Privacy policy

Data Protection Declaration 

§ 1 Information on the collection of personal data 

(1) In the following, we inform you about the processing of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour. In this way, we would like to inform you about our processing procedures and at the same time comply with the legal obligations, in particular from the EU General Data Protection Regulation (GDPR). 

(2) The person responsible pursuant to Art. 4 (7) DS-GVO is

Mobile Health AG

Falkenstraße 2

8008 Zürich

Schweiz

Telefon: +41 43 243 76 22

E-mail address: datenschutz@medidux.com

(see our imprint).

You can reach our data protection officer at datenschutz@mobilehealth.ch or our postal address with the addition “the data protection officer”.

(3) If we use commissioned service providers for individual functions of our offer or wish to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail about the respective processes below.  

§ 2 Processing of personal data when visiting our website 

When using the website for information purposes, i.e. simply viewing it without registering and without you providing us with any other information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR: 

– IP address 

– Date and time of the request 

– Time zone difference to Greenwich Mean Time (GMT) 

– Content of the request (page visited) 

– Access status/HTTP status code 

– amount of data transferred in each case 

– previously visited page 

– browser 

– operating system 

– language and version of the browser software. 

§ 3 Data processing for contract execution 

If you are or become a customer of ours, we process your contact, contract, payment and communication data for the provision and billing of the contractual services, which you can find in our General Terms and Conditions. Your data may be passed on to service providers supporting us (service providers, operators of communication applications, etc.) for the aforementioned purpose, which we have of course carefully selected and which are bound by our instructions. The legal basis is the existing contractual relationship (Art. 6 para. 1 p. 1 lit. b GDPR). 

§ 4 Data processing when contacting us 

When you contact us by e-mail, telephone or via a contact form, the data you provide (e.g. e-mail address, name, telephone number or also the content of the enquiry) is processed by us in order to answer your questions and/or process your request. The legal basis is Art. 6 para. 1 lit. a) and b) GDPR, namely your consent or a pre-contractual measure. 

§ 5 Further functions and offers of our website 

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested and we use other usual functions to analyse or market our offers, which are presented in more detail below. For this purpose, you usually have to provide further personal data or we process such further data that we use to perform the respective services. The aforementioned data processing principles apply to all data processing purposes described here. 

(2) In some cases, we use external service providers to process your data. These are carefully selected by us, are bound by our instructions and are regularly monitored. 

(3) If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this in the description of the offer. 

(4) Use of the blog functions 

In our blog, where we publish various contributions on topics related to our activities, you can make public comments. Your comment will be published with your given username at the post. We recommend that you use a pseudonym instead of your real name. You are required to provide your username and email address, all other information is voluntary. If you post a comment, we will continue to store your IP address, which we will delete after [one week]. The storage is necessary in order to be able to defend ourselves against liability claims in cases of possible publication of illegal content. We need your email address to contact you if a third party objects to your comment as unlawful. The legal basis is Art. 6 para. 1 p. 1 lit. c and f GDPR. Comments are not checked before publication. We reserve the right to delete comments if they are objected to by third parties as unlawful. 

§ 6 Objection to or revocation of the processing of your data 

(1) If you have given your consent to the processing of your data, you may revoke this consent at any time. Such a revocation affects the permissibility of the processing of your personal data after you have expressed it to us. The permissibility of processing your data up to the time of your revocation remains unaffected. 

(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if the processing is not necessary, in particular, for the fulfilment of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data in the way we have done. In the event of your objection, we will review the situation and either discontinue or adjust the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing. 

(3) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. The best way to exercise your advertising objection is to contact us using the contact details provided above. 

§ 7 Processing of data from your terminal devices (“Cookie Policy”) 

(1) In addition to the above-mentioned data, we use technical aids for various functions when you use our website, in particular cookies, which may be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. In the following, we first describe cookies from a technical point of view (2), before we go into more detail about your individual choices by describing technically necessary cookies (3) and cookies that you can voluntarily select or deselect (4). 

(2) Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the entity that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer, but are primarily used to make the website faster and more user-friendly. This website uses the following types of cookies, whose function and legal basis we will explain below: 

 -Transient cookies: such cookies, especially session cookies, are automatically deleted when the browser is closed or by logging out. They contain a so-called session ID. In this way, various requests from your browser can be assigned to the joint session and your computer can be recognised when you return to our website. 

 -Persistent cookies: These are automatically deleted after a predefined period of time, which varies depending on the cookie. You can view the cookies set and the duration at any time in the settings of your browser and delete the cookies manually. 

