Skip to main content
Parat Logo

Privacy Policy

The protection of your personal data, such as date of birth, name, telephone number, address, etc., is an important concern to us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect when you visit our website. Our data protection practice complies with the legal provisions of the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). This privacy policy serves to fulfil the information obligations under the FADP and the GDPR, as set out in Art. 19 et seq. FADP and Art. 13 et seq. GDPR.

Owner and Controller

The controller within the meaning of Art. 5 lit. j FADP and Art. 4 No. 7 GDPR is the person who alone or jointly with others determines the purposes and means of the processing of personal data. The controller under Art. 4 No. 7 GDPR is also the recipient of personal data within the meaning of Art. 4 No. 9 GDPR. Any third-party recipients are identified separately.

With regard to our website, the owner and controller is:

PARAT – Move Healthily
Feldbergstrasse 47
4057 Basel

info@parat-studio.ch
+41 61 220 02 91

Website Provision and Log Files

Each time you access our website, our system automatically collects data and information from the accessing device (e.g. computer, mobile phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

  • Information about the browser type and version used
  • The operating system of the accessing device
  • Hostname of the accessing computer
  • The IP address of the accessing device
  • Date and time of access
  • Websites and resources (images, files, other page content) accessed on our website
  • Websites from which the user's system accessed our website (referrer tracking)
  • Notification of whether the access was successful
  • Amount of data transferred

This data is stored in our system's log files. This data is not stored together with personal data of a specific user, so that individual visitors cannot be identified.

Legal Basis for Processing Personal Data

The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC) as well as Art. 6 para. 1 lit. f GDPR (legitimate interest).

Purpose of Data Processing

The temporary (automated) storage of data is necessary for a website visit to enable delivery of the website. The storage and processing of personal data also serves to maintain the compatibility of our website for as many visitors as possible and to combat misuse and eliminate disruptions. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react to display errors, attacks on our IT systems and/or errors in the functionality of our website as early as possible. The data also serves to optimise the website and to generally ensure the security of our information technology systems.

Duration of Storage

The aforementioned technical data is deleted as soon as it is no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Restriction, Objection, Correction and Deletion Options

You can request restriction of processing at any time pursuant to Art. 18 GDPR or object to processing pursuant to Art. 21 GDPR, as well as request correction or deletion of data pursuant to Art. 16 or 17 GDPR. Your rights and how to exercise them can be found in the lower section of this privacy policy.

Disclosure to Third Parties

The processing of personal data is carried out in accordance with the principle of lawfulness (Art. 6 para. 1 FADP) and the principle of good faith (Art. 6 para. 2 FADP and Art. 2 CC).

The disclosure of information to third parties is governed by the scope of the activities or services described below on our website or in our business model.

In principle, we only retain your information for as long as necessary and treat it confidentially. Exceptions include the transfer of personal data to debt collection service providers, to public bodies and authorities, and to private individuals who are entitled to it on the basis of legal provisions, court decisions or official orders, as well as the transfer to authorities for the purpose of initiating legal proceedings or for criminal prosecution purposes if our legally protected rights are attacked.

Integration of External Web Services and Processing of Data Outside Switzerland

On our website, we use active content from external providers, so-called web services. By accessing our website, these external providers may receive personal information about your visit to our website. Processing of data outside Switzerland and the EU may occur. You can prevent this by installing an appropriate browser plugin or by disabling the execution of scripts in your browser. This may result in functional restrictions on websites you visit.

We use the following external web services:

Infomaniak (Hosting)

Our website is hosted by Infomaniak Network SA, Rue Eugène-Marziano 25, 1227 Geneva, Switzerland. When visiting our website, the above-mentioned log file data is processed and stored on Infomaniak's servers in Switzerland. No personal data is transferred to third countries outside Switzerland.

The legal basis for the transfer is Art. 6 para. 1 lit. f GDPR (legitimate interest in secure and reliable hosting).

Further information can be found in Infomaniak's privacy policy: https://www.infomaniak.com/en/legal/privacy-policy

Mapbox (Map Display)

On our contact page, we use the map service Mapbox by Mapbox Inc., 740 15th Street NW, 5th Floor, Washington, DC 20005, USA. When you access the contact page, a connection is established with Mapbox's servers, whereby your IP address and other technical data (e.g. browser type) are transmitted to Mapbox.

The transfer of personal data to the USA is based on the adequacy decision for the EU-US Data Privacy Framework (DPF) of the EU Commission within the meaning of Art. 45 GDPR. Mapbox is certified under the DPF, so the usual level of protection under the GDPR applies to the transfer.

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR (legitimate interest in displaying our location on a map).

Further information can be found in Mapbox's privacy policy: https://www.mapbox.com/legal/privacy

Medidoc (Online Appointment Booking)

For online appointment booking, we use the service Medidoc by Medidoc AG, Switzerland. When using the booking function, you are redirected to the external platform onlinecalendar.medidoc.ch. The data you enter (e.g. name, contact details, desired appointment) is processed by Medidoc on our behalf.

The legal basis for data processing is Art. 6 para. 1 lit. b GDPR (performance of a contract or pre-contractual measures) and Art. 6 para. 6 FADP (consent through active use of the booking form).

Further information can be found in Medidoc's privacy policy: https://www.medidoc.ch/datenschutz

Use of Cookies

On various pages, we use cookies to enable certain functions of our website. So-called "cookies" are small text files that your browser can store on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as "setting a cookie".

Our website uses only technically necessary cookies that are required for the operation of the website. These cookies are set on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) to ensure the functionality of the website. No tracking or analytics cookies are used.

