1. Access data and hosting
You can visit our website without disclosing any personal data. Each time you visit the website, the web server automatically stores only a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of the request, the amount of data transferred and the requesting provider (access data) and documents the request. This access data is evaluated solely for the purpose of ensuring the smooth operation of the website and improving our offering. In accordance with the EU General Data Protection Regulation (GDPR), the Swiss Data Protection Act (DSG) and Art. 6 (1) 1 lit. f GDPR, this serves to protect our legitimate interests in the proper presentation of our services, which prevail in the context of a balancing of interests. All access data is deleted no later than seven days after the end of your visit to our website.
Hosting
The services for hosting and displaying the website are partly provided by our service providers on the basis of processing on our behalf. Unless otherwise stated in this privacy policy, all access data and all data collected in the forms provided on this website for this purpose are processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
2. Data processing for the purposes of processing the contract, establishing contact
2.1. Data processing for the purpose of contract fulfilment
For the purpose of contract execution (including enquiries regarding the processing of existing warranty and service claims as well as any statutory update obligations), in accordance with the Swiss Data Protection Act (DSG) and Art. 6 (1) (b) GDPR, we collect personal data if you voluntarily provide it to us in the context of your order. Mandatory fields are marked as such, as we require this data for contract processing and cannot send the order without it. The data that is collected can be seen in the respective input forms.
Further information on the processing of your data, in particular on the transfer of data to our service providers for the purposes of ordering, payment and shipping, can be found in the following sections of this privacy policy. Once the contract has been fully processed, your data will be blocked for further use and deleted after expiry of the retention periods under tax and commercial law in accordance with the Swiss Data Protection Act (DSG) or Art. 6 para. 1 lit. c) GDPR, unless you have expressly consented to the further use of your data in accordance with Art. 6 (1) (a) GDPR or we reserve the right to use your data beyond this, which is legally permissible and about which we inform you in this privacy policy.
2.2. Contact
As part of our customer communication, we collect personal data for the purpose of processing your enquiries in accordance with Art. 6 (1) (b) GDPR if you voluntarily provide us with this data when contacting us (e.g. via contact form or email). Mandatory fields are marked as such, as we require this data in order to process your enquiry. The data that is collected can be seen in the respective input forms. Once your enquiry has been processed in full, your data will be deleted unless you have expressly consented to continuing to use your data in accordance with the Swiss Data Protection Act (DSG) or Art. 6 para. 1 lit. a) GDPR, or we reserve the right to use your data beyond this scope, which is permitted by law and about which we inform you in this privacy policy.
2.3. Data processing for appointment bookings
We collect personal data when you voluntarily provide it to us when booking an appointment. Mandatory fields are marked as such, as we require this data for the appointment booking and you cannot submit the appointment booking without providing it. The data that is collected can be seen in the respective input forms. Information in free text fields is voluntary and does not need to be filled in for the appointment booking to be submitted. We ask you to refrain from providing sensitive data (e.g. health-related information such as illnesses) in such free text fields.
We use the data you provide to book appointments in accordance with the Swiss Data Protection Act (DSG) and Art. 6 (1) 1 b GDPR. Once the booked appointment has been completed, your data will be blocked for further processing and deleted after expiry of any tax and commercial law retention periods in accordance with the Swiss Data Protection Act (DSG) or Art. 6 (1) 1 c GDPR, unless you have expressly consented to the further use of your data in accordance with the Swiss Data Protection Act (DSG) or Art. 6 (1) 1 a GDPR, or we reserve the right to use your data beyond this, which is permitted by law and about which we inform you in this statement.
Appointment booking solutions from Hubspot
For the purpose of appointment booking, we use a booking solution provided by HubSpot Germany GmbH, Am Postbahnhof 17, 10243 Berlin, Germany. The service provider acts on our behalf.
2.4. Data processing for order processing
We offer you a wide range of medical aids. For the purpose of processing the order, individual health data within the meaning of the Swiss Data Protection Act (DSG) or Art. 9 para. 1 GDPR may be processed and stored by means of:
(i) Customer contact:
Creating a customer contact with surname, first name, address, billing address, contact details such as email and telephone number (using an accounting system).
(ii) Order dossier:
Creating an order file with a numerical ID to record configuration parameters for the product and creating an order-specific case file for custom-made products and/or determining the appropriate product size. For example, the customisation of the Explorer shaft.
(iii) Order-specific case files:
The case file is required to carry out customisations and/or determine the appropriate product size. For example, the customisation of the Explorer socket. A case file contains the following data: surname, first name, internal customer ID, in some cases the insurance number, date of birth, medical prescription (required by law in the case of customisations), photo, video or other pictorial documentation of the affected arm, in some cases photo, video or other pictorial documentation including an image of the healthy arm, in some cases manual measurements of both arms, generally extraction of measurements based on the pictorial documentation provided.
