Blog      Faq     Join us

Monday to Friday: 8 a.m. to 6 p.m.  Passage of Lions 6, Geneva    info@biomed-mtc.ch       +41 22 575 68 68

Privacy Policy

1 - Introduction
The protection of the private sphere of our users (you, your, or the user) is of capital importance for Biomed MTC Sàrl (we, our, biomed mtc sàrl). The responsible and of course legal processing of your data - in accordance with the Swiss data protection legislation, in particular the Federal Data Protection Act (LPD) - is part of our business policy.
Biomed MTC Sàrl makes every effort in relation to the protection of personal data, according to the directives of the PFPDT. Our goal is to guarantee the protection of your privacy and the security of your personal data, in all times, transparently.
This data protection policy contains detailed explanations on how we process the personal data of our users.
By using our services, you expressly acknowledge that we can process your personal data in accordance with this data protection policy.

2 - Who is responsible for the processing of your personal data?
The controller is the person who determines the purposes and means of the processing of personal data. The subcontractor is a person who performs data processing in accordance with instructions defining essential data protection parameters. It acts under the authority of the controller and on instruction thereof.
Depending on the activities concerned, we are likely to act as treatment manager or subcontractor on behalf of health professionals.
Biomed MTC Sàrl acts as a general rule as manure for processing personal data collected within the framework of services, especially during:
Creation and management of personal or professional user account
Online appointment

Biomed MTC Sàrl intervenes as a subcontractor of health professionals, for example insurance, (who then act as processing managers) concerning personal data collected within the framework of any consultation or monitoring of the patient.
This data protection policy does not governing how health professionals process your personal data. You must refer to the health professionals concerned to obtain information on how your data is processed by them.
However, whether we act as treatment manager or subcontractor, we take the measures capable of ensuring the protection and confidence of the personal data that we hold or process, in compliance with the applicable legal provisions.

3 - How are personal data collected?
Personal data collected from the user:
In principle, we collect personal data directly from you during your interactions with our services or our employees. This is particularly the case when creating a personal or professional user account or via the forms or other documents which are supplemented in the context of the use of services.
A user can also communicate to us personal data from a loved one, provided that you have the right to send us this information.
If you do not wish to communicate information that you are requested, or you oppose their use, you may not be able to access certain parts of the services and that we are unable to respond to your request.
Personal data that we automatically collect when using the services:
We automatically collected personal data when using services by users.
You can define certain authorizations relating to the automatic collection of your personal data when you configure your device or your internet browser depending on the available features.

4 - What personal data we collect and why?
As a responsible organization responsible and respectful of your privacy, we do not process your personal data to establish a profile concerning you (profiling) and do not take either decisions with legal effects on you exclusively based on automated treatment (automated individual decision).
We can combine your personal data with other information (aggregating it) or erase any information allowing you to identify (anonymize them), so that it is no longer considered as personal data, in which case this data protection policy will no longer apply to this data and we will be able to use it for purposes not provided for by this policy (for example to carry out anonymous statistics on the use of our services).

5 - With whom and why do we share your personal data?
In certain circumstances, we may share your personal data with third parties, for example in the context of insurance requests, if necessary for the realization of services or for other legitimate reasons.
To some subcontractors. We use subcontracting service providers, such as communications, payment, or IT/software services providers that process your personal data as part of the services they provide. All service providers are subject to confidentiality obligations and are linked by data processing contracts.
To other third parties if legal necessity. We can also communicate your personal data when we have a legal necessity or a legitimate interest in doing so, for example to follow up on a request from a judicial authority or in accordance with an obligation imposed by law; To bring or defend a court claim or within the framework of restructuring, especially if we transfer our assets to another company.

6-Do we transfer personal data abroad?
We host the personal data of users on servers located in Switzerland.
In principle, we do not transfer or make your personal data accessible to other countries. However, in certain circumstances, your personal data may be made available to recipients abroad. Personal data is only transferred abroad if the applicable legal conditions are met. Our service providers abroad are required to respect data protection to the same extent as we do. If the level of data protection in a country is not equivalent to that of Switzerland, we ensure contractually that personal data protection is always equivalent to that of Switzerland, for example by signing the standardized contractual clauses of the EU.
If you send us data, you are deemed to be consenting to these data transfers. You can ask us for additional information in this regard.

7-How long do we keep your personal data?
We erase or make your personal data anonymous as soon as it is no longer necessary for the completion of the targeted purposes. This duration varies depending on the type of data concerned and the applicable legal requirements. The following rules apply:

The personal data collected within the framework of the execution of the contractual relationship between Biomed MTC Sàrl and yourself (for example for the use of our services) are kept for the duration of the contractual relationship, as long as you have an active personal or professional user account, then its archive during the legal retention period.

The data collected on the basis of your consent is kept until you revoke your consent.