(3) Mandatory functions that are technically necessary to display the website: The technical structure of the website requires us to use techniques, in particular cookies. Without these techniques, our website cannot be displayed (completely correctly) or the support functions could not be enabled. These are basically transient cookies that are deleted after the end of your website visit, at the latest when you close your browser. You cannot deselect these cookies if you wish to use our website. The individual cookies can be seen in the Consent Manager. The legal basis for this processing is Art. 6 para. 1 p. 1 lit. f GDPR. 

(4) Optional cookies when you give your consent: We set various cookies only after your consent, which you can select on your first visit to our website via the so-called cookie consent tool. The functions are only activated in the event of your consent and may serve in particular to enable us to analyse and improve visits to our website, to make it easier for you to use our website via different browsers or terminal devices, to recognise you when you visit us again or to serve advertising (possibly also in order to tailor advertising to interests, to measure the effectiveness of advertisements or to show interest-oriented advertising). The legal basis for this processing is Art. 6 para. 1 p. 1 lit. a GDPR. You may revoke your consent at any time without affecting the permissibility of the processing until revocation. 

§ 8 Web Analytics 

(1) This website uses Google Analytics, a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The purpose of our use of the tool is to enable analysis of your user interactions on websites and in apps and to use the statistics and reports obtained to improve our offering and make it more interesting for you as a user. 

(2) We collect the interactions between you as a user of the website and our website primarily by means of cookies, device/browser data, IP addresses and website or app activities. Google Analytics also collects your IP addresses in order to ensure the security of the service and to provide us, as the website operator, with information about which country, region or location the respective user comes from (so-called “IP location determination“). For your protection, however, we naturally use the anonymisation function (“IP masking“), i.e. Google truncates the IP addresses by the last octet within the EU/EEA. 

(3) Google acts as an order processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For the USA, the European Commission adopted its adequacy decision on 10 July 2023. Google LLC is certified according to the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.

(4) The legal basis for the collection and further processing of the information (which takes place for a maximum of 14 months) is your consent (Art. 6 para. 1 p. 1 lit. a GDPR). Revocation of your consent is possible at any time without affecting the permissibility of the processing until revocation. In apps, you can reset the advertising ID under the Android or iOS settings. The easiest way to revoke your consent is to use our Consent Manager or to install the Google browser add-on, which can be accessed via the following link: tools.google.com/dlpage/gaoptout?hl=en/. 

(5) For more information on the scope of services provided by Google Analytics, please visit marketingplatform.google.com/about/analytics/terms/en/. Google provides information on data processing when using Google Analytics at the following link: support.google.com/analytics/answer/6004245?hl=en/. General information on data processing, which according to Google should also apply to Google Analytics, can be found in Google’s privacy policy at www.google.de/intl/de/policies/privacy/. 

§ 9 Plugins / Tools 

1 Google Web Fonts 
(1) This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

(2) For this purpose, the browser you use must connect to Google’s servers. This informs Google that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 (1) f GDPR.

(3) If your browser does not support web fonts, a standard font from your computer will be used.

(4) Google acts as an order processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For the USA, the European Commission adopted its adequacy decision on 10 July 2023. Google LLC is certified according to the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.

(5) For further information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the provider’s privacy policy. There you will also receive further information on your rights in this regard and setting options for protecting your privacy: www.google.de/intl/de/policies/privacy.

2 Google reCaptcha 

(1) We use the reCAPTCHA service from Google in the forms for changing the address, communication data and retrieval account. 

The query serves the purpose of distinguishing entries made by a human from automated, machine entries. We base the processing on our legitimate interest (Art. 6 (1) f GDPR) in protecting the website from automated spying, misuse and SPAM. 

For this purpose, your input is transmitted to Google and processed there. The IP address and, if applicable, other data used by Google for the service will be transmitted to Google. 

You can find more information on Google reCaptcha and the data protection declaration at 

https://www.google.com/recaptcha/intro/v3.html or https://www.google.com/privacy. 

(2) Google acts as an order processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For the USA, the European Commission adopted its adequacy decision on 10 July 2023. Google LLC is certified according to the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.

§ 10 Social media 

1. Use of social media plug-ins 
(1) We currently use the following social media plug-ins: Twitter, Xing, Facebook, which are only loaded if you have previously activated the function by giving your consent.2 Via the plug-ins, we offer you the opportunity to interact with the social networks and other users. The legal basis for the use of the plug-ins is Art. 6 para. 1 p. 1 lit. a GDPR, i.e. the integration only takes place after your consent.