You can configure your browser to generally prevent the setting of cookies. You can then decide on a case-by-case basis whether to accept cookies or accept cookies as a general rule. Please note that if cookies are disabled, the functionality of our website may be limited.

Data Security and Data Protection, Communication by Email

Your personal data is protected by technical and organisational measures during collection, storage and processing so that it is not accessible to third parties. In the case of unencrypted communication by email, complete data security on the transmission path to our IT systems cannot be guaranteed by us, so we recommend encrypted communication or postal mail for information requiring a high level of confidentiality.

Duration of Data Storage

We only store personal data to the extent and for as long as this is necessary to fulfil the purposes for which the personal data was collected, we have a legitimate overriding interest in retention, or we are legally obliged to do so.

Right of Access

You have the right to request confirmation of whether we process personal data about you. If this is the case, you have a right of access to the information specified in Art. 25 et seq. FADP or Art. 15 para. 1 GDPR, unless access can be refused, restricted or postponed by the data controller (see Art. 26 et seq. FADP or Art. 15 para. 4 GDPR). We are happy to provide you with a copy of the data.

Right to Rectification

You have the right, pursuant to Art. 32 para. 1 FADP or Art. 16 GDPR, to request that incorrectly stored personal data (such as address, name, etc.) be corrected, unless this right is opposed by a legal obligation. You can also request the completion of data stored by us at any time. A corresponding adjustment will be made without delay.

Right to Erasure

You have the right, pursuant to Art. 17 para. 1 GDPR, to request that we delete the personal data collected about you if

  • the data is no longer needed;
  • the legal basis for processing has been lost without replacement due to the withdrawal of your consent;
  • there are no longer any legitimate grounds for processing;
  • your data is being processed unlawfully;
  • a legal obligation requires this.

The right does not exist pursuant to Art. 17 para. 3 GDPR if

  • the processing is necessary for the exercise of the right to freedom of expression and information;
  • your data has been collected on the basis of a legal obligation;
  • the processing is necessary for reasons of public interest;
  • the data is necessary for the establishment, exercise or defence of legal claims.

Right to Restriction of Processing

Pursuant to Art. 18 para. 1 GDPR, you have the right in certain cases to request the restriction of the processing of your personal data. This is the case when

  • the accuracy of the personal data is contested by you;
  • the processing is unlawful and you do not consent to erasure;
  • the data is no longer needed for the processing purpose, but the collected data serves the establishment, exercise or defence of legal claims;
  • an objection to processing pursuant to Art. 21 para. 1 GDPR has been lodged and it is not yet clear which interests prevail.

Right of Withdrawal

If you have given us express consent to the processing of your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP; Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you can withdraw this at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until the withdrawal is not affected by this. Data for which we are legally obliged to retain will be deleted after the retention period has expired.

Right to Object

You have the right, pursuant to Art. 21 GDPR, to object at any time to the processing of personal data concerning you which has been collected on the basis of Art. 6 para. 1 lit. f GDPR (in the context of a legitimate interest). If you have given us express consent to the processing of your personal data (Art. 6 para. 6 FADP and Art. 31 para. 1 FADP), you can withdraw this at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until the withdrawal is not affected by this. The right is only available to you if there are special circumstances that speak against the storage and processing. Data for which we are legally obliged to retain will be deleted after the retention period has expired.

How Do You Exercise Your Rights?

You can exercise your rights at any time by contacting the following address:

PARAT – Move Healthily
Feldbergstrasse 47
4057 Basel
Switzerland
Email: info@parat-studio.ch
Phone: +41 61 220 02 91

Right to Data Portability

You have the right, pursuant to Art. 20 GDPR, to receive the personal data concerning you. The data will be provided by us in a structured, commonly used and machine-readable format. The data can be sent either to you or to a controller designated by you.

Upon request, we will provide you with the following data:

  • Data collected on the basis of consent (Art. 31 para. 1 FADP and Art. 6 para. 1 lit. a GDPR);
  • Data that we have received from you in the context of existing contracts (Art. 31 para. 2 lit. a FADP and Art. 6 para. 1 lit. b GDPR and Art. 9 para. 2 lit. a GDPR);
  • Data that has been processed in the context of an automated procedure.

We will transfer personal data directly to a controller of your choice, insofar as this is technically feasible. Please note that we may not or only to a limited extent transfer data that infringes the overriding interests of third parties pursuant to Art. 26 para. 1 lit. b FADP or Art. 20 para. 4 GDPR.

Notifications to the FDPIC and Right of Action

Data subjects may, pursuant to Art. 49 FADP, file a report with the supervisory authority if there are sufficient indications that data processing may violate data protection regulations. The supervisory authority for data protection in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

Further information can be found on the FDPIC contact form: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html

If you suspect that your data is being processed unlawfully on our website, you can bring about a judicial clarification of the matter pursuant to Art. 32 FADP. As a rule, this requires a claim pursuant to Art. 28 et seq. CC. If you are affected by data processing by federal bodies, the procedure is governed by Art. 41 FADP. In this case too, you can contact the FDPIC (see the contact form link above).

Right to Lodge a Complaint with a Supervisory Authority Pursuant to Art. 77 para. 1 GDPR

If you suspect that your data is being processed unlawfully on our website, you can of course bring about a judicial clarification of the matter at any time. In addition, every other legal option is available to you. Regardless of this, pursuant to Art. 77 para. 1 GDPR, you have the option of contacting a supervisory authority. The right of complaint pursuant to Art. 77 GDPR is available to you in the EU member state of your place of residence, your workplace and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the above-mentioned locations. The supervisory authority with which the complaint has been filed will then inform you of the status and results of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.