DATA PROTECTION DECLARATION

Data protection declaration of Hostettler Dental AG

This data protection declaration of Hostettler Dental AG explains how we collect and process personal data. However, this description is not exhaustive. It may be supplemented or modified by other, more specific data protection declarations.
Personal data is any information relating to an identified or identifiable person. We collect and process personal data in accordance with the applicable laws, in particular the Swiss Data Protection Act (DSG). However, this data protection declaration also takes into account the EU General Data Protection Regulation (DSGVO) in addition to the DSG and is based on this standard in terms of content.

1. Controller

Hostettler Dental AG is responsible for the personal data that we process. You can contact us by telephone on +41 62 962 31 41 or by email at info(at)kmzf.ch.

2. Collection and processing of personal data

We primarily collect and process personal data that we receive from our patients in the course of our business relationships or based on other contractual relationships with business partners. We also receive personal data from users of our websites and other applications.

We assume that personal data that we receive from you is correct and up to date. If you provide us with personal data of other persons (e.g. family members or employees), we assume that you are authorised to do so.

We receive data not only directly from you, but possibly also from third parties, for example other laboratories or dental practices, etc., as well as data in connection with the use of the website (e.g. IP address, MAC address of the smartphone or computer, information about your device and settings, cookies, date and time of the visit, pages and content accessed, functions used, referring website, location information).

3. Purposes of data processing and legal bases

Personal data is used primarily to enable us to fulfil our contractual obligations to our patients and business partners. This mainly involves providing our services or purchasing products and services from our suppliers and auxiliaries. It also helps us to fulfil our legal obligations in Switzerland and abroad.

Wherever permitted and appropriate, we process personal data about you and other persons, including for the following purposes in which we (and possibly third parties) have a legitimate interest:

• The range and further development of our offers, services and websites, as well as other platforms on which we are present;
• Communication with third parties and processing their requests (e.g. for references in response to job applications, media enquiries);
• Advertising and marketing (including event management), provided you have not objected to the use of your data (if we send you advertising, you can object to this at any time, and we will then put you on a blacklist to prevent further advertising mail)
• Market and opinion research, media monitoring;
• Assertion of legal claims and defence in connection with legal disputes and official proceedings
• Prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to prevent fraud)
• Guarantees of our operations, in particular our IT and our website
• Video surveillance to protect the right of admission and other measures for IT, building and system security and the protection of our employees and other persons and property (such as access controls, visitor lists, network and mail scanners, telephone recordings)

If you have given us consent to process your personal data for specific purposes (for example, when you registered to receive our newsletters), we will process your personal data in line with this consent, unless we have another legal basis. You can revoke consent that you have given at any time, but this will not affect the legality of any data processing that has already taken place.

4. Cookies, tracking and other technologies when using our website

Our website typically uses cookies and similar technologies that can be used to identify your browser or device. A cookie is a file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website. This enables us to recognise you when you return to this website. In addition to cookies that are only used during a session and deleted after your visit to the website (‘session cookies’), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) (‘permanent cookies’). However, you can set your browser to reject cookies, to store them only for one session or to delete them prematurely. Most browsers are set to accept cookies by default. We use permanent cookies to better understand how you use our offers and content. If you block cookies, certain functionalities (such as language selection) may no longer work.

We also use Google Analytics or similar services on our website. This is a third-party service that may be located anywhere (in the case of Google Analytics, it is Google LLC in the USA, www.google.com), which we can use to measure and evaluate the use of the website. Permanent cookies set by the service provider are also used for this purpose. We do not provide the service provider with any personal data (and the service provider does not store any IP addresses), but the service provider may track your use of the website, combine this information with data from other websites that you have visited and that are also tracked by the service provider, and use this information for its own purposes (e.g. to control advertising). If you have registered with the service provider yourself, the service provider also knows you. The processing of your personal data by the service provider is then carried out under the responsibility of the service provider in accordance with its data protection provisions. The service provider only informs us how our respective website is used (no information about you personally).

5. How do we manage social networks on our pages?

We may operate pages and other online presences on social networks and other platforms operated by third parties and process data about you in this context. In doing so, we receive data from you (e.g. when you communicate with us or comment on our content) and from the platforms (e.g. statistics). The platform providers can analyse your use and process this data together with other data they have about you. They also process this data for their own purposes (e.g. marketing and market research purposes or to manage their platforms), and for this purpose they act as their own controllers. For more information about processing by platform operators, please refer to the privacy policies of the respective platforms.

We are entitled, but not obliged, to check content before or after it is published on our online presences, to delete content without prior notice and, if necessary, to report it to the provider of the platform in question.

6. Data transfer and transmission abroad

We disclose data to third parties as part of our business activities, provided that the purpose of the data processing in accordance with Section 3 allows it and we consider it to be reasonable. This may be the case, for example, when third parties work for us. These recipients may be located both in Switzerland and abroad. If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection as required by law by using appropriate contracts (in particular on the basis of the so-called standard contractual clauses of the European Commission) or other measures.

7. Duration of storage of personal data

We will process your personal data for as long as is necessary for us to fulfil our contractual and legal obligations. This includes the entire duration of the business relationship (from the initiation and execution to the termination of a contract) and beyond that in accordance with the legal storage and documentation obligations. In particular, personal data may be stored for the period during which claims can be asserted against our company (i.e. in particular during the statutory limitation period) or if justified by our business interests (e.g. for evidence and documentation purposes). As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted or anonymised as far as possible.

8. Data security

We take appropriate technical and organisational security precautions to protect your personal data from unauthorised access and misuse, such as issuing instructions, training, IT and network security solutions, access controls and restrictions.

9. Obligation to provide personal data

Within the context of our business relationship, we require personal data from you that is necessary for the commencement and execution of the relationship and for the fulfilment of the associated contractual obligations. Otherwise, we will generally not be able to conclude a contract with you or process it.

10. Rights of the data subject

In accordance with the applicable data protection law, you generally have the right to information, correction, deletion, the right to restrict data processing and to object to our data processing, as well as to the disclosure of certain personal data for the purpose of transmission to another location. We reserve the right to assert the legally provided restrictions, for example due to a data retention obligation. If costs are incurred for you, we will inform you in advance. Consent granted for the processing of your personal data can be withdrawn at any time. Please note that the exercise of these rights may conflict with contractual agreements and that this may have consequences such as the premature termination of the contract or cost implications. We will inform you of this in advance if it is not already contractually regulated.

To exercise your rights, you can contact us at the address given in section 1.

 

Every data subject also has the right to enforce their claims in court or to file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch.

11. Amendments

We may amend this data protection declaration at any time without prior notice. The current version published on our website applies. If the data protection declaration is part of an agreement with you, we will notify you of the change by email or other appropriate means in the event of an update.