Privacy notice
ventravis collects and processes personal data in accordance with the provisions of Swiss data protection legislation. Data are transferred to recipients without encryption on this website. Therefore, ventravis encourages all users not to send any confidential information via this website. ventravis rejects any liability in the event of data protection breaches by external users.
1. Controller
ventravis is the data controller responsible for the collection, processing and use of your personal data in the sense of data protection legislation. Please send any queries on this Notice or concerns about data protection to the following address:
ventravis Bauchchirurgie Zentralschweiz
Ärztezentrum Lorze
Dorfplatz 1
6330 Cham
2. Sources and data used
ventravis collects your personal data in particular if you contact us in your capacity as a patient, but also as a supplier, service provider or in other functions. We especially process personal data that we receive from our patients as part of our patient relationship. Furthermore, we process personal data in the course of the other activities of our surgery. We also process personal data which we obtain in connection with the performance of our services from publicly accessible sources (e.g. purchase of address data/external addresses for mailing campaigns, etc.) in a legally permissible manner.
We further process data arising in the course of the use of our website and/or such data you provide there (e.g. by completing web forms when making online appointments).
Relevant personal data include personal details (inter alia last name, first name, date of birth, age, sex, address, telephone number). Furthermore, these may also be order data, data obtained through compliance with our contractual obligations, advertising and sales data, documentation data as well as other data that are comparable to the categories listed above.
As part of our surgery’s activities, we also process so-called particularly sensitive personal data. These are health data in the first place.
3. Purpose of the processing
Your data are processed for the following purposes:
a) For the fulfilment of contractual obligations/provision of our medical services
ventravis stores and processes your personal data for the purpose for which you have provided those data to us in connection with the provision of your services as a medical practice. Your personal data are mainly used for the fulfilment of the patient contracts through your treatment in our medical practice. ventravis further stores and processes personal data for the provision, administration and performance of patient communication by post, telephone and electronic means of communication. Furthermore, we process data for the performance of pre-contractual measures which are carried out upon request.
b) As part of the balancing of interests
As far as necessary, above and beyond the actual fulfilment of the contract, we shall process your data to safeguard our or third parties’ legitimate interests. Examples of the above include:
advertising or market and opinion research to the extent you did not object to the use of your data
assertion of legal claims and defence in legal disputes
guarantee of IT security and IT operation
analysis of the web traffic on our website for improving the functionality of our website
prevention and investigation of crimes
measures for business management and further development of services and products
c) Based upon your consent
To the extent you provided us with your consent to processing personal data for particular purposes (e.g. collection of health data, disclosure of (health) data (e.g. to laboratories, hospitals, other medical practices, etc.), such processing steps are legitimate based upon your consent. You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of the data processed up to the time of the withdrawal.
d) Due to legal regulations or public interest
Moreover, data may be processed or disclosed where this is required due to legal regulations and due to a public interest.
4. Confidentiality/security
All personal data collected, processed and stored are treated in a confidential manner by ventravis and its employees. The data provided by you are stored as follows: ventravis stores health and invoice data on its medical practice’s own server. Data are stored and protected from third-party access with all due care. Only those employees have access to your data who need them for the performance of their duties.
The data provided by you via e-mail or through the website form are transferred without encryption. Therefore, it cannot be excluded that data are lost or accessed by third parties during transmission. Thus, online transfers of personal data take place at your own risk.
The data are only collected for the respective purpose stated.
5. Who will receive my data?
Within ventravis, your data is accessed by those employees who need such data for the fulfilment of our legal and contractual obligations. All data subject to professional secrecy are treated so as to maintain professional secrecy.
Particularly sensitive personal data (such as health data) are only disclosed, in compliance with legal requirements, inter alia, when there is a proper legal basis exists, e.g. a consent provided by you. Also service providers used by us (e.g. in the fields of clouds, legal matters, etc.) can obtain data subject to legal provisions if they comply with the respective duties of confidentiality. These are for example companies providing IT services, laboratory services, telecommunications, (legal) consultancies as well as sales and marketing.
Regarding the transfer of data to recipients outside ventravis, please note that we are subject to professional secrecy and therefore obliged to treat confidential any patient-related information, facts and assessments of which we become aware. We may disclose information about you only if we are legally obliged to do so or if you have consented thereto. Under these conditions, recipients of personal data may include:
physicians or emergency services to the extent their involvement is required or requested by you
public bodies (if there is a legal or official obligation)
Further data recipients may be those parties for which you granted us your consent to data transfer and/or for which you exempted us from our confidentiality obligation.
6. How long will my data be retained?
We process and store your personal data as long as this is necessary for the fulfilment of our contractual and legal obligations.
If the data are no longer needed for the fulfilment of contractual or legal obligations, they are generally erased, unless the - temporary - further processing thereof is required for the following purposes:
fulfilment of retention obligations under commercial and tax legislation, e.g. arising from the Swiss Code of Obligations (OR) and tax laws. The retention and/or documentation periods stipulated therein usually total ten years.
Preserving evidence pursuant to the legal rules on limitation periods. Pursuant to Art. 127 et seq. of the Swiss Code of Obligations (OR), such limitation periods may be up to 10 years.
7. Which data protection rights to I have?
Where the corresponding rights are granted by the respective applicable legal basis, you may exercise the right to information, the right to rectification, the right to erasure, the right to restriction of processing, the right to data portability as well as the right to object. Furthermore, you have the right to lodge a complaint with the competent data protection supervision authority in accordance with the respective applicable legal basis.
