Our Data Protection Statement has been updated, effective 25 May 2018.
This website (WEBSITE) is operated by Hirslanden AG (hereinafter “HIRSLANDEN” or “we”), which is located in Switzerland.
HIRSLANDEN takes the protection of personal data very seriously. We want you to know what data we collect, save and process. In this regard, we comply with the requirements set out in the applicable data protection laws.
2. Who is responsible for data protection compliance?
The responsible body for data protection with respect to the collection, processing and use of your personal data is Hirslanden AG (Corporate Office, Boulevard Lilienthal 2, CH-8152 Opfikon). Please direct any enquires or concerns about data protection to the following address: firstname.lastname@example.org.
3. What data is collected and processed, and what is it used for?
a. General: We process our users’ personal data only to the extent required to provide a functional website as well as our content and services. Our users’ personal data is regularly processed only with the consent of the user. Cases in which obtaining prior consent is impossible for practical reasons and in which the processing of such data is permitted by law are an exception to this.
We use your data for various purposes, which fall into the following categories:
i. Services: HIRSLANDEN saves and processes your personal data for the purpose for which you have granted us your consent in connection with the services we offer.
ii. Communications: HIRSLANDEN saves and processes personal data to provide, manage and conduct customer communications by post, telephone or electronic means of communication. This also includes organising and conducting market research and opinion surveys.
iii. Analysis: Use of the WEBSITE may be recorded and analysed on an individualised or anony-mous basis with regard to your needs and interests (also refer to sections on cookies and web analytics below). We use analytics tools (see below) to tailor information about products and services to your preferences. In addition, HIRSLANDEN can link and combine this data – par-ticularly for marketing purposes – with other HIRSLANDEN data.
iv. Direct marketing: We undertake to avoid unnecessary advertising by identifying user behaviour based on the analytics results in order to conduct individual, personalised direct marketing activities. We therefore reserve the right to process your data for the purpose of sending individualised and personalised advertising and to customise the content of our websites, mobile device apps, email marketing or our Internet or social media platforms.
v. Statistics: HIRSLANDEN generates statistical reports based on anonymised user data so that we may continually improve our WEBSITE and services.
b. Activity and user data
Each time a user visits our website, our system automatically collects data and information about the computer system from which the website was accessed. The following types of data are collected:
(1) Information about the browser type and version used
(2) The user’s operating system
(3) The user’ Internet service provider (ISP)
(4) The user’s anonymised IP address
(5) Date and time of access
(6) Referring websites that redirect the user’s system to our website
(7) Websites that are accessed by the user’s system via our website
(8) Language and country settings
(9) Geolocation data
c. Personal data that you provide us online: This can be data you provide, for example, when filling out online forms or registrations, e.g. signing up for newsletters or requesting other informational materials or installing apps. This personal data includes surname, first name, date of birth/age, gender, address, phone numbers, email addresses, photos and videos taken or recorded on our premises, photos you have provided us, customer numbers, means of payment and language preferences. When you complete registrations or make appointments, we will notify you regarding the type, scope and purpose of data processing, how long the data will be stored, and your right to objection and will refer you to this data protection statement.
d. Personal data in connection with communications by phone, fax, e-mail, voicemail, text messages (SMS), picture messages, video messages or instant messaging. If you contact us using any of the contact options we offer, your information and content will be saved so that we can tend to the matter and respond to your enquiry. This data will not be passed on to third parties without your consent. If you post any content or comments on this WEBSITE, your IP address as well as the date and time of registration will be saved. This is done for the security of the website operator: if your text is in violation of the law, the operator will want to be able to identify you.
- Login information
- Information about the browser type and version used
- The user’s operating system
- The user’ Internet service provider
- The user’s anonymised IP address
- Date and time of access
- Referring websites that redirect the user’s system to our website
- Websites that are accessed by the user’s system via our website
- Language and country settings
- Geolocation data
- Search terms
- Frequency of page views
- Use of specific website features
- Search results
Certain cookies are necessary for technical reasons to make our website easier to use. Some features of our WEBSITE will not work without cookies. Such features require that it be possible to recognize your browser again when viewing a new page. Analytics cookies are used additionally for the purpose of improving the quality of our website and its contents. Analytics cookies allow us to see how the WEBSITE is being used so that we can continually optimise our services.
5. How do we use web analytics technologies?
We use what are known as web analytics or tracking technologies in order to continually improve our website. Depending on the provider of the web analytics tool, the respective server may be located in another country. Please also refer to the section “Disclosure of your data”.
We mainly use Google Analytics, which is a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To disable Google Analytics, Google offers a browser plugin that can be downloaded here: http://tools.google.com/dlpage/gaoptout?hl=en.
Google Analytics uses “cookies”, which are text files which are stored on your computer and make it possible to analyse your website usage (see above). The information generated by the cookie about your WEBSITE usage (including your IP address) is sent to and saved on a server located in the USA.
Google uses this information to analyse your WEBSITE usage, to generate reports about website activities for the website operator, and to provide other services in connection with use of the website and the Internet. Google may also send this information to third parties, provided this is required by law or if the third party is processing the data on behalf of Google. Under no circumstances will Google associate your IP address with other data held by Google, and it provides the data to us exclusively in anonymised form.
You can block cookies by configuring your browser accordingly; we should point out, however, that you may not be able to fully use all of the features of this website if you do so.
