Welcome to our website.
We will always process your personal data in accordance with the relevant regulations governing medical ethics and our patient confidentiality obligations.
1. GENERAL PRINCIPLES
1.1. Our website at www.la-tour.ch: (i) provides users with information about the services offered by our organisation, and (ii) provides users with a mechanism to contact us (contact form).
2. THE PERSONAL DATA WE COLLECT
2.2. We may also collect personal data about you when you complete the contact form on our website or when you subscribe to our newsletter. In these cases, we collect any personal data that you provide, including medical data.
3. STORAGE AND ACCESS TO YOUR PERSONAL DATA
3.1. Any personal data collected through our website is stored on servers leased from OFAC, the professional cooperative for Swiss pharmacists. These servers are located in the Swiss canton of Geneva. A backup copy is also stored in a secure centre in German-speaking Switzerland. This personal data is stored separately from other data that is collected as well as from other data stored with OFAC (logical separation).
3.2. Access to personal data collected through our website is limited to the staff who are responsible for your file and to any qualified individual within the Hôpital de La Tour as set out in the Group’s access management rules.
4. HOW WE USE YOUR PERSONAL DATA
A. Services we offer
4.1. We use your personal data primarily to authorise your access to our website and make its features available to you. To this end, we may use identification tools such as cookies to enable our website to remember you and improve your user experience.
B. Marketing communications
4.2. We may use your personal data to send you marketing communications (typically newsletters), in either digital or printed format, that relate to the information provided on our website, and which we feel may be of interest to you.
4.3. In connection with the above, we may use identification tools such as cookies to help us understand your interests. We can then use this information to ensure that, when we send you marketing communications or when you visit our website, you do not miss out on offers or any other information that may be of interest to you (online targeted advertising).
4.4. You can opt out of these communications by sending an email to email@example.com, or by writing to us at the following address: Hôpital de La Tour, Avenue Jean-Daniel Maillard 3, 1217 Meyrin, Switzerland. On receipt of your request, we will provide prompt confirmation by email that your request is being processed. Please note that it may take up to 10 days for your request to be processed in full. It is therefore possible that you will receive marketing communications during this period.
C. Internal use
4.5. We use your personal data and information gathered from cookies and similar technologies to help us improve our website.
4.6. We also compile anonymised statistical data on how our website is used. We may, for example, use your personal data to generate statistics on the demographic of our website users. This helps us to improve the services that we offer.
D. Non-disclosure of your personal data
5. THIRD PARTY ACCESS TO YOUR PERSONAL DATA
A. Publication of statistics
5.1. As stated above, we may compile statistics on how our site is used, based primarily on your personal data. We may publish these statistics or share them with third parties in an aggregated form, such that they do not contain any individual personal data and individuals cannot be identified.
B. Contractual partners and affiliated companies
5.2. We may provide selected contractual partners and companies affiliated to us with access to the personal data that you have made available to us through our website. These contractual partners and affiliated companies help us to run our website and provide the associated services. They are all required to sign contracts in which they agree to use similar personal data protection measures to those used by us.
C. Change of control or sale
D. Legal obligation to disclose
5.4. We may be required to disclose your personal data if we are legally obliged to do so or if we, in good faith, judge that such disclosure is necessary: (i) to investigate, prevent or take action in relation to illegal activities, whether proven or suspected, or to provide assistance to public authorities; (ii) to implement the agreements that we have with you; (iii) to investigate or defend ourselves against claims or allegations by third parties; (iv) to protect the security or integrity of our website (i.e. by sharing information with companies dealing with similar threats); or (v) to exercise or protect the rights and security of our users, our staff or other individuals.
5.5. Where appropriate and technically feasible, we do everything we can to notify our users of requests that we receive regarding their personal data, unless such action is not permitted by law or by court order, or where the urgent nature of the situation prevents it. We may contest requests of this kind where we judge, at our sole discretion, that the request is too broad or vague or that it does not have an appropriate basis. However, we do not undertake to contest all requests that we receive.
6. MANAGING YOUR PERSONAL DATA
A. Preliminary notes
6.1. We manage your personal data in accordance with the provisions set out in this section. Please note, however, that we are also required to comply with certain legal requirements, specifically our obligations under medical law in connection with any medical data that you may make available to us, and that these requirements may diverge from the provisions of this section.
6.2. For the purposes of security and fraud prevention, any request that you make under the provisions of this section must be accompanied by an appropriate identity document.
B. Protecting your personal data
6.3. We do our utmost to prevent any data breaches or unauthorised disclosure of your personal data. In particular, we implement and maintain measures (including administrative, physical and technical protective measures) in order to manage potential data breaches or unauthorised disclosure of your personal data.
6.4. In the event of a data breach, or if we suspect such a breach: (i) we will do our best to notify you promptly, insofar as this is technically feasible, and (ii) we will work with you to investigate and resolve the incident, including providing you with reasonable assistance should you be required to notify a third party. On submission of a reasonable request by you, we will provide you with prompt access to the files affected by the data breach. Nevertheless, it should be noted that these files remain confidential information belonging to us, and that we are under no obligation to provide you with information that belongs to other users or that compromises other users’ security.
6.5. In the event of a data breach, or if we suspect such a breach, we will also notify the competent authorities, in accordance with the relevant regulations.
C. Accessing and amending your personal data
6.6. When processing your personal data, we do everything we can to ensure that the data stored is complete and up-to-date, and that the data is processed for the purposes for which it was collected.
6.8. You may access and amend your personal data by sending an email to firstname.lastname@example.org.
D. Storing your personal data
6.9. We store your personal data to enable you to access and use our website and its features (e.g. our newsletter). This is without prejudice to our storage obligations.
E. Deleting your personal data
6.10. You may request that your personal data be deleted at any time, subject to our storage obligations.
6.11. You have 30 days from us receiving your data deletion request to request a copy of your personal data. We will then transfer the data to you or make it available as a download in a commonly used format. We are entitled to reject any request for a specific format by you, or to only accept your request on the condition that you bear the relevant costs.
6.12. At the end of this 30-day period, we have no further obligation to store your personal data or to make it available to you. We will delete all copies of your personal data on our systems, under our control or in our possession.
6.13. We may retain anonymised information following the deletion of your personal data.
8. QUESTIONS OR COMPLAINTS?