top of page

Privacy policy and cookies

Your Privacy is Our Concern

This privacy policy contains information as to which data healiva® SA collects and processes this data. We thank you for your interest in our company as well as our products and services. We would like to ensure that you feel secure when you visit our website, also in regard to the protection of your personal data. Because we take the protection of your personal data very seriously, we handle your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. Compliance with the provisions of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is a matter of course for us. We want you to know what data we collect at which point, and how we use it.

General Information about Data Processing

1. Scope of Processing Personal Data
We only collect and use our users' personal data insofar as this is necessary to provide a functional website as well as our content and services. Our users' personal data is only collected and used with the user's consent. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of data is permitted by law.

​

2. Legal Basis for Processing Personal Data
Insofar as we obtain consent from the data subject for the processing of personal data, Art. 6 Para. 1 (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for processing personal data. Art. 6 Para. 1 (b) of GDPR serves as the legal basis for processing personal data required for the fulfilment of a contract where the data subject is a contractual party. This also applies to processing operations that are required to carry out pre-contractual measures. Art. 6 Para. 1 (c) of GDPR serves as the legal basis insofar as processing personal data is required for the fulfilment of a legal obligation to which our company is subject. Art. 6 Para 1 (d) of GDPR serves as the legal basis in the event that the vital interests of the data subject or another natural person require the processing of personal data. Art. 6 Para. 1 (f) of GDPR serves as the legal basis for processing if processing is required to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest. The contents of this Website, and the information contained herein, are published solely for information purposes, and shall not be deemed exhaustive. They do not constitute a legal opinion or any other form of professional advice, and they are not designed for commercial purposes or for the purpose of establishing customer relations. healiva® SA shall not be held liable for any actions or omissions driving from the use of the information and articles contained in this Website.
The Website and its contents are protected by national and international copyright law, and are the exclusive property of healiva® SA brand and of the respective authors. Consequently, the partial or complete reproduction other than for purely personal purposes, the public disclosure, or in any case the dissemination, of said contents, requires prior authorisation from healiva® SA. healiva® SA shall not be held liable for, nor does it approve as such, any contents supplied by third parties and accessible from this Website.

​

3. Processing Methods
Personal data shall be processed by the personnel appointed by healiva® SA, and if necessary by the firm’s professionals. Personal data may also be processed by third parties, providers of external services (e.g. technical assistance), acting on behalf or in the name of Healiva SA and duly appointed as data processor, and who shall process the data in accordance with the purpose for which the data were originally collected.

​

4. Scope of Communication of Personal Data
Personal data shall be processed using automated means, on the basis of logics strictly related to the purposes of processing, and for the time strictly necessary to achieve the purposes for which such data have been collected. Collected information shall be stored in a safe place.

​

5. Navigation Data
These is navigation data that the computer systems acquire automatically during use of the Website, such as the IP address, URI (Uniform Resource Identifier) addresses, together with details of the requests sent to the Websites' server, which make navigation possible. Navigation data may also be used to compile anonymous statistics, which make it possible to understand how the Website is used, and to improve the structure thereof. Finally, navigation data may also be used in order to check for any illegal operations, as in the case of cyber crimes, to the detriment of the Website.

​

6. Data Provided by the User
Any communication sent to the contacts indicated on the Website implies the acquisition of the e-mail address and of the other personal data contained in the communication. Without prejudice to the points made in regard to navigation data and cookies, users are free to supply their personal data in contacts and/or communications with healiva® SA. Failure to supply such data may make it impossible to receive a response.

​

7. Deletion of Data and Duration of Storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user's email address and the data collected within the scope of the double opt-in (IP address, date and time of registration) are therefore stored for as long as the subscription to the newsletter is active. Other personal data collected in the course of the registration process will generally be deleted after a period of seven days. The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Data may be stored beyond this period if this has been foreseen by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of data for the conclusion or fulfilment of a contract.

Categories, Type And Purposes Of The Processed Data

Use of Cookies
Our website uses analytical cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. Similar technologies, such as web beacons, transparent GIFs and all forms of local storage introduced by HTML5, gather information on site usage. For the remainder of this policy, the term “cookies” is used to refer to both cookies and similar technologies. If a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be identified if the website is accessed again. We use cookies to make our website more user-friendly. Some elements of our website also require it to be possible to identify the requesting browser after a page change.

​

The following data is stored and transmitted in the cookies:

  • The user's data is saved anonymously in the user session without assigning a user ID until the order is completed.

