changes

We can change this privacy policy at any time without notice. The current version published on our website applies. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by email or in any other suitable way in the event of an update.

 

Questions to the data protection officer

If you have any questions about data protection, please send us an email or contact the person responsible for data protection at the beginning of the data protection declaration in our organization.

 

Winterthur, February 28, 2020
Source: Swiss Anwalt