Data Protection at a Glance

The following information provides an overview of what happens to your personal data when you visit this website. Personal data refers to any information that can be used to personally identify you. Detailed information on data protection can be found in the privacy policy set out below.

 

Controller

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

MiNDNET E-Health AG
Langstrasse 20
CH-8004 Zurich
Switzerland

Director: Dr. Andreas Sprock
Phone: +41 32 510 19 68
Email:

Data Protection Officer: 

 

 

Collection and Storage of Personal Data and Purpose of Processing

a) When visiting the website
When you access our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in so-called server log files.

The following data may be collected without your active involvement:

  • IP address
  • Date and time of access
  • Name and URL of the accessed file
  • Website from which the access originated (referrer URL)
  • Browser type and version
  • Operating system of your device
  • Name of your internet service provider

This data is processed for the following purposes:

  • Ensuring a smooth connection to the website
  • Ensuring convenient use of the website
  • Evaluation of system security and stability
  • Prevention of spam and misuse
  • Administrative purposes

The legal basis for processing this data is Art. 6(1)(f) GDPR, which permits processing based on our legitimate interests in ensuring the functionality, stability and security of our website.

This data will not be used to draw conclusions about your identity.

The data will be deleted once it is no longer necessary for the purpose for which it was collected. In the case of log files, this is usually after the end of the session or within a limited retention period required for security purposes.

b) Contact by Email or Telephone
If you contact us by email or telephone, your inquiry including all resulting personal data (such as name, email address, and the content of the request) will be stored and processed for the purpose of handling your request.

This data will not be shared with third parties without your consent.

The processing of this data is based on:

Art. 6(1)(b) GDPR, if your request is related to the performance of a contract or pre-contractual measures, or
Art. 6(1)(f) GDPR, based on our legitimate interest in effectively processing requests addressed to us.

The data you send to us via contact requests will remain with us until you request deletion, revoke your consent, or the purpose for storing the data no longer applies.

Mandatory statutory provisions – in particular legal retention periods – remain unaffected.

 

Disclosure of Personal Data

Your personal data will not be transferred to third parties except for the purposes listed below.

We only share your personal data with third parties if:

  • You have given your explicit consent (Art. 6(1)(a) GDPR)
  • The disclosure is necessary for the establishment, exercise or defence of legal claims (Art. 6(1)(f) GDPR)
  • There is a legal obligation to disclose the data (Art. 6(1)(c) GDPR)
  • The transfer is necessary for the performance of a contract (Art. 6(1)(b) GDPR)

Data Processing by Service Providers

Like many companies, we use external service providers to support our business operations (for example IT services, hosting providers, telecommunications or marketing services).
These service providers act only on our instructions and are contractually obligated to comply with data protection regulations in accordance with Art. 28 GDPR (Data Processing Agreements).

External Hosting

This website is hosted by an external service provider (hosting provider).

The personal data collected on this website is stored on the hoster’s servers. This may include:

  • IP addresses
  • contact inquiries
  • communication data
  • metadata
  • contract data
  • website access logs

Hosting is carried out for the purpose of providing our online services securely and efficiently.

The legal basis for processing is Art. 6(1)(b) GDPR (contract performance) and Art. 6(1)(f) GDPR (legitimate interest in reliable website provision).

A data processing agreement has been concluded with our hosting provider.

 

Cookies

Our website uses so-called cookies. Cookies are small text files that are stored on your device by your browser.

Cookies do not damage your device and do not contain viruses. They serve to make our website more user-friendly, effective, and secure.

Cookies can be divided into the following categories:

Necessary cookies
These cookies are required for the technical operation and security of the website.

Analytics cookies
These cookies allow us to analyse the use of our website and improve its functionality.

Some cookies are session cookies, which are automatically deleted after your visit. Other cookies remain stored on your device until you delete them.

Where required by law, cookies that are not strictly necessary are only used after your explicit consent via the cookie banner.

The legal basis for the processing of necessary cookies is Art. 6(1)(f) GDPR (legitimate interest) in ensuring the technical functionality of the website.

The legal basis for analytics cookies is Art. 6(1)(a) GDPR (consent).

You can withdraw your consent at any time via the cookie settings on this website.

You can also configure your browser so that cookies are only stored with your consent or are generally blocked. However, disabling cookies may limit the functionality of the website.

 

Web Analytics (Matomo)

This website uses the open-source web analytics software Matomo to analyse and improve the use of our website.

Matomo uses cookies that enable analysis of website usage. The information generated by the-se cookies about the use of this website is stored on our servers.

IP addresses are anonymised (IP masking), which means that they cannot be directly assigned to individual users.

The processing of analytics data takes place only with your consent in accordance with Art. 6(1)(a) GDPR.

The purpose of processing is to analyse website usage and improve the quality and usability of our online services.

You can withdraw your consent at any time by changing your cookie preferences.
The collected data is not shared with third parties.

 

LinkedIn

Our website may contain links or features of the professional network LinkedIn.
Provider:

LinkedIn Corporation
2029 Stierlin Court
Mountain View, CA 94043
USA

If you visit a page containing LinkedIn features, a connection to LinkedIn servers may be established.

LinkedIn may be informed that you have visited our website with your IP address.
Further information can be found in LinkedIn’s privacy policy:
https://www.linkedin.com/legal/privacy-policy

 

Data Retention

Personal data will be stored only as long as necessary to fulfill the purposes described in this privacy policy.

Data may be stored for longer periods where required by legal obligations or in connection with legal claims.

Once the storage purpose no longer applies and statutory retention periods expire, the data will be deleted or anonymized.

Data Subject Rights

Under the GDPR, you have the following rights:

Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (“right to be forgotten”) (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object to processing (Art. 21 GDPR)
Right to withdraw consent at any time (Art. 7(3) GDPR)

You also have the right to lodge a complaint with a supervisory authority.

 

Right to Object

You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation in accordance with Art. 21 GDPR.

If the processing is carried out for direct marketing purposes, you have the right to object at any time without giving reasons.

Data Security

We implement appropriate technical and organizational measures to protect your data against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure.

This website uses SSL encryption (Secure Socket Layer) for security reasons and to protect the transmission of confidential content.

An encrypted connection can be recognized by the change of the browser address line from “http://” to “https://” and the lock symbol in the browser bar.

Contact for Data Protection Issues

If you have questions about the processing of your personal data or wish to exercise your rights, please contact:

 

Last updated: March 2026