(2) The plug-in provider3 stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected from us will be directly assigned to your account with the plug-in provider. If you click the activated button and, for example, link to the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will help you avoid being assigned to your profile with the plug-in provider.

(3) The information collected is stored on servers of the providers, in the case of international providers also outside Europe. For these cases, the provider has, according to its own information, imposed a standard on itself that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws in the international transfer of data. We have also agreed so-called standard data protection clauses with the providers, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.

2. Integration of YouTube videos 

(1) We have integrated YouTube videos into our online offer, which are stored on YouTube.com and can be played directly from our website. [These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transferred. We have no influence on this data transmission]. The legal basis for the display of the videos is Art. 6 para. 1 p. 1 lit. a GDPR, i.e. the integration only takes place after your consent.

(2) By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. In addition, the above-mentioned basic data such as IP address and timestamp are transmitted. This takes place regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.

(3) The information collected is stored on Google servers, including in the USA. For these cases, the provider has, according to its own information, imposed a standard on itself that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws in the international transfer of data. We have also agreed so-called standard data protection clauses with Google, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.

(4) For further information on the purpose and scope of data collection and its processing by YouTube, please refer to the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: www.google.de/intl/de/policies/privacy.

3 Our appearances in social networks 

(1) We have various presences in so-called social media platforms. We operate these presences with the following providers:  

(2) We use the technical platform and services of the providers for these information services. We would like to point out that you use our appearances on social media platforms and their functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). When you visit our websites, the providers of the social media platforms collect, among other things, your IP address and other information that is stored on your terminal device in the form of cookies. This information is used to provide us as the operator of the accounts with statistical information about the interaction with us.

(3) The data collected about you in this context is processed by the platforms and may be transferred to countries outside the European Union, in particular the USA. According to their own statements, all of the aforementioned providers maintain an adequate level of data protection equivalent to that of the former EU-US Privacy Shield and we have concluded the standard data protection clauses with the companies. We are not aware of how the social media platforms use the data from your visit to our account and interaction with our posts for their own purposes, how long this data is stored and whether data is passed on to third parties. The data processing may differ depending on whether you are registered and logged in to the social network or visit the site as a non-registered and/or non-logged-in user. When you access a post or the account, the IP address assigned to your terminal device is transmitted to the provider of the social media platform. If you are currently logged in as a user, a cookie on your end device can be used to track how you have moved around the network. Buttons embedded in websites enable the platforms to record your visits to these website pages and assign them to your respective profile. This data can be used to offer content or advertising tailored to you. If you wish to avoid this, you should log out or deactivate the “stay logged in” function, delete the cookies present on your device and restart your browser.

(4) As the provider of the information service, we also only process the data from your use of our service which you provide to us and which require interaction. For example, if you ask a question that we can only answer by email, we will store your information in accordance with the general principles of our data processing, which we describe in this privacy policy. The legal basis for processing your data on the social media platform is Art. 6 para. 1 p. 1 lit. f GDPR.

(5) To exercise your data subject rights, you can contact both us or the provider of the social media platform. Insofar as one party is not responsible for responding or must receive the information from the other party, we or the provider will then forward your request to the respective partner. Please contact the operator of the social media platform directly for questions about the profiling, processing of your data when using the website. For questions about the processing of your interaction with us on our site, write to the contact details we have provided above.

(6) What information the social media platform receives and how it is used is described by the providers in their data protection statements (see link in the table above). There you will also find information on contact options as well as on the setting options for advertisements. Further information on social networks and how you can protect your data can also be found at www.youngdata.de.

§ 11 Online advertising 
1 Use of Google Ads

(1) We use the Google Ads service to draw attention to our offers with the help of advertisements. If you access our website via a Google ad, Google Ads will store a cookie in your terminal device. The legal basis for the processing of your data is Art. 6 para. 1 p. 1 lit. a GDPR, i.e. the integration only takes place with your consent.

(2) The advertising material is delivered by Google via so-called “ad servers”. For this purpose, we and other websites use so-called ad server cookies, which can be used to measure certain parameters for measuring success, such as the display of ads or clicks by users. The Google Ads cookies stored on our website enable us to obtain information about the success of our advertising campaigns. These cookies are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that a user no longer wishes to be addressed) are usually stored as analysis values for this cookie.

