1. What do we do?
Prof. Dr. med Philipp Schütz and team, Kantonsspital Aarau AG, Tellstrasse 25, CH-5001 Aarau, operates the website clinicalnutrition.science. On this website you can use our online services and contact us.
2. What do we inform about?
- What data is collected on our website;
- Under what circumstances we process your data and for what purpose;
- How long we keep your data;
- When disclosure to third parties is permitted;
- How we process your data ("individual data processing operations");
- When and how you can object to data processing;
- What rights you have and how you can assert them.
3. Definitions of terms
3.1 What is personal data?
Personal data is any information that relates to an identified or identifiable natural person. This includes, for example, name, address, date of birth, e-mail address or telephone number. Data about personal preferences such as leisure activities or memberships also count as personal data.
3.2 What is personal data that requires special protection?
Data on religious, ideological, political or trade union views or activities; data on health and, where applicable, information on administrative or criminal prosecutions and sanctions as well as data on social assistance measures are considered to be particularly sensitive personal data. Where necessary and appropriate, we may request and process particularly sensitive personal data. In this case, their processing is subject to stricter confidentiality.
3.3 What is the processing of personal data?
Processing is any handling of personal data, regardless of the means and procedures used, in particular the acquisition, storage, retention, use, modification, disclosure, archiving, deletion or destruction of data.
3.4 What is the disclosure of personal data?
This is the transmission or making available of personal data, e.g. publication or disclosure to a third party.
4. Wie können Sie mit uns in Kontakt treten?
If you have any questions or concerns about our protection of your data, please contact us at any time by email at firstname.lastname@example.org. Responsible for data processing carried out via this website is:
Prof. Dr. med. Philipp Schütz
Kantonsspital Aarau AG
6. General principles
6.1 What data do we collect from you and from whom do we receive this data
First and foremost, we process personal data that you provide to us or that we collect when operating our website. We may also receive personal data about you from third parties. These may be the following categories:
- Personal master data (name, address, dates of birth, etc.);
- Contact data (cell phone number, e-mail address, etc.);
- Financial data (e.g. account details);
- Online identifiers (e.g. cookie identifier, IP addresses);
- Location and traffic data;
- sound and image recordings;
- data requiring special protection (e.g. biometric data or information about your health).
6.2 Under what conditions do we process your data?
If, in exceptional cases, we are unable to comply with these principles, the data processing may still be lawful because there is a justification. A justification reason may be in particular:
- Your consent;
- the execution of a contract or pre-contractual measures;
- our legitimate interests, unless your interests are overriding.
6.3 How can you revoke your consent?
If you have given us consent to process your personal data for specific purposes, we will process your data within the scope of this consent, unless we have another justification.
You can revoke your granted consent at any time by sending an e-mail to the address given in the imprint. Data processing that has already taken place is not affected by this.
6.4 In which cases can we share your data with third parties?
We may need to use the services of third parties or affiliates to process your data. We contractually ensure that third parties and affiliated companies comply with the requirements of data protection. We may also be required to disclose your data to authorities. We will only disclose your personal data if:
- you have given your consent;
- this is necessary for the fulfillment of the contract or the implementation of pre-contractual measures as well as for the enforcement of our rights;
- there is a legal obligation to do so;
- we have a legitimate interest in doing so and your interests to the contrary do not outweigh ours.
Under certain circumstances, your personal data may be transferred to companies abroad as part of the order processing. These companies are obligated to data protection to the same extent as we ourselves. The transfer may take place worldwide.
If the level of data protection does not correspond to that in the EEA area, we carry out a prior risk assessment and ensure contractually that the same level of protection is guaranteed as in the EEA area (for example, by means of the new standard contractual clauses of the EU Commission or other measures prescribed by law). If our risk assessment is negative, we take additional technical measures to protect your data.
6.5 How long do we keep your data?
We store personal data only for as long as is necessary to fulfill the individual purposes for which the data was collected.
Data that we store when you visit our website is kept for twelve months. An exception is made for analytics and tracking data, which may be kept longer.
We store contractual data for longer, as we are obliged to do so by legal regulations. In particular, we must retain business communications, concluded contracts and accounting records for up to 10 years. As far as we no longer need such data from you to perform the services, the data will be blocked and we will only use it for accounting and tax purposes.
6.6 How do we protect your data?
We will keep your data secure and take all reasonable steps to protect your data from loss, access, misuse or alteration.Our contractors and employees who have access to your data are required to comply with data protection laws. In some cases, it will be necessary for us to pass on your requests to companies affiliated with us. In these cases, too, your data will be treated confidentially.
Within our website, we use the SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser.
