We, PeakData GmbH, are pleased about your visit to our website and your interest in our products and services. We take the protection of your personal data and their confidential treatment seriously.
Your personal data will be processed in accordance with the legal provisions of the data protection laws of Switzerland and the European Union, in particular the General Data Protection Regulation (hereinafter “GDPR”) .
With this data protection policy we would like to inform you about the processing of your personal data and about your rights as a data subject in the context of the processing of your personal data by us. The terms used, such as “personal data” or their “processing” correspond to the definitions in Art. 4 GDPR.
The person responsible for data processing within the meaning of the data protection laws is:
We would like to point out that our company is based in Switzerland and that data processing also takes place in Switzerland. For Switzerland, the European Commission has taken a so-called adequacy decision within the meaning of Art. 45 para. 3 GDPR. Our EU representative is:
To be appointed
2. Subject of data protection
The subject of data protection is personal data. This is all information relating to an identified or identifiable natural person (so-called data subject). This includes, for example, information such as name, postal address, e-mail address or telephone number, but also information that necessarily arises during the use of our website, such as information on the beginning, end and extent of use and the transmission of your IP address.
3. Data processing when you visit our website
The use of our website is generally possible without registration and without you providing us personal data. However, even if you use our website in this way for purely informational purposes, personal data may be collected and processed automatically. In the following you will find an overview of the type, scope, purposes and legal basis of such data processing via our website.
a. Provision of our website
When your terminal device accesses our website, the following data is automatically recorded and processed by us using server log files. This includes date and time of access, duration of the visit, content of the request (specific page), type of terminal device, operating system used and its interface, language and version of the browser software, access status/HTTP status code, the functions you use, amount of data sent, type of event, referrer URL, domain name, IP address.
We process this data on the basis of our legitimate interests in the sense of Art. 6 para. 1 letter f) GDPR, namely for the provision and display of the website, for securing and maintaining technical operations, for the purpose of identifying and eliminating faults and for security reasons (e.g. to clarify cases of abuse or fraud). When you visit our website, this data is processed automatically. Without this provision you cannot use our website. We do not use this data for the purpose of drawing conclusions about your identity.
The collected data is usually deleted after 30 days, unless we need it longer for the above mentioned purposes in exceptional cases. In such a case we delete the data immediately after the purpose has been fulfilled.
If you provide us with personal data by e-mail or via a contact form, this is always done on a voluntary basis. Your data will be processed by us for the purpose of handling your contact request and its processing in accordance with Art. 6 para. 1 lit. b) GDPR and, if necessary, will also be passed on to third parties in this context. We will delete the data you have provided as soon as the purpose of the collection is no longer applicable, provided that no new legal basis intervenes (e.g. further processing of the data is necessary to fulfil a concluded contract) and there are no legal storage obligations.
6. Newsletter: If you register for a newsletter, we store your e-mail address as well as automatically your IP address and the times of registration and confirmation. In this way we can prove that you have actually registered and, if necessary, detect any misuse of your e-mail address.
Of course you will find an unsubscribe link in every issue of our newsletter with which you can withdraw your consent to receive the newsletter as a whole.
If your are already using our services as our customer , we will send you a newsletter with updates for you on our products and services in regular intervals to the e-mail address we have on file, as long as you have not objected to its use. The objection can be made without incurring any costs other than the transmission costs according to the basic rates.
We base this form of data processing on Art. 6 para. 1 sentence 1 lit. f) DSGVO. We will only inform you about new features in our services and similar services within the scope of our products and services. If you do not wish to receive such a newsletter, you can contact us at any time or you can cancel your subscription (unsubscribe from the newsletter) directly in the newsletter itself by clicking on the link provided in the newsletter.
7. Platform Services
If you decide to make use of our services, they must register on our respective platform. We collect the following data from our customers during the registration process:
When logging in to our platform, we store the current IP address of the user and the last log-in.
Furthermore, we record the interactions of our registered customers which are carried out within the framework of platform use. These include:
We process this data on the basis of our contractual relationships within the meaning of Art. 6 para. 1 lit. b) GDPR and our legitimate interests within the meaning of Art. 6 para. 1 lit. f) GDPR to ensure and maintain technical operations, for the purpose of identifying and eliminating faults and for security reasons (e.g. to clarify cases of abuse or fraud).
Data processing on data subjects from publicly available sources
For our platform services we also collect personal data on data subjects from publicly available sources in particular public websites.
The data we collect include for Healthcare Professionals:
for Healthcare institutions:
We process this data to match professionals to the queries of our platform customers. This matching decision is based on our pattern recognition algorithms. Information on a data subject appears only if the profile of the data subject matches the fields of specialisation our customer is interested in. Our processing of data is based on Art. 6 para 1 lit. f GDPR. You have the right to object to this processing of your personal data as described in Section 10 of this Data Protection Information. You also have of course the right to exercise all other data subjects right available to you.
8. Recipients of personal data
We will only transfer your personal data to external third parties if this is necessary to process or handle your request, if another legal permission exists or if we have your consent. External recipients may in particular be service providers that we use to provide services, for example in the areas of technical infrastructure and maintenance of our website and our services. Such contract processors are carefully selected and regularly checked by us. They may use the data exclusively for the purposes specified by us and in accordance with our instructions.
If a data transfer takes place to entities whose registered office or place of business is not located in a member state of the European Union or in another state that is a party to the Agreement on the European Economic Area, we will ensure prior to the transfer that, except in exceptional cases permitted by law, the recipient either has an adequate level of data protection or has your consent to the data transfer.
9. Storage limitation
We store your personal data only as long as it is necessary for the fulfillment of the purposes or – in case of consent – as long as you have not revoked your consent. In the event of an objection, the revocation of consent or the discontinuation of the purpose, we will delete your personal data. Insofar as further processing is permitted or even mandatory according to the relevant legal provisions (e.g. within the scope of commercial and tax law retention obligations), we will only delete your data after these obligations have expired.
10. Data subjects rights
As a person affected by the data processing, you have numerous rights at your disposal. In detail, the following rights are entitled to the extent that the legal requirements are met:
If you have any questions regarding the processing of your personal data, your rights as a data subject and any consent that may have been granted, you can contact us free of charge. To exercise all your aforementioned rights, please contact firstname.lastname@example.org or by post at the address given above under point 1. Please make sure that we are able to identify you unambiguously.
From time to time it may be necessary to adapt the content of this privacy statement. We therefore reserve the right to change these at any time. We will also publish the amended version of the data protection information here. The version of our data protection information that is current at the time of your visit applies.