DATA PROTECTION and DISCLAIMER
1. principle
Protecting your privacy is important to us. The following data protection declaration explains what personal data we process from you when you visit our website or use our online services, or in general when we provide services for you. We collect and process your personal data carefully and only for the purposes described in this data protection declaration and only to the extent necessary for this purpose and within the framework of the applicable legal provisions. We retain your personal data only to the extent and for as long as necessary to provide our services or as required by law. In close cooperation with our hosting providers, we make every effort to protect the databases from unauthorised access, loss, misuse or falsification. This privacy policy is also aligned in particular with the EU General Data Protection Regulation (DSGVO). Although the DSGVO is a regulation of the European Union, it is relevant to us. The Swiss Data Protection Act (DPA) is heavily influenced by EU law and companies outside the European Union or EEA must comply with the DPA in certain circumstances.
2. data protection officer
The Legal Service General Law, Designs and Enforcement is responsible for ensuring compliance with applicable data protection regulations. If you have any data protection concerns, you can communicate them to us at the following contact address:
Name: Physio Restart GmbH
Address: Glärnischstrasse 35, 8002 Zürich
E-Mail-Address: info@physio-restart.ch
3. collection and processing of data
This privacy policy applies to all individuals whose data we may process, regardless of how you contact us, on site, by phone, via an online appointment booking tool, on a website, in an app, via a social network, at an event, etc. It applies to both personal data already collected and personal data collected in the future. It applies to the processing of both personal data already collected and personal data collected in the future. This privacy policy applies to the processing of personal data in all our business areas. For information on the collection and processing of personal data when using our websites, mobile apps and social media sites, in particular in connection with cookies and similar technologies, please also consult our cookie information. If you are undergoing treatment with us, you will be given a form to sign at the outset. The information it contains relates to our privacy policy, among other things. By signing the form, you agree to the storage of your data, and we assume that you are aware of the contents of the privacy policy at that time.
4. type of data protected
We primarily process personal data related to your treatment with us: Master Data, Contractual Data, Health Data, Financial Data, Behavioural and Transactional Data, Technical Data, Image Data and Sound Data.
4.1 master data
Master data includes any contact details, full name, gender, date of birth, bank data, address, telephone number, email address and, if applicable, data of relatives as emergency contacts. The collection of this is in connection with treatment at Physio Restart GmbH, use of our premises and those of Luxor Fitness and any events that Physio Restart GmbH holds.
4.2 contract data
Should you enter into a contract with us, this includes the purchase of products, sponsorship, subscriptions, staff contract, we will ask for all contact details. Physio Restart GmbH is not responsible for concluding contracts with Luxor Fitness, whose subscriptions require a separate, separate contract.
4.3 health data
We will use one or more health questionnaires for the treatments by asking for all data relating to your well-being and health, the completion and provision of these answers is voluntary. If you consent, we may obtain missing information from your supervising doctor or others.
4.4 financial data
Insofar as this is permitted, we also take certain data from publicly accessible sources (e.g. debt collection registers, land registers, commercial registers, press, Internet) or receive such data from authorities and other third parties, in particular so that we can conclude or process contracts with you or so that we can correctly enter your property rights in the register. In the event of a prescription, your treatments with us will be billed through the relevant insurance company; nevertheless, you will ultimately be liable for payment for your services with us.
4.5 behavioural and transactional data
For the use of our online booking tool, apps and purchases as private benefits, you agree to the storage of behavioural and transactional data.
4.6 technical data
Should you use our websites, practice related apps, our WiFi networks or other electronic offerings, we will collect certain technical data such as your IP address, cookie ID, location or a device ID. Technical data also includes the logs in which we record the use of our systems (log data). In some cases, we may also assign a unique identification number to your end device (tablet, PC, smartphone, etc.) (an ID), e.g. by means of cookies or similar technologies, so that we can recognise it.
