top of page
Privacy Policy heyPatient App

Effective Date: January 12, 2022

Last updated: 5 November 2025

 

 

Why this Privacy Notice matters

heyPatient is your digital companion in healthcare.

Protecting your personal data is a key priority for us.

Please take a moment to read this Privacy Notice. Your data belongs to you.

This Privacy Notice explains which data we process, for which purposes, on which legal basis, and which rights you have. It applies to the heyPatient App and to connected web frontends such as digital registrations, self check-in or patient call terminals.

Controller

heyPatient AG, Technoparkstrasse 2, CH-8406 Winterthur, is responsible for the processing of data in the App and in the web frontends.

 

Data we process

The type of data depends on how you use the service.
When you register and use our services, the following categories may be processed:

General personal data, such as:
• Identification data (name, date of birth, email, phone number)
• Insurance data (e.g. name of the insurance provider, insurance number, AHV number)

Special categories of personal data, such as:
• Health data (e.g. appointments, documents, findings, X-ray images)

Technical and usage data, such as:
• Device and usage information (e.g. device type, OS version, IP address, language, time zone)
• Support requests and technical logs to ensure secure and stable operation

The specific data depend on the interaction – for example digital registration, confirming an appointment or uploading documents. Only the data required for each purpose are collected according to the healthcare provider’s requirements.

The applicable Privacy Notice of your healthcare provider will be shown to you and must be accepted by you.
In these cases, heyPatient only provides the technical infrastructure and processes data on behalf of the provider.

 

Data control and security

For registration and login, heyPatient uses secure identity providers (in Switzerland: SwissID by SwissSign). This ensures that only verified individuals can access their health data. heyPatient does not store SwissID passwords; we only receive the information required for authentication.

Data entered in the App (profile, appointments, documents, allergies, etc.) remain protected and under your control at all times.
Healthcare providers have no access to these data unless you actively share them, for example during e-registration, check-in or data upload.

You remain in full control of your data, a key benefit of the patient-centric heyPatient solution.

We apply technical and organisational measures according to Art. 8 revDSG to protect your data from unauthorised access, loss or misuse.

 

Purpose of processing

We process your data to:
• operate and improve the heyPatient App and web frontends
• enable digital interactions with healthcare providers
• ensure security, stability and support
• inform you about updates, features and services
• comply with legal obligations

We use anonymised and aggregated data to improve services and processes together with providers.
Processing is purpose-bound and transparent in line with Art. 6 revDSG and, where applicable, Art. 6 GDPR.

 

Consent and use of additional frontends

By registering or completing a digital registration, you consent to the processing described here.
This consent also applies to additional functions such as self check-in or patient call terminals.
No new consent is required if you have already accepted the Privacy Notice during registration.

You can access the current Privacy Notice at any time.

Data disclosure

We share personal data only with:
• technical service providers (hosting, maintenance, support)
• your healthcare provider, if you have authorised such sharing
• authorities, where legally required

Data are processed exclusively in Switzerland and the EU.
Transfers to other countries only occur where an adequacy decision under Art. 16 revDSG / Art. 45 GDPR exists or appropriate safeguards are in place.

 

Use of the App to share information with third parties

The App allows you to share information from your heyPatient account with others – for example via “Share”, “heyFamily” or “Access” features.

You may send data, documents or images (including personal data) to physicians, medical services or trusted persons. You may also grant access to specific data such as your timeline, allergies or medication list.

Please use these features carefully and ensure the information reaches only intended recipients.
Unencrypted email is not secure. Sharing data this way is at your own risk. heyPatient cannot assume responsibility for the protection of information you share independently.

Data retention

a) Data in your heyPatient account

Data you enter or that are displayed to you (appointments, documents, history) remain visible as long as you keep your account or delete them yourself. This remains valid even if the digital link to a provider ends.

b) Data in the digital connection

Data required only for the active digital connection with a provider (e.g. current appointments) are stored as long as the connection exists. If you disconnect or the contract ends, these data are deleted according to technical and contractual rules.

c) Data held by healthcare providers

Data transmitted to a provider (e.g. registration, confirmations) fall under the provider’s responsibility. Their retention rules apply. You may request deletion directly from the provider.

 

Your rights

You may at any time:
• request information about data stored by heyPatient
• request correction of inaccurate data
• request deletion of data in your heyPatient account
• withdraw your consent with effect for the future (processing before withdrawal remains lawful)

For data held by providers, please contact them directly.

Contact for heyPatient: datenschutz@heypatient.com
heyPatient AG, Technoparkstrasse 2, 8406 Winterthur

We handle such requests in accordance with revDSG and, where applicable, GDPR.

 

Do Not Track

We do not allow third parties to collect personal data while you use the App.

Children

Registration or use of the App is permitted for individuals under 16 only with consent from their legal representatives.

 

Right to lodge a complaint

If you believe that data processing violates applicable law, you may contact the competent supervisory authority.

 

Contact for privacy matters

📧 dpo@heypatient.com
📞 +41 44 586 02 01

Further contact details can be found in the imprint on www.heyPatient.com .   

Testimonials

«As a leading tertiary care hospital in Switzerland, we use the patient portal from heyPatient. In our new building, Agnes, we rely on their smart patient call system, which is redefining efficiency and the patient experience. This sets new standards in patient guidance and support.
The experts at heyPatient excel in high-level process automation and develop practical solutions in co-creation with hospital professionals. They are visionary, always open to feedback, and willing to go the extra mile. heyPatient is a reliable partner, and we look forward to continued collaboration and future innovations.»

«heyPatient ermöglicht unseren Patienten den schon lange gewünschten einfachen, digitalen Zugang zu unserer Klinik - gleichzeitig können klinikinterne Prozesse, auch im  Sinne der Patienten optimiert werden.The heyCommunity integrates us into a virtual regional, but also supra-regional health space, enables joint development steps and also offers every clinic the opportunity to realize individual adaptations and connections of third-party applications! A win for our patients, the heyCommunity and of course our clinic!"

"Enabling our patients to plan their stay online is a logical step in our digitalization strategy. heyPatient offers a convincing solution for this.»

Dr. Daniel Heller, 

President of the Board,

Kantonsspital Baden AG

Rolf Schwendener, deputy CEO

Merian Iselin Clinik, Basel

René Künzli, Head of Services and Member of the Executive Board

Swiss Paraplegic Center

Subscribe to our newsletter

Thank you so much!

heyPatient-Logo

team@heypatient.com

Get it from Microsoft AppSource
DCB Digital Diabetes Award Top20
  • LinkedIn Social Icon
  • Facebook

heyPatient AG

Legal 

Reg-Nr:      CHE-326.934.294

DUNS-Nr:  48-042-8462

Technoparkstrasse 2, 8406 Winterthur

+41 44 586 02 01

 

Schumannstrasse 27, 60325 Frankfurt

+49 69 505027 314

imprint

Privacy policy website

General terms of use of the heyPatient App

Privacy Policy of the heyPatient App

digital economy award

Location Winterthur

Find us in Trakt A.

(pass the Bistro - lift next to Open Workspace)

How to find heyPatient
bottom of page