  • We use cookies on our website which enable an analysis of the user's surfing behavior.

​

This way, the following data can be transmitted:

  • Entered search terms

  • Frequency of page views

  • Use of website functions

The user data are not assigned to the user. The data is not stored together with other personal user data.

​

When visiting our website, an information banner informs users about the use of cookies for analytical purposes and refers them to this privacy policy. In this context, there is also a note about how to prevent cookies being stored by means of the browser settings. The purpose of using technically necessary cookies is to simplify use of websites for users. Some functions of our website cannot be provided without the use of cookies. Such functions require the browser to be recognized after a page change.

​

We need cookies for remembering search terms and evaluating the analytics related to the usage of the website. Users are anonymous for healiva® SA unless they provide a network name that clearly identifies them.

​

The user data collected by technically necessary cookies is not used to create user profiles. The use of analysis cookies (browser, Javascript capability, screen resolution, end device used, bandwidth, location) is for the purpose of improving the quality of our website and its contents. The analysis cookies tell us how the website is used and this allows us to continuously optimize our offer.

​

Cookies are stored on the user's computer and transmitted to our site. Therefore, you as a user also have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may no longer be possible to use all functions of the website to their fullest extent.

​

What Types of Cookies are there?

  • Analytical cookies allow us to track the number of visitors to our website anonymously to monitor and enhance the browsing experience.

  • Our site uses “Google Analytics”, a third-party cookie managed by Google Inc.

  • For more information on how Google manages this cookie, please consult the Google's Privacy Policy

  • You can deactivate this cookie by clicking here; rest assured that deactivation will in no way hamper your use of our site.
     

Cookie Management
You can choose whether to accept or block cookies through your browser settings.

 

All major browsers allow users to choose their cookie settings. Below are links to instructions for managing and deleting the cookies from some:

  • Google Chrome

  • Internet Explorer

  • Safari

  • Mozilla Firefox

For more information on the options available to restrict the use of cookies, please visit the following website:

  • Your Online choices

​

Security
We have taken technical and organisational security measures to protect your personal data from loss, destruction, manipulation, and unauthorised access. All of our employees and all of the third parties involved in processing data are obliged to comply with the Swiss Federal Data Protection Act (DPA) and treat personal data confidentially. When personal data is collected and processed, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised according to technological developments. We also use a secure data connection (https) to transmit data in the shop area of our website.

​

Contact Form
There are several contact forms on our website that can be used for electronic contact. If a user uses this option, the data entered in the input mask will be transmitted to us and stored. This data includes:

  • Name

  • Email

  • Phone

  • Your message

The Data and time of sending are also stored at the time the message is sent. Your consent is obtained for processing the data within the scope of the sending process, and reference is made to this privacy policy. Alternatively, you can contact us via the email address provided. In this case, the user's personal data transmitted by email is stored. In this context, the data is not passed on to third parties. The data is used exclusively for processing the conversation. The legal basis for processing data is Art. 6 Para. 1 (a) of GDPR if the user has given his/her consent. The legal basis for processing data transmitted in the course of sending an email is Art. 6 Para. 1 (f) of GDPR. If the aim of email contact is the conclusion of a contract, then an additional legal basis for processing is Art. 6 Para. 1 (b) of GDPR. Personal data from the input mask is only processed for the purpose of handling the contact request. In the event of a contact request by email, this also constitutes the necessary legitimate interest in the processing of data. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.

​

The user can revoke his/her consent to the processing of personal data at any time. If the user contacts us by email, he/she can object to the storage of his/her personal data at any time. In such cases, the conversation cannot be continued. The user can revoke his/her consent at any time by email, telephone, fax, or letter. All personal data stored in the course of establishing contact is deleted in this case.

​

Confirmation of Contact/Customer Information

As a result of establishing contact with us through a contact form on the Internet, by email, or in personal form (visit, call, visit to a trade fair), during which your transmitted personal data is stored, we will send you a confirmation of the contact in the form of customer information. In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user can revoke his/her consent to the processing of personal data at any time. If the user contacts us by email, he/she can object to the storage of his/her personal data at any time. In such cases, the conversation cannot be continued. The user can revoke his/her consent at any time by email, telephone, fax, or letter. All personal data stored in the course of establishing contact will be deleted in this case.

