Privacy Policy  

We, OnlineDoctor, take the protection of the personal data of our customers as well as those interested in our offers very seriously. For this reason, it is our duty to protect user data that is entrusted to us when visiting our website. We are committed to protecting the privacy of users of our website at all times. If and to the extent that the user voluntarily provides personal data, it will be collected and stored in accordance with the statutory data protection provisions of the Swiss Data Protection Act (FADP). Of course, all data will be treated confidentially. With the following data protection information, we would like to explain in more detail what data is collected, what happens to this data and what security precautions we have taken to protect this data from misuse. We also inform you of your rights with regard to the processing of your data. By providing this transparent and understandable information about our privacy policy, we want to ensure that visitors and customers are well and sufficiently informed about the collection, processing and use of personal data. 

 

Responsible body 

The responsible body for the collection, processing and use of your personal data is: 

OnlineDoctor AG
Waisenhausstrasse 15
9000 St. Gallen
support@onlinedoctor.ch 

 

Personal data 

Personal data is any data relating to an identified or identifiable individual. This includes the following categories of personal data: 

• Inventory data (e.g. name, function, organizational affiliation) 

• Contact details (e.g. address, e-mail address, telephone/fax number) 

• Content data (e.g. text inputs) 

• Usage data (e.g. access data, IP address, date and time of access) 

Your personal data will not be transmitted to third parties when using our website or in the context of contacting us by e-mail or via the contact form for purposes other than those listed below. 

 

Data transfer and recipients 

As a rule, your personal data will not be transmitted to third parties, except 

• we have explicitly pointed this out in the description of the respective data processing and 

• You have given your explicit consent to do so, or 

• the disclosure is necessary for the assertion, exercise or defence of legal claims or is for other reasons in our legitimate interest and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data, or 

• there is a legal obligation or 

• the disclosure is necessary for the processing of contractual relationships with you. 

In addition, we use external service providers for the provision of our services and the processing of our services, which we carefully select and commission. These are bound by our instructions and are regularly checked by us. In addition, we have concluded order processing agreements with them if necessary. The service providers are responsible for web hosting, sending e-mails, maintaining and caring for our IT systems and payment management. 

Furthermore, we may pass on your personal data to third parties if we conclude contracts or similar services together with partners. You can find more detailed information on this by providing your personal data or in the description of the offer you may be using. 

If our service providers or partners are based in a country outside Switzerland, the European Union (EU) or the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of the offer you may have taken advantage of and about the guarantees we make to protect your personal data. 

 

Processing of personal data when you visit our website (personal data concerned and purpose of processing) 

When using our website www.onlinedoctor.ch for informational purposes only, we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data, which is technically necessary for us to show you our website and to ensure stability and security: 

• IP address 

• Date and time of the request 

• Time zone difference to Greenwich Mean Time (GMT) 

• Content of the request (concrete page) 

• Access Status/HTTP Status Code 

• amount of data transferred in each case 

• Website from which the request comes 

• Browser 

• Operating system and its interface 

• Language and version of the browser software. 

The aforementioned data is processed by us for the following purposes: 

• Ensuring a smooth connection to the website, 

• To ensure a comfortable use of our website, 

• Evaluation of system security and stability as well as 

• for other administrative purposes. 

Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person. In anonymised form, the data may also be processed for statistical purposes. This data is not stored together with other personal data of the user, compared with other databases or passed on to third parties at any time. 

In addition, we use cookies and analysis services when you visit our website. You will find more detailed explanations in this privacy policy below. 

 

Processing of personal data in the context of contacting us (categories of personal data concerned and purpose of processing) 

You can contact OnlineDoctor by e-mail using the e-mail address published on our website or the contact form provided. 

If you use one of the above-mentioned contact channels, the personal data you transmit (e.g. surname, first name, address), but at least the e-mail address, as well as the information contained in the e-mail or in the contact form will be stored for the purpose of contacting us and processing your request. We delete the data generated in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. 

 

Processing of personal data in the context of teledermatology consulting services (categories of personal data concerned and purpose of processing) 

In addition to the purely informational use of our website, we offer various specialist consulting services (hereinafter referred to as “teledermatological consulting services”) through the dermatologists registered with us, which you can use if you are interested. To do this, you usually have to provide further personal data (e.g. health data, payment data), which we and the dermatologist use to provide the respective service. 