6.7 What rights do you have?
Right to information
You can request information about the data we have stored about you at any time. We ask that you send your request for information together with proof of identity to email@example.com.
You also have the right to receive your data in a common file format if we process your data automatically and if
- you have given your consent for the processing of this data; or
- you have disclosed data in connection with the conclusion or performance of a contract.
We may restrict or refuse to provide information or data if this conflicts with our legal obligations, our own legitimate interests, public interests or the interests of a third party.
The processing of your request is subject to the statutory processing period of 30 days. However, we may extend this period due to a high volume of requests, for legal or technical reasons, or because we need more detailed information from you. You will be informed of the extension of the deadline in good time, at least in text form.
Deletion and rectification
You have the possibility to request the deletion or correction of your data at any time. We may reject the request if legal regulations oblige us to retain the data for a longer period of time or unchanged, or if a permissible circumstance conflicts with your request.
Please note that the exercise of your rights may, under certain circumstances, conflict with contractual agreements and have corresponding effects on the execution of the contract (e.g. premature termination of the contract or cost consequences).
If you are affected by the processing of personal data, you have the right to enforce your rights in court or to file a report with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch
7. Individual data processing operations
7.1 Providing the website and creating log files
What information do we receive and how do we use it?
By visiting our website, certain data is automatically stored on our servers or on servers of services and products that we obtain and / or have installed, for system administration purposes, for statistical or backup purposes or for tracking purposes. These are:
- the name of your Internet service provider;
- your IP address (in some circumstances);
- the version of your browser software;
- the operating system of the computer with which URL is accessed;
- the date and time of access;
- the website from which you are visiting URL;
- the search words you used to find URL
Why may we process this data?
This data cannot be assigned to a specific person and there is no merging of this data with other data sources. The log files are stored in order to guarantee the functionality of the website and to ensure the security of our information technology systems. This is our legitimate interest.
How can you prevent data collection?
The data is only stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data is deleted after the end of each session. The storage of the log files is absolutely necessary for the operation of the website, you therefore have no possibility to object to this.
7.2 Tracking pixel
How do tracking pixels work?
We may use tracking pixels on our website. Tracking pixels are also known as web beacons. Tracking pixels - also from third parties whose services we use - are small, usually invisible images that are automatically retrieved when you visit our website. Counting pixels can be used to collect the same information as server log files. We use them for the same purposes as log files - you cannot prevent the data collection.
In some cases, your personal data is processed automatically in order to evaluate certain personal aspects.
Such evaluations are used by us in particular to be able to inform and advise you in a targeted manner about certain services or products from us. For this purpose, we use evaluation tools, thanks to which we can communicate in a needs-based manner and take appropriate advertising measures, including market and opinion research.
You have the possibility to contact us by e-mail. If you contact us by e-mail, the following data will be processed:
- E-mail address;
- Content, subject and date of your e-mail;
- contact information you provide (e.g. name, telephone number, address, if applicable) and information.
Why may we process this data?
Your information will be stored for the purpose of processing the request and in case of follow-up questions. The justification for this are pre-contractual measures or our legitimate interests in the completion of the request.
We would like to point out that e-mails can be read or changed unauthorized and unnoticed during transmission. The spam filter can reject e-mails if they have been identified as spam by certain characteristics.
How do cookies work?
What information do we receive and how do we use it?
Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit. This allows us to save certain settings (such as language settings or location information) so that you do not have to re-enter them when you visit the website again.
How can you prevent data collection via cookies?
The cookies are stored on your computer. You therefore have full control over the use of the cookies. You can delete them completely or disable or restrict the transfer by changing the settings in your browser. If cookies for our website are deactivated, it may no longer be possible to use all the functions of the website in full.
7.6 Google Analytics
How does Google Analytics work?
Why may we use Google Analytics?
Google evaluates the collected data on our behalf so that we can get a picture of the visits and user behavior on our website. This enables us to improve our services and the website content as well as its design.
How can you prevent Google Analytics from collecting your data?
You can prevent the storage of cookies by adjusting the settings in your browser accordingly (see our comments on cookies). You can disable Google Analytics by downloading and installing the Google browser add-on: https://tools.google.com/dlpage/gaoptout
We use Hotjar to better understand the needs of our users and to optimize the offering and experience on this website. Using Hotjar's technology, we get a better understanding of our users' experiences (e.g., how much time users spend on which pages, which links they click, what they like and dislike, etc.) and this helps us tailor our offerings to our users' feedback. Hotjar works with cookies and other technologies to collect data about our users' behavior and about their devices, in particular IP address of the device (collected and stored only in anonymized form during your website use), screen size, device type (Unique Device Identifiers), information about the browser used, location (country only), language preferred to view our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually prohibited from selling the data collected on our behalf.