Best Smile AG
When you visit our website, the server automatically logs general technical visit information. These include for example the IP address and operating system of your device, the date and time of use, the referrer website and the type of browser you are using to access our website.
When we process personal data when you visit our website, we do so based on our interest in making the website available, providing you with the best possible user experience and further developing and marketing our products and services.
When you make an appointment, enquire about our products and services, visit us for a suitability consultation or a check-up, order a treatment plan or products such as braces (“aligners”) or veneers or if you use our app, we collect your contact details and other relevant personal data that you provide us with on those occasions.
We process this personal data for the following purposes and on the following basis:
(a) To prepare, conclude and fulfil the (treatment) contract with you and to enforce rights arising from it;
(b) On the basis of our legitimate interests to communicate with you, to optimise your user experience, to improve and further develop our offers, services and products, to analyse demand patterns or make other evaluations, to ensure IT security as well as the business operation, to ensure management and the development of our company and to enforce or defend legal claims;
(c) To comply with legal obligations (e.g. obligation to keep business records).
In connection with your treatment, we collect certain health-related data from you (e.g. tooth position, previous and current dental diseases, implants or crowns inserted, general health condition, medication to be taken). Health data are sensitive personal data that are particularly worthy of protection under data protection law and are subject to a higher standard of protection.
We may need to disclose your personal data to third parties to fulfil the contract, to safeguard our interests or to comply with legal regulations. Such third parties include, for example, our IT service providers and third-party providers operating in the field of payment transactions, billing, collection, consulting, sales and marketing.
Even if we disclose your personal data to third parties outside Switzerland, the EU and the EEA, we comply with the applicable data protection laws, e.g. by taking appropriate contractual, technical and organisational measures.
We protect your personal data in particular by means of the following technical and organisational security measures against accidental, unlawful or unauthorised manipulation, deletion, alteration, access, disclosure, use or loss:
(a) Our employees only have access to your personal data if this is necessary or reasonable for the accomplishment of their tasks;
(b) We have state-of-the-art IT infrastructure, in-house IT specialists and up-to-date IT regulations;
(c) Whenever possible and reasonable, personal data is encrypted (during transmission and/or storage).
We only store your personal data for as long as and to the extent necessary for the purposes described or on legal grounds.
Data in connection with treatments (patient files) is kept for 20 years on legal grounds.
In accordance with the requirements of applicable data protection law, you have the following rights in relation to your personal data:
Please note that these rights are subject to exceptions. In particular, we may be obligated to process your personal data to fulfil a contract, to protect our own legitimate interests such as asserting, exercising or defending legal claims, or to comply with legal obligations. In such cases, we can or must therefore refuse certain requests or comply with them only to a limited extent.
If you are not satisfied with the way we process your personal data, you have a right of appeal (see section 8).
Our website contains links to third-party websites that are not operated or controlled by us. We are not responsible for whether and how these third parties comply with data protection regulations.
If you are not satisfied with the manner in which we process your personal data, you have the right to complain to the Federal Data Protection and Information Commissioner (FDPIC) or, if the FDPIC is not responsible for your concern, to the responsible supervisory authority.
Please contact us first before submitting a complaint. This way, we can try to solve your problem directly. The easiest way is to contact us by email at [email protected].
Winterthur, August 2021