Data Protection Statement

1. Introduction

In this document, we inform you in particular about the entity which is responsible for the processing of your Data, about the Data that we collect within the framework of the consultation of our Internet sites and the use of our services, about the purposes for which we process this Data as well as on the entities to which we transmit your Data, if applicable. We also inform you about the duration of the processing of your Data, the legal basis for this processing (insofar as such a basis should prove necessary) as well as the rights that you can assert against us if acting on the processing of your Data. This Data Protection Statement applies to all your Data that we already know about or that will be provided to us in the future. Please note that we may adapt this Data Protection Statement at any time. The current version published on our website is authoritative.

Personal data is all information relating to an identified or identifiable person (hereinafter “Personal Data”). This includes, in particular, information such as name, address, telephone number, e-mail address and, where applicable, IP addresses as well as device IDs. The generic term "Data" within the meaning of this Data Protection Statement includes Personal Data as well as anonymized data or data that is not personal. The term "processing", on the other hand, refers to any processing of Data, in particular the collection, recording, use, transformation, dissemination, storage or deletion of Data, regardless of the means or process used (hereinafter the “Processing”).

Before providing us with the Personal Data of others, please ensure that they are aware of this Data Protection Statement, and provide us with their Personal Data only if the data protection legislation data in force authorizes you to do so.

2. Name and address of the controller

Responsible for Data Processing in accordance with this Data Protection Statement is:

Company name: Swiss Alps Clinic Sàrl

Address: Rue de Lausanne 25, 1950 Sion

Telephone: + 41 (0)27 322 82 22

Email: christian.zuber@hin.ch

3. Categories of data processed

When you visit our website, use our services and contact us, we collect certain Data. In principle, we collect this Data directly from you. May be part of the Personal Data that we process:

• Data that is obtained or disclosed while visiting our website or using our services; This includes, in particular, IP and MAC addresses or the ID of the device used, cookies, the Internet pages you have visited and the search terms you have entered, entries in dialog boxes, ratings, date, time and duration of visits, clicks, referrers/exit URLs, information relating to the date and time of use, type of browser and device, system of operation as well as to the Internet service provider, or the amount of data transferred; Data exchanged in the context of or in connection with contacting us, for example communication by post, telephone, e-mail, contact form, etc. (in particular name, contact details, gender, marital status, date of birth, professional title, photo, employees, language, payment information); the Data that is communicated when subscribing to a newsletter or downloading files (p . ex. software) (in particular e-mail address and name); the Data communicated within the framework of the establishment of a customer account for online purchases and in connection with the orders made (in particular user name , password, chosen method of payment and delivery address); Data in connection with offers and concluded contracts (date of contract, type of contract, content of contract, contract product, parties to contract, duration of contract, contract value, contract changes, payment details, contact details, contact persons, billing and correspondence addresses, customer feedback, cancellations, disputes, etc.); the Data communicated as part of the comments function (in particular e-mail address, user name you have chosen, if you do not post anonymously, as well as your IP address); the Data that you communicate in the context of a possible participation in contests or surveys, or other similar operations.

The aforementioned Data is not always Personal Data. As a general rule, unless registered (e.g. for a newsletter or an online store), we are not able to assign the Data generated during the use of our services to a specific person. However, in individual cases, such a connection may be possible if this Data is combined with other Data.

We draw your attention to the fact that the information provided when using the contact form or the comment function may include Sensitive Data (such as data relating to health) and that you have voluntarily provided it. our disposal.

4. Purposes of processing

To the extent permitted by law, we will process Personal Data in particular for the following purposes:

• preparation, conclusion, execution and processing of contracts; offer, development and improvement of our offers, development of new services, operation, maintenance, optimization and guarantee of the security of our services and our infrastructures; management of users of our services, controls identity, connections and other authentications; maintenance, management and development of our customer relations, communication with customers and third parties, promotions, advertising and marketing, offer of personalized services and relevant content; quality control, establishment of statistics; compliance with legal or regulatory obligations and internal rules, application of the law, civil, criminal or administrative procedures, complaints, fight against abuse, investigations and response to requests from authorities or official services.

5. Legal basis

To the extent a legal ground is required by applicable data protection legislation, we use Personal Data for the above purposes relying on the following legal grounds:

• performance of a contract; compliance with legal obligations; consent obtained by localsearch or by a third party; legitimate interests of localsearch or third parties, in particular the offer and provision of services; advertising and marketing; maintenance of relations and communication with users; users, identity checks, logins; compliance with legal or regulatory obligations, law enforcement, civil, criminal or administrative proceedings, complaints, investigations and response to requests from authorities.

