Privacy Policy

We attach great importance to the transparent handling of personal data. This privacy policy provides information about what personal data we collect, for what purpose, and to whom we disclose it. To ensure a high level of transparency, this privacy policy is regularly reviewed and updated.

1. Contact Information

For questions or concerns regarding the protection of your data by us, you can reach us at any time by email at datenschutz@the-check.ch. Responsible for the data processing carried out via this website is:

PROMS-CAM
c/o Swiss Osteopathic Association
Uferweg 15
3013 Bern
Switzerland

The software behind “The Check” is powered by Qualitouch.

2. Processing of Personal Data

2.1. Definitions

Personal data refers to all information relating to an identified or identifiable person. A data subject is a person whose personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the retention, disclosure, acquisition, collection, deletion, storage, modification, destruction, and use of personal data.

2.2. Legal Basis

We process personal data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (FADP-O).

2.3. Type, Scope, and Purpose

We process the personal data necessary to provide our online offering in a permanent, user-friendly, secure, and reliable manner. Such personal data may fall into the categories of inventory and contact data, content data, browser and device data, usage data and metadata, as well as contract data and payment data.

We generally process personal data only with the consent of the data subject, unless the processing is permissible for other legal reasons, for example, to fulfill a contract with the data subject and for corresponding pre-contractual measures, to protect our overriding legitimate interests, because the processing is evident from the circumstances, or after prior information.

In this context, we process, in particular, information that a data subject voluntarily and personally transmits to us when contacting us – for example, via postal mail, email, contact form, social media, or telephone – or when registering for a user account. We may store such information, for example, in an address book, a Customer Relationship Management system (CRM system), or with comparable tools.

We may have personal data processed by third parties. We may process personal data jointly with third parties or transmit it to third parties. Such third parties are, in particular, specialized providers whose services we use.

Furthermore, we process personal data that we receive from third parties, obtain from publicly accessible sources, or collect when providing our online offering, provided and to the extent that such processing is permissible for legal reasons.

2.4. Storage and Retention

We process personal data for the duration legally required for the respective purpose or purposes. Personal data whose processing is no longer required will be anonymized or deleted.

Data that we store during your visit to our website is retained for twelve months. An exception applies to analytics and tracking data, which may be retained longer.

We store contract data longer, as we are legally obliged to do so by regulations. In particular, we must retain business communications, concluded contracts, and booking documents for up to 10 years. Insofar as we no longer require such data from you for the provision of services, the data will be blocked, and we will only use it for accounting and tax purposes.

3. Collection of Data During Website Visits

When you access our website, information is automatically collected by the hosting provider’s IT system. This information is stored in so-called server log files and includes:

  • IP address
  • Date and time of access
  • Browser used, operating system, referrer URL
  • Location data (via IP)
  • Server log files

This data cannot be assigned to any specific person, and no merging of this data with other data sources takes place. Log files are stored to guarantee the functionality of the website and to ensure the security of our information technology systems. This constitutes our legitimate interest.

4. Disclosure to Third Parties

4.1. Third-Party Services

Under certain circumstances, we may rely on the services of third parties or affiliated companies and commission them with the processing of your data (so-called processors). Categories of recipients include:

  • Manufacturer of the software used
  • Accounting, fiduciary, and auditing firms;
  • Consulting firms (legal advice, taxes, etc.);
  • IT service providers (web hosting, support, cloud services, website design, etc.);
  • Payment service providers;
  • Providers of tracking, conversion, and advertising services.

We ensure that these third parties and our affiliated companies comply with data protection requirements and treat your personal data confidentially.

Under special circumstances, we are obligated to disclose your personal data to authorities.

4.2. Generally No Transfer Abroad

Under certain circumstances, in the course of order processing by third parties, your personal data may be transferred to companies abroad. These companies are obligated to data protection to the same extent as we are. The transfer can take place worldwide.

If the level of data protection does not correspond to that in Switzerland, we conduct a prior risk assessment and contractually ensure that the same protection as in Switzerland is guaranteed (e.g., by means of the new standard contractual clauses of the EU Commission or other legally prescribed measures). Should our risk assessment be negative, we will take additional technical measures to protect your data. You can access the standard contractual clauses of the EU Commission at the following link: https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de

4.3. Visiting our Social Media Channels

We have embedded links to our social media channels on our website. This is visible to you (typically via corresponding icons). If you click on the icons, you will be redirected to our social media channels.

In this case, the social media providers will know that you are accessing their platform from our website. The social media providers may use the data collected in this way for their own purposes. Please note that we do not receive any information about the content of the transmitted data or its use by the operators.

5. Web Analytics and Tracking

5.1. Google Analytics

Google Analytics is a web analytics service provided by Google Ireland Limited (“Google”). Google uses the collected data to track and examine how this application is used, to compile reports on its activities, and to share them with other Google services.

Google may use the collected data to contextualize and personalize the ads of its own advertising network. In Google Analytics, IP addresses are used at the time of collection and then deleted before the data is stored in a data center or on a server. Users can learn more by consulting Google’s official documentation.

Further information on Google’s use of data can be found in Google’s Partner Policy.

5.2. Google Tag Manager

Google Tag Manager is a solution that allows us to manage so-called website tags via an interface and thus integrate, for example, Google Analytics and other Google marketing services into our online offering. The Tag Manager itself, which implements the tags, does not process any personal data of users. With regard to the processing of users’ personal data, reference is made to the following information on Google services.

Usage Policies: https://www.google.com/intl/de/tagmanager/use-policy.html.