(3) The cookies set by Google enable Google to recognise your internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer will be able to recognise that the user has clicked on the ad and been redirected to that page. A different cookie is assigned to each Ads customer so that the cookies cannot be tracked across the websites of other Ads customers. Through the integration of Google Ads, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

(4) Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We ourselves do not independently collect personal data in the aforementioned advertising measures, but only provide Google with the opportunity to collect the data. We only receive statistical evaluations from Google that provide information about which ads were clicked on how often and at what prices. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information.

(5) You may revoke your consent at any time without affecting the permissibility of the processing until revocation. The easiest way to revoke is via our Consent Manager or via the following functions: a) by setting your browser software accordingly, in particular the suppression of third-party cookies will result in you not receiving any third-party ads; b) by setting your browser to block cookies from the domain “www.googleadservices.com”, www.google. de/settings/ads, deleting this setting when you delete your cookies; c) by disabling the interest-based ads of the providers that are part of the self-regulatory campaign “About Ads” via the link www.aboutads.info/choices, deleting this setting when you delete your cookies; d) by permanently disabling them in your Firefox, Internetexplorer or Google Chrome browsers at the link www.google.com/settings/ads/plugin. Please note that in this case you may not be able to use all the functions of this website to their full extent.

(6) Google acts as an order processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For the USA, the European Commission adopted its adequacy decision on 10 July 2023. Google LLC is certified according to the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider. 

Further information on data protection at Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland, can be found here: www.google.com/intl/de/policies/privacy and services.google.com/sitestats/en.html. 

2 Google Conversion Tracking

(1) We use Google Ads with the additional application “Google Conversion Tracking”. This is a procedure with which we can check the success of our advertising campaigns. For this purpose, the advertisements are provided with a technical provision, e.g. an ID, with which we can determine how a user interacts after clicking on the advertisements and whether one of our services is actually used. This provides us with information in statistical form about the total number of readers of our ads, which ads are particularly popular and, if applicable, further information about consequences from the ad.

(2) The legal basis for the processing of your data is also in this respect Art. 6 para. 1 p. 1 lit. a GDPR, i.e. the integration only takes place after your consent. You can prevent or no longer use the conversion tracking function in the same way as described above for Google Ads.

(3) Google acts as an order processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For the USA, the European Commission adopted its adequacy decision on 10 July 2023. Google LLC is certified according to the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider. 

Further information on data protection at Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland, can be found here: www.google.com/intl/de/policies/privacy and services.google.com/sitestats/en.html. 

3 Google Remarketing

(1) We use Google Ads with the additional application “Google Remarketing”. With this procedure, we can create advertisements based on existing information about you and address you again during your further internet use. This is done by means of cookies set when you visit our offers (usually by cookies), via which your usage behaviour when visiting various websites is recorded by Google and evaluated in pseudonymised form. According to its own statements, Google does not combine the data collected in the course of remarketing with your personal data, which may be stored by Google.

(2) The legal basis for the processing of your data is also Article 6 (1) sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent. You can prevent or no longer use the remarketing function in the same way as described above for Google Ads.

(3) Google acts as an order processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For the USA, the European Commission adopted its adequacy decision on 10 July 2023. Google LLC is certified according to the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider. 

Further information on data protection at Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland, can be found here: www.google.com/intl/de/policies/privacy and services.google.com/sitestats/en.html. 

§ 12 Your rights

(1) You have the following rights vis-à-vis a data controller with regard to personal data concerning you:

– Right to information,

– right to rectification or erasure,

– right to restriction of processing,

– right to object to processing,

– right to data portability.

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

§ 13 Final provisions

(1) We use technical and organisational security measures to protect your data, in particular against accidental or intentional manipulation, loss, destruction or against attack by unauthorised persons. Our security measures are continuously improved in line with technological developments.

(2) We will update the data protection declaration from time to time due to the technical progress of our offers. Insofar as the change to the data protection declaration does not affect the use of existing data, the new data protection declaration will apply from the date of its update on our website. A change to the data protection declaration that relates to the use of data already collected will only be made if it is reasonable for you. In such a case, we will notify you in good time by e-mail, on our websites, in our application or in another form. You have the right to object to the validity of the new data protection declaration within four weeks of receipt of the notification. In the event of an objection, we reserve the right to terminate the contractual relationship. If no objection is made within the aforementioned period, you will be deemed to have accepted the amended data protection statement. We will inform you of your right of objection and the significance of the objection period in the notification.