(iiia) Case dossier (sales partners and specialists):
A case dossier contains the following data: Internal patient ID; scan or other visual documentation of the affected body part; in some cases, photo, video or other visual documentation including images of other relevant limbs (e.g. unaffected arm to determine possible length compensation); Occasional manual measurements; generally extraction of measurements based on the visual documentation provided; other patient-related data relevant for determining product specifications.
(iiib) Case dossier (end user):
A case dossier contains the following data: surname; first name; in individual cases, insurance number, date of birth, medical prescription (required by law in the case of custom-made products); and all data types listed above.
Purpose of data processing:
Data processing enables the company's customers to obtain a custom-made product and/or the appropriate size of a specific product, for which the above-mentioned health data provided by the customers to the company is required.
Insofar as the aforementioned special categories of personal data (in particular health data) are collected and processed, this is primarily done on the basis of your prior, express and informed consent in accordance with the Swiss Data Protection Act (DSG) or Art. 9 para. 2 lit. a in conjunction with Art. 6 para. 1 sentence 1 lit. a GDPR.
In addition, billing-relevant health data may be transferred to social insurance providers (e.g. statutory health insurance funds) for the purpose of billing for services rendered in accordance with the Swiss Data Protection Act (DSG) or Art. 9 para. 2 lit. h, para. 3 GDPR in conjunction with §§ 294, 302 SGB V or to billing service providers on the basis of order processing in accordance with Art. 28 GDPR.
Data processing in the context of marketing measures:
It is possible to consent to the opening of a marketing-specific case dossier for the purpose of preparing and selecting suitable image material. For example, photo or video files that serve as customer feedback or are provided to the company by the customer for marketing purposes (based on a written declaration of consent).
You can revoke your consent at any time by sending a message to the contact details below. This may mean that we will no longer be able to offer you certain services.
3. Data processing for the purposes of shipment
Your data will be passed on to the shipping company responsible for delivery, insofar as this is necessary for the delivery of the goods, in accordance with the Swiss Data Protection Act (DSG) and Art. 6 (1) (b) GDPR.
3.1 Data transfer to a shipping service provider for the purpose of shipping notification
By placing your order, you give us your express consent to pass on your email address and telephone number to the shipping service provider during or after your order in accordance with Art. 6 (1) (a) GDPR so that they can contact you for the purpose of shipping notification or coordination prior to shipping. This consent can be revoked at any time by sending a message to the contact details described in this privacy policy or directly to the shipping service provider at the contact address provided below. After revoking your consent, we will delete the data you have provided for this purpose, unless you have expressly consented to the further use of your data or we have reserved the right to use your data for other purposes that are legally permissible and about which we inform you in this privacy policy.
4. Data processing for the purposes of payment
4.1. Data processing for transaction processing purposes
Depending on the selected payment method, we pass on the data required for processing the payment transaction to our technical service providers, who act on our behalf in the context of processing, or to the authorised credit institutions or the selected payment service provider, insofar as this is necessary for the payment transaction. This serves the purpose of fulfilling the contract in accordance with the Swiss Data Protection Act (DSG) and Art. 6 (1) (b) GDPR. In certain cases, the payment service providers collect the data required for payment processing themselves, e.g. on their own website or via a technical solution within the ordering process. In this respect, the data protection provisions of the respective payment service provider apply. If you have any questions about our payment processing partners and the basis of our cooperation with them, please use the contact option described in this privacy policy.
4.2. Data processing for the purpose of fraud prevention and optimisation of our payment processes
We may pass on further data to our service providers, who use it for the purpose of fraud prevention and optimisation of our payment processes (e.g. invoicing, processing payment disputes, accounting support) together with the data necessary for payment processing as our processors.
This serves to protect our legitimate interests in fraud prevention or efficient payment management in accordance with the Swiss Data Protection Act (DSG) and Art. 6 (1) (f) GDPR, which prevail in the context of the balancing of interests
5. Data processing for the purpose of configuration of products
When purchasing as a private individual, specialist or distribution partner, we collect various data that we need to create a profile of the user of the aids. The data for the assistive devices to be configured or manufactured is stored for 10 years in accordance with regulatory requirements. The legal basis for data processing is in accordance with the Swiss Data Protection Act (DSG) or Art. 6 (1) (f) GDPR and for the purpose of executing the contract.
General data: gender, country, affected arm side, type of forearm deficit, year of birth.
For the configuration of standard products: Affected arm side, provision of a scan or measurement photo of both arms to derive parameters for the configuration of the product size (e.g. arm length), measurement date, desired activities for which the product is to be used, to check whether the selected product is suitable for the desired activity.