The mediation and technical implementation of the specialist medical consultation service as well as the provision of related support services constitutes the processing of your personal data by OnlineDoctor on behalf of the respective dermatologist. The dermatologist selected by you is responsible for the execution of the treatment contract under data protection law. 

Health data is processed for the teledermatological consultation service. These belong to the special category of personal data. We will only process this special category of personal data with your explicit consent. 

If you choose to make use of teledermatological consulting services via our website, the following personal data will be processed by us and forwarded to the dermatologist commissioned in order to answer the enquiry: 

• First name and surname 

• Gender 

• Date of birth 

• Address 

• Phone/mobile number 

• E-mail 

• Image data based on user-uploaded photographs of skin changes 

• further information may be provided by the user. Health data provided and recommendations for action prepared by dermatologists based on them (the “Health Data”) 

• Billing data such as e.g. Name, address, credit card information and/or bank details 

• Health insurance details including the insurance number 

The data collection, processing and use takes place for the following purposes: 

• Mediation of treatment contracts 

• Processing for anonymised evaluations for scientific, statistical and analytical purposes, including the development of new data-based diagnostic procedures – in each case if and to the extent permitted by law 

 

Registration and Patient Account 

In order to protect your personal data, in particular your health data, access to your assessment and recommendation for action is only possible via a secure patient login (consisting of e-mail address + password). This login is set up by you as part of the case creation process. This ensures that only you, as an authorized person, have access to your sensitive health data. Alternatively, you can log in to your patient account via the patient login area and call up your assessment and recommendation for action. 

As part of the registration process on our website, we collect your email and transmit it to our technical service provider Amazon Web Services EMEA SARL (38 Avenue John F. Kennedy, L-1855 Luxembourg), where a user account is created. Apart from the e-mail address and password, no other personal data is stored. We have concluded an order processing agreement with AWS EMEA SARL, which obliges AWS to process data in compliance with data protection regulations and to maintain confidentiality. Your data will not be passed on to third parties.   

Your data may also be processed in third countries outside Switzerland, the European Union (EU) and the European Economic Area (EEA), in particular in the USA. For data transfers to the USA, there is an adequacy decision of the Federal Council pursuant to Art. 16 para. 1 FADP for companies that are subject to the Swiss-U.S. Data Privacy Framework. AWS EMA SARL is certified by the Swiss-U.S. Data Privacy Framework and thus commits itself to compliance with appropriate data protection standards. For more information, please visit: https://dataprivacyframework.gov 

We process your e-mail address in the interest of implementing a patient account as a technical measure in accordance with Art. 7, 8 FADP to protect your personal data and to comply with the legal obligation to take appropriate technical and organizational measures in accordance with Art. 7.8 DSG. . 

Your data will not be used for advertising purposes and will only be processed for the secure provision of your medical information. Your personal data will be deleted as soon as it is no longer required for the original purpose – usually with the deletion of your patient account. 

 

Processing for billing purposes 

The billing of the teledermatological consulting service is carried out by the external payment service provider Datatrans Ltd (“Datatrans”), which is integrated into our website and is based in Switzerland. OnlineDoctor and Datatrans have concluded an order data processing agreement. If you use a teledermatological consultation service via our website, the payment is processed by Datatrans, which allows payment via credit card, Twint, Post Finance Card, Discover or Diners Club.  

For payment processing, OnlineDoctor transmits the following transaction data to Datatrans: 

• First and last name of the card account holder 

• E-mail 

• Card information 

• Expiration date 

• CVV/CVC-Code 

• Datetime 

• Amount of the transaction amount 

Datatrans does not have access to your health data at any time. 

 

Processing for the (further) development of AI-supported diagnostics 

If you give us your consent to this, we will process part of your health data (image data, symptom data, age and gender) for the purpose of training artificial intelligence. The aim is to continuously improve the quality of diagnosis and to optimise the teledermatological consultation services we provide. Giving your consent is voluntary. You can use the teledermatology consultation services even if you do not give us your consent.  

Artificial intelligence is an application that supports the diagnosis of certain dermatological conditions using image data and supplementary information from patients’ self-reports.  

Your data will be treated according to the highest possible security standards and strictly confidential. The consent can be revoked at any time for the future. All you need to do is send an e-mail to hello@onlinedoctor.ch. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent before the revocation. 

 

Processing of personal data in the context of the newsletter subscription (categories of personal data concerned and purpose of processing) 

OnlineDoctor sends out two types of newsletters:  

• General marketing emails: Are also sent to users who have submitted a case to OnlineDoctor. These newsletters contain more general marketing content about OnlineDoctor products.  

