In this Privacy Policy, we, Kinderarzthaus AG (hereinafter also referred to as "we" or "us"), explain how we collect and otherwise process personal data. This is not an exhaustive description; other privacy policies, terms and conditions, and similar documents may govern specific matters. Personal data refers to any information relating to an identified or identifiable person.
If you provide us with the personal data of other persons (e.g., family members), please ensure that these persons are aware of this Privacy Policy and only disclose their personal data to us if you are permitted to do so and if this personal data is correct.
This Privacy Policy is designed to meet the requirements of the EU General Data Protection Regulation ("GDPR") and the revised Swiss Data Protection Act ("DSG"). Whether and to what extent these laws are applicable depends on the individual case.
The party responsible for the data processing that we describe here is
Kinderarzthaus AG
Universitätstrasse 115
8006 Zürich, Switzerland
If you have any concerns about data protection, please contact us at the above address or by phone (044 501 40 04) or email
(info_at_kinderarzthaus.ch).
We primarily process the personal data that we receive from our customers and other business partners, as well as from other parties involved, in the course of our business relationships. We also process personal data collected from users when operating our websites, apps, and other applications. We also process personal data submitted to us as part of application procedures, as well as data provided via the contact form on our website, by email, phone, or fax.
Where permitted, we also obtain certain data from publicly accessible sources (e.g., debt enforcement registers, land registers, commercial registers, press, internet) or receive such data from authorities and other third parties. In addition to the data you provide to us directly, we may receive personal data about you from third parties. These include information from public registers, details obtained in connection with official and legal proceedings, and information related to your professional roles and activities, such as data that allow us to conduct business transactions with your employer. We may also receive information about you from correspondence and discussions with third parties, as well as creditworthiness data if we engage in business transactions with you personally. Additionally, we may receive information from individuals in your environment, such as family members, advisors, or legal representatives, to facilitate contract execution or transactions involving you. This could include references, delivery addresses, powers of attorney, and compliance-related details such as anti-money laundering measures and export restrictions. Banks, insurers, distributors, and other contractual partners may provide us with data regarding services used or provided by you, including payment and purchase history. Furthermore, we may collect information from media and the internet about you where relevant, such as in the context of job applications, press reviews, or marketing and sales activities. Your addresses, interests, and other sociodemographic data may also be processed for marketing purposes. We may also collect data related to your use of our website, including your IP address, the MAC address of your smartphone or computer, device and settings information, cookies, the date and time of your visit, the pages and content you access, the functions you use, the website that referred you, and your location data.
Patient information on the processing of personal data
We primarily use the personal data we collect to enter into contracts with our business partners, manage the procurement of products and services from our suppliers and subcontractors, and fulfill our legal obligations both domestically and internationally.
In addition, we process personal data about you and other individuals, where permitted and where we deem it appropriate, for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the intended purpose:
Insofar as you have given us your consent to process your personal data for certain purposes (for example, when you register to receive newsletters or a background check is carried out), we will process your personal data within the scope of and based on this consent, insofar as we have no other legal basis and we require one. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place.
We typically use cookies and similar technologies on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or automatically saved on your computer or mobile device by the web browser you are using when you visit our website. If you visit this website again, we can recognize you, even if we do not know who you are. In addition to cookies that are used only during a session and deleted after your visit to the website ("session cookies"), cookies may also be used to store user settings and other information over a specific period (e.g., two years) ("persistent cookies"). However, you can configure your browser to reject cookies, store them only for a session, or delete them prematurely. Most browsers are initially set to accept cookies. We use persistent cookies to store user settings (e.g., language, autologin), to better understand how you use our services and content, and to display tailored offers and advertising (which may also appear on websites of other companies; however, they will not know who you are unless we ourselves know, as they can only see that the same user who visited their site was also on a specific page of ours). Some of the cookies are set by us, some by contractual partners with whom we work. If you block cookies, certain functions (such as language selection, shopping cart, ordering processes) may no longer work.
In our newsletters and other marketing emails, we may include both visible and invisible image elements, as permitted, which, when retrieved from our servers, allow us to determine whether and when you have opened the email. This helps us measure and better understand how you engage with our offers so we can tailor them to you. You can block this in your email program; most are set up by default to do so.
By using our website and consenting to receive newsletters and other marketing emails, you consent to the use of these techniques. If you do not wish to consent to this, you will need to adjust the settings in your browser or email program accordingly.