For the configuration of a custom-made product in the case of specialists: Affected arm side, provision of a scan or measurement photo of both arms to derive parameters for the configuration of the custom-made product (e.g. arm circumferences, arm lengths), measurement date, desired activities for which the product is to be used, to check whether the selected product is suitable for the desired activity.
For the configuration of a custom-made product in the case of private individuals: In addition to the above data, we also require a written medical prescription. According to Art. 2 (3) of the Medical Devices Regulation, a custom-made device must be prescribed by a person who, according to national law, is authorised to issue prescriptions on the basis of their professional qualifications ( ). The written prescription should contain the minimum information required by MDCG 2021-3 (this includes, for example, the name of the user and their date of birth).
6. Marketing via E-mail
6.1. Email newsletter with subscription and newsletter tracking
If you subscribe to our newsletter, we will send you our email newsletter on a regular basis based on your consent in accordance with the Swiss Data Protection Act (DSG) or Art. 6 para. 1 lit. a) GDPR, using the data required for this purpose or provided separately by you.
You can unsubscribe from the newsletter at any time. You can do this either by sending a message to the contact option described in this privacy policy or via a link provided for this purpose in the newsletter. After you unsubscribe, we will delete your email address from the recipient list, unless you have expressly consented to the further use of your data in accordance with the Swiss Data Protection Act (DSG) or Art. 6 para. 1 lit. a) GDPR, or we have reserved the right to use your data for other legally permissible purposes, about which we inform you in this privacy policy.
We would like to point out that we evaluate your user behaviour when sending the newsletter. For this purpose, we also analyse your interaction with our newsletter by measuring, storing and evaluating opening and click rates for the purpose of designing future newsletter campaigns ("newsletter tracking").
For this evaluation, the emails sent contain single-pixel technologies (e.g. web beacons, tracking pixels) that are stored on our website. For the evaluations, we link the following "newsletter data" in particular
• the page from which the page was requested (so-called referrer URL),
• the date and time of the request,
• the description of the type of web browser used
• web browser, the IP address of the requesting
• computer,
• the e-mail address,
• the date and time of registration and confirmation
and the single-pixel technologies with your e-mail address or your IP address and, if applicable, an individual ID. The links contained in the newsletter may also contain this ID.
If you do not wish to receive newsletter tracking, you can unsubscribe from the newsletter at any time as described above.
The information will be stored for as long as you are subscribed to the newsletter.
6.2. Newsletter dispatch
The newsletter is sent to you by our service provider, who processes the data on our behalf and to whom we provide your email address. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
The newsletter and the newsletter tracking described above may also be sent by our service providers as part of processing on our behalf. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
7. Cookies and further technologies
7.1. General information
In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use technologies on various pages, including so-called cookies. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognise your browser on your next visit (so-called persistent cookies).
Privacy protection for devices
Data protection for end devices When you use our online services, we use technologies that are absolutely necessary to provide the telemedia service you have expressly requested. The storage of information on your end device or access to information already stored on your end device does not require your consent in this respect.
For functions that are not absolutely necessary, the storage of information on your terminal device or access to information already stored on your terminal device requires your consent. Please note that if you do not give your consent, parts of the website may not be fully usable. Your consent remains valid until you adjust or reset the corresponding settings on your terminal device.
In addition, we use technologies to comply with the legal obligations to which we are subject (e.g. to be able to prove consent to the processing of your personal data), as well as for web analytics and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the following sections of this privacy policy.
We may use other technologies on our website that are not listed individually in this privacy policy. Further information on these technologies and the respective legal bases can be found on the platform of our consent management service Usercentrics.
Any downstream data processing by cookies and other technologies
We use technologies that are absolutely necessary for the use of certain functions of our website (e.g. shopping basket function). These technologies collect and process IP addresses, visit times, device and browser information, and information about your use of our website (e.g. information about your preferences). This serves to protect our legitimate interests in optimising the presentation of our website, which outweigh any interests you may have in the protection of your data.
You can access the platform by clicking on the "fingerprint" button in the lower right or left corner of the page.
You can find the cookie settings for your browser by clicking on the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™
If you have consented to the use of technologies in accordance with Art. 6 (1) (a) GDPR, you can revoke your consent at any time by sending a message to the contact option described in the privacy policy. Alternatively, you can also click on the fingerprint button in the lower right or left corner of the page. If cookies are not accepted, the functionality of our website may be limited.
How can I configure my browser's cookie settings?
Each browser manages cookie settings in a different way. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for each browser at the following links:
Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™
What types of cookies are used?
Analytical/performance cookies: These cookies enable the collection of anonymised data about user behaviour on our website. We analyse them, for example, to improve the
functionality of our website and recommend products that may be of interest to you.
Essential cookies: These cookies are necessary for you to use our website. These include, for example, cookies that enable you to log into the customer area or add items to your shopping basket.
