Data privacy statement on the use of SWICA websites and concerning Emails
Provisions concerning the SWICA websites
1.1 Purpose of the data privacy statementSWICA Healthcare Organisation (SWICA Group, consisting of SWICA Healthcare Insurance Ltd., SWICA Insurance Ltd., PROVITA Gesundheitsversicherung AG and SWICA Management Ltd – hereinafter referred to as “SWICA”) is committed to complying with legal provisions in its data processing, promoting open communications with affected persons, and ensuring transparency in managing personal data. For this purpose, this data privacy statement has been drafted to inform all interested and affected persons (hereinafter referred to as “affected individuals”) about how SWICA processes data on its websites and web applications.
1.2 ScopeThis data privacy statement applies to all websites, web applications integrated into websites, and other online services (hereinafter referred to as “online services”) offered on the SWICA website and is to be applied equally to every site. SWICA attaches great importance to ensuring that its communications with affected individuals are clear, straightforward and simple. Please contact us at email@example.com if any sections of this privacy statement are unclear. This will enable SWICA to rapidly adapt and explain the sections in question.
Should certain special conditions or the general terms and conditions (GTC) of individual online services offered on the SWICA website contradict this data privacy statement, the respective special conditions and GTC of the individual online services take precedence.
For data processing as part of general insurance operations, we refer to the separate data privacy statement and to the General Insurance Conditions (GIC) and Supplementary Conditions (SC) that apply to the insurance product in question.
1.3 Legal basis for data processingAs a Swiss company subject to Swiss law, SWICA must comply with Swiss law on data protection. SWICA therefore processes personal data only for a justified reason that has been established in the form of a consent, a statutory requirement, or a legitimate private or public interest.
SWICA also takes all appropriate technical and organisational steps to protect the data from unlawful and improper processing.
1.4 Unit responsible for data processingSWICA Healthcare Insurance Ltd. is responsible for all data processing on behalf of all the companies in the Group.
SWICA Healthcare Insurance Ltd.
2 DefinitionsFirst of all, we would like to explain the following terms which may be used in this data privacy statement:
By personal data , SWICA means all information which relates to a natural or legal person who can be identified directly or indirectly by a name, identification number, location data, online identifier or one or more special features capturing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural or legal person.
Particularly sensitive personal data refers to data on religious, ideological, political, and trade union affiliations or activities; to data on health, privacy, race, ethnicity, genetics, and biometrics that clearly identify a natural person; to data on administrative and criminal prosecutions or sanctions; and to data on social assistance measures.
SWICA defines processing as any manual or automated procedure or series of procedures used in connection with collecting, entering, organising, arranging, storing, adapting, modifying, reading, retrieving, applying, or disclosing personal data, or for making such data available through transmission, distribution or dissemination or some other form of disclosure for the purpose of comparing, linking, restricting, deleting or destroying it.
3. Which data is processed on SWICA's websites?
3.1 Data processing during website visits
Various non-personal and peripheral data is processed automatically when an individual visits a SWICA website. SWICA's web server logs every access to the website, and SWICA then stores the data in anonymised form (i.e. SWICA cannot link the data with the user). In particular, the collected information includes the
- anonymised IP address of the device being used,
- identification data of the browser being used (e.g. Internet Explorer, Firefox, etc.),
- operating system of the computer being used (e.g. Windows 10, Mac OSX, Android, etc.),
- amount of data transmitted (how much data was downloaded from the website),
- name of the internet service provider (e.g. Swisscom, UPC, Sunrise, etc.),
- date and time of the access, and the
- technical data (e.g. name and URL of the referring SWICA website if the website was accessed via a link, and the search term if the website was accessed via a search engine.
The collected data does not allow SWICA to draw any conclusions about the user as a person and is stored in aggregated form for an unlimited period.
3.2 Data processing through the use of online servicesWhenever certain online services are used (e.g. premium calculator, policy purchase, competition, comment function, etc.), the user may be prompted to enter an email address, personal details (surname, first name, date of birth), contact information such as the address or phone number, and possibly other personal information and particularly sensitive personal data. Unless the nature of the matter calls for a different procedure (e.g. SWICA contacts the user in response to a contact form has been submitted), the user will be asked to authorise SWICA to disclose and process the data. The respective declaration of consent also provides information about the specific data that is processed for a certain purpose.