​

Webinars

Webinars provide the opportunity for communication between us and a group of people who register online for a digital conference for the purpose of procuring information. When you register for a webinar, the following data is required to support the process:

  • Name

  • Gender

  • Email address

  • Company

​

Use of Twitter

This site uses the buttons of the Twitter service. These buttons are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. They are identifiable by terms such as "Twitter" or "Follow" together with a stylised blue bird. Using these buttons, it is possible to share an article or one of our pages via Twitter or to follow the provider on Twitter. If a user visits a page on this website that has one of these buttons, their browser opens a direct connection to Twitter's servers. The content of the Twitter buttons is transmitted directly from Twitter to the user's browser. For this reason, the provider has no influence on the scope of the data that Twitter collects using this plugin and wants to inform you about its level of knowledge accordingly. According to this, only the IP address of the user and the URL of the respective website is transmitted when this button is used, but only for the purpose of displaying the button. Further information concerning this can be found in Twitter's privacy policy. You can change your Twitter privacy settings in the account settings here>>

 

Use of LinkedIn

Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you visit one of our pages that contains functions of LinkedIn, a connection to LinkedIn's servers is opened. LinkedIn is informed that you have visited our website with your IP address. If you click on the LinkedIn "Recommend button" and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of these pages, we do not have information about the content of the data transmitted or how LinkedIn uses it. Further information concerning this can be found in LinkedIn's privacy policy here.

 

Web Tracking - Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses cookies. Cookies are text files stored on your computer to enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

​

Browser plugin
You may refuse the use of cookies by configuring the appropriate settings in your browser software; however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plugin available here>>

​

Objecting to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set which prevents the collection of your data upon future visits to this website: disable Google Analytics. For more information about how Google Analytics handles user data, please see Google's privacy policy .

​

Rights of the Data Subject
If your personal data is processed, you are affected within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:

1. Rights to Information
You can ask the responsible person to confirm whether your personal data is processed by us. If such processing has taken place, you can request the following information from the responsible person:

  • The purposes for which the personal data is processed.The categories of personal data processed.

  • The recipients or categories of recipients to whom the personal data about you has been or will be disclosed.

  • The planned duration of the storage of your personal data or, if specific information about this cannot be provided, criteria for determining the storage period.

  • The existence of a right of rectification or deletion of your personal data, of a right to the restriction of processing by the data controller, or of a right to objection to such processing.

  • The existence of a right of appeal to a supervisory authority.

  • The planned duration of the storage of your personal data or, if specific information about this cannot be provided, criteria for determining the storage period.

  • All available information about the origin of the data if the personal data is not collected from the data subject.

  • The existence of automated decision-making, including profiling in accordance with Art. 22 Para. 1 and 4 of GDPR and – at least in these cases – meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

​

You have the right to request information as to whether your personal data is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate guarantees in accordance with Art. 46 of GDPR in connection with the transmission.

​

2. Right to Rectification
You have a right to rectification and/or completion vis-à-vis the data controller if the personal data processed concerning you is incorrect or incomplete. The data controller must make the correction without delay.

​

3. Right to Limitation of Processing
You may request that the processing of personal data concerning you be restricted under the following circumstances:

  • If you dispute the accuracy of your personal data for a period of time that enables the data controller to verify the accuracy of the personal data.

  • The processing is unlawful and you refuse the deletion of the personal data and instead request that the use of the personal data be restricted.

  • The data controller no longer needs the personal data for the purposes of processing, but you do need it to assert, exercise, or defend legal claims.

  • If you have filed an objection to the processing in accordance with Art. 21 Para. 1 of GDPR and it has not yet been determined whether the legitimate reasons of the data controller outweigh your reasons.

​

If the processing of your personal data has been restricted, such data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising, or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the European Union or a member state. If the processing restriction has been restricted according to the above conditions, you will be informed by the data controller before the restriction is lifted.​

​

4. Right to Deletion - Deletion Obligation

  • You may request the data controller to delete your personal data without delay and he/she is obliged to delete this data without delay if one of the following reasons applies:

  • Your personal data is no longer required for the purposes for which it was collected or otherwise processed.

  • You revoke your consent, on which the processing was based in accordance with Art. 6 Para. 1 (a) or Art. 9 Para. 2 (a) of GDPR, and there is no other legal basis for the processing.

  • You file an objection against the processing in accordance with Art. 21 Para. 1 of GDPR and there are no overriding legitimate reasons for the processing, or you file an objection against the processing in accordance with Art. 21 Para. 2 of GDPR.