Google complies with the data protection provisions of the Privacy Shield agreement, is registered as part of the Privacy Shield program of the US Department of Commerce and uses the information it collects to analyse the usage of our WEBSITE, to provide us with reports on these activities and to provide us with other services relating to these activities. For more information, visit https://support.google.com/analytics/answer/6004245?hl=en. By using this WEBSITE, you agree to allow your personal data collected by Google to be processed in the manner and for the purpose described above.
We also use Google AdWords, which is an analytics service provided by Google, as well as the Conversion Tracking function of Google AdWords. For this purpose, Google AdWords uses a conversion tracking cookie saved on your computer (“conversion cookie”) when you click on an advertisement displayed by Google. These cookies expire after 30 days and are not used to identify the user personally. When you visit certain pages on our website, Google and we can see whether you have clicked on the ad and were redirected to this page.
If you do not want to participate in tracking, you can opt out of the use of this cookie – for example, by configuring your browser to disable the automatic saving of cookies in general or to block cookies from the domain “googleleadservices.com”.
Conversion cookies are used to collect information for statistical purposes. These statistics tell us the total number of users who have clicked on the respective ad displayed by Google and who has visited a page that includes a conversion tracking tag.
In addition to conversion tracking, we also use the following functions:
- Targeting of groups with common interests
- User-defined target groups with common interests
- Target groups who are willing to make purchases
- Similar target groups
- Demographic and geographic targeting.
The remarketing feature provided by Google and other providers allows us to approach users who have already visited our WEBSITE. This allows us to present our advertising to target groups who have already shown an interest in our products or services. Based on the usage of websites in Google’s advertising network (“display network”) in the last 30 days as well as with the context-based search engine, AdWords also identifies which interests and attributes the users of our WEBSITES have in common. Based on this information, AdWords then identifies new potential customers whose interests and attributes are similar to those of our website users for marketing purposes. Target group-specific remarketing is carried out using a combination of cookies, such as Google Analytics cookies, and Google DoubleClick cookies.
6. Social media
If you have concerns about the use of your personal data or any questions in this regard, you should carefully read through the data protection policies of these services before using them.
b. Our pages integrate plug-ins from various providers, such as Facebook, Twitter, LinkedIn and Google+. The plug-ins are identifiable by the logo of the respective provider and may be found in the form of a button, e.g. the “Like”, “+1” or Twitter buttons (a list of Facebook plugins can be found here: http://developers.facebook.com/docs/plugins/).
7. Disclosure of your data
HIRSLANDEN is a subsidiary of Mediclinic International plc and, as such, a member of an international group with operating platforms in South Africa, Namibia and the United Arab Emirates. By using the WEBSITE and its services, the USER agrees to his or her data being provided to other members of the group and processed by them. This may be done not only to satisfy the purpose designated by HIRSLANDEN, but also for group accounting and reporting, for optimising IT services, and for marketing purposes. In doing so, HIRSLANDEN warrants that it will comply with the principles of Swiss data protection law or ensure an equivalent level of protection outside of Switzerland. Regardless of whether HIRSLANDEN itself or other group members store and/or process the USER’s data, their employees may not examine or process the data unless this is necessary to perform their duties in the group member.
Furthermore, we may pass on your personal data to third parties in order to make use of technical or organisational services that we need to serve the purposes mentioned or to conduct our other business activities. Our service providers are contractually obligated to process personal data exclusively on our behalf and according to our instructions. We also require our service providers to comply with technical and organisational measures that ensure the protection of personal data. If the service providers are located in countries that do not have laws which provide for a level of personal data protection comparable to Swiss regulations, we enter agreements with the respective service providers to ensure they are in compliance with the level of data protection in Switzerland.
We may also pass on your personal data if we are required to do so for the sake of compliance with applicable laws and regulations, during legal proceedings, at the request of the competent courts and authorities, when required by other legal provisions, or if deemed by us as necessary to protect or defend our rights and/or our property.
8. How long is my data stored?
All stored personal data will be immediately and permanently deleted as soon as it is no longer needed for the purposes for which it was collected, when the user agreement is terminated, or at your request – provided HIRSLANDEN is not required to retain this data for the purposes of legal compliance. Aggregated or anonymised data that cannot reveal the identity of the USER may, however, also be used for internal purposes.
9. How do we protect your data?
We have taken technical and organisational measures to ensure that the data protection requirements are adhered to, both by us as well as by external service providers who work for us.
The unencrypted transfer of data over public networks (e.g. when you send us messages or other information) may be read by, changed or destroyed by unauthorized third parties. The USER assumes all risk involved with transferring data to or from the WEBSITE.
10. What are my rights?
You have the right at any time to request information about the personal data we have stored about you. You may also at any time contact the responsible body to request the rectification, export, partial or complete erasure as well as blocking of individual items of personal data, provided this does not conflict with any legal obligations of safekeeping or retention. Under certain circumstances, you also have the right to lodge a complaint with a relevant data protection supervisory authority.
You may also make use of your right to object to data processing at any time and without giving a reason.
You may withdraw your consent to offer you information and advertising in newsletters or the registration for other services at any time by clicking the link in the respective newsletter or from the other registration pages or by sending an e-mail to email@example.com.
11. How is this statement updated?
We may amend or update parts of the Data Protection Statement without prior notice. Should we make any major changes, you will be notified accordingly. Please always review the Data Protection Statement to ensure you are aware of any changes or updates.
12. Contact for questions and feedback on data protection:
Please send any questions pertaining to data protection to the following address: firstname.lastname@example.org. If you are resident in the EEA, you can also contact our EU representative: email@example.com. Postal address: activeMind.legal Rechtsanwaltsgesellschaft m.b.H. Kurfürstendamm 56, 10707 Berlin