4.7 image and sound data
For the conduct of telephone conferences, online meetings, video conferences and/or webinars ("online meetings"), we use the "Zoom" service via local provision ("on premise"). The following data is processed in this context: User name, general information about service preferences, information about each User's device and network and internet connection, e.g. IP address(es), MAC address, other device IDs (UDID), device type, operating system type and version, client version, information about the use of or other interaction with "Zoom" products ("Usage Information"), other information that the User uploads, provides or creates while using the Service, and metadata used for the maintenance of the provided Service. Where appropriate, as is common with collaborative tools, other personal data may also be exchanged between the IPI and the participants, such as chat messages, images, files, audio or video recordings, contact details or metadata used for the maintenance of the service provided.
Only a minimum of data is processed if you participate in an "online meeting" of "Zoom" without registering. Recordings of the "online meeting" are only made with prior notice and are always stored locally. Additional information about the processing of personal data by "Zoom" can be found in their privacy policy. If we record image and/or sound data during a treatment, we will discuss this with you in advance verbally or, if necessary, in writing.
5. purposes of data processing and legal basis
We use the personal data we collect primarily to be able to treat you and to be able to issue invoices. Furthermore, we use the data to conclude and process our contracts with you and business partners, in particular within the scope of our research services and the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations at home and abroad.
In addition, we process personal data of you and other persons, to the extent permitted and deemed appropriate, also for the following purposes, in which we (and sometimes third parties) have a legitimate interest corresponding to the purpose:
-
information on offers, services, websites and other platforms on which we are present;
-
communication with third parties and processing of their enquiries (e.g. applications, media enquiries);
-
examination and optimisation of procedures for needs analysis for the purpose of direct customer contact as well as collection of personal data from publicly accessible sources for the purpose of customer acquisition;
-
advertising and information on our services and offers (including organising events and sending out the annual report), insofar as you have not objected to the use of your data (if we send you advertising from us as an existing patient, you can object to this at any time and we will then put you on a blocking list against further advertising mailings); market and opinion research, media monitoring;
-
assertion of legal claims and defence in connection with legal disputes and official proceedings;
-
prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
-
ensuring our operations, in particular IT, our websites and other platforms; taking measures for IT, building and facility security and protecting our employees and other persons and assets belonging to or entrusted to us (such as access controls, visitor lists, network and mail scanners, telephone records);
-
conducting "online meetings"
-
in connection with scientific studies and improving the quality of our treatment.
Insofar as you have given us consent to process your personal data for certain purposes (for example, when you register to receive newsletters or other requests via online forms on our website), we process your personal data within the scope of and based on this consent, insofar as we have no other legal basis and we require such a basis. Consent given can be revoked at any time, but this has no effect on data processing that has already taken place. Insofar as the processing of your personal data is within the scope of the administration of industrial property rights, the law and ordinance dictate which data we process and in what form. For example, we are required by law to inform the public about the IP rights valid in Switzerland and the personal data associated with them.​
6. retention of personal data
We process and store your personal data for as long as it is necessary for the fulfilment of our contractual and legal obligations or otherwise the purposes pursued with the processing, i.e. for example for the duration of the entire business relationship and treatment period (from the initiation, processing to the termination of a contract) as well as beyond that in accordance with the statutory retention and documentation obligations on the part of the health authorities. In this context, it is possible that personal data will be retained for the time during which claims can be asserted against our institute and insofar as we are otherwise legally obliged or authorised to do so or justified business interests require this (e.g. for evidence and documentation purposes). The duration of file retention within the scope of the administration of industrial property rights is regulated in the respective ordinances and is generally 5 years after cancellation, withdrawal or rejection of the property right (patents, trade marks, designs, topographies).
We draw your attention to the fact that the data in our IP rights registers remain visible even after they have been deleted, as the registers must also provide information about the legal relationships in the past.
6.1 software for managing your data
Your data is stored via the E-Physio Pharmed Solution platform. We also rely on their privacy policy to manage your data. All data related to your treatment is stored in this software.
