Data privacy statement on the use of SWICA websites and concerning Emails

Provisions concerning the SWICA websites

1 General

1.1 Purpose of the data privacy statement

SWICA Healthcare Organisation (SWICA Group, consisting of SWICA Healthcare Insurance Ltd., SWICA Insurance Ltd. and SWICA Management Ltd – hereinafter referred to as “SWICA”) is committed to complying with legal provisions in its data processing, promoting open communications with affected persons, and ensuring transparency in managing personal data. For this purpose, this data privacy statement has been drafted to inform all interested and affected persons (hereinafter referred to as “affected individuals”) about how SWICA processes data on its websites and web applications.

1.2 Scope

This data privacy statement applies to all websites, web applications integrated into websites, and other online services (hereinafter referred to as “online services”) offered on the SWICA website and is to be applied equally to every site. SWICA attaches great importance to ensuring that its communications with affected individuals are clear, straightforward and simple. Please contact us at datenschutz@swica.ch if any sections of this privacy statement are unclear. This will enable SWICA to rapidly adapt and explain the sections in question.

Should certain special conditions or the general terms and conditions (GTC) of individual online services offered on the SWICA website contradict this data privacy statement, the respective special conditions and GTC of the individual online services take precedence.

For data processing as part of general insurance operations, we refer to the separate data privacy statement and to the General Insurance Conditions (GIC) and Supplementary Conditions (SC) that apply to the insurance product in question.

1.3 Legal basis for data processing

As a Swiss company subject to Swiss law, SWICA must comply with Swiss law on data protection. SWICA therefore processes personal data only for a justified reason that has been established in the form of a consent, a statutory requirement, or a legitimate private or public interest.
SWICA also takes all appropriate technical and organisational steps to protect the data from unlawful and improper processing.

1.4 Unit responsible for data processing

SWICA Healthcare Insurance Ltd. is responsible for all data processing on behalf of all the companies in the Group.

SWICA Healthcare Insurance Ltd.
Römerstrasse 38
8401 Winterthur
Switzerland
UID: 109.337.400

2 Definitions

First of all, we would like to explain the following terms which may be used in this data privacy statement:

By personal data , SWICA means all information which relates to a natural or legal person who can be identified directly or indirectly by a name, identification number, location data, online identifier or one or more special features capturing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural or legal person.

Particularly sensitive personal data refers to data on religious, ideological, political, and trade union affiliations or activities; to data on health, privacy, race, ethnicity, genetics, and biometrics that clearly identify a natural person; to data on administrative and criminal prosecutions or sanctions; and to data on social assistance measures.

SWICA defines processing as any manual or automated procedure or series of procedures used in connection with collecting, entering, organising, arranging, storing, adapting, modifying, reading, retrieving, applying, or disclosing personal data, or for making such data available through transmission, distribution or dissemination or some other form of disclosure for the purpose of comparing, linking, restricting, deleting or destroying it.

3. Which data is processed on SWICA's websites?

3.1 Data processing during website visits

Various non-personal and peripheral data is processed automatically when an individual visits a SWICA website. SWICA's web server logs every access to the website, and SWICA then stores the data in anonymised form (i.e. SWICA cannot link the data with the user). In particular, the collected information includes the

• anonymised IP address of the device being used,
• identification data of the browser being used (e.g. Internet Explorer, Firefox, etc.),
• operating system of the computer being used (e.g. Windows 10, Mac OSX, Android, etc.),
• amount of data transmitted (how much data was downloaded from the website),
• name of the internet service provider (e.g. Swisscom, UPC, Sunrise, etc.),
• date and time of the access, and the
• technical data (e.g. name and URL of the referring SWICA website if the website was accessed via a link, and the search term if the website was accessed via a search engine.

The collected data does not allow SWICA to draw any conclusions about the user as a person and is stored in aggregated form for an unlimited period.

3.2 Data processing through the use of online services

Whenever certain online services are used (e.g. premium calculator, policy purchase, competition, comment function, etc.), the user may be prompted to enter an email address, personal details (surname, first name, date of birth), contact information such as the address or phone number, and possibly other personal information and particularly sensitive personal data. Unless the nature of the matter calls for a different procedure (e.g. SWICA contacts the user in response to a contact form has been submitted), the user will be asked to authorise SWICA to disclose and process the data. The respective declaration of consent provides information about the data that is processed for a certain purpose.

