Privacy policy according to DSG from 25.9.2020/EU-DSGVO

Home > Privacy policy according to DSG from 25.9.2020/EU-DSGVO

Privacy policy according to DSG from 25.9.2020/EU-DSGVO

Your data in the best hands!

Want to know what happens to your data and who to contact? You can find out everything here:

What we do and what rights you have – our data protection in brief:

We, healthcare projects consulting & management Stein, base our privacy policy on Art. 13 of the Swiss Federal Constitution and the data protection regulations of the Swiss Confederation (Data Protection Act, DPA) as well as the EU General Data Protection Regulation (EU GDPR). We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations.

  • We only store and use data from you that we need or that you have expressly consented to the processing of.
  • Of course, there is a § for everything. We only do what we are allowed to do.
  • Others only get your data when we can’t do something ourselves or on site. Of course, we have signed contracts with our service providers to make sure they take care of your data just like we do.
  • If we no longer need your data, it will be deleted. If we need to keep it, e.g. for the tax office, the data will be blocked. “Blocking” means that they are technically protected so that they can no longer be changed or further processed.
  • Your data is secured – we check regularly and take good care of it
  • If you want to know whether and what data we have about you, if you want to have this data deleted or handed over, or if you want to object to certain data processing, please call us or write to us. In the same way, you can also contact us if you wish to revoke a consent.
  • If you are dissatisfied with our handling of your data, there is also a competent supervisory authority in the last step (FDPIC, Federal Data Protection and Information Commissioner). You can call or write there.       
    Of course, we hope to talk first and find a common solution.

And now, for those interested in knowing more details, here is the whole thing in detail:

Table of contents

  1. Who is responsible for the processing?
  2. Website hosting
  3. Which data do we collect and store for which purposes?
    1. During a purely informative visit to the website
    2. When contacting by e-mail and/or contact form
  4. How long do we store your data and when do we delete it?
  5. What rights do you have as a data subject?
    1. Information
    2. Correction
    3. Deletion
    4. Restriction of processing
    5. Data portability
    6. Revocation of consent
    7. Objection to the collection of data in special cases and to direct advertising.
  6. When do we share your data?
  7. Right to complain to the supervisory authority
  8. Do we collect and use data from your end devices (cookies and tracking)? No!
  9. How secure is your data?
  10. Status and update of this privacy policy

Below you will find comprehensive information about the processing of your personal data when visiting our website. Personal data is any data relating to an identified or identifiable natural person, e.g. name, address, e-mail addresses, user behavior.

Who is responsible for the processing?

Person responsible according to Art. 4 para. 7 DS-GVO:
Name: healthcare projects consulting & management Stein; Prof. Dr. Dr. h.c. Frank Stein 
Address:    Grammetstrasse 14, 1440 Liestal, Switzerland
Tel: +41 61 92 20 240
Website: https://www.

Name and address of the data protection officer

The data protection officer of the data controller is:
Name: CyberWehr RMS GmbH; Monika Wehr
Address: Alte Landstrasse 109, 8803 Rüschlikon
Tel: +41 79 348 55 63

Website hosting

Our website is located on the web server (hosting) of the

Swisscom (Switzerland) Ltd.
Alte Tiefenaustrasse 6
CH-3050 Bern

Which data do we collect and store for which purposes?

During a purely informative visit to the website

If you just look at our website, do not register and do not otherwise enter any data or actively send us any data, then we process the personal data that your browser transmits to our server. These are stored, without you doing anything, until automated deletion. What information is this? You will find this below:

  • IP address of the requesting computer,
  • Date and time of access, time zone difference from Greenwich Mean Time (GMT).
  • Content of the request (page visited)
  • Access status/HTTP status code
  • Data volume transferred in each case
  • Browser
  • Operating system
  • Language and version of the browser software.

We use the above-mentioned data for the operation of our website, in particular to detect and eliminate website errors, to determine the utilization of the website and to make adjustments and improvements. The legal basis for the data processing is Art.6 Abs.1 S.1 lit.f DSGVO. Our legitimate interest follows from the purposes for data collection just mentioned. In no case do we use the collected data for the purpose of drawing conclusions about your person. The data will also not be merged with other data sources.

The personal data mentioned will only be stored for the duration of your visit. They are subsequently deleted within 6 months.
If we use external links on our pages that redirect you to other service providers, you can recognize this by the link symbol for external links, i.e. the mouse pointer changes shape when it is on a link. When you click on an external link, your IP address becomes visible to the provider of the page.