7. transmission of data to third parties
Your personal data will not be disclosed, sold or otherwise transferred to third parties, unless this is necessary for the purpose of processing the contract or fulfilling our legal obligations or you have expressly consented (e.g. to ensure the security of our input forms on the website, to cooperate with Fitness Luxor employees or to referral or further health care providers). In addition, data may be transferred to third parties if we are obliged to do so by law or by an enforceable official or court order.
The recipients of such data are partly in Germany, but may also be abroad. If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection by using appropriate contracts or rely on the legal exceptions of consent, the execution of the contract, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the data subjects.
The "Zoom" service used for "online meetings" is provided by a provider from the USA; personal data is therefore also processed in a third country. An appropriate level of data protection is contractually guaranteed. Even with local provision ("on premise"), user and meeting metadata as well as cloud recordings are managed in the public Zoom cloud. As a supplementary protective measure, our Zoom configuration is such that, as a matter of principle, only data centres in Switzerland and the EU are used to conduct "online meetings".
You can request information about the aforementioned contractual guarantees from the aforementioned office at any time. However, we reserve the right to black out copies for reasons of data protection or confidentiality or to supply only excerpts.
By law, anyone can inspect the registers we keep and therefore become a recipient of the personal data processed there. The same applies to inspection of the record book from the time when the IP right is entered in the register or the disclosure document has been published. Under certain conditions, inspection of the file book may be requested even before this date. The requirements are set out in the respective ordinances.
The register data as well as other documents such as disclosure documents, patent applications and search reports may - within the scope of the legal provisions - be transmitted to international organisations (EPO, WIPO, EUIPO) and to other trade mark and patent offices.
8. cookies / tracking and other technologies related to the use of our website
8.1 cookies and image elements
We typically use "cookies" and similar technologies on our websites to identify your browser or device. A cookie is a small file that is sent to your computer or automatically stored on your computer or mobile device by the web browser you are using when you visit our website. This allows us to recognise you when you return to this website, even if we do not know who you are. In addition to cookies that are only used during a session and deleted after your visit to the website ("session cookies"), cookies can also be used to store user settings and other information for a certain period of time (e.g. two years) ("permanent cookies"). However, you can set your browser to reject cookies, save them for one session only, or otherwise delete them early. We use persistent cookies to help us better understand how you use our services and content. If you block cookies, certain functionalities (such as language selection) may no longer work.
We also include visible and invisible image elements in our newsletters and other marketing emails in part and to the extent permitted, by retrieving these from our servers we can determine whether and when you have opened the email so that we can measure and better understand how you use our offers and tailor them to you here too. You can block this in your email program.
8.2 newsletters and marketing emails
By using our websites and agreeing to receive newsletters and other marketing emails, you consent to the use of these techniques. If you do not want this, you must set your browser or e-mail programme accordingly.
8.3 Google Analytics
We sometimes use Google Analytics on our websites. This is a service provided by third parties, which may be located in any country in the world (in the case of Google Analytics, it is Google LLC in the USA, www.google.com).
Google Analytics allows us to measure and evaluate the use of the website (not on a personal basis). Permanent cookies set by the service provider are also used for this purpose. The service provider does not receive any personal data from us (and does not retain any IP addresses), but can track your use of the website, combine this information with data from other websites that you have visited and which are also tracked by the service provider, and use these findings for its own purposes (e.g. controlling advertising). If you have registered with the service provider yourself, the service provider also knows you. The service provider is then responsible for processing your personal data in accordance with its data protection regulations. The service provider only informs us how our respective website is used (no information about you personally).
We have activated IP anonymisation on this website, i.e. the IP addresses that Google Analytics must necessarily transmit to the Google Analytics servers for visitors to the IPI websites are automatically shortened by the last digits within the shortest possible time. For more information, see Google Marketing Platform.
8.4 Google reCaptcha
We sometimes use Google reCaptcha on our websites. These are third-party services that may be located in any country in the world (in the case of Google reCaptcha, it is Google LLC in the USA). We use Google reCaptcha to protect online forms on our website. The data processing is based on your consent. The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. Cookies are also used for this purpose, which are set by the service provider. This analysis starts automatically and runs completely in the background as soon as the website visitor opens the website. Website visitors are not informed that an analysis is taking place.
