Data Protection Statement
In this data protection statement, we would like to give you information about processing personal data with regard to our engadin-psychiatrie.ch-Website or our online services.
There may be other special, supplementary or further data protection statements or other legal documents such as general terms and conditions (T’s & C’s), conditions of use or conditions of participation for individual or other offers and services – including medical offers and services.
1. Contact addresses
Responsibility for online offers
Praxis für Psychiatrie und Psychotherapie Dr. med. Nadia Frey
Via Chavallera 6
7500 St. Moritz
Telephone +41 79 525 659 0
Telefax +41 81 833 916 0
praxis.nadiafrey@hin.ch
2. Processing personal data
2.1 Definitions
Personal data is all information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means and process used, in particular, storage, notification, acquisition, collection, deletion, saving, amending, destruction and use of personal data.
2.2 Legal basis
We process personal data in accordance with Swiss data protection legislation such as, in particular, the Federal Data Protection Act (DSG) and the Directive on the Federal Data Protection Act(VDSG).
2.3 Nature, scope and purpose
We process all personal data which is needed to allow us to deliver our online offering in a long-term, user-friendly manner, which is secure and reliable. This kind of personal data may be in the categories of master and contact data, content data, usage data and peripheral data, as well as contractual data and payment data.
We process personal data for the period required for the purposes in question, or that which is legally required. Personal data, which is no longer required for processing, is anonymised or deleted.
Fundamentally, we only process personal data with the consent of the data subject, unless processing is permitted on other legal grounds, for example to fulfil a contract with the data subject and for corresponding pre-contractual measures, to preserve our overwhelming entitled interests, because the processing is obvious based on circumstances or after prior information.
Within this framework, we process, in particular, information which the data subject sends to us, themselves and voluntary, when making contact – for example by post, email, contact form, social media or telephone – or when registering for a user account. We can save this data, for example in an address book or comparable auxiliary tools. Where you send us the personal data of a third party, you are obliged to guarantee protection of the latter’s data, and ensure this personal data is correct.
In addition, we process personal data which we receive from third parties, collect during provision of our online offering, or acquire from publicly accessible sources, where and in as far as this processing is permissible for legal reasons.
Personal data for applications will only be processed where it relates to suitability for an employment relationship, or required for subsequent implementation of an employment contract. Personal data required for the application is derived from the information requested or given, for example as part of the job description. Applicants are able to provide other information voluntarily for the application in question.
2.4 Processing personal data by third parties, including abroad.
We can have personal data processed by third parties, including contract processors, or process it jointly with third parties, with help from third parties, or transfer it to third parties. These third parties include in particular suppliers and other service providers.
These third parties are located mainly in Switzerland and the European Union (EU) or the European Economic Area (EEA). These third parties may also be in other countries on earth or elsewhere in the universe, where their data protection legislation offers appropriate protection in the estimation of the Swiss Data Protection and Public Information Commissioner (EDÖB), or for other reasons, such as the existence of a corresponding contractual agreement, in particular, based on standard contractual clauses, or corresponding certification. With regard to third parties in the United States of America (USA), certification in accordance with the Privacy Shield can guarantee appropriate data protection. As an exception, such a third party can be located in a country without appropriate data protection, where the legal data protection conditions, such as explicit consent from the data subject, are met.
3. Rights of data subjects
Data subjects, whose personal data we process, have rights in accordance with Swiss data protection legislation. This includes the right to information, as well as the right to correction, deletion or blocking of the personal data processed.
Data subjects whose personal data we process, have the right to lodge a complaint with the relevant supervisory authority. The supervisory body for data protection in Switzerland is the Swiss Data Protection and Public Information Commissioner (EDÖB).
4. Data Security
We take appropriate, suitable, technical and organisation measures to guarantee data protection and, in particular, data security. However, despite these measures, processing personal data on the internet is always subject to gaps in security. Therefore, we are not able to guarantee absolute data security.
Our online offering is accessed using transport encryption (SSL / TLS with HTTPS).
As with all internet use, access to our online offering is subject to mass monitoring, unfounded and without suspicion, as well as other monitoring by security authorities in Switzerland, the European Union (EU), in the United States of America (USA) and in other countries. We have no direct influence over corresponding processing of personal data by secret services, police authorities and other security services.
5. Use of the website
We use cookies for our website. Cookies, including those from third parties whose services we use (third-party cookies) are data, often in the form of text files, which are saved in your browser. Cookies cannot run programs or transfer damaging software such as trojans and viruses.
When you visit our website, cookies can be saved in your browser, either as temporary “session cookies” or for a certain period as “permanent cookies”. “Session cookies” are automatically deleted when you close your browser. Permanent cookies, in particular, allow us to recognise your browser on your next visit, and allow us, for example, to measure the reach of our website. Permanent cookies can also be used for online marketing, for example.
You can completely or partially deactivate and delete cookies in your browser settings at any time. However, without cookies, our online service may not be available to its full extent. Where required, we ask for your consent to use cookies.
5.2 Log files
We can record the following information for each access to our website, where this is transferred by your browser to our server infrastructure, or where it can be determined by our webserver. Date and time including time zone, internet protocol (IP address), access status (HTTP status code), operating system including user interface and version, browser including language and version, individual pages opened and data volume transferred, last web page opened (referrer).
We save this information, which may also include personal data, in log files. The information is needed to run our online offering in the long-term in a user-friendly and reliable manner, and to allow us to guarantee data security and thus protect your personal data – including using third parties, or with the help of third parties.
5.3 Tracking pixels
We can use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels – including those from third parties whose services we use – are small images which can be opened during a visit to our website. Tracking pixels can record the same information as in server log files.
6. Services provided by third parties
We may use third-party services to deliver our online offering in a permanent, user-friendly, secure and reliable manner. These services also help us to embed content in our online offering. These service – in particular the American hosting service Squarespace (data protection statement) – need your internet protocol (IP address), as these services can otherwise not transfer the corresponding content. These services may also be located outside Switzerland and the European Union (EU) or the European Economic Area (EEA), where appropriate data protection is guaranteed.
For their own security-related, statistical, technical purposes, third-party services may also process data in connection with our online offering as well as other sources in an aggregated, anonymised or pseudonymised form, including with cookies, log files and tracking pixels. This data is not used to directly reach a data object in connection with our online offering.
6.1 Maps
We use Google Maps to allow us to embed maps in our website. This also involves use of cookies. Google Maps is a service from the American company Google LLC. Other information relating to the type, scope and purpose of data processing can be found in the principles for data protection and security, as well as the Google data protection declaration, in the guidelines on data protection in Google products (including Google Maps) and in the information about cookies at Google. In addition, it is possible to raise
an objection to personalised advertising.
6.2 Fonts
We use Google Fonts to allow us to embed selected fonts in our website. This does not involve use of cookies. This is a service from the American company Google LLC, which is provided independently of other Google services. Other information relating to the nature, scope and purpose of data processing can be found in the principles for data protection and security, as well as the Google data protection declaration.
7. Final provisions
We can amend and add to this data protection declaration at any time. We will provide information about any such amendments and additions in an appropriate form, in particular by publishing the current data protection declaration on our website.