- Access authorisation
- Means of access
- Registration and authentication
- Due diligence on the part of the customer
- Customers on the same contract/families
- Note on security
- Data protection and data security
- Marketing and information
- Disabling access
- Analysis of web behaviour
- Functions on myHelsana
- Termination of the user agreement
- Applicable law and place of jurisdiction
- Supplementary provisions
myHelsana is generally available to all persons insured with the Helsana Group (private customers) who are 18 or over. Helsana is at liberty, however, to decide whether or not to enter into an agreement with a user. Customers do not have any legal entitlement to access myHelsana.Up
Means of access
Customers access the portal via their provider's internet service.
To use myHelsana, the latest version of a commercially available web browser must be installed for the customer portal, and Android/IOS for the app. Otherwise, myHelsana may not function properly or at all. Helsana is unable to provide support for technical problems of any kind, such as concerning the customer’s end device or Internet connection.Up
Registration and authentication
Once registered with myHelsana as per the online instructions, customers will receive an activation code via the ordinary postal service. This code is used to activate myHelsana in the first instance.
Customers who have already received the code by letter, email or telephone can enter it during registration by following the online instructions.
Users must then sign in with their user name, password and mTAN (security code sent by SMS) to access their data.
Helsana deems anyone having identified themselves legitimately on the portal via their login data, as described above, as being authorised to access myHelsana and to use any of the services provided therein. In particular, users are entitled to amend data, submit applications and review documents uploaded to the portal.Up
myHelsana is a free service.Up
Due diligence on the part of the customer
It is the responsibility of each customer to keep login data confidential and protect it from misuse by unauthorised third parties.
Customers are liable for any consequences arising from the unauthorised use of their authentication details.
If a user has reason to suspect that an unauthorised third party has obtained such details, the password must be changed immediately and, if necessary, a request to disable the account submitted to Helsana.
Customers are obliged to check their myHelsana inbox regularly. It is the responsibility of the customer to ensure that invoices received via myHelsana are paid in good time using an appropriate online banking system or direct debit facility.
Changes to home and/or e-mail addresses, bank details and other personal data must be entered in myHelsana by the customer without delay. Correspondence from Helsana sent to the home or e-mail address stored on the system will be deemed duly served.
Once a customer has downloaded a document from myHelsana onto their own end device, they are then responsible for securing the relevant data as appropriate. Helsana cannot accept any responsibility for documents once they have left its systems.Up
Customers on the same contract/families
Any adult insured person can register for myHelsana.
If the main policyholder/family head (who may be stated in the application or subsequently) registers for myHelsana, they agree by entering into this User Agreement to receive all correspondence from Helsana or Progrès for all members of the joint insurance contract electronically in future, i.e. including invoices and the policy. The above does not, however, apply to documents which, for legal or technical reasons, require dispatch via the ordinary postal system. The main policyholder/family head has access to the data of insured persons associated with him or her under this insurance contract, including highly confidential personal data.
Regardless of whether the main policyholder/family head is registered, any adult customer may register for their own access to myHelsana as a member of the joint insurance contract/family contract. This has no effect on the means of communication agreed between Helsana or Progrès and the main policyholder/family head. The customer has access to their own data; in particular, they can change their own contact details. The customer also has access to data they already know for all insured persons under the same insurance contract/family contract (including name, address, telephone number, insurance products, insurance card), regardless of whether or not these persons are registered for myHelsana. This does not apply to highly confidential personal data.
Revocation is possible at any time and may be notified to Customer Services in writing. Revocation will result in contract separation into an individual contract.Up
Note on security
myHelsana is accessed via the internet.
Even if the security precautions on the user’s end device reflect the state of the art of science and technology, a 100% guarantee of security cannot be given. Helsana therefore draws customers' attention to the following primary risks when using the myHelsana portal:
Inadequate security precautions on the user’s end device can make it easier for a third party to gain unauthorised access to customer data. It cannot be ruled out that a third party will gain access to an end device surreptitiously while the customer is actually using it. For this reason, the Helsana Group urgently advises customers to equip their systems with a current firewall solution and to protect WLAN networks with passwords. Helsana urges its customers not to access myHelsana via public WLAN networks.