• Promotional Newsletter: This newsletter requires an active subscription. They contain general marketing content from OnlineDoctor and partners. When registering, the data you provide will be transmitted to the controller via the respective input mask. Registration for our advertising newsletter takes place in the so-called double opt-in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no one can log in with someone else’s e-mail addresses. When registering for the newsletter, the user’s IP address as well as the date and time of registration are stored. This is to prevent misuse of the services or the email address of the data subject. The data will not be passed on to third parties. An exception exists if there is a legal obligation to pass it on. The data will be used exclusively for sending the newsletter. You can cancel your subscription to the newsletter at any time. You can also revoke your consent to the storage of personal data at any time. For this purpose, you will find a corresponding link in each newsletter.  

We use rapidmail to send out all newsletters. The provider is rapidmail GmbH, Wentzingerstrasse 21, 79106 Freiburg, Germany. rapidmail is used to organize and evaluate the sending of newsletters. The data you enter and list below for the purpose of subscribing to the newsletter will be stored on rapidmail’s servers in Germany.  

We process your e-mail address, as well as your name and gender, in order to personalize the newsletter and address you personally. In addition, we process your OnlineDoctor account ID to improve the effectiveness and relevance of our newsletter service and communications. This data is hashed with sha3_256 under UTF-8 encoding, and the original identification ID is not accessible to rapidmail GmbH. The data will be stored by us until you receive your objection or unsubscribe from the newsletter and will be deleted from both our servers and the rapidmail servers after you have unsubscribed from the newsletter. Data that has been stored by us for other purposes remains unaffected by this. 

Via the provider rapidmail, we analyse whether and how you have opened the content of the newsletter. For the purpose of analysis, the e-mails sent with rapidmail contain so-called tracking pixels, which establish a connection to the rapidmail servers when the e-mail is opened. In this way, it can be determined whether a newsletter message has been opened. In addition, we can use rapidmail to determine whether and which links in the newsletter message are clicked. All of the links in the email are tracking links that can count your clicks. Depending on the font with which the respective newsletter is designed, a connection to external servers such as Google Fonts takes place.  

If you do not want rapidmail to analyze your newsletter, you must unsubscribe from the newsletter. For this purpose, we provide you with a corresponding link when your e-mail address is collected as well as in every newsletter message.  

 

Processing of personal data for the purpose of sending a satisfaction survey by e-mail 

We process your e-mail address received during registration for the purpose of sending you a satisfaction survey about the consultation via OnlineDoctor.  

To create the survey, we use Typeform, a survey tool from the company Typeform SL, based in C/ Can Rabia 3-5, 4th floor, 08017 – Barcelona (Spain). The data you enter for the purpose of answering the survey will be stored by Typeform SL on servers of the cloud computing provider Amazon Web Services used by Typeform SL in the EU.  

You have the right to object to the processing of your personal data. If you would like to exercise your right to object, you can send your objection informally by e-mail to hello@onlinedoctor.ch. 

 

Processing of personal data in the context of user surveys  

OnlineDoctor conducts user surveys to improve our products and ensure product quality. These surveys are conducted through Microsoft Teams, a video conferencing service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.  

The interviews will be recorded. Before the start of each recording, participants will be informed and asked for their consent. This consent is reconfirmed after the recording begins, so that it is recorded in the recording itself. No recording will take place without the explicit consent of the participant.  

The recordings, along with the notes derived from the interview, will be stored in Confluence, a collaboration platform provided by Atlassian Network Services, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, USA. We have entered into a data processing agreement with Atlassian to ensure the protection and confidentiality of the data stored on their platform.  Atlassian Inc is certified according to the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards. For more information, please visit: https://dataprivacyframework.gov 

In the context of user interviews, we may process the following personal data: your name, contact details and any personal information that you voluntarily provide during the interview.  

The data collected during the interviews is used exclusively for the purpose of product improvement and maintaining product quality. The data will not be passed on to third parties. An exception exists if there is a legal obligation to do so. You can revoke your consent to the recording at any time. In this case, the recording will be terminated and all data collected up to that point will be deleted upon request.  

 

Processing of personal data when signing up to receive security updates of our product 

The OnlineDoctor Skin Check is a class IIa medical device according to Regulation (EU) 2017/745 on medical devices. According to this, we are obliged to give users of the product the opportunity to receive information about medical device safety-related issues. If you provide us with your e-mail address for this purpose, we will process it in order to communicate and provide you with security-relevant updates to our instructions for use. Legal basis for the processing: Art. 6 para. 1 a) and c) GDPR.  