7.2. Use of the Usercentrics Consent Management Platform for obtaining and managing consent
On our website, we use the Usercentrics Consent Management Platform ("Usercentrics") to inform you about the cookies and technologies we use on our website and to obtain, manage and document your consent to the processing of your personal data by these technologies. This is required under the Swiss Data Protection Act (DSG) and Art. 6 (1) (c) GDPR in order to comply with our legal obligation under Art. 7 (1) GDPR to be able to demonstrate your consent to the processing of your personal data to which we are subject. The Usercentrics consent management service is provided by Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, which processes your data on our behalf. When you visit our website, the Usercentrics web server stores a so-called server log file, which contains, among other things, your anonymised IP address, the date and time of your visit, device and browser information, and information about your consent behaviour. Your data will be deleted after three years, unless you have expressly consented to the further use of your data in accordance with Art. 6 (1) (a) GDPR or we reserve the right to use your data beyond this, which is legally permissible and about which we inform you in this privacy policy.
8. Use of cookies and other technologies
If you have given your consent in accordance with the Swiss Data Protection Act (DSG) or Art. 6 (1) (a) GDPR, we use the following cookies and other third-party technologies on our website. The data collected in this context will be deleted once the respective purpose has been fulfilled and we have discontinued the use of the respective technology. You can revoke your consent at any time with future effect. Further information on your options for revocation can be found in the section "Cookies and other technologies". Further information, including the legal basis for data processing, can be found under the respective technologies. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
9. Social Media
Our online presence on Facebook (by Meta), YouTube, Instagram (by Meta), LinkedIn
If you have given your consent to the respective social media provider in accordance with the Swiss Data Protection Act (DSG) or Art. 6 para. 1 lit. a) GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presence on the above-mentioned social media, from which usage profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that are likely to be of interest to you. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media provider, as well as contact details and your rights and settings options for protecting your privacy, please refer to the providers' privacy policies linked below. If you require further assistance in this regard, please contact us.
Facebook (by Meta) is provided by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter "Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is usually transferred to a server of Meta Platforms, Inc. at 1 Hacker Way, Menlo Park, California 94025, USA, and stored there. There is no adequacy decision by the European Commission for the United States. Our cooperation is based on the standard data protection clauses adopted by the European Commission. Data processing in connection with visits to a Facebook (by Meta) fan page is based on an agreement between the joint controllers in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.
Instagram (by Meta) is provided by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter "Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on
Instagram is usually transferred to a server of Meta Platforms Inc, 1 Hacker Way, Menlo Park, California 94025, USA, and stored there. There is no adequacy decision by the European Commission for the United States. Our cooperation is based on the standard data protection clauses adopted by the European Commission. Data processing in connection with visits to an Instagram (by Meta) fan page is based on an agreement between the joint controllers in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.
YouTube is provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland
(hereinafter "Google"). The information automatically collected by Google about your use of our online offering on YouTube is usually transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there. There is no adequacy decision by the European Commission for the United States. Our cooperation is based on the standard data protection clauses adopted by the European Commission.
LinkedIn is provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). The information that LinkedIn automatically collects about your use of our online presence on LinkedIn is usually transmitted to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA, and stored there. There is no adequacy decision by the European Commission for the United States. Our cooperation is based on the standard data protection clauses adopted by the European Commission.
10. Contact options and your rights
Your rights:
As a data subject, you have the following rights in accordance with:
• Art. 15 GDPR, the right to obtain information about your personal data that we process to the extent described therein;
• Art. 16 GDPR, the right to request the immediate correction of inaccurate or incomplete personal data stored by us;
• Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary to exercise the right of freedom of expression and information; to fulfil a legal obligation; for reasons of public interest or to establish, assert or defend legal claims; Art. 18 GDPR, the right to request the restriction of the processing of your personal data, provided that you dispute the accuracy of the data; the processing is unlawful, but you refuse to have it deleted; we no longer need the data, but you need it for the establishment, exercise or defence of legal claims; or
• you have objected to the processing pursuant to Art. 21 GDPR; 21 GDPR;
• Art. 20 GDPR the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transfer to another controller;
• Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters.
Right to object:
If we process personal data as described above to protect our legitimate interests, which prevail in the context of a balancing of interests, you can object to this data processing with effect for the future by contacting . If your data is processed for direct marketing purposes, you can exercise this right at any time as described above. If your data is processed for other purposes, you have the right to object only on grounds relating to your particular situation.
If you have exercised your right to object, we will no longer process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to establish, exercise or defend legal claims.
This does not apply to the processing of personal data for
direct marketing purposes. In such a case, we will no longer process your personal data for these purposes.
Contact options:
If you have any questions about the collection, processing or use of your personal data, or if you wish to request information, correction, restriction or deletion of data, or revoke your consent or object to a specific use of data, please contact us directly using the contact details provided in our provider identification.
