Privacy Policy of Dr. Laser Health AG and the Practice “Hormone Consultation and Therapy” Dr. med. Regine Laser

The following information explains for which purposes the above-mentioned medical practice (hereinafter: “the Practice”) collects, stores, or discloses your personal data. We also inform you about your rights in relation to data protection.

The controller responsible for processing your personal data, and in particular your health data, is the Practice. If you have questions about data protection or wish to exercise your data protection rights, please contact the practice staff or your physician directly.

§ 1 Introduction

Protecting your privacy is of utmost importance to us. Compliance with the statutory data protection provisions is a matter of course. We guarantee that all data collected will be processed in accordance with the applicable data protection regulations.

The processing (collection, storage, use, and retention) of your data is carried out on the basis of the treatment contract and statutory obligations for fulfilling the treatment purpose and related duties. Data is collected on the one hand by the treating physician in the course of your medical treatment. On the other hand, we may also receive data from other physicians or healthcare professionals from whom you have received treatment, provided you have given your consent.

Only data relevant to your medical treatment will be processed in your medical record. The medical record includes the personal details provided on the form (identity information, contact details, insurance information), the informed-consent discussion carried out in the course of treatment, and health data collected such as medical histories, diagnoses, treatment proposals, and findings.

§ 2 Security and confidentiality

All personal data is stored exclusively on servers located in Switzerland. When handling your personal data, we implement appropriate technical and organisational measures to protect your data from unauthorised and/or unlawful access.

§ 3 Data Security with OneDoc

OneDoc holds extensive Swiss data-protection certifications as well as ISO certifications. Please refer to OneDoc’s detailed information at: https://privacy.onedoc.ch/de

We expressly point out that the data you independently provide may include particularly sensitive personal data, especially information regarding your health and disclosure of the existence of a doctor-patient relationship.

§ 4 Retention Period for the Medical Record

The Practice is legally required to retain your medical record for 20 years after the last treatment. After this period, the record will either be retained with your explicit consent or securely deleted or destroyed. The data is stored on servers of Swisscom Health AG in Switzerland.

§ 5 Legal Basis for Data Collection

By registering and accepting this privacy policy, a user expressly authorises us to process the data in accordance with § 4 for the purposes specified in § 8.

The legal basis for the collection and processing of data is the user’s explicit consent pursuant to Art. 6(1)(a) of the EU General Data Protection Regulation (GDPR).

Any person making an appointment booking on behalf of a third party is required to obtain the explicit consent of the data subject.

For the purpose of managing the patient file, we intend to:

  • collect additional personal and health data of the patient (e.g., insurance details, vaccination information, etc.) during or after a booking.
  • enable the user, with their explicit consent, to make their data accessible to third parties (e.g., physicians, medical organisations, etc.).
  • irreversibly delete all user data if the user does not consent to the processing of their data within 48 hours. 

§ 6 Right of Access, Withdrawal, and Erasure

    If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights:

    Right of access: Any individual may, after sufficient identification, request free access to all data relating to them by contacting hormone@dr-laser.ch.

    Right to rectification: You have the right to obtain rectification and/or completion of inaccurate or incomplete personal data. The controller must implement the correction without undue delay.

    Right to restriction of processing: Under certain conditions, you have the right to request restriction of processing of your personal data.

    Right to notification: If you have exercised your right to rectification, erasure, or restriction of processing, the controller is obligated to notify all recipients to whom your personal data has been disclosed, unless this proves impossible or involves disproportionate effort.

    Right to data portability: You have the right to receive the personal data you have provided to the controller in a structured, commonly used, and machine-readable format.

    Right to withdraw consent: Where processing is based on consent, you may withdraw your consent at any time. The withdrawal applies only to future processing; processing based on prior consent remains lawful.

    Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority—particularly in your country of residence, place of work, or the place of the alleged infringement—if you believe that the processing of your personal data violates applicable law.

    § 7 Disclosure of Data to Third Parties

    Except where permitted by the user’s acceptance of this document or where required by law, we do not disclose data to third parties.

    We reserve the right to disclose your personal data in accordance with § 4 and § 5 solely to third parties inside or outside Switzerland who are contractually obligated to comply with the same data-protection standards that we are bound to. These third parties are in particular obligated to:

    • use the data only for the purposes specified in § 4 or other legally permissible purposes, such as technical support;
    • refrain from disclosing the data to any further third parties unless permitted by us or required by law.

    Data may be disclosed as follows:

    • To your health insurance or accident/disability insurance for the purpose of billing services provided to you, in accordance with statutory requirements.
    • To cantonal or national authorities (e.g., cantonal medical services, health departments) based on statutory reporting obligations.
    • To an external laboratory for the purpose of laboratory analyses. We primarily cooperate with Medica AG. Information on Medica’s data processing is available on its website: https://medica.ch/datenschutz/
    • To a debt-collection agency for collection of outstanding payments.

    In individual cases, depending on your treatment and your consent, data may be transmitted to additional authorised recipients (e.g., other physicians).

    § 8 Cookies and Analytical Tools

    We use session cookies. Cookies are small data files commonly used by most websites. These cookies do not contain personalised information but only identifiers that have no meaning outside our website.

    We also use Google Analytics to analyse usage behaviour. Google Analytics also uses cookies. The information generated by these cookies is usually transmitted to and stored on a Google server in the USA.

    In addition to the standard functions, we use integrated services within Google Analytics that collect data for advertising purposes, including data from advertising-cookies and anonymous identifiers. These data are used to improve our online services.

    These tools serve to ensure the security of our website and systems, to analyse user behaviour, improve our services, and perform statistical evaluations. All such uses are fully anonymised. Data is disclosed only if required by competent authorities.

    We reserve the right to identify users (particularly by matching IP addresses) only in cases of justified suspicion of misuse or a serious violation of the Terms of Use.

    You may, of course, use our website without cookies. You can disable cookies in your browser settings or configure your browser to notify you before cookies are stored. You may also prevent Google Analytics from collecting data by installing the add-on available at: http://tools.google.com/dlpage/gaoptout?hl=de. Please note that disabling cookies or Google Analytics may limit website functionality.

    § 9 Amendments to this Privacy Policy

    We reserve the right to revise, amend, or otherwise update this privacy policy at any time. We will inform you of any changes during your next login.

    § 10 Controller

    Dr. med. Regine Laser
    CH-8044 Zurich
    +41 44 552 0052
    hormone@dr-laser.ch
    dr-laser@hin.ch

    § 11 Right to Lodge a Complaint with a Supervisory Authority

    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates applicable data-protection laws.

    Federal Data Protection and Information Commissioner (FDPIC)
    Feldeggweg 1
    CH-3003 Bern
    +41 (0)58 462 43 95