§ 1 Introduction

The protection of your privacy is of utmost importance to us. Compliance with the legal provisions of data protection is a standard for us. We guarantee that all data collected will be treated in accordance with the applicable data protection regulations.

§ 2 Security and privacy

We store all personal data (e.g. surname, first name, e-mail, mobile phone number, etc.) exclusively on servers in Switzerland. When handling your personal data, we take appropriate technical and organizational measures to protect your data from unauthorized or illegal access.

§ 3 Collection of independently provided data

Collection of user data

We collect personal data provided by a user, whether it is in the context of registration, booking an appointment, actively contacting Medicosearch AG (e.g. by e-mail), entering an evaluation and/or comment on our website, booking an appointment on behalf of a third party or using MedicoVideo.

Data requiring special protection

We explicitly inform that data provided independently may include data that is requiring special protection. This includes, in particular, information on the state of health and the disclosure of the doctor-patient relationship in general.

Collection of additional data in the context of the use of MedicoVideo

In addition to the information listed above, we collect credit card information and the users mobile phone number when using MedicoVideo.

§ 4 Collection of data from medical service providers

Medicosearch.ch contains a register of medical service providers in Switzerland with their address, registered domicile and specialisation. The information contained in it was collected from publicly accessible sources. At the express request of the medical service provider, the company logo and photos are also published.

In the context of the use of Medicosearch.ch by users we collect personal data of the medical service providers listed in the directory, in particular the reviews and feedbacks given by the users. Furthermore, we collect personal data of medical service providers who are registered on the website (see § 3).

§ 5 Duration of data storage

We always delete all data, especially the doctor-patient relationship and all appointment booking data, 30 days after the appointment has taken place irrevocably.

The users login data as well as the data contained in the register of medical service providers in Switzerland will only be deleted when the user or the medical service provider exercises the right of cancellation and revocation according to § 8.

§ 6 Legal basis of the data collection

By registering and accepting these privacy policy, a user expressly authorizes Medicosearch AG to process the data according to § 3 for the purposes listed below. The legal basis for the collection and processing of the data is the explicit consent of the user.

A person who has an appointment booking made on behalf of a third party by Medicosearch AG is obliged to obtain the express consent of the person concerned to be allowed to process the data according to § 3 for the purposes below.

The register of medical service providers is a free service of Medicosearch AG in the interest of the public. Every medical service provider has the possibility to request his removal from the register and/or the non-publication of the assessments and comments concerning him according to § 8.

§ 7 Purpose of data collection

Administration of the online appointment service

For the purpose of managing our online appointment service we intend:
  • to delete all booking data, especially the doctor-patient relationship, irrevocably 30 days after the appointment has taken place.
  • to transmit information which is exclusively given within the scope of the online appointment arrangement, in particular also information about the treatment as well as the doctor-patient relationship in principle, to the corresponding medical service provider. These data are expressly excluded from any evaluation and publication. This booking information contains sensitive data of the patient.
  • to contact the user by e-mail, letter or telephone if the information in his profile or regarding his booking is unclear, or to enable the medical service provider to do so.
  • to send the registered user, in case of a successful booking, a booking confirmation by mail, which contains information about his booking. This booking information contains sensitive data of the patient.
  • to display information of appointments booked directly with a medical service provider so that the user could manage it in his user account in case of having already made an appointment online with the same medical service provider.
Creation of a satisfaction index of the medical service providers considered in the register

For the purpose of establishing a satisfaction index of the medical service providers considered in the register, we intend:
  • to publish the feedbacks and comments submitted by users (including the information on the reason for treatment provided in the feedback or comment) except in cases where the comment is obviously not credible. Although these publications are made anonymous with regard to the user, the medical service providers are clearly identified.
  • to contact the user by e-mail, letter or telephone if there are any questions regarding his feedback or comments.
  • that the medical service provider evaluated by the user can view the published anonymous feedback. Please note that the medical service provider may be able to deduce the identity of the user due to the (personal) doctor-patient relationship on which the feedback or comment is based.
  • that the medical service provider is entitled to comment on the feedback of the user, although this comment may not include anything that would facilitate identification of the user by third parties.
Provision and implementation of MedicoVideo