5.3. Facebook Pixel / Meta Tools

On our website, we may use the Meta Pixel (formerly Facebook Pixel) from Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Meta”).

This allows us to track user behavior after they have been redirected to our website by clicking on a Facebook or Instagram ad. This helps us analyze and optimize the effectiveness of our advertising (“Conversion Tracking”).

The data collected by the pixel is anonymous to us and does not allow any conclusions about the identity of the users. However, the data is stored and processed by Meta, so that a connection to the respective user profile is possible for Meta. Meta can use this information in accordance with its own data usage policy.

Further information on data processing by Meta can be found here: https://www.facebook.com/privacy/policy

5.4. A/B Testing Tools

To continuously improve the user-friendliness and performance of our website, we may use so-called A/B testing tools. Different versions of individual page content are specifically displayed to different users. This allows us to analyze which version performs better and optimize the user experience accordingly.

For example, the following data may be collected:

  • Usage behavior (e.g., clicks, dwell time, scroll depth)
  • Browser and device type
  • IP address in truncated/anonymized form
  • Time and duration of visit

5.5. Hotjar

This website may use Hotjar, an analytics tool from Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian’s STJ 3141, Malta.

Hotjar allows for the analysis of website visitors’ behavior (e.g., clicks, mouse movements, scrolling behavior). This information helps improve the website’s user-friendliness.

Further information can be found in Hotjar’s privacy policy at: https://www.hotjar.com/legal/policies/privacy/

5.6. Microsoft Clarity

On this website, we may use Microsoft Clarity, a web analytics tool from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Clarity helps us understand user behavior on our website (e.g., mouse movements, clicks, scrolling behavior) and improve user-friendliness.

Clarity processes data partly in the USA. In some circumstances, personal data may be transferred to a third country. Clarity uses cookies and similar technologies.

Further information can be found in Microsoft’s privacy policy at:

https://privacy.microsoft.com/de-de/privacystatement

6. Communications and Notifications

For sending emails such as newsletters, communications, or information, we may use the Mailchimp service, an offering from Intuit Inc., 2700 Coast Avenue, Mountain View, CA 94043, USA.

Email addresses and possibly other voluntarily provided data (e.g., name, language, organization) are stored and processed on Mailchimp’s servers in the USA. Mailchimp uses this information exclusively for sending and evaluating emails on our behalf.

Mailchimp offers statistical evaluations of open and click rates. These evaluations help us make content more relevant; however, they are performed in pseudonymized form.

Further information on data protection at Mailchimp can be found here: https://www.intuit.com/privacy/statement/

7. Plugins and Embedded Content

Our website may use plugins and embedded content from third-party providers (e.g., maps, videos, fonts, analytics tools, or social media buttons). In this process, content from these providers may be loaded directly from their servers. In this context, your IP address and possibly other technical information (e.g., browser used, operating system, language settings, timestamp) are transmitted to the third-party providers.

We ensure that third-party providers operate their services in compliance with data protection regulations. Nevertheless, we point out that the use of these plugins may result in data processing in third countries (e.g., USA) where a level of data protection equivalent to Swiss or EU law does not exist.

Examples of embedded third-party content include:

  • Maps from Google Maps
  • Videos from YouTube or Vimeo
  • Analytics and optimization services such as Hotjar, Meta Pixel, or Google Analytics
  • Social media plugins from Facebook, LinkedIn, Instagram, etc.

If you do not wish for your data to be transmitted to third-party providers, please do not load corresponding content or disable non-essential cookies and content via your cookie settings.

8. Data Security

We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. With our measures, we ensure, in particular, the confidentiality, availability, traceability, and integrity of the processed personal data, without, however, being able to guarantee absolute data security.

Access to our website and our other online presence is via transport encryption (SSL/TLS, in particular with the Hypertext Transfer Protocol Secure, abbreviated HTTPS).

9. Rights of Data Subjects

9.1. Right of Access

You can request information about the data we store about you at any time. We ask you to send your request for information along with proof of identity to datenschutz@the-check.ch.

You also have the right to receive your data in a common file format if we process your data automatically, and if:

  • You have given your consent for the processing of this data; or
  • You have disclosed data in connection with the conclusion or performance of a contract.

We may restrict or refuse access to or disclosure of data if this conflicts with our legal obligations, legitimate own or public interests, or the interests of a third party.

The processing of your request is subject to the statutory processing period of 30 days. However, we may extend this period due to high request volume, legal or technical reasons, or because we require further information from you. You will be informed of the extension of the period in good time, at least in text form.

9.2. Deletion and Rectification

You have the option to request the erasure or rectification of your data at any time. We may reject the request if legal regulations oblige us to retain the data for a longer period or unchanged, or if a permissible circumstance conflicts with your request.

Please note that the exercise of your rights may, under certain circumstances, conflict with contractual agreements and may have corresponding effects on the performance of the contract (e.g., premature termination of contract or cost implications).

9.3. Legal Recourse

If you are affected by the processing of personal data, you have the right to enforce your rights in court or to file a complaint with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch

9.4. Right to object

You have the right to object to the processing of your personal data at any time. It should be noted that the revocation only takes effect for the future. Processing that occurred before the revocation is not affected by it.

10. Final Provisions

We may amend this Privacy Policy at any time without prior notice. The current version published on our website applies. You will not be informed separately.

Should any provision of this Privacy Policy be invalid, this shall not affect the validity of the remaining provisions. Invalid provisions shall be replaced by provisions that come closest to the intended meaning of the invalid provision.