Privacy Policy
This Privacy Policy describes how personal data of users (the "Users", "you") visiting anatohand.ch (the "Website") is collected, used and protected. The policy is provided in compliance with the Swiss Federal Act on Data Protection (FADP / nFADP) and, for visitors based in the European Economic Area, the EU General Data Protection Regulation (GDPR) 2016/679.
1. Data Controller
PD Dr. med. Thomas Giesen
Via Cantonale 38
6929 Manno (TI), Switzerland
Email: [email protected]
2. Categories of personal data collected
Through the Website, the Data Controller may collect the following categories of personal data:
- Data provided voluntarily by the User — when contacting the secretariat or registering for a course (for example by clicking the "Register Now" button which opens an email draft): first name, last name, email address, telephone number, place of work, language preference and any further information you choose to include in your message.
- Usage data — collected automatically by the web server when visiting the Website, such as IP address, browser type and version, operating system, time of access, referrer URL, and pages visited. This data is processed in aggregated and pseudonymous form, primarily for security and to ensure the proper functioning of the Website.
- Cookies and similar technologies — see the dedicated Cookie Policy for full details.
3. Purposes and legal bases of processing
| Purpose | Legal basis |
|---|---|
| Replying to enquiries and managing course registrations sent via email. | Performance of pre-contractual measures and contractual obligations (Art. 6(1)(b) GDPR; Art. 31 FADP). |
| Ensuring the secure and proper operation of the Website (server logs, fraud / abuse prevention). | Legitimate interest of the Controller in keeping the service available and secure (Art. 6(1)(f) GDPR; Art. 31(1)(c) FADP). |
| Loading optional embedded content (Google Maps). | Your consent, freely given through the cookie banner and revocable at any time (Art. 6(1)(a) GDPR). |
| Storing your cookie preferences locally in your browser. | Strictly necessary for the service explicitly requested by the User; no consent required. |
| Compliance with legal and regulatory obligations. | Legal obligation (Art. 6(1)(c) GDPR). |
4. Place of processing and recipients
Personal data is processed at the Data Controller's offices in Switzerland and, where strictly necessary, by carefully selected service providers acting as data processors (for example, the Website hosting provider).
When the Website is loaded, content from the following third parties may be retrieved (only with your explicit consent for the optional ones):
- Google Fonts (Google Ireland Limited / Google LLC) — provides the typography used on the Website. The fonts are loaded from Google's servers, which receive your IP address. They are used solely for visual rendering and do not set tracking cookies.
- Google Maps (Google Ireland Limited / Google LLC) — used to display the location of the workshop. This embed is loaded only if you actively enable "External content" in the cookie banner or click "Load map" on the location section.
For details about Google's processing of personal data, see the Google Privacy Policy. International transfers, where they occur, take place on the basis of the European Commission's Standard Contractual Clauses or other appropriate safeguards.
5. Retention period
Personal data is retained only for the time strictly necessary to fulfil the purposes for which it was collected:
- Email correspondence relating to a course registration is retained for the duration required to organise the course and for a reasonable period thereafter for accounting and legal purposes.
- Server log data is generally retained for a short technical period and then deleted or anonymised, except where longer retention is necessary to investigate a security incident.
- Cookie preferences are stored in your browser until you delete them or change your choices.
6. Your rights
Subject to the applicable conditions under Swiss and EU law, you have the right to:
- Request access to the personal data we hold about you.
- Request rectification of inaccurate or incomplete data.
- Request the erasure of your personal data ("right to be forgotten").
- Restrict or object to certain processing activities.
- Receive your personal data in a structured, commonly used and machine-readable format (data portability).
- Withdraw any consent given previously at any time, without affecting the lawfulness of processing carried out before withdrawal.
- Lodge a complaint with the competent supervisory authority — for Switzerland, the Federal Data Protection and Information Commissioner (FDPIC); for the EU, the supervisory authority of your habitual residence.
To exercise your rights, you may contact the Data Controller at [email protected]. Requests are normally answered free of charge within one month.
7. Security measures
The Data Controller adopts appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or destruction, in particular by using HTTPS encryption for all traffic to and from the Website and by restricting access to personal data to authorised personnel only.
8. Minors
The Website is addressed to healthcare professionals and is not intended for children under the age of 16. The Data Controller does not knowingly collect personal data of minors.
9. Changes to this Privacy Policy
The Data Controller may update this Privacy Policy from time to time. The date of the most recent update is shown at the top of this page. Where required by law, you will be informed of substantial changes through a notice on the Website.
10. Contact
For any question regarding this Privacy Policy or your personal data, please contact: [email protected].