The data will be kept for the period defined in the respective consent agreement (provided that one was obtained). If the period is not clearly specified in the consent agreement or in cases where no consent was obtained, the data storage period is determined by a) the processing purpose, b) the last customer contact (max. 5 years after the last contact), and c) any statutory period for which business data can be stored. SWICA can also store data for a longer period if required to do so by an administrative or court order. The same applies if the data is required for SWICA in connection with providing evidence or asserting a claim. In such cases, rights relating to processing data (in accordance with no. 9) may also be curtailed.

All personal data is stored in Switzerland unless specified otherwise in the consent agreement.

4. Why is the data processed?

4.1 Data processing during website visits

The peripheral data that is processed as part of any website access is used primarily to establish the connection and enable our content to be used. Furthermore, data is processed for internal, system-related purposes, such as technical administration and system security, as well as for statistical purposes and to improve the functionality of the website.

4.2 Data processing through use of online services

The personal data which is entered by the user in the respective online services will be used only for purposes to which the user consents. If the reason for using the data is derived from the nature of the matter, it is not necessary to obtain consent as described in no. 3.2 and SWICA thus refrains from describing the purpose in detail.

5. Who can access the data?

Personal data is shared within SWICA Group (in accordance with no. 1). Data is not shared with or sold to third parties outside SWICA Group for marketing purposes. Personal data will be passed on to third parties only if this is necessary in order to provide the services requested. However, the data will be passed on only with your prior consent (in accordance with no. 6.2).

6. Consent

6.1 Data processing during website visits

The user of the SWICA website gives SWICA permission to process the user's data during the visit (in accordance with section 3.1) to the extent laid out above and for the stated purpose (in accordance with no. 4.1).

6.2. Data processing through use of other SWICA or third-party offerings

For data processing in connection with the use of online services (in accordance with no. 3.2), SWICA obtains explicit or assumes implicit consent if the purpose and processing steps are stipulated by the nature of the matter (in accordance with no. 4.2).

6.3 Data processing through use of other SWICA or third-party offerings

The use of other SWICA or third-party offerings may require separate prior consent for data processing. The mobile applications that SWICA offers (e.g. BENEVITA, mySWICA or BENECURA app, etc.) stipulate in their GTC that consent must be obtained in order to process the data. On SWICA's social media channels (e.g. Facebook, Instagram, Twitter etc.) the provisions of the respective provider are definitive.

7. Cookies and iFrames

SWICA uses cookies on its websites. Please refer to the cookie policy for information about the cookie settings that SWICA and third parties use.
Go to Cookie Policy

8. Provisions concerning electronic mail and the newsletter:

8.1. What is SWICA's objective?

The aim of SWICA's newsletter and emails is to provide our customers with helpful information and exciting special offers by email.

These SWICA services (specific emails and newsletter) offer:

• Health tips
• Savings tips
• Attractive offers from partners including discounted excursions and offers relating to nutrition, health, sport and wellness: swica.ch/active4life
  
  

8.2. What data does SWICA process?

SWICA only registers the subscription/unsubscription on the customer profile. This information is stored for as long as the customer relationship exists. Afterwards it is deleted. No other data is processed.

8.3. How do I unsubscribe?

If you are no longer interested in receiving the newsletter or emails, you can unsubscribe at any time by clicking on the unsubscribe link in the footer of the newsletter or email. You can also unsubscribe by calling SWICA Customer Service or by writing to or visiting the relevant SWICA agency. 

9. General information

9.1 Rights of data subjects

Users can at any time assert their rights to their personal data in the context of the personal data processing set out in this data privacy statement.
To exercise these rights, SWICA requires a written request with a copy of an official ID:

9.2 Questions and who to contact

If you have any questions or wish to exercise your personal rights, please contact the following address:
SWICA Healthcare Organisation
Datenschutz
Römerstrasse 38
8401 Winterthur

Or

Contact form

9 .3 Updating the data privacy statement

SWICA will update this data privacy statement whenever the provisions change. The most recent version of it is available on the SWICA website.