CH-8952 Schlieren / Zurich
As of: 1st April 2014
I. General Provisions on Data Protection at Biognosys AG
We take the protection of your data very seriously and adhere strictly to the regulations of data protection acts (including the Swiss Federal Act on Data Protection (FADP)).
1. Party Responsible
The party responsible in terms of data protection acts is Biognosys AG, Wagistrasse 21, CH-8952 Schlieren / Zurich, Switzerland (hereinafter referred to as “Biognosys”), represented by Dr. Oliver Rinner (CEO), Harry Welten (President).
2. Right to Information
You shall have the right to information at all times about the type and scope of data stored by us concerning yourself, their origin, recipients and purpose of the storage.
3. Revocation of Consent
You may withdraw any consent you may have granted to the storage of your personal data and use thereof at any time for future effect. Please note that, if necessary, we shall be entitled to process your data for the purpose of executing the contract and for accounting and software licensing purposes to the extent necessary if you are our Client, despite the revocation of your consent. For the rest, an objection to the continued use of the data may lead to you no longer being able to receive the services purchased (e.g. software updates, newsletter). In this context, your personal data shall be deleted immediately and shall no longer be retained in our data inventory unless statutory retention periods exist. In the latter case, the data shall be blocked for further use.
4. Rectification and Deletion of Data
If the storage of data does not comply with the provisions of data protection regulations, in particular, if they are incomplete or incorrect, we shall rectify or delete them. We shall notify those who may have been transmitted data accordingly.
We point out that electronic data transmission (e.g. when communicating by e-mail) may have security loopholes. It is not possible to fully protect data from being accessed by third parties.
II. Information on Data Protection when using BIOGNOSYS’s website
In general, mere use of our website is possible without having to provide personal data. Insofar as personal data is collected on our pages, this provision shall always take place on a voluntary basis. As a matter of principle, this personal data shall not be forwarded to third parties. Exceptions to this principle shall only apply when required by law or if you have expressly agreed to such forwarding.
1. Storage of Access Data
With any access to our website and with any retrieval of a file, access data about this process shall be stored in a log file on our provider’s server. Usage data, such as details about the beginning, end and scope of the use of certain telemedia services or traffic data in the event of e-mail services shall be collected, processed and used, insofar as this is necessary, to enable the utilization and billing of these services. The date and time, as well as the time zone of the beginning and end of use, the scope in bytes, the user’s IP address (shortened by the last 8 figures) and the type of telemedia service or telecommunication service used are usually collected.
This data is collected anonymously and it is technically impossible to assign it to specific persons. This data shall not be combined with other data sources; in addition, the data shall be deleted after statistical evaluation, and shall not be retained as an individual dataset.
2. Services requiring Registration
So-called cookies are used at several places on our websites. Cookies are small files of textual data sent to your computer and stored by your browser. The aim of the cookies we use is to perform service functions (e.g. for currency settings) and to make them user-friendlier, more effective and safer. In addition, session cookies are used for this purpose during the Client’s registration and in the event of already registered Clients. These session cookies are stored only for the duration of the respective session.
You can set your browser to notify you when you receive a cookie, enabling you to decide on a case-by-case basis whether you wish to accept them or whether you wish to rule them out altogether. Non-acceptance of cookies may lead to limited functionality of our website or services.
III. Information on Data Protection of BIOGNOSYS’s Clients
Data protection is of particular importance. In particular, Client data must be protected against unauthorized access. We shall take all appropriate technical and organizational measures required for this purpose.
We may collect, store and process our Clients’ data in accordance with data protection regulations insofar as this is necessary with regard to the establishment, amendment and execution of the contract or billing for it.
In concrete terms, Clients’ data are collected and processed as follows:
1. Handling Client Data
Access to Client data is regulated in such a way that the smallest possible group of persons gains access to both the Client’s identity and, simultaneously, his purchasing data. Access is ensured by respective password protection.
The following data types are collected and processed within the execution of the contract:
- Contact data: name, e-mail account, shipping address, telephone number, etc.
- Billing data: credit card details, billing address, etc.
All BIOGNOSYS’s representatives who handle Client data have a special position of trust while dealing with customer transactions.
The Clients shall only obtain access to their user account (hereinafter referred to as “UA”) in one of the following ways:
- via internet using a password the Client has selected with at least 6 characters, consisting of letters and digits. If the Client has forgotten his password, then he can have it reset by entering his user identification. The Client shall then receive a link via e-mail to the e-mail address stated in the UA, enabling the Client to enter a new password within 24 hours and retain access to his UA. The internet password shall not be visible to BIOGNOSYS’s Customer Service (hereinafter referred to as “CS”) and may not serve as identification in the event of telephone enquiries.
- via letter post by sending an informal letter in written form and a copy of the personal ID card. In this letter, the Client may request a printout of his personal data (if he expressly gives his consent to this in his letter) and communicate any personal data that may have changed. In addition, the Client can ask for his password to be reset (see above for further details).
2. Invoicing, Collection of Claims
If we commission lawyers’ offices and/or collection agencies to collect our claims, the data required for balancing accounts with the Client shall be submitted to them insofar as this is necessary for collecting the claims and for issuing a detailed invoice. The third party is obliged to observe data protection regulations. The same shall apply insofar as we commission any other service provider we use for meeting contractual services to issue invoices and collect claims.
3. No further Data Processing
The Client’s data shall only be stored as long as necessary within the framework of the contractual agreement with the Client and in accordance with applicable law.