Schulthess Klinik respects the need to protect its clients' personal data and therefore complies with data protection rules, particularly the provisions of the Swiss Federal Data Protection Act (FDPA) and the EU General Data Protection Regulation (GDPR). Personal data is only processed if i) the data subject has given their approval, ii) this is necessary for the fulfilment of a contract, or iii) the FDPA, the GDPR, or some other law permits or stipulates processing.
The explanations below describe how we deal with any personal data we gather in relation to you.
Information regarding the controller
The controller in respect of your personal data and the operator of this website is the Wilhelm Schulthess-Stiftung, Lengghalde 2, CH-8008 Zurich, as the body responsible for Schulthess Klinik ('Schulthess Klinik').
If you have any questions or comments regarding our compliance with this data privacy statement or have any recommendations or observations on how we might improve data protection, please send us an email to firstname.lastname@example.org.
Cookies are small text files placed by a website on a visitor's computer. This file helps the web server save things like preferences and settings on the user's computer, which can be automatically restored the next time they visit. Cookies can also be used to establish whether your computer has already communicated with our websites. The only thing identified is the cookie on your computer. The cookie does not contain any personal data.
Principles of data processing
Purposes of data processing
Personal data is only ever saved and processed to provide you with individual care or to help us deliver the services we offer. The explanations below provide you with an overview of how Schulthess Klinik ensures this protection as well as what kind of data is gathered, processed, or used and for what purpose. Possible purposes include the following:
- Communication: Schulthess Klinik processes your personal data (first name, surname, address, contact details, age) in order to communicate with you by phone, post, or electronic channels.
- Services: Schulthess Klinik processes your personal data (including other personal information such as your profession and nationality as well as information about your health) in order to provide you with individual care and for other purposes for which you have given your consent (such as for research purposes).
- Analysis of user behaviour in relation to the website: Schulthess Klinik also studies users' behaviour in relation to this website with a view to improving its Internet-based offerings or tailoring them to your individual requirements.
The data gathered is retained by Schulthess Klinik in accordance with the statutory provisions relating to retention. This means data is stored in principle for 10 years or for 30 years for research purposes. This period may be extended in exceptional cases (if justified on statutory grounds) or with your consent.
Schulthess Klinik automatically gathers and saves in its server log files some of the information typically transmitted by the browser and makes this available to your browser too. There is no way Schulthess Klinik can link this data to any specific individuals. This data is not merged with any other data sources either.
You can prevent cookies being saved by making the relevant setting in your browser software; please be aware, however, that this may mean you are unable to make full use of all of the functions of this website.
In certain cases, your personal data is encrypted during transmission by the protocol known as Transport Layer Security (TLS). This means communication between your computer and our servers uses a recognised encryption process if your browser supports TLS.
If you have given your consent, Google Analytics, a web analysis service from Google Inc. ('Google'), will be used on this website. The operating standard known as 'Universal Analytics' is used in this connection. This makes it possible to assign data, sessions, and interactions across several devices to a pseudonymised user ID and therefore analyse the activities of a user across different devices.
The full IP address is only transmitted to a Google server in the USA, where it is shortened, in exceptional cases. Google may pass this information on to third parties if this is required by law or in cases where third parties process this data on behalf of Google. The IP address transmitted from your browser in connection with Google Analytics is not merged with other data from Google.
For more detailed information on Google's terms of service and on data protection at Google, please see www.google.com/analytics/terms/de.html and www.google.com/intl/de/analytics/privacyoverview.html.
When you use web-based services, you agree to Google processing the data gathered about you in the manner described above and for the purpose stated above.
For information on how you can prevent the web analysis service processing your data, please see: http://tools.google.com/dlpage/gaoptout
Right to information
You have the right to information about the data saved in relation to you as a person, about those receiving it, and about the purpose of data processing. We can also answer any questions you may have about the gathering, processing, and use of your personal data. We make this information available to you free of charge in accordance with the relevant legislation and in a suitable form.
Passing on personal data
Data gathered is only passed on to third parties if there is a statutory basis to do so or you have given your consent. Data is not passed to third parties for any other purposes such as market research or other marketing activities. Schulthess Klinik reserves the right, however, to use or pass on data where this is required in order to comply with laws, provisions, or legal requirements, particularly in order to protect the integrity of the website or support investigations by enforcement authorities or investigations into matters concerning public security.
All data gathered via this website is protected through suitable technical and organisational measures against accidental or intentional manipulation, loss, destruction, or access by unauthorised persons. Safety precautions are constantly improved to reflect developments in technology. Our employees must comply with specific confidentiality requirements as per the GDPR. Care is taken to ensure the security of data saved by Schulthess Klinik.
You have the right at any time to assert your data protection rights and ask whether we process any personal data about you (and which data might be involved). You can ask for inaccurate information to be corrected, supplemented, or erased and – depending on the legal basis involved – you can even ask for your personal data saved with us to be erased and/or to restrict the processing of it. You may also have the right to data portability and a right to complain. In addition, you have the right to withdraw your consent in relation to personal data you have actively disclosed or whose use you have actively agreed to by, say, completing a registration or contact form.
Please note that erasure of data may make medical care more difficult or undermine its provision.
Without prejudice to any other administrative or judicial remedy, you may have the right to complain to a supervisory body, particularly in the member state where you are domiciled, where you work, or where the suspected infringement took place, if you believe that any processing of personal data relating to you infringes the GDPR.
Changes to our data privacy statement and provision of information
From time to time, it may prove necessary to make changes to this data privacy statement. Schulthess Klinik recommends therefore that you read this statement at regular intervals. However, no changes to the data privacy statement are ever retroactive, so do not affect the way any data gathered before the change in question is processed.
If you have any questions about this data privacy statement or any other questions about data processing at Schulthess Klinik, please contact us at the above address.
Company data protection officer
Schulthess Klinik has appointed a company data protection officer to ensure and monitor data protection. This person can be contacted at the following address: email@example.com