We use rapidmail GmbH, Wentzingerstrasse 21, 79106 Freiburg, Germany to send this update. There is no evaluation of the dispatch. You can object to the receipt of further security updates at any time with effect for the future by clicking on the unsubscribe link included in each message. 

 

Processing of personal data when registering as a dermatologist via our website 

If you use our website to obtain information about the functioning of our application as a specialist or to arrange a consultation appointment, we process your personal data as follows:  

a) Request a product demo 

If you request a product demo from our team, we will process your name and email address to send you a product demo video. Your request will be processed by our service provider rapidmail GmbH, Wentzingerstrasse 21, 79106 Freiburg, Germany. We have concluded an order data processing agreement with rapidmail GmbH. The data you enter and data will be stored on rapidmail’s servers in Germany for the purpose of sending messages.  

 b) Arrange an information appointment 

If you would like to arrange an informational meeting with us to have the functionality of the product and the integration options into your everyday practice explained, we will process your name and e-mail address directly via our website. You have the opportunity to make an appointment directly with one of our customer support representatives. For easy appointment scheduling, we link to the appointment scheduling tool of Calendly, Inc., 115 E Main St., Ste. A1B, Bufort, GA 30518, USA, represented by DPO Centre Europe, Friedrichstrasse 88, 10117 Berlin, Germany, eurep@calendly.com. By clicking on the button “Info appointment” we will redirect you to the website of Calendly Inc. The data protection regulations of Calendly Inc. apply to the processing of your data on the Calendly Inc. website. The privacy policy can be found here: https://calendly.com/legal/privacy-notice.   

A member of staff will call you on the date you have selected. The call is made through Microsoft Teams, a video conferencing service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. We process your contact data via Microsoft Teams.  

 c) Sending of information material  

If you have made an information appointment or a trade fair meeting with us or received our product demo, we will send you follow-up emails to your e-mail address at regular intervals with the possibility of registering on our platform. For this purpose, we process your contact details and your e-mail address. The e-mail is sent via Zoho Campaigns, an e-mail sending service of Zoho Corporation GmbH, Hagen. 7, 45127 Essen, Germany. We have entered into a data processing agreement with Zoho.  

 d) Signing up on the platform 

If you would like to register on our platform for the first time as a specialist in order to use our product to treat patients, we will process the following data from you:  

• Name and title 

• E-mail address 

• Practice address 

• ZSNR 

• Copy of admission certificates and specialist certificates 

• IBAN/bank details 

• Photos of your identity card or your registration certificate 

• Photo of you 

• Mobile number 

This information is collected in a structured way through the survey tool Typeform, the company Typeform SL, with registered office at C/ Can Rabia 3-5, 4th floor, 08017 – Barcelona (Spain). The data you enter for the purpose of answering the survey will be stored by Typeform SL on servers of the cloud computing provider Amazon Web Services used by Typeform SL in the EU. We have concluded an order processing agreement with Typeform SL.  

Before an activation for our product can take place, it is imperative that training is carried out by one of our employees. Appointments for the training are booked via Calendly Inc and the training itself takes place via Microsoft Teams. The exact information on these contract data processors can be found in section b) of this Privacy Policy.  

After successfully completing the training, you will be trained in our client management tool of Zoho Corporation GmbH, Hagen. 7, 45127 Essen, which we will maintain for the entire duration of the cooperation. There is an order data processing agreement with Zoho Coporation GmbH. 

In addition, we store your profile on our platform. This is hosted by Amazon Web Services EMEA SARL Luxembourg Zweigniederlassung Zürich, CH-020.9.004.976-7 Kanton Zürich, CHE-430.551.382 MWST, CH-8045 Zürich, Kalanderplatz 1, with server locations in Germany and Europe. The purpose of the processing is to store data and host our product. We have concluded an order processing agreement with Amazon Web Services EMEA.  

 

Data security 

We use the widely used SSL (Secure Socket Layer) method within the website in conjunction with the highest level of encryption supported by your web browser. As a rule, this is a 256-bit encryption. If your browser doesn’t support 256-bit encryption, we’ll use 128-bit v3 technology instead. You can tell whether a single page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser. 

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. 

 

Duration of storage of personal data 

The duration of the storage of personal data is measured by the relevant statutory retention obligations. 