Personal data collected for our legitimate interests, for example for market studies, for legal purposes or to improve our services, are kept as long as necessary to achieve these objectives.

In addition, we must keep personal data for a longer period if necessary to meet a legal obligation (for example accounting rules or tax law), on the order of an authority or within the framework of a procedure. Certain information relating in particular to the contractual relationship must be kept for at least 10 years and certain data relating to care services for at least 20 years.
We determine the conservation durations of personal data only as processing manager. As part of the treatments carried out as a subcontractor (see art. 3 above), we act only on instruction of treatment managers and do not determine the shelf life. For any questions on the conservation time of personal data for which Biomed MTC Sàrl acts as a subcontractor, we recommend that you contact your health professional directly, treatment manager. Given the legal archiving obligations imposed on healthcare professionals, these are likely to keep, on their own tools, the personal data of users for longer durations than those indicated above in order to ensure patients with medical monitoring and optimal care.

8 - What are your rights?
You can exercise different rights with regard to the data we process. You have the right to do the following, within the limits of the law:
Obtain information on personal data concerning you that we process.
Have this data checked and correct at any time.
Request the deletion or deletion of personal data
Remove your consent at any time.
Oppose the processing of your personal data.
Obtain your personal data in an interoperable format or have it transferred to another manager (right to portability).

If you ask us to delete your personal data from our systems, we will follow up on your request, unless we must keep your data for a legal reason or another legitimate reason. Please note that any information we have saved can remain in back-up storage for a while even after your deletion request.
The above does not limit the other rights that you may have under the applicable data protection legislation under certain circumstances.
In addition, you have the right to file a complaint with the competent control authority. In Switzerland, it is the Federal Data Protection and Transparency (PFPDT). Although this is not mandatory, we recommend that you contact us beforehand because we may be able to respond directly to your request.

9 - How to exercise your rights?
For all requests concerning personal data for which we act as processing manager (see art. 3):
Please contact us directly
You will have to indicate in your email the personal data to which your request carries and provide any information that is necessary to us to verify your identity.

For all requests concerning personal data for which we act as subcontractor:
You must contact your healthcare professional, treatment manager.
At the request of the healthcare professional you have contacted, we will be able to assist him in the follow -up to your request, but we will not be able to respond directly to the request.

10 - How do we protect your personal data?
We take appropriate technical and organizational security measures to ensure the safety of processing and confidentiality of personal data, to avoid unauthorized access and unauthorized transmission, modification or destruction to this data. Safety measures are permanently improved depending on technological development.
As such, Biomed MTC Sàrl takes all the useful precautions, with regard to the nature of the personal data and the risks presented by the processing in order to preserve the security of personal data and, in particular, to prevent them from being damaged, or that unauthorized third parties have access to them (physical protection of premises, authenticate processes with personal access and secure Conf fi de -dent, journalization of connections, encryption of certain personal data).
Although we take appropriate measures to protect your personal data, no digital service is completely secure. Therefore, we cannot guarantee that the data you provide to us is protected from unauthorized access and theft by third parties. We assume no liability in this regard. The Internet is a global environment. Therefore, by sending us information electronically, that data may be transferred internationally over the Internet depending on your location. The Internet is not a secure environment, and this data protection policy applies to our use of your personal data once it is under our control only. Given the nature of the Internet, any transmission of data via the Internet is at your own risk.
If we have reasonable grounds to believe that an unauthorized person has accessed your personal data, and applicable law requires notification, we will promptly notify you of this event by email (if we have your address) and/or any other communication channel.

11 – CHANGES TO THIS DATA PROTECTION POLICY
We reserve the right to modify, update or supplement this data protection policy at any time in order to take into account changes in the way we process personal data or changes in legal requirements.
You will be informed of any changes affecting you regarding our processing of your personal data by any appropriate means, including by email. If you do not accept the changes, you must stop accessing and/or using the affected service.

12 – APPLICABLE LAW AND COMPETENT COURT
Any dispute concerning the content or use of the site will be governed by Swiss law and the ordinary courts of the canton of Geneva will have exclusive jurisdiction to settle said disputes.

13 – HOW TO CONTACT US?
You may direct any questions or complaints you may have regarding our compliance with this Data Protection Policy, or provide us with recommendations or comments aimed at improving the quality of this Data Protection Policy, by contacting us.

14 – COMMENTS
When you leave a comment on our site, the data entered in the comment form, but also your IP address and the user agent of your browser are collected to help us detect unwanted comments.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture will be publicly visible in the context of your comment.

15 – COOKIES
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit the login page, a temporary cookie will be set to determine if your browser accepts cookies. This cookie contains no personal data and will be discarded when you close your browser.
When you log in, we will set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
By editing or publishing a post, an additional cookie will be saved in your browser. This cookie does not include any personal data. It simply indicates the post ID of the post you just edited. It expires after 1 day.

Version of 01/09/2023