ViaSlim AG Privacy Policy

(as of 11/24)

Table of contents

  1. Who is responsible for your personal data?
  2. What personal data do we process?
    2.1 When you visit our website
    2.2 When you use our services
    2.3 When you apply for a job with us
    2.4 When we receive personal data from you for other purposes
  3. For which purposes do we process your personal data?
  4. In which cases do we share your personal data with third parties?
  5. International transfer of your personal data
  6. data security
  7. Retention period of your personal data
  8. Your rights in connection with your personal data
  9. Right to lodge a complaint
  10. Links to other websites
  11. Amendment to this privacy statement

1. Who is responsible for your personal data?

In this privacy policy, we inform you how ViaSlim AG, a digital weight management clinic, collects and processes your personal data when you:

  • visits our website;
  • makes use of our services and uses the viaSlim app;
  • makes use of our consulting and support services,
  • apply for a job with us, or;
  • We receive personal data from you for other purposes as part of our business activities.

Note about third-party data: If you provide us with data from other people, such as family members, we assume that you have the right to share this information and have notified the data subjects about the transfer.

contact details
viaSlim AG
Seefeldstraße 214
CH-8008 Zurich
datenschutz@viaslim.ch

2. What personal data do we process?

2.1 When you visit our website

When you visit our website, technical data such as IP address, operating system, date, time and the website you came from are automatically logged. This is to ensure functionality and analyze usage.

  • Cookies and tracking technologies: We use cookies and similar technologies such as social media plugins and embedded media to make the website more user-friendly, to evaluate the use of our website and to collect information to improve our offerings, and for marketing purposes. Details can be found in our [Cookie Policy].
  • Communication data: If you contact us via the website (e.g. via our online aptitude test, contact form or other channels), we process the contact details you provide and any other information that is transmitted through the use of the respective channel.
  • Registration data: Data collected when registering for certain services, such as newsletters, vouchers and special offers (e.g. user name, email).

2.2 When you use our services

When using our services (e.g. digital consultations, analyses, treatments), we collect the following data:

  • Identification data: (e.g. name, gender, date of birth, ID, etc.);
  • contact details: (e.g. email, address, telephone number, etc.);
  • Health data: (e.g. health status, weight-associated diseases, medication, biometric data such as weight and height, blood pressure, ECG values and analysis results such as biomarkers, etc.);
  • Behavioral, lifestyle, and preference data: data about your behavior and preferences (such as responses to electronic messages, app usage, exercise and diet habits) and data that may come from wearables that you provide to us at your request.
  • Health insurance data: (e.g. AHV number and health insurance number, etc.)
  • Communication content: (e.g. messages that you send us via the app or as part of video consultations, etc.)
  • Payment data: (e.g. data for billing the services provided, credit card details, etc.)
  • Technical data: (e.g. logs and usage data from the viaSlim app to optimize the user experience.
  • Other data: Data that is processed, for example, in official or court proceedings or is necessary to comply with health protection concepts (e.g. as part of security measures or monitoring).

Within the viaSlim app, we also process specific health and behavioral data to create and optimize personalized treatment plans for you.

  • login details;
  • contact details (e.g. email, address, telephone number, etc.);
  • health data;
  • communication content;
  • other relevant personal data that you provide to us;
  • technical data (in particular logs, usage data, etc.).

Health data is particularly sensitive personal data within the meaning of data protection law, which is subject to an increased standard of protection. In the course of this privacy policy, in addition to general information about our data processing, additional information on how we handle your health data and how we specifically protect it.

2.3 When you apply for a job with us

During the application process, we collect data that is necessary to assess your suitability:

  • Identification and contact details: name, address, telephone number, e-mail.
  • Data from application documents: Information about your professional career and qualifications.
  • References: After obtaining your consent, we may obtain information from referees.
  • Additional data: Data that we obtain from professional social networks.

If your application is successful, we will use the data collected to prepare and conclude an employment contract.

2.4 Further data processing in a business context

As part of our business activities, we also process personal data from contact persons with partners, suppliers and service providers. These usually include identification and contact data as well as communication content.

Where does the data come from?

Additional information about the data source:

  • From you directly: We receive most data directly from you or your device (e.g. by using the app).
  • From third parties: In certain cases, the data comes from publicly available sources, from authorities or from third parties (e.g. contract partners, wearable providers who are available to you and who disclose data at your request).

3. For what purposes do we process your personal data?

Personal data is processed for the following reasons:

  • Registration and access control: We collect and process personal data to give you access to special offers or functions (e.g. login area, newsletter).
  • Contract fulfillment and management: Provision of our digital and medical services, such as telemedicine consultations and treatments, including analysis and management of your health data.
  • Internal research and development: Evaluation of health and usage data to improve our services. Where possible, data is anonymized or pseudonymized.
  • Security purposes and access controls: In order to ensure adequate security of our IT infrastructure, we maintain security checks and documentation such as access logs.
  • Compliance and legal compliance: We process data to meet legal requirements (e.g. anti-money laundering, health and safety concepts).
  • Communication and customer service: For support and advice via digital communication channels.
  • Marketing and customer information: Sending information about new developments and personalized offers. You can opt out of receiving this information at any time.
  • Profiling and automated decisions: viaSlim can evaluate certain personal characteristics using your data for the purposes mentioned above. This is done, for example, for statistical evaluation, preference analysis or the adjustment of offers. Where necessary, we offer you the option of human review of automated decisions.