After the respective period has expired, the corresponding data is routinely deleted. If data is necessary for the fulfilment or initiation of a contract or if there is a legitimate interest on our part in further storage, the data will be deleted if it is no longer required for these purposes or if you make use of your right of revocation or objection. 

 

Zendesk Support Request Handling 

If you send us an inquiry by email or contact us through our platform, we use the Zendesk ticketing system, a customer service platform of Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102. 

In order to answer user inquiries, necessary data such as surname, first name, telephone number, e-mail address are collected. 

For more information on data processing by Zendesk, please refer to Zendesk’s Privacy Policy at http://www.zendesk.com/company/privacy. We have entered into an order processing agreement with Zendesk, in which we oblige the service provider to protect our customers’ data and not to pass it on to third parties. 

When using the service, your data may also be processed in countries outside Switzerland, the European Union (EU) and the European Economic Area (EEA) in third countries, in particular in the USA. For data transfers to the USA, there is an adequacy decision of the Federal Council pursuant to Art. 16 para. 1 FADP in relation to companies certified according to the Swiss-U.S. Data Privacy Framework.  Zendesk is certified by the Swiss-U.S. Data Privacy Framework certifies and commits itself to compliance with appropriate data protection standards, which can be viewed under the following link: Participant Search (dataprivacyframework.gov).  

 

Use of cookies 

In addition to the above data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which certain information flows to the entity that sets the cookie (in this case by us). Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall. 

This website uses the following types of cookies, the scope and functionality of which are explained below: 

• Transient cookies, i.e. cookies that are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, which can be used to assign various requests from your browser to the common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser. 

• Persistent cookies, i.e. cookies for which you can configure your browser settings according to your preferences. Here, for example, the acceptance of third-party cookies or all cookies can be rejected. We would like to point out that you may not be able to use all the functions of this website. 

We use cookies to be able to identify you for subsequent visits if you have an account with us. Otherwise, you would have to log in again for each visit. 

The Flash cookies used are not recorded by your browser, but by your Flash plug-in. 

In some cases, the cookies are used to simplify website processes by storing settings (e.g. the provision of already selected options). If personal data is also processed by individual cookies implemented by us, the processing is carried out either for the execution of the contract or to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit. 

You can set your browser so that you 

• be informed about the setting of cookies, 

• Allow cookies only in individual cases, 

• exclude the acceptance of cookies in certain cases or in general, 

• Activate the automatic deletion of cookies when the browser is closed 

The cookie settings can be managed under the following links for the respective browsers: 

• Google Chrome:http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647 

• Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen 

• Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies 

• Safari: https://support.apple.com/kb/ph21411?locale=de_DE 

• Opera: https://help.opera.com/en/latest/web-preferences/#cookies 

You can also manage cookies from many companies and functions used for advertising individually. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices. 

 

Changes to your cookie settings 

You can revoke or change your cookie settings at any time. To do this, call up the cookie settings again via this link  Change cookie settings. 

 

Web analysis and advertising tracking Google 

We use some services and technologies from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google uses so-called cookies. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by cookies about your use of this website is usually transmitted to a Google server in the USA and stored there.  

When using the service, your data may also be processed in countries outside Switzerland, the European Union (EU) and the European Economic Area (EEA) in third countries, in particular in the USA. For data transfers to the USA, there is an adequacy decision of the Federal Council pursuant to Art. 16 para. 1 FADP in relation to companies certified according to the Swiss-U.S. Data Privacy Framework.  According to the Swiss-U.S. Data Privacy Framework certifies and commits itself to compliance with appropriate data protection standards, which can be viewed under the following link: Participant Search (dataprivacyframework.gov).  

 

Google Analytics 

Google Analytics uses cookies to analyse and improve your use of our website. 

We only use Google Analytics with IP anonymization activated. In this case, the IP address of Google users within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area is shortened, which can exclude a personal reference. 

On behalf of the operator of this website, Google will use this information to evaluate your use of the website. This is used to compile reports on website activity and to provide other services related to website and internet use to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google. The Google Analytics Terms of Service and Privacy Information can be accessed via the following links: 

• http://www.google.com/analytics/terms/de.html 

• https://www.google.de/intl/de/policies/ 

You can prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You can also prevent the collection of data generated by cookies and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available under URL http://tools.google.com/dlpage/gaoptout?hl=de. 