6. Publication and transmission of data

We may publish and transmit Data under the following provisions

Data processors

We are entitled to mandate third parties to provide certain services (IT services, operation of applications, management, sending, etc.) or to process and save the Data (hereinafter the "Data Processors") . Data Processors may have access to Personal Data and process it within the framework of the mandate entrusted to them by us. We contractually oblige Data Processors to comply with data protection legislation and to process Data in the same way as we do. Data Processors who may receive Personal Data may be located in any country, including Switzerland, Germany, Israel and the United States.

contractual partners

We may transmit Data to our contractual partners (distribution partners, service providers, financial institutions, etc.). This takes place, for example, to fulfill contractual obligations, to offer certain services, for collection and marketing purposes, to analyze the use and operation of our services, systems and infrastructure and for payment processing. Acquirers or parties interested in acquiring business units, companies or parts of companies are also potential recipients. Contractual partners may have access to Personal Data and process it for their own purposes (for example, to perform their contracts or fulfill their legal obligations). In this context, they too are required to comply with the applicable data protection legislation. The contractual partners likely to receive Personal Data may be established in any country, in particular in Switzerland, in the countries of the EU or the EEA as well as in the United States.

Transmission to the authorities

In certain situations, we may communicate Data to authorities, official services and other third parties. We make such a communication when the authorities or official services ask us to do so or when we believe we are required to do so.

7. Shelf life

We retain Personal Data for as long as necessary to fulfill the purpose for which we collected it. Certain Personal Data is also subject to legal retention obligations of ten years or more, which we comply with. We may also retain Personal Data for at least the applicable limitation periods, which in many cases are five or ten years. However, as a rule, we delete earlier, i.e. as soon as their Processing is no longer of interest to us, the Personal Data that is generated in the context of the use of our services (protocols, logs (“logs”) ), analyses, etc.) and which are not subject to such storage or limitation periods. Anonymized Data may be retained for longer. Subject to any express contractual agreement, we are not required to retain the Data for a specific period.

8. Data Security

We use appropriate organizational and technical security measures to protect your Data against accidental or intentional manipulation, against loss or total or partial destruction or against unauthorized access by third parties. Our security measures are continuously improved according to technological developments.

9. Your rights (data subject rights)

Any person concerned has a right of access to the Personal Data concerning him. He also has the right to demand that we rectify or erase Personal Data concerning him or that we restrict the Processing and use thereof, and may also object to such Processing of Personal Data. As a general rule, the data subject must nevertheless be able to clearly prove his identity in order to be able to exercise these rights. If the data subject has consented to the Processing of Personal Data, he or she may revoke his consent at any time. In certain cases, the data subject has the right to receive the Data generated during the use of online services in a structured, commonly used and machine-readable format that allows the continued use of this Data and its transmission. Inquiries relating to these rights should be directed to the above address. We reserve the right to limit the rights of the data subject to the extent permitted by law and, for example, not to provide complete information or not to delete Data. In addition, we draw your attention to the fact that, if your Personal Data is erased, services or parts of services may no longer be available or usable.

[A paragraph should be inserted if you make automated individual decisions (decisions based exclusively on automated processing).]

Any data subject has the right to lodge a complaint with the competent data protection authority. If the Data Controller is located in Switzerland, it will be the Federal Data Protection and Transparency Commissioner. In the case of a Controller located in the Principality of Liechtenstein, this is the data protection service of Liechtenstein.

10. Cookies, web analytics and tracking tools

We use a variety of common technologies to collect, store and analyze Data when you visit our website and use our services.

In particular, we use cookies, which identify your browser or device. A cookie is a small file that is sent to your computer or saved automatically on your computer or mobile device by the browser you are using. When you access a service again, it may recognize your browser or device using cookies. Cookies can store various information, such as user preferences. We use session cookies. They are necessary for the execution of the essential functions of the services and will be automatically deleted after a use of our services. We also use temporary and permanent cookies which remain stored on your computer or mobile device for longer. The information collected by means of cookies enables us to improve our website and our services according to customer wishes and to provide you with tailor-made offers.

However, you have the option of blocking the use of cookies or deleting them in your browser settings. Please note, however, that if you block cookies, you may not be able to use the full functionality of a service. Likewise, if you delete cookies, any opt-out cookies that you have saved yourself will also be deleted. You will then have to reactivate these opt-out cookies the next time you use the service concerned. Otherwise, you will be identified as a new user and will have to re-enter your Data.

In addition to cookies, we use web analytics and tracking tools to measure and evaluate the use of our website and services, to personalize services, and to display tailored offers and advertising. Data Processing carried out using such tools, generally made available by third parties, is subject to the terms of use and data protection of these third parties.