4. In which cases do we share your personal data with third parties?

We may share your information with third parties to comply with contractual or legal obligations, including:

  • Service providers: IT service providers, providers of diagnostic equipment for analyses, as well as third-party providers in the areas of payment transactions, billing, collection, consulting, sales and marketing;
  • Medical partners: Doctors, partner practices, mail-order pharmacy partners, analysis and laboratory partners who support our services.
  • third parties to whom we transfer or merge our business or parts of it;
  • Research partners: In anonymized or pseudonymized form for statistical or scientific purposes.
  • External consultants and cases where disclosure is necessary to (i) fulfill a legal obligation, (ii) ensure IT security and data protection, or (iii) enforce, defend or defend against legal claims.
  • If you wish to deliver medication, we will provide MediService AG with the data necessary for the purchase process (contact details, delivery and billing address, insurance data, order of medication). MediService AG processes the data in accordance with its privacy policy [https://www.mediservice.ch/de/datenschutz.php]. An order from MediService AG is subject to their terms and conditions [https://www.mediservice.ch/de/agb-mse.php].

In doing so, we also transfer personal data abroad, in particular to IT service providers within the European Economic Area (EEA). We restrict transfers of personal data outside Switzerland, the EU and the EEA as far as possible, but they cannot be completely avoided. Insofar as the countries concerned do not have a level of data protection recognized by Switzerland, we use standard contractual clauses to ensure adequate protection, supplemented with additional security measures where necessary and possible.

Additional measures: When storing sensitive data, we rely on redundant storage and encryption in data centers as well as on logging access and processing processes.

We may share your data (including health data) with private or public research agencies for research purposes if you (a) have given us your consent to do so, or (b) as a data subject cannot be identified by the research center (anonymized or pseudonymized data) and do not object to the use for research following appropriate information.

If you wish, your family doctor or another medical service provider can access your data in the viaSlim app.

Examples of additional measures:

  • Redundant storage and encryption: Data is protected by encryption and secure storage in redundant data centers.
  • Pseudonymization and anonymization: Where possible, personal data is pseudonymized or anonymized.

We do not sell or rent personal data to third parties.

5. How do we process personal data on our social network sites?

We operate online presences on social networks and third-party platforms where we process personal data about your interactions (e.g. comments, likes). The operators of the platforms can analyse your usage and use this data for their own purposes (e.g. marketing or market research). You can find more information about this in the respective privacy policies of the platform operators.

We currently use the following platforms, although the identity and contact details of the platform operator can be found in the privacy policy:

- LinkedIn

https://www.linkedin.com/company/viaslim

Privacy statement: https://de.linkedin.com/legal/privacy-policy

- Instagram

Privacy statement: https://help.instagram.com/155833707900388

- TikTok

Privacy statement: https://www.tiktok.com/legal/page/eea/privacy-policy/de

- Facebook

Privacy statement: https://www.facebook.com/privacy/policy/

We are entitled, but not obliged, to check third-party content before or after publication on our online presence, to delete content without notice and, if necessary, to report it to the provider of the respective platform.

Some of the platform operators may be based outside Switzerland.

6. Data security

We use technical and organizational measures to protect your data from loss, misuse or unauthorized access. This includes:

  • redundant data storage in Zurich (CH) and Berlin (DE);
  • Access restrictions: Data access only for authorized employees.
  • Data encryption: Encryption both during transmission and storage.
  • Logging: Documentation of data changes and accesses.
  • 2-factor authentication: Ensuring access to sensitive systems through multiple authentication.

Particularly sensitive health data is processed in accordance with the highest standards and in accordance with data protection guidelines in Switzerland.

7. Retention period of your personal data

We only keep your personal data for as long as is necessary to fulfill the purposes described above. We store medical data for up to 20 years in accordance with legal storage requirements. Health data from deactivated accounts in the viaSlim app is archived or deleted accordingly.

8. Your rights in connection with your personal data

You have the following rights under data protection law:

  • Right to information: You can request information about the processing of your personal data.
  • Right to correction: You can request that incorrect data be corrected.
  • Right to delete: You have the right to have your data deleted (“right to be forgotten”).
  • Right to restrict processing: You can request that the processing of your data be restricted.
  • Right to portability: You can request that your data be transferred to another provider.
  • Right to object: You can object to the processing of your data, particularly in the case of direct marketing.

Restrictions apply when legal obligations or legitimate interests of viaSlim require further processing.

9. Right to lodge a complaint

If you are dissatisfied with our data processing, you can complain to the Federal Data Protection and Information Commissioner (FDPIC). We recommend that you contact us directly first to resolve your issue.

10. Links to other websites

Our website may contain links to third-party websites. We are not responsible for the content and privacy practices of these third parties.

11. Further information

- Data protection in the EEA (EU): Should the GDPR (EU General Data Protection Regulation) be applied to certain data processing operations, this is done in accordance with the relevant articles. Processing is usually based on the fulfilment of contractual obligations, compliance with legal requirements, or on your consent.

12. Amendment to this privacy statement

This privacy policy can be amended at any time. The version available on our website or app is always the latest version.