The data will be kept for the period defined in the respective consent agreement (provided that one was obtained). If the period is not clearly specified in the consent agreement or in cases where no consent was obtained, the data storage period is determined by a) the processing purpose, b) the last customer contact (max. 5 years after the last contact), and c) any statutory period for which business data can be stored. SWICA can also store data for a longer period if required to do so by an administrative or court order. The same applies if the data is required for SWICA in connection with providing evidence or asserting a claim. In such cases, rights relating to processing data (in accordance with no. 9) may also be curtailed.
All personal data is stored in Switzerland unless specified otherwise in the consent agreement.
4. Why is the data processed?
4.1 Data processing during website visitsThe peripheral data that is processed as part of any website access is used primarily to establish the connection and enable our content to be used. Furthermore, it is processed for internal, system-related purposes, such as technical administration and system security, for statistical purposes, and for improving the functionality of the website.
4.2 Data processing through use of online servicesThe personal data which is entered by the user in the respective online services will be used only for purposes to which the user consents. If the reason for using the data is derived from the nature of the matter, it is not necessary to obtain consent as described in no. 3.2 and SWICA thus refrains from describing the purpose in detail.
5. Who can access the data?Personal data is shared within SWICA Group (in accordance with no. 1). Data is not shared with or sold to third parties outside SWICA Group for marketing purposes. Personal data will be passed on to third parties only if this is necessary in order to provide the services requested. However, the data will be passed on only with your prior consent (in accordance with no. 7.2).
6. Use of social media plugins
Please refer to the service provider’s pages for more information about the purpose and scope of data collection, about how the provider processes and uses the data, about your rights in this connection, and about the settings for protecting your privacy.
SWICA uses social plugins of the following networks:
- Facebook (Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA)
- Twitter (Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA)
- LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
- Youtube (YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066, USA)
- Xing (XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany)
- Instagram (Instagram LLC, 1601 Willow Road, Menlo Park CA 94025, USA)
- Vimeo (Vimeo, Inc., 555 West 18th Street, New York, NY 10011, USA)
7.1 Data processing during website visitsThe user of the SWICA website gives SWICA permission to process the user's data during the visit (in accordance with section 3.1) to the extent laid out above and for the stated purpose (in accordance with no. 4.1).
7.2 Data processing through use of online servicesFor data processing in connection with the use of online services (in accordance with no. 3.2), SWICA obtains explicit or assumes implicit consent if the purpose and processing steps are stipulated by the nature of the matter (in accordance with no. 4.2).
7.3 Data processing through use of other SWICA or third-party offeringsThe use of other SWICA or third-party offerings may require separate prior consent for data processing. The mobile applications that SWICA offers (e.g. BENEVITA, mySWICA or BENECURA app, etc.) stipulate in their GTC that consent must be obtained in order to process the data. On SWICA's social media channels (e.g. Facebook, Instagram, Twitter etc.) the provisions of the respective provider are definitive.
9. Provisions concerning electronic mail and the newsletter:
9.1. What is SWICA's objective?The aim of SWICA's newsletter and emails is to provide our customers with helpful information and exciting special offers by email.These SWICA services (specific emails and newsletters) therefore offer:
- Health tips
- Savings tips
- Attractive offers from partners including discounted excursions and offers relating to nutrition, health, sport and wellness: swica.ch/active4life
9.2. What data does SWICA process?SWICA only registers the subscription/unsubscription on the customer profile. This information is stored for as long as the customer relationship exists. Afterwards it is deleted. No other data is processed.
9.3. How to unsubscribe?If you are no longer interested in receiving the newsletter or emails, you can unsubscribe at any time by clicking on the unsubscribe link in the footer of the newsletter or email. You can also unsubscribe by calling SWICA Customer Service or by writing to or visiting the relevant SWICA agency.
10 General information
10.1 Rights of data subjects
Users can at any time assert their rights to their personal data in the context of the personal data processing set out in this data privacy statement.
To exercise these rights, SWICA requires a written request with a copy of an official ID:
10.2 Questions and making contact
If you have any questions or wish to exercise your personal rights, please contact the following address:
SWICA Healthcare Organisation
10.3. Updating the data privacy statement
SWICA will update this data privacy statement whenever the provisions change. The most recent version of it is available on the SWICA website.
Contact formDo you have any questions about data protection? If so, please send them to us using the form below. SWICA's Data Protection Officer will be happy to assist you.
If you have enquiries about other topics, please use this contact form. Thank you.