The provider of our website automatically collects and stores information in "server log files", which your browser sends to us automatically. These include:
We sometimes use Google Analytics or comparable services on our websites. This is a service provided by third parties, who may be located in any country around the world. In the case of Google Analytics, this involves Google Ireland (based in Ireland), which relies on Google LLC (based in the USA) as a data processor (both referred to as "Google", www.google.com). We use this service to measure and analyze website usage (non-personally identifiable). For this purpose, persistent cookies are also used, which are set by the service provider. We have configured the service so that the IP addresses of visitors are anonymized by Google in Europe before being forwarded to the USA, ensuring they cannot be traced back. We have switched off the "data transfer" and "signals" settings. Although we assume that the information we share with Google is not considered personal data by Google, it is possible that Google may draw conclusions about the identity of visitors from this data, create personal profiles, and link this data with the Google accounts of those individuals. If you have registered with the service provider yourself, the service provider will also know who you are. The service provider is then responsible for processing your personal data in accordance with its data protection regulations. The service provider only informs us about how our website is used (without providing any personal details about you).
Our website uses features provided by the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed about which of our pages you have visited. Vimeo additionally obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information is transmitted to a Vimeo server in the US, where it is stored. If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account. Further information on handling user data can be found in Vimeo's privacy policy at: https://vimeo.com/privacy.
As part of our business activities and the purposes outlined in section 3, we may disclose data to third parties, where permitted and deemed appropriate, either because they process it on our behalf or because they wish to use it for their own purposes. This concerns in particular the following entities:
all joint recipients.
Some of these recipients are in Switzerland, but they can be anywhere in the world. In particular, you must consent to the transfer of your data to other countries in Europe and the USA, where the service providers we use are located (such as Microsoft).
If a recipient is located in a country without adequate legal data protection, we contractually oblige the recipient to comply with applicable data protection laws (for this, we use the revised standard contractual clauses of the European Commission, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), unless they are already subject to a legally recognized framework to ensure data protection and we cannot rely on an exemption provision. An exception may apply, particularly in legal proceedings abroad, but also in cases of overriding public interest or when the execution of a contract requires such disclosure, if you have consented, or if it concerns data you have made publicly available and to which you have not objected.
We process and store your personal data for as long as it is necessary for the fulfillment of our contractual and legal obligations or for the purposes pursued by the processing, such as for the duration of the entire business relationship (from initiation, to execution, to termination of a contract), as well as in accordance with the statutory storage and documentation obligations. It is possible that personal data will be retained for the period during which claims can be made against our company and as long as we are legally required to do so or legitimate business interests require it (e.g., for proof and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymized as a matter of principle and to the extent possible. For operational data (e.g., system logs, logs), shorter retention periods of twelve months or less apply.
Personal data collected during the application process will be stored in your personnel file at Kinderarzthaus AG if you are hired. If the application is rejected, your application documents and related personal data will be deleted no later than three months after the application process has been completed.
We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as issuing instructions, providing training, implementing IT and network security solutions, access controls and restrictions, encryption of data storage and transmissions, and regular audits.
In the course of our business relationship, you must provide the personal data necessary to establish and carry out the business relationship and fulfill the associated contractual obligations (you generally do not have a legal obligation to provide us with data). Without this data, we will generally not be able to enter into or carry out a contract with you (or the entity or person you represent). The website cannot be used if certain details necessary to ensure data traffic (such as IP address) are not disclosed.
For the establishment and execution of the business relationship, as well as in other cases, we generally do not use fully automated decision-making (such as that regulated in Article 21 of the Swiss Data Protection Act and Article 22 of the GDPR). If we use such procedures in individual cases, we will inform you separately, as required by law, and provide you with information about the associated rights.
Under the applicable data protection laws, you have the right to access, correct, delete, and restrict the processing of your data, as well as the right to object to our data processing, particularly for direct marketing purposes, profiling related to direct marketing, and other legitimate interests in processing. You also have the right to request the transfer of certain personal data to another entity ("data portability"). Please note, however, that we reserve the right to enforce the limitations imposed by law, such as when we are obliged to retain or process certain data, have an overriding interest in doing so (as far as we may invoke it), or require the data to assert claims. If costs are incurred for you, we will inform you in advance. We have already informed you about the possibility of withdrawing your consent in section 3. Please note that exercising these rights may conflict with contractual agreements and could have consequences, such as premature termination of the contract or financial consequences. In such cases, we will inform you in advance, where this is not already covered by the contract.
Exercising such rights generally requires you to clearly prove your identity (e.g., by providing a copy of your ID if your identity is not otherwise clear or cannot be verified). To assert your rights, you can contact us at the address provided in section 1.
Any data subject also has the right to enforce their claims in court or to lodge a complaint with the competent data protection authority. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
We may modify this Privacy Policy at any time without notice. The current version published on our website always applies. If the Privacy Policy is part of an agreement with you, we will notify you of the change in the event of an update by email or other appropriate means.
***