This Privacy Policy provides information about the processing of personal data in connection with our medical activities and operations, including our website under the domain name corrigeluzern.ch. We provide information in particular about what, how, and where we process which personal data. We also inform about the rights of individuals whose data we process.
For individual or additional activities and operations, we may publish further privacy policies, legal documents such as General Terms and Conditions (GTC), or patient agreements.
The data controller under data protection law is:
corrigé luzern ag
PD Dr. med. Eva Rüegg
Weystrasse 8
6006 Lucerne
Switzerland
Email: corrigeluzern@hin.ch
Phone: 041 412 31 20
In individual cases, third parties may be responsible for the processing of personal data, or there may be joint responsibility with third parties. We will gladly provide information to data subjects upon request regarding the respective responsibility.
Data Subject: Natural person about whom we process personal data.
Personal Data: All information relating to an identified or identifiable natural person.
Sensitive Personal Data: Data concerning trade union, political, religious, or philosophical views and activities, data concerning health, private life, or ethnic or racial origin, genetic data, biometric data. As a surgical practice, we process such data extensively.
Processing: Any handling of personal data, regardless of the means and procedures used, for example querying, matching, adapting, archiving, storing, retrieving, disclosing, obtaining, recording, collecting, deleting, revealing, organizing, storing, modifying, disseminating, linking, destroying, and using personal data.
We process personal data in accordance with Swiss law, in particular the Federal Act on Data Protection (Data Protection Act, DSG) and the Ordinance on Data Protection (Data Protection Ordinance, DSV). Furthermore, we are subject to medical confidentiality as a medical practice pursuant to Art. 321 of the Swiss Criminal Code (StGB).
We process personal data that is necessary to provide our medical services and other activities in a sustainable, user-friendly, secure, and reliable manner. The personal data processed falls in particular into the following categories:
Medical Data (Health Data): This includes medical histories, findings, diagnoses, treatment plans, before-and-after photographs, and surgical reports. We process these exclusively for the purpose of medical consultation, treatment, and aftercare.
Master and Contact Data: Name, address, date of birth, telephone number, email address, and health insurance information.
Usage and Website Data: Browser and device data, content data (e.g., entries in the contact form), and metadata.
The processing of health data is generally based on your express consent or to fulfill the treatment contract.
We process personal data for the duration required for the respective purpose or as legally required. In the Canton of Lucerne, there is a legal retention obligation for medical records of at least 20 years.
We may disclose personal data to third parties, have it processed by third parties, or process it jointly with third parties. Such third parties include specialized providers (e.g., external laboratories, billing agencies, or IT service providers).
Such third parties are also bound by data protection law and medical confidentiality. We only disclose data to the extent absolutely necessary for medical treatment, billing, or practice organization.
We process personal data in order to communicate with individuals as well as with authorities, organizations, and companies. In doing so, we process in particular data that a data subject transmits to us when making contact, for example by postal mail or email.
Secure Communication (HIN): For sending sensitive, personal, or medical data, we use the secure network of Health Info Net (HIN). Emails sent to our address corrigeluzern@hin.ch are encrypted within the HIN network. Please note, however, that emails you send to us from unsecured private providers may be transmitted unencrypted.
As a practice for plastic, reconstructive, and aesthetic surgery, we attach the highest importance to data security. All our employees are bound by confidentiality and medical professional secrecy.
We take appropriate technical and organizational measures to ensure data security appropriate to the respective risk. Access to our website is secured by transport encryption (SSL/TLS, HTTPS). Most browsers warn before visiting a website without transport encryption.
We generally process personal data in Switzerland. Medical records and patient data are stored on secure servers in Switzerland.
However, for the operation of our website and individual tools (e.g., analytics software), personal data (such as IP addresses) may be exported to other countries. We only disclose data to countries whose law ensures adequate data protection, or where appropriate data protection is ensured through standard contractual clauses (SCC) or other guarantees.
We grant data subjects all rights under applicable law:
Access: You may request to know whether and which personal data we process about you and request a copy of your patient file.
Correction and Restriction: You may have inaccurate personal data corrected or completed.
Deletion and Objection: You may request the deletion of personal data. Please note that the right to deletion of medical data may be subject to strict legal retention obligations.
Data Portability: You may request the transfer of your data to another medical professional (e.g., when changing physicians).
We are obliged to appropriately identify persons requesting information in order to ensure the protection of medical data. Data subjects are required to cooperate.
Data subjects have the right to enforce their data protection rights through legal channels or to file a complaint with a Swiss data protection supervisory authority. The data protection supervisory authority for private controllers and federal bodies in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC). The exclusive place of jurisdiction for all disputes in the above context is Lucerne, Switzerland.
We use cookies (first-party and third-party cookies). Cookies are data stored in the browser temporarily (“session cookies”) or permanently to make the website user-friendly and to measure its reach. You can deactivate or delete cookies in your browser settings at any time. When using our website, you can actively manage your consent via a cookie banner if applicable. Without cookies, our website may not be fully available.
For each access to our website, we record information such as date, time, IP address, access status, operating system, browser, and the page accessed. We store this data in server log files to ensure the secure and stable operation of our website.
We may embed tracking pixels in our digital presence to create statistical analyses of the use of our website.
Notifications and communications may contain web links or tracking pixels that record whether an individual message has been opened. We require this statistical recording of usage for performance and reach measurement.
You must generally consent to the use of your email address, unless the use is permitted for legal reasons or arises from the treatment contract. You may object to receiving promotional notifications at any time. This is without prejudice to necessary notifications in connection with medical treatments.
We send notifications and communications with the help of specialized service providers who are contractually bound to data protection.
We are present on social media platforms in order to communicate with interested parties and to inform about our activities. In connection with such platforms, personal data may also be processed outside Switzerland. The terms and conditions of the respective operators of such platforms apply.
To make our website attractive and functional and to coordinate appointments efficiently, we use services from specialized third parties. At least temporarily, the IP address is transmitted to these providers.
We use in particular:
agenda.ch: For online appointment booking, we use the system from agenda.ch (Switzerland). When booking, master, contact, and inquiry data are transmitted to agenda.ch and processed there. Data processing takes place in Switzerland.
Video Consultation Software: For virtual consultations, we use specialized, secure software providers. We recommend ensuring a private and undisturbed environment when participating.
Google Maps: To embed interactive location maps to help you find your way to our practice in Lucerne. Provider: Google Ireland Limited (for users in Switzerland/EEA) or Google LLC (USA).
Google Analytics: For performance and reach measurement of our website. The recorded IP addresses are generally shortened before processing (“IP masking”), so that no direct conclusion about your person is possible.
We use extensions for our website in order to utilize additional functions and to ensure the security of the digital infrastructure. We may use selected services from suitable providers or use such extensions on our own digital infrastructure.
We may update this Privacy Policy at any time. We will inform about updates in an appropriate manner, in particular by publishing the current Privacy Policy on our website.