  • Your personal data has been processed unlawfully.

  • The deletion of your personal data is required to fulfill a legal obligation under European Union law or the law of the member states to which the data controller is subject.

  • Your personal data has been collected in relation to information society services offered in accordance with Art. 8 Para. 1 of GDPR.

​

Information to Third Parties
If the data controller has made your personal data public and is obliged to delete it in accordance with Art. 17 Para. 1 of GDPR, he/she shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those who process the personal data that you as the data subject have requested the deletion of all links to this personal data or of copies or replications of this personal data.

​

Exceptions

  • The right to deletion does not exist insofar as the processing is necessary, for example:To exercise freedom of expression and information.

  • To fulfill a legal obligation required for processing under the law of the European Union or of member states to which the data controller is subject or to carry out a task in the public interest or in the exercise of official authority conferred on the data controller.

  • For reasons of public interest in the area of public health in accordance with Art. 9 Para. 2 (h) and (i) and Art. 9 Para. 3 of GDPR.

  • For archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes in accordance with Art. 89 Para. 1 of GDPR, insofar as the law referred to under section a) is likely to render impossible or seriously impair the attainment of the objectives of such processing.

  • To assert, exercise, or defend legal claims.

​

5. Right to be Informed
If you have exercised your right to have the data controller correct, delete, or restrict data processing, he/she is obliged to inform all recipients to whom your personal data has been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed by the data controller about such recipients.

​

6. Right to Data Transferability
You have the right to receive such personal data as relates to you that you provided to the data controller in a structured, common, and machine-readable format. In addition, you have the right to pass this data on to another data controller without obstruction by the data controller to whom the personal data was made available, provided that:

  • Processing is based on consent in accordance with Art. 6 Para. 1 (a) of GDPR or Art. 9 Para. 2 (a) of GDPR or on a contract in accordance with Art. 6 Para. 1 (b) of GDPR.

  • Processing is carried out using automated methods.

In exercising this right, you also have the right to request that your personal data be transferred directly from one data controller to another data controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this. The right to data transferability shall not apply to the processing of personal data required for the performance of a task in the public interest or in the exercise of an official authorisation conferred on the data controller.

​

7. Right of Objection
You have the right to file an objection at any time, for reasons arising from your particular situation, to the processing of your personal data in accordance with Art 6. Para. 1 (e) or (f) of GDPR; this also applies to profiling based on these provisions. The data controller shall no longer processes your personal data unless he/she can prove compelling and legitimate grounds for processing, which outweigh your interests, rights, and freedoms or the processing serves to assert, exercise, or defend legal claims. If your personal data is processed for direct marketing purposes, you have the right to file an objection at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes. You have the option to exercise your right of objection in connection with the use of information society services by means of automated processes using technical specifications, notwithstanding Directive 2002/58/EC.

​

8. Right to Revoke the Data Protection Declaration of Consent
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent shall not affect the legality of processing carried out on the basis of the consent until revocation.

​

9. Automated Decision-Making in Individual Cases Including Profiling
You have the right not to be subject to a decision based exclusively on automated processing – including profiling – that has legal effects against you or significantly impairs you in a similar manner. This is not the case if the decision

​

  • is necessary for the conclusion or performance of a contract between you and the data controller.

  • is admissible under European Union legislation or that of the member states to which the data controller is subject and where such legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests.

  • is made with your express consent.

​

However, these decisions may not be based on special categories of personal data in accordance with Art. 9 Para. 1 of GDPR, unless Art. 9 Para. 2 (a) or (g) applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests. In the cases referred to in (1) and (3), the data controller shall take reasonable measures to safeguard your rights, freedoms, and legitimate interests, including at least the right to obtain the intervention of a person by the data controller, to state his/her own position, and to challenge the decision.

​

10. Right of Appeal to a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the member state where you reside, your place of work, or the location of the suspected infringement, if you believe that the processing of your personal data is contrary to the GDPR.

 

Changes to Data Protection Regulations
We reserve the right to change our security and data protection regulations to the extent necessary due to technical development. We will also adjust our notes with regard to privacy protection accordingly in these cases. Please always note the current version of our privacy policy.

 

Data Controller

The data controller for the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

healiva® SA - Corso Elvezia 4, 6900 Lugano, Ticino, Switzerland

T: +41 76 709 44 16 

Email: contact@healiva.com

bottom of page