You may withdraw your consent to processing given to us at any time. Please note that such withdrawal will only apply for the future. Any processing operations prior to the withdrawal are not affected thereby.
If ventravis did not satisfy your expectations in the course of processing of your personal data, you may contact us at any time using the details set forth in section 1.
8. Do I have an obligation for the provision of data?
In the course of our patient relationship, you need to provide those personal data that we need for establishment and execution of the patient relationship and fulfilment of the contractual obligations related thereto or to the collection of which we are legally obliged.
9. Cookies
ventravis may use cookies on its website (e.g. Google Fonts, Google ReCaptacha, Matamo, Serverlogs, Google Maps, etc.).
9.1. Cookies
Cookies are text files that are filed and stored on a computer system via an internet browser. If a user accesses a website, a cookie may be stored on the user’s operating system. A cookie contains a distinctive character string that allows for clear identification of the browser when the website is accessed again. The data subject can prevent the storage of cookies by our website at any time using the appropriate setting on the web browser they are using and thus permanently object to the setting of cookies. Furthermore, cookies which have already been set can be erased via an internet browser or other software programs at any time.
9.2. Links to social media platforms
Buhof Praxis may provide links to Facebook, Twitter, LinkedIn and other social media platforms on its website. The share links to Facebook and other social media platforms used have the same function as normal links. As long as you do not click on the links, thus leaving the website and switching within the browser, e.g. to Facebook, no user data are transferred to the respective social media platform.
Functions provided by the Twitter service are embedded in our website. These functions are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” function, the websites used by you are associated with your Twitter account and disclosed to other users. In the course thereof, data are also transferred to Twitter. Please note that we as the provider of the pages receive no information on the contents of the data transferred as well as use thereof by Twitter. More information is available in the Twitter privacy policy at https://twitter.com/privacy. You can change your data protection settings for Twitter in the account settings at: https://twitter.com/account/settings .
Our website includes functions of Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. You can recognize the Facebook functions by the Facebook logo or the “Like button” on our website. When you visit our website, the functions establish a direct connection between your browser and the Facebook server. In this way, Facebook receives the information that you visited our website with your IP address. When you click the Facebook “Like button” while you are logged into your Facebook account, you can link the contents of our website to your Facebook profile. If you do so, Facebook will be able to assign your visit to our website to your user account. Please note that as the provider of the website, we do not get access to the content of the transmitted data and their use by Facebook. For more information, please refer to the Facebook privacy policy at https://de-de.facebook.com/policy.php.
If you do not want Facebook to be able to assign the visit to our websites to your Facebook user account, please log out from your Facebook user account.
Our website includes functions of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. You can recognize LinkedIn functions by the LinkedIn logo on our website. When you visit our website, the functions establish a direct connection between your browser and the LinkedIn server. In this way, LinkedIn receives the information that you visited our website with your IP address. When you click the LinkedIn “Like button” while you are logged into your Facebook account, you can link the contents of our website to your Facebook profile. If you do so, LinkedIn will be able to assign your visit to our website to your user account. Please note that as the provider of the website, we do not get access to the content of the transmitted data and their use by Facebook. For more information, please refer to the LinkedIn privacy policy at https://www.linkedin.com/legal/privacy-policy
If you do not want LinkedIn to be able to assign your visit to our pages to your LinkedIn user account, please log out from your LinkedIn user account.
To the extent patients embed links and/or videos (e.g. via YouTube, Vimeo, etc.) and other services (e.g. Facebook, Twitter, etc.) in the course of using social media platforms, this takes place in the respective patient’s sole responsibility. Such links do not mean that ventravis approves of the contents of such external websites. ventravis does not assume any responsibility for the availability or contents of such websites, and no liability for any damage or injuries arising from the use of external websites and the contents thereof.
10. Web analysis
ventravis uses so-called web analysis and/or tracking technologies to improve its internet presentation on an ongoing basis.
ventravis uses Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google provides a browser add-on at http://tools.google.com/dlpage/gaoptout?hl=de by means of which you can disable Google Analytics. Google Analytics uses so-called «cookies», i.e. text files that are stored on your computer and allow the analysis of your use of the website (see above). The information about your use of this website (including your IP address) that is generated by the cookie is transferred to and stored on a US-based Google server.
Google uses this information to analyse your use of the website, to compile reports about website activity for the website operator, and to provide further services in connection with the use of this website and of the Internet. If legally required, or where third parties process such data on behalf of Google, Google will also transmit this information to third parties. Google will never associate your IP address with any other Google data, and will disclose it to us in anonymised form only.
You can prevent cookies from being installed on your device by changing the settings on your browser - software accordingly; however, we would like to point out that, if you do so, you may not have full access to all the functions of this website.
11. IT system protocols
Every time the internet is used, for example when websites are accessed and e-mails are sent, data are automatically transferred which could be partly categorised as personal data and stored by us in so-called system protocols. ventravis stores the system protocols in order to identify malfunctions and for security reasons. If the data are no longer necessary for the performance of operational or legal obligations, they are erased.
12. Changes to the privacy notice
We reserve the right to change this privacy notice at any time. The date of the last update is set forth at the end of the privacy notice.
Version from: September 2020