Information and data are exchanged between Helsana and its customers via an open network that is accessible by anyone. Although data transfers between Helsana and the customer are encrypted, certain details of the connection (e.g. the sender and the addresses of recipients) are not, and this may give rise to the inference that a business relationship exists between the customer and Helsana.
Helsana has no influence on whether or how a customer’s internet provider will analyse data traffic. It is possible for a third party to ascertain when and with whom the customer has been in contact.
For security reasons, a session time-out is installed that will automatically log the user out of myHelsana after a certain period of inactivity, whereupon they will need to sign in again to use the facility.Up
Considerable care and attention is invested in the content of the myHelsana portal. Helsana cannot, however, accept any liability for the accuracy and completeness of the data and information it provides and exchanges.
Helsana makes no warranty that access to the myHelsana portal will be uninterrupted or error-free, that defects will be corrected, or that viruses or other harmful components will not be transmitted in connection with customers' use of the site. Helsana does not accept any liability for indirect loss or damage and consequential loss or damage, in particular loss of profits, loss or damage as a result of data downloads, or reputational damage.Up
Data protection and data security
Helsana takes all reasonable technical and organisational precautions to prevent unauthorised access to customer data and other unlawful data processing. The data and documents displayed on myHelsana are drawn from the relevant Helsana departments and systems, and remain visible for the duration of the customer's online session.
For more information on data protection please see www.helsana.ch/data-protection.
All data protection enquiries, claims or requests concerning Helsana or Progrès may be submitted to the Helsana Data Protection Officer at the following address, accompanied by a copy of an official identity document:
Helsana Insurance Company Ltd
Data Security Officer
Where Helsana falls within the scope of GDPR, Active-Assets A2 GmbH is both its Data Protection Officer for the purposes of Article 37 GDPR and its representative for the purposes of Article 27 GDPR. Its contact details are as follows:
Active-Assets A2 GmbH
Marketing and information
Helsana may use myHelsana to advertise its own products or those of partners and place links to partner websites.Up
Should any security risk whatsoever be detected, Helsana reserves the right to disable access to myHelsana in the interest of customers and to protect their data.Up
Analysis of web behaviour
Helsana collects, processes and analyses tracking data on the use of myHelsana for optimisation and statistical purposes. This tracking data cannot be traced to individual customers; rather, it merely provides information on general user behaviour. In other words, these are anonymous evaluations to improve myHelsana. This data helps Helsana to optimise its website and make it more customer friendly. Cookies (small text files containing an ID number) allow Helsana to enhance the service it provides and recognise returning website visitors.
Where Helsana falls within the scope of GDPR it relies on its legitimate interests to operate and successfully improve myHelsana.
Most browsers have a function that allows users to prevent cookies from being accepted automatically and to delete cookies already stored on the system. If a customer does not want cookies to be stored on their device, they can change the browser settings so that cookies must either be approved before being stored or are automatically refused. For ease of navigation, Helsana recommends that customers accept cookies and do not delete them. Disabling cookies can hinder the use of interactive functions on this and other websites.
Functions on myHelsana
Which functions are available on myHelsana depends to some degree on the insurance contracts concluded with Helsana or Progrès. This can mean that, in some cases, not all functions will be available. In addition, Helsana reserves the right to modify, upgrade or discontinue individual functions on myHelsana at any time.Up
Termination of the user agreement
Either party has the right to withdraw from the contract at any time without citing reasons and without observing a period of notice. Cancelling the contract will result in access to myHelsana being disabled immediately.
In any case, the user agreement is terminated automatically six months after the end of the contractual relationship with Helsana and Progrès.Up
Applicable law and place of jurisdiction
These provisions are subject to and governed by the applicable law. Where Swiss law applies, the sole place of jurisdiction is Zurich.Up