Version 1.0 dated 25 May 2018
Data Protection Officer
To the extent that Helsana falls within the scope of the GDPR, Active-Assets A2 GmbH serves both as its data protection officer within the meaning of Art. 37 GDPR and its representative pursuant to Art. 27 GDPR. The contact details are:
Active-Assets A2 GmbH
When you visit our Website, for technical reasons your Internet browser automatically sends us certain data regarding your usage which is stored in log files. This concerns the following data in particular: date and time when the Website was accessed, name of the website accessed, IP address of your computer or mobile device, address of the referring website, transferred data volume as well as the name and version of the Internet browser used.
These data form the basis for statistical, anonymous evaluations, help to optimise and continuously further develop the websites and can also be evaluated for marketing purposes. If you want to use our website, you must provide us with this data.
As described below, certain uses of the website also require Helsana to collect personal data. When using the website, you either provide these manually (see Section 4 below) or their provision is dependent on your Internet browser's technical settings and these are either automatically collected or made available by third parties in accordance with those settings (see Section 5). If you do not wish to provide us with this personal data, you may not be able to take advantage of certain offers on the website (such as the premium calculator) or their functionality may be impaired.
In connection with the use of the website, Helsana collects the following categories of personal data in particular:
If you are already a customer of Helsana or wish to become one, we collect and process personal data during the conclusion and execution of contracts with our customers. We may link the personal data you provide via the website to other existing personal data. Data are processed for purposes that are primarily geared toward specific products (e.g. basic insurance, BeneFit PLUS, SANA, COMPLETA, PRIMEO), and may include requirements analyses and insurance consultations. For information regarding the purpose of further data processing conducted as part of the contractual relationship, please refer to the corresponding privacy policies.
Other than for the fulfilment of the contract or outside an existing contractual relationship, we use data collected via the website to protect our legitimate interests or those of third parties. Examples:
We may also use the data to comply with our legal and regulatory obligations.
If, in individual cases, you have consented to the processing of your personal data for a specific purpose, we will base the processing on this consent. You may withdraw your consent at any time, whereby such withdrawal only applies to the future and does not affect the legality of data processing already carried out. Data processing carried out on the basis of on your consent includes, in particular, delivery of the newsletter or submission of a contract offer based on the information you entered into the premium calculator.
On this website you can subscribe to our newsletter by providing us with personal data (first name, surname and e-mail address). For verification purposes, we will send you a confirmation e-mail immediately after completion of the registration process. The personal data collected during your registration will be used for sending our newsletter. This personal data may be passed on to our marketing department, which processes the data only on our behalf. To the extent permitted by applicable data protection law, we may include codes in our newsletters with which we can recognise whether the recipient has opened the e-mail and downloaded the images contained therein. The recipient can block this in his/her e-mail programme.
You can unsubscribe from our newsletter at any time by clicking HERE or on the link at the end of each newsletter.
Normal e-mails that you send to Helsana are not encrypted and may potentially be viewed by third parties. Since we are unable to safeguard the data security of unencrypted e-mail traffic sent to Helsana, Helsana excludes any warranty and liability for such traffic. For this reason, we recommend that you get in touch with us directly by using the available contact forms.
Confidential, personal data that you send to Helsana using the forms provided on the websites are transmitted in encrypted form according to the current state of the art and cannot be viewed by third parties. The data you enter via the website will be used in particular to process contracts, process your requests and, if necessary, for marketing purposes within the Helsana Group.
By entering your data in the premium calculator, you agree in particular to be contacted by the companies of the Helsana Group by telephone or another channel for the purpose of making you an offer.
Most of the cookies we use are temporary session cookies that are automatically deleted from your computer or mobile device at the end of your browser session. We also use permanent cookies. These remain stored on your computer or mobile device after your browser session has ended. Depending on the type of cookie, permanent cookies remain stored on your computer or mobile device for up to two years and are automatically deactivated at the end of the pre-programmed time.
The cookies we use serve to enable various functions offered by our websites. For example, cookies help save your language preferences across different pages visited during a single Internet session and thus facilitate your access to the websites. Cookies also enable us to track and analyse the behaviour of visitors to our websites. This helps us design our websites in a more user-friendly, effective way and to make your visit to our websites as pleasant as possible.
You can choose at any time to set your browser such that no cookies are accepted or saved. Instead, you can also choose to receive a warning message each time before accepting a cookie or set your browser to only accept cookies from certain websites. You can also delete any cookies that have already been saved at any time.
We would like to point out that the use of individual functions offered by our website may be restricted or prevented altogether if you reject cookies from the website. In order to make website navigation easier, we recommend that you accept cookies and do not delete them. If you block cookies, you may not be able to make full use of the interactive functions on this website.
We use Google Analytics or similar services on our website. This is a service provided by third parties who may be located in any country of the world (in the case of Google Analytics it is Google LLC in the US, www.google.com) which we can use to measure and evaluate the use of the Website. Permanent cookies, set by the service provider, are also used for this purpose. The service provider does not receive any personal data from us (and does not store any IP addresses), but may track your use of the website, combine this information with data from other websites you have visited and which are also tracked by service providers, and use these findings for its own purposes (e.g. to control advertising). If you are registered with the service provider, the service provider also recognises you. The service provider's processing of your personal data is then the responsibility of the service provider and is carried out in accordance with its data protection provisions. The service provider merely informs us how our respective website is used (without any information about you personally).