For analysis purposes, Google can evaluate all information from these form pages (including the IP address, the time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The use of the reCaptcha service is subject to Google's Privacy Policy and Terms of Use; for more information, see the reCaptcha website.
8.5 Plug-ins
We also use so-called plug-ins from social networks such as Instagram, Facebook, Twitter, Xing and LinkedIn on our websites. This is visible to you in each case (typically via corresponding icons). We have configured these elements so that they are deactivated by default. If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator according to its data protection regulations. We do not receive any information about you from them.
Third party cookies and tracking technologies
The following technologies are used on our site. Detailed information on the tools can be found under the links provided.
Google Analytics Website Analytics Google Inc. 600 Amphitheatre Parkway Mountain View, CA 94043 USA
Google re Captcha to protect the forms on the IPI website, www.ige.ch works with Google recaptcha. This cookie is set for identification and security purposes. Google Inc. 600 Amphitheatre Parkway Mountain View, CA 94043 USA
Session Cookie / functional cookie (fe_typo_user) keep language setting Typo3 GmbH Am Wehrhahn 41, D-40211 Düsseldorf
Session Cookie / Sicherheitscookie www.ige.ch works with f5.com. This is an infrastructure provider. For identification and security purposes, this cookie is set arbeitet mit f5.com. f5 Networks, Inc. Corporate HQ 401 Elliott Avenue West Seattle, WA 98119-4017
9. data security
We take appropriate technical and organisational security measures to protect your personal data from unauthorised access and misuse, such as issuing instructions, training, IT and network security solutions, access controls and restrictions, encryption of data carriers and transmissions, pseudonymisation and controls.
10. obligation to provide personal data
In the context of our business relationship, you must provide such personal data as is necessary for the establishment and performance of a business relationship and the fulfilment of the associated contractual obligations (you do not generally have a legal obligation to provide us with data). Without this data, we will generally not be able to enter into a contract with you (or the entity or person you represent), process it or fulfil our legal duties.
11. profiling and automated decision-making
The personal data is not used as the basis for any automated decision-making. We do not carry out any profiling with the personal data.
12. rights of the data subject
-
right to request information about the personal data collected
-
right to have their personal data corrected
-
right to have their personal data deleted
-
right to have the processing of personal data restricted
-
right to revoke consent to the processing of personal data
-
right to demand that personal data be handed over in a common, readable format.​
Within the framework of the data protection law applicable to you and insofar as provided for therein (such as in the case of the GDPR), you have the right to information, correction, deletion, the right to restrict data processing and otherwise to object to our data processing as well as to the surrender of certain personal data for the purpose of transfer to another body (so-called data portability). Please note, however, that we reserve the right to enforce the restrictions provided for by law. For example, if we are obliged to retain or process certain data, if we have an overriding interest in doing so (insofar as we are entitled to rely on this) or if we need the data to assert claims. If you incur costs, we will inform you in advance. We have already informed you about the possibility of revoking your consent. Please note that exercising these rights may conflict with contractual agreements and may have consequences such as premature termination of the contract or costs. We will inform you in advance if this is not already contractually or legally regulated.
The execution of such rights generally requires that you clearly prove your identity (e.g. by means of a copy of your identity card where your identity is otherwise not clear or cannot be verified). To exercise your rights, you can contact us at the address given.
In addition, every data subject has the right to enforce his or her claims in court or to lodge a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch).
13. changes
We may amend this privacy policy at any time without prior notice. The current version published on our website shall apply.
14. contact
If you have any general questions about the Services or the information we collect about you and how we use it, please contact us at:
Name: Physio Restart Ltd.
Address: Glärnischstrasse 35, 8002 Zurich
E-mail address: info@physio-restart.ch
date of last change: 06.August, 2023