For the purpose of providing and executing MedicoVideo, Medicosearch AG intends in addition to "Administration of the online appointment service":
  • to record the personal mobile telephone number of the person making the booking during the booking process. An SMS will be sent to the specified phone number immediately before each MedicoVideo to ensure that the booking partys device is ready for MedicoVideo. If MedicoVideo does not work, the person making the booking will be called on the mobile phone number provided as an alternative.
  • to determine and store the users device type.
  • to collect the credit card information as well as the personal data necessary for the payment (e.g.: name, first name, address, etc.) This data is sent to the credit card issuer (please note their privacy policy) of the payer and to the credit card acquirer (Stripe, 510 Townsend Street, San Francisco, CA 94103, USA; data protection: https://stripe.com/de-ch/privacy) via a secure SSL connection, in particular for the purpose of processing payment, preventing card misuse and in the event of a legal obligation. For these purposes the third party may in turn forward the data to another third party. The payment information (except credit card information) may be stored by Medicosearch AG or third parties in order to comply with the legal obligation of document archiving.
  • to run the MedicoVideo via the software of twilio (Twilio Inc. 375 Beale Street, Suite 300 San Francisco, CA 94105). The MedicoVideo is always carried out via a secure peer-to-peer connection. If a peer-to-peer connection is not possible, a connection will still be established using a TURN (Traversal Using Relay NAT) media relay point.
  • to send a mail to the user after a MedicoVideo with a link, where the user receives a detailed invoice via his user account.
Apart from the data listed above, we do not store any other data in connection with a MedicoVideo. In particular, it should be noted that no conversations, messages or similar between doctor and patient are recorded or stored.

§ 8 Right of information, withdrawal and cancellation

General

Any person may request access to all personal data relating to him/her free of charge at datenschutz@medicosearch.ch after sufficient identification.

Medical Service Provider

Any medical service provider listed in the register may at any time request its deletion and object to the use of its personal data by us. In this case we will delete all personal data, unless we are subject to a legal obligation to the contrary. In addition, the medical service provider may at any time request not to publish any feedbacks and comments concerning him. This is to be communicated via datenschutz@medicosearch.ch.

User

The user can delete his account, 30 days after the last appointment, in his account under user information. In doing so, he revokes his express consent in connection with the collection and processing of data in accordance with this privacy policy, whereby the revocation cannot be asserted retroactively. In this case we will delete all personal data, unless we are subject to a different legal obligation.

§ 9 Disclosure of data to third parties

We do not pass on any data to third parties except within the scope of the permission granted by the user with the acceptance of this document or in cases provided by law.

We reserve the right to pass on your personal data in accordance with § 3 and § 4 exclusively to third parties within and outside Switzerland who are contractually obliged to us to comply with the same data protection standards to which we are committed. In particular, these third parties are obliged to use data only for the purposes set out in § 7 or other legally permissible purposes, such as technical support in particular, and not to disclose data to other third parties unless we permit this or it is required by law.

§ 10 Automated data storage, cookies and analysis tools

When you visit our website, our web servers automatically save the name of your Internet provider, your IP address, the website from which you are logging in, which pages you call up on our website, and the date, time and duration of your visit.

We also use session cookies. Cookies are small data records, as they are currently used by thousands of websites. The cookies do not contain any personalized information, but only code numbers that are meaningless outside our website. In addition, we use Google Analytics to analyse the usage behaviour of our website. Google Analytics also uses so-called "cookies". The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

These tools are used to ensure the security of our website and systems. In addition, this data is used to record the usage behaviour of users in order to improve our services and to carry out statistical evaluations. This enables us to tailor the content of our websites to the specific needs of our visitors. These uses are completely anonymous. We do not disclose this information to third parties unless required by the relevant authorities. We reserve the right to identify users (in particular by comparing the IP address with the information collected as part of the procedures explained in § 3 and § 4), but only in the event of justified suspicion of misuse of the website and/or serious breach of the General Terms and Conditions.

Of course you can also use our websites without cookies. You can refuse to accept cookies by changing the settings on your browser to disable the cookie storage option or to instruct the browser (usually under "Internet Options" or "Settings") to inform you each time a website wants to install a cookie. If you wish, you can also prevent the functionality of Google Analytics by downloading and installing the browser plugin available at the following link: "http://tools.google.com/dlpage/gaoptout?hl=de". Please note that if you deactivate cookies or Google Analytics, the functions of our website may not be fully available to you.

§ 11 Changes of this privacy policy

We reserve the right to revise, amend or otherwise supplement this Privacy Policy at any time. We will inform you of any changes, additions or revisions to our privacy policy with a corresponding message the next time you log in.

§ 12 Responsible

Medicosearch AG
Gerberngasse 27 – 31
3011 Bern
+41 31 312 11 00
datenschutz@medicosearch.ch

§ 13 Right of appeal to supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority if you consider that the processing of personal data concerning you is in breach of applicable data protection laws.

Federal Data Protection and Information Commissioner
Feldeggweg 1
CH - 3003 Bern
+41 (0)58 462 43 95