Our websites use social media plug-ins, e.g. from Facebook, Twitter or Google+ (providers). These plug-ins are labelled with the provider's logo and can, for example, be a Like button, a Google+ button or a Twitter button.
When you visit one of our websites with a plug-in of this nature, your Internet browser establishes a direct connection with the provider's computers. The provider's website sends the content of the plug-in directly to your browser which incorporates it into the website. Through the incorporation of the plug-in, the provider is informed that you visited our website. If you are logged in to your account on the provider's website at the same time, the provider can match the visit to your profile. If you interact with the plug-ins − for example by pressing the «Like» button or posting a comment − the corresponding information is sent by your browser directly to the provider and stored on their servers.
If you do not want the provider to collect data on you via our website, you have to log out of your account on the provider's website before visiting our website. Even if you have logged out of your account, providers still collect data in anonymised form via the social plug-ins and place a cookie on your computer. If you log in to your account on the provider's website at a later date, this data can be linked to your profile.
If a login is offered via a social login service − e.g. Facebook Connect − data will be exchanged between the provider and our website. In the case of Facebook Connect, this could be, for example, data from your public Facebook profile. By using such login services, you are agreeing to the transfer of your data.
We take appropriate technical and organisational measures to protect your personal data collected via websites against unauthorised processing, loss and destruction. We are also concerned about the confidentiality, availability and integrity of your personal data.
We will retain your personal data for as long as necessary to provide the services available on the website or for other processing purposes, such as fulfilling legal obligations, resolving disputes and enforcing our policies. If we have a legal obligation to retain your personal data, we will delete it after expiry of the respective retention period.
Regardless of how we collect your personal data in connection with the website, all Helsana Group companies have access to the personal data. This means that your personal data can also be processed for various purposes and linked together with personal data that is collected by another company of the Helsana Group.
Furthermore and to the extent permitted by applicable (data protection) law, Helsana may also disclose personal data to contracted service providers (both inside and outside Switzerland). In connection with data collected on the website, these specifically consist of IT service providers working in the area of data storage and data analysis.
Personal data obtained in connection with the use of the website may also be disclosed to third parties (inside or outside Switzerland) if we are obliged to do so by law, by court order or by official order or if this is necessary to support internal or external investigations, other legal investigations or proceedings in Switzerland or abroad or any corporate transactions.
The service providers and third parties to whom Helsana transmits data may be located in any country in the world (specifically the US and Ireland). If data is transferred to a country without adequate data protection, Helsana guarantees adequate protection through the use of sufficient contractual guarantees, specifically on the basis of EU standard contractual clauses, binding corporate rules or based on exceptions with respect to consent, contract execution, the determination, exercise or enforcement of legal claims, overriding public interest, the data published by you or because it is necessary to protect your individual integrity. You may request a copy of the contractual guarantees by sending a written request along with a copy of an official form of identification to the contact address specified above (see Section 2) or this contact will inform you where you can obtain such a copy. Helsana reserves the right to black out such copies for reasons of data protection or secrecy or to deliver only excerpts.
We or service providers acting on our behalf do not process data with the aim of evaluating specific personal characteristics (profiling).
As a matter of principle, we do not use fully automated decision-making pursuant to Art. 22 GDPR to establish and engage in the business relationship. Should we use these methods in individual cases, we will inform you separately if this is required by law.
Access to the website and the related collection of connection data (such as IP addresses) must be logged; this happens automatically during use and cannot be disabled for individual users. With the exception of the data required for technical reasons (see Section 3.1 above), you are not obliged to provide us with any personal data in connection with your use of the website. However, certain services cannot be used without the provision of personal data, or their functionality is impaired.
Within the scope of the data protection law applicable to you, you have the right to access your data, to have it rectified or deleted, the right to restrict data processing and otherwise to object to our data processing and to the disclosure of certain personal data for the purpose of transferring such personal data to another location (so-called data portability). If the processing of personal data is based on your consent, you may withdraw this consent at any time. Exercising these rights usually requires that you can clearly prove your identity. Please note, however, that we reserve the right to enforce the statutory restrictions, for example if we are obliged to retain or process certain data, have an overriding interest in it (insofar as we may invoke it) or need it for enforcing claims.
If Helsana automatically takes a decision concerning an individual person, which has a legal impact or significantly affects the person concerned in a similar way, the person concerned may speak to a competent person at Helsana and request a reconsideration of the decision, or demand from the very start that this be assessed by a competent person, to the extent provided for by law. In this case, the person concerned might no longer be able to use certain automated services. The person will be informed of such decisions subsequently or separately in advance.
Every person concerned has the right to file a complaint with the competent data protection authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
You can prevent or restrict the installation of cookies by changing your browser settings accordingly. However, we would like to point out that, in this case, you may not be able to use all the functions of this website to their full extent.
Furthermore, the automated data processing carried out on this website can be technically prevented as follows:
We're here to help.