PRIVACY POLICY

DATA COLLECTED ON THE WEBSITE

As part of the use of the centremedicalcroixdor.ch website, Centre Médical de la Croix d'Or, a subsidiary of ASLAN Medical SA, collects limited personal data, necessary for managing your requests and improving our services.

CATEGORIES OF DATA COLLECTED


We collect the following data:

  • Identification data : first name, last name.
  • Contact details : email address, telephone number.
  • Specific data : message containing the patient's medical need.
  • Browsing data : browser type, pages visited, duration of consultation (via cookies).

Regarding the requested processing, users have the option to indicate their needs when contacting us. This information is used solely to organize requests and is not considered sensitive data.

COLLECTION METHODS

Personal data is collected through the following means:

  • Contact and appointment booking form : collects the patient's first name, last name, email, telephone number and medical need.

COLLECTION OF SENSITIVE DATA

We do not collect sensitive data related to health or other aspects protected by the GDPR or the nLPD. The additional information collected is limited to the individual's message to discuss their needs. It does not contain any personal medical details.


USE OF COLLECTED DATA

The data collected via the centremedicalcroixdor.ch website is used for the following purposes:

PURPOSES OF PROCESSING

  • Respond to requests via the contact form : this data allows us to respond to questions or requests sent by users.
  • Manage appointment bookings : the information provided in the form is necessary to organize and confirm appointments.
  • Analyze site traffic : browsing data, collected via cookies, is used to improve the user experience and optimize the content of our site.

LEGAL BASES FOR PROCESSING

In accordance with the GDPR and the nLPD, each identified purpose is based on a specific legal basis:

  • Responding to requests via the contact form : execution of a contract or pre-contractual measure.
  • Manage appointment bookings : execution of a contract or pre-contractual measure.
  • Analyze site traffic : legitimate interest to improve site performance and user experience.


SHARING DATA WITH THIRD PARTIES

Some data may be shared with third-party service providers to ensure the proper functioning of the site and the services offered:

  • Pulse Medica : CRM manager used for patient monitoring.
  • Google Analytics : audience measurement and site traffic analysis tool.

No data is transferred outside Switzerland or the European Economic Area (EEA).

DATA RETENTION

We retain personal data collected on the centremedicalcroixdor.ch website for specific periods, depending on their purpose.

RETENTION PERIOD BY PURPOSE

  • Contact form/appointment requests : data collected via the contact or appointment form is kept for an indefinite period in order to allow optimal monitoring of user requests, taking into account their history at the Croix d'Or Medical Center.
  • Browsing data (cookies) : data collected via cookies is stored for a maximum period that varies depending on the cookie, but can be up to 13 months, in accordance with standard practices.

DELETION POLICY

No automatic deletion or anonymization of data is implemented after a certain period of time. However, the user can request the deletion of their data by contacting contact@centremedicalcroixdor.ch.

USER RIGHTS

In accordance with the GDPR and the nLPD, users have the following rights:

RIGHTS GUARANTEED TO USERS

  • Right of access : obtain a copy of stored personal data.
  • Right of rectification : correction of inaccurate or incomplete data.
  • Right to erasure : erasure of personal data unless otherwise required by law.
  • Right to object : refuse the processing of data for certain purposes, including marketing.
  • Right to portability : receive your data in a structured format.
  • Right to restriction of processing : temporarily suspend data processing.

PROCEDURE FOR EXERCISING YOUR RIGHTS

You can exercise your rights by contacting:

A return will be made within a maximum of one month.

RIGHT TO COMPLAINT WITH AN AUTHORITY

If you believe that your personal data is not being processed in accordance with the regulations, you have the right to lodge a complaint with the competent authority:

  • For users in Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
    • Address : Feldeggweg 1, CH - 3003 Bern, Switzerland
    • Website : https://www.edoeb.admin.ch/
    • Email : info@edoeb.admin.ch

THIRD-PARTY TOOLS AND INTEGRATED SERVICES

To provide an optimized user experience and ensure the proper functioning of the site www.centremedicalcroixdor.ch , we use several third-party tools and integrated services.