Information on the handling of user data by Google Analytics can be found in Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=de 

When using the service, your data may also be processed in countries outside Switzerland, the European Union (EU) and the European Economic Area (EEA) in third countries, in particular in the USA. For data transfers to the USA, there is an adequacy decision of the Federal Council pursuant to Art. 16 para. 1 FADP in relation to companies certified according to the Swiss-U.S. Data Privacy Framework.  According to the Swiss-U.S. Data Privacy Framework certifies and commits itself to compliance with appropriate data protection standards, which can be viewed under the following link: Participant Search (dataprivacyframework.gov).  

 

Google AdWords-Conversion-Tracking 

We use Google AdWords conversion tracking to measure the success of our advertising efforts. After certain goals have been achieved on our website (“conversions”), this is recorded by Google. Google can use it to measure the number of goal achievements. In addition, Google will use previously set cookies to assign which advertisements were previously clicked on and were therefore decisive for the achievement of the goal. 

You can configure your browser to refuse cookies, as described above. In addition, you can prevent Google from using cookies for advertising purposes in the cookie settings of Google’s privacy policy. 

When using the service, your data may also be processed in countries outside Switzerland, the European Union (EU) and the European Economic Area (EEA) in third countries, in particular in the USA. For data transfers to the USA, there is an adequacy decision of the Federal Council pursuant to Art. 16 para. 1 FADP in relation to companies certified according to the Swiss-U.S. Data Privacy Framework.  According to the Swiss-U.S. Data Privacy Framework certifies and commits itself to compliance with appropriate data protection standards, which can be viewed under the following link: Participant Search (dataprivacyframework.gov).  

 

Google Tag Manager 

Our website uses Google Tag Manager. The Tag Manager can be used to manage tracking tools and website tags. This service does not use cookies and no personal data is collected. Google Tag Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it will remain in place for all tracking tags if they are implemented with the Google Tag Manager. 

When using the service, your data may also be processed in countries outside Switzerland, the European Union (EU) and the European Economic Area (EEA) in third countries, in particular in the USA. For data transfers to the USA, there is an adequacy decision of the Federal Council pursuant to Art. 16 para. 1 FADP in relation to companies certified according to the Swiss-U.S. Data Privacy Framework.  According to the Swiss-U.S. Data Privacy Framework certifies and commits itself to compliance with appropriate data protection standards, which can be viewed under the following link: Participant Search (dataprivacyframework.gov).  

 

Google Signals 

In addition, this website uses Google Signals. This is an extension function of Google Analytics that enables so-called “cross-device tracking”. This means that if your internet-enabled devices are linked to your Google Account, Google can generate reports on usage behavior (especially cross-device user numbers), even if you change your device. For this purpose, Google uses data if you have activated the “personalized advertising” setting in your Google account. 

We only use Google Analytics with IP anonymization enabled. This means that your IP address will only be processed by Google in an abbreviated form. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.  

You can deactivate the “personalized advertising” setting in your Google account at any time and thus object to a collection by Google Signals. 

https://support.google.com/ads/answer/2662922?hl=de 

 

Linking to social media 

Social networks (e.g. Facebook or LinkedIn) are only integrated into our website in the form of a link to the corresponding services. After clicking on the embedded text/image link, you will be redirected to the website of the respective provider. Only after the forwarding is user information transmitted to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective data protection regulations of the providers you use. 

 

Your rights 

In principle, you have the following rights: 

• Request access to your personal data processed by us; 

• request the correction of inaccurate or complete your personal data held by us; 

• Request erasure of your personal data held by us; 

• request the restriction of processing or disclosure to third parties or the prohibition of processing of your personal data; 

• Receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or request that it be transmitted to another controller; 

• revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned without undue delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent before the revocation; and 

• file a complaint with a supervisory authority, depending on applicable law. 

You can declare your rights to OnlineDoctor or the respective dermatologist. 

 

Contact details of the data protection advisor 

Our external data protection consultant will be happy to provide you with information on the subject of data protection under the following contact details: 

FIRST PRIVACY GmbH
Konsul-Smidt-Strasse 88
28217 Bremen 

DeutschlandWeb: https://www.first-privacy.com
E-Mail:  mailto:office@first-privacy.com 

When you contact our data protection officer, please also indicate the responsible body named in the imprint. 

 

Changes to our Privacy Policy 

We reserve the right to update this privacy policy if necessary, in compliance with the applicable data protection regulations. This allows us to adapt them to current legal requirements and take into account changes to our services, e.g. when introducing new services. The most recent version applies to your visit. 

Status of this privacy policy: May 2026