When contacting by e-mail

You can contact us via the e-mail address provided. In this case, the data you provide (your e-mail address, name and telephone number and other information you provide) will be stored in order to process your request and answer your questions. We delete the data accruing in this context, if the inquiry is assigned to a contract, after the periods for the duration of the contract, the legal retention period or otherwise after 3 months, or restrict the processing if there are legal retention obligations.

How long do we store your data and when do we delete it?

If no specific deletion periods are specified in this data protection declaration for the respective case, then we delete your personal data as soon as the purpose of the storage no longer applies. However, we must continue to store your data if we are obliged to do so by the European or national legislator in EU regulations, laws or other provisions to which we are subject.
However, if the storage period prescribed in the aforementioned standards expires, then your data will of course be deleted – unless it is still required at that time for the conclusion of a contract with us or the fulfillment of a contract that you have concluded with us.

What rights do you have as a data subject?


In accordance with Art. 19 E-VDSG/Art.15 DSGVO, you can request information from us at any time about the personal data we process. In particular, if you so request, we will provide you with information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details.


In accordance with Art. 19 E-VDSG/Art.16 DSGVO, you can immediately request the correction of incorrect or completion of your personal data stored by us.


You have the right according to Art. 19 E-VDSG/Art.17 DSGVO to demand the deletion of your personal data stored by us.

Restriction of processing

You may request the restriction of the processing of your personal data in accordance with Art.18 DSGVO.

Data portability

Pursuant to Art. 28 VDSG/Art.20 DSGVO, you may request that we provide you with your personal data that you have provided to us in a structured, common and machine-readable format or transfer it to another responsible party designated by you.

Revocation of consent

You may revoke your consent at any time in accordance with Art. 19 E-VDSG/Art.7 Abs.3 DSGVO. This has the consequence that we may no longer continue the data processing based on this consent for the future.

Objection to data collection in special cases and to direct advertising

In accordance with Art. 19 E-VDSG/Art.21 DSGVO, you may object to the processing of your personal data if there are grounds for doing so that arise from your particular situation or if the objection is directed AGAINST DIRECT ADVERTISING. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation. You can inform us of your objection informally by telephone, by e-mail, or to our postal address listed at the beginning of this privacy policy.

If you would like to exercise one or more of your rights or need more information about this, please feel free to contact us using the contact details above.

When do we share your information?

We will only transfer your data to third parties if:

  • you have given your express consent pursuant to Art. 6 para. 6 DSG/Art.6 lit. a and Art. 7 para.1 f. DSGVO have given for this,
  • the disclosure is necessary for the assertion, exercise or defense of legal claims pursuant to Art.6 para.1 sentence 1 lit.f DSGVO and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that there is a legal obligation for the disclosure pursuant to Art.6 para. 1 sentence 1 lit.c DSGVO, as well as
  • this is legally permissible and necessary for the processing of contractual relationships with you according to Art.6 para.1 p.1 lit.b DSGVO.

If we use contracted service providers for individual functions of our offer or wish to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail about the respective processes below. In doing so, we also state the defined criteria for the storage period.

Insofar as our service providers or partners are based in a state outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the respective description of our offer.

Right to complain to the supervisory authority

You have the right to complain to a supervisory authority in accordance with Art.77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters:

FDPIC Federal Data Protection and Information Commissioner
Postal address
Feldeggweg 1
3003 Bern
Phone: +41 58 462 43 95

We collect and use data from your end devices (cookies and tracking)

Many websites use technical tools for various functions, in particular cookies, which can be stored on your terminal device. Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer, but are primarily used to make the Internet offer faster and more user-friendly.
We use cookies on our website, which you can read about in our Cookie Policy.

How secure is your data?

All information you submit to us is stored on servers within the European Union. Unfortunately, the transmission of information via the Internet is not completely secure, which is why we cannot guarantee the security of data transmitted to our website via the Internet. However, we secure our website and other systems by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. In particular, we transmit your personal data in encrypted form. We use the coding system SSL (Secure Socket Layer) [or TLS (Transport Layer Security)].

Status and update of this privacy policy

We reserve the right to change this privacy policy at any time with effect for the future. A current version is available on the website. Please visit our website regularly and inform yourself about the applicable data protection provisions.
Status April 4, 2022