ANALYSIS AND STATISTICS

We use tools to analyze traffic and user behavior on our site:

  • Google Analytics 4 : Measures visitor traffic and interactions. We have configured this tool to not collect IP addresses, in accordance with GDPR requirements.
  • Google Search Console : These tools help us optimize our site's visibility in search engines.
  • Google Tag Manager : Manages tags used for tracking and analytics, making it easier to integrate with analytics and advertising tools.

EMAIL MANAGEMENT AND CRM

To manage user requests and organize our communications, we use:

  • Pulse Medica : This CRM tool stores all information collected via the contact form, including first name, last name, email address, phone number, and desired treatment.

ACCOMMODATION AND SECURITY

We implement strict security measures to protect your personal data:

  • Secure hosting : our site is hosted by Infomaniak, based in Switzerland.
  • Secure storage : All data is stored on secure Swiss servers.

COOKIES AND DATA TRACKING

We use cookies on the website www.centremedicalcroixdor.ch to optimize your user experience and personalize the content displayed. You can manage your preferences regarding the use of cookies via our consent banner.

TYPES OF COOKIES USED

The cookies we use are classified into two categories:

  • Essential cookies : these cookies are necessary for our site to function and cannot be disabled. They enable, for example, the submission of forms or secure browsing.
  • Analytical cookies : These cookies help us analyze traffic and understand how users interact with our site, using tools like Google Analytics 4.

No other type of cookie is used on our site.

USER CONSENT

We comply with data collection regulations (GDPR and nLPD) by asking users for consent before activating non-essential cookies.


Our site includes a consent banner managed by the service provider Axeptio , which allows you to:

  • Accept or refuse non-essential cookies.
  • Choose the categories of cookies you want to activate.

Your consent is recorded and cookies are triggered only based on your choices. You can change your preferences at any time by clicking on the " Cookie Preferences " link in the footer of the site.

COOKIE LIFESPAN

Cookies placed on your device have a maximum lifespan of 13 months, depending on their type. Once expired, they are automatically deleted unless you change your preferences or manually delete them via your browser.


USER MANAGEMENT OF COOKIES

You can review or change your cookie preferences at any time by clicking on the " Cookie Preferences " link in the footer of the site. This link allows you to:

  • Change your consent choices.
  • Disable previously accepted non-essential cookies.


DATA SECURITY

The Croix d'Or Medical Center places great importance on the protection of personal data collected on its website. We implement technical and organizational measures to ensure the confidentiality and integrity of this data.


SECURITY MEASURES IN PLACE

  • Exchange protection : All data exchanged between the site and users is encrypted using an SSL/TLS certificate, ensuring a secure connection via the HTTPS protocol.
  • Data storage : The collected data is not currently protected by access restrictions or additional mechanisms, but is hosted by Infomaniak, a Swiss provider renowned for the reliability and security of its services.
  • Backups : We do not have a specific backup system for data collected through the site.

DATA BREACH PROCEDURE

In the event of a personal data breach, we undertake to:

  • Notify affected users and the relevant authorities (e.g., the Swiss Federal Data Protection and Information Commissioner, or European authorities under the GDPR) within a maximum of 72 hours of discovering the breach.
  • Take all necessary measures to limit the impact of this breach and clearly inform the persons concerned.

MODIFICATIONS AND CONTACT

PRIVACY POLICY UPDATE

This Privacy Policy may be updated at any time to reflect changes in our practices or to comply with legislative and regulatory changes. We encourage you to regularly consult this page to stay informed of any changes. No specific notification will be sent in the event of an update. The date of the last revision will be indicated at the bottom of this page.


CONTACT INFORMATION FOR ANY QUESTIONS OR REQUESTS

If you have any questions regarding this Privacy Policy or wish to exercise your rights regarding your personal data, you can contact us:



Last revised date: February 13, 2025
You have questions ? Contact us by phone or email by filling out the form accessible via the button below. Our secretariat will respond to you as soon as possible.
You have questions ? Contact us by phone or email by filling out the form accessible via the button below. Our secretariat will respond to you as soon as possible.