General Terms and Conditions (GTC) for SWICA Online Services

I General

SWICA Healthcare Insurance Ltd. (acting for all group companies of SWICA Healthcare Organisation, in particular SWICA Insurance Ltd., SWICA Management AG, PROVITA Health Insurance Ltd., hereinafter referred to as “SWICA”) offers a range of online services on a variety of digital applications (hereinafter referred to as “Online Services) to its customer and to persons and/or companies, public-sector institutions, associations and clubs which have a legal relationship with SWICA (hereinafter referred to jointly as “Users). SWICA may change (i.e. reduce or expand) the range of Online Services at any time, or access to them may be completely closed. These General Terms and Conditions for SWICA Online Services (hereinafter “GTC”) govern the relationship between SWICA and the User when using Online Services.

 

1.1 Legal information

Some Online Services provided by SWICA require an additional agreement (“Special Conditions”) which must be agreed separately. By using Online Services or registering for them, the User accepts these GTC. If Special Conditions apply, SWICA’s Online Services are activated as soon as the User accepts them electronically.

 

1.2 Amendment of the GTC

SWICA expressly reserves the right to amend these GTC and any Special Conditions at any time. Any such amendment will be communicated to the User electronically or in another appropriate manner and is deemed to have been approved unless an express objection is raised within one month of notification, but in any case when the Online Services are next used. If the GTC or the Special Conditions are rejected, access to the respective service is no longer possible.

 

II Accessing the Online Services

2.1 Access rights

Unless expressly defined otherwise, the Online Services are generally available to all authorised Users, as defined in Section I, who meet the following requirements:

  • Active contractual or insurance relationship with SWICA
  • Own email address

Additional requirements, which are defined in accordance with the Special Conditions for some Online Services, are reserved.

 

2.2 Registration and legitimation

To access the Online Services and the services provided therein, the User must register with all personal means of identification required for the Online Service in question (e.g. user name, PIN/password, security code). The type of registration is specified by SWICA, and successful registration is confirmed accordingly. Written registration is required for some Online Services.
Anyone who has registered in accordance with the requirements of the relevant Online Service is deemed to be a User by SWICA and is authorised to use the Online Services in question.

 

III User’s duty of care

SWICA draws the User’s particular attention to the following duties of care when using Online Services:

  • The User must ensure that all access data is kept secret and protected against misuse by unauthorised persons. In particular, PINs/passwords must be changed immediately upon receipt and may not be recorded, shared or stored on the terminal device without protection. PINs/passwords must not be easy to guess or otherwise ascertain.
  • Unless expressly defined otherwise, it is not permitted to use the Online Services for third parties. The use of Online Services in the context of the legal right of representation or a legally valid power of attorney remains reserved.
  • Online Services may only be used in accordance with the contract and for the intended purposes.
  • No industrial property rights, copyrights or other property rights may be infringed.

The User bears all risks arising from the infringement of the above-mentioned duties of care.

 

IV Instructions and messages

Provided that registration has been carried out in accordance with Section 2.2, SWICA is authorised to execute instructions placed with it via the Online Services and to act on messages received.

 

V Security notes / blocking and termination of contract

5.1 Security notes

Access to the Online Services is via the internet. Despite state-of-the-art security precautions, it is not possible to guarantee absolute security either on SWICA’s side or on the User’s side. The User’s terminal device is part of the internet and is outside SWICA’s control.
SWICA draws the User’s particular attention to the following risks when using Online Services:

  • Inadequate system knowledge and security precautions on the terminal device can facilitate unauthorised access. SWICA therefore strongly recommends that Users equip their terminal devices with up-to-date protection programs and use a password to protect their use of the internet connection.
  • If there is any suspicion that unauthorised third parties have become aware of the access data, it must be changed without delay and, where necessary, SWICA must be asked to blocked access.
  • SWICA has no influence on whether or how the internet provider selected by the User analyses data traffic. If there is no activity on the Online Services for a defined period of time, the current session will be terminated automatically for security reasons and the User will have to log in again. There is a latent risk that a third party may gain access to the User’s terminal device while Online Services are being used without the User being aware that this is the case.
  • When using a network (e.g. the internet, SMS, WLAN), there is a risk that malware etc. could spread to the terminal device when it is connected to the network. Security software which is available on the market can help the User to take appropriate security precautions.
  • Despite the use of state-of-the-art security technologies, there can be no guarantee of absolute security in the context of data transmission.
  • The data can be transmitted uncontrolled across borders. This also applies even if both the sender and the receiver are located in Switzerland. Although the individual data packets are transmitted in encrypted form, the senders’ and recipients’ details are unencrypted. It is therefore possible to conclude that a customer relationship exists between the User and SWICA.

SWICA rejects all liability for the consequences of non-compliance with the safety notes.

 

5.2 Blocking

If security risks are identified, SWICA reserves the right to block access to the Online Services until further notice in the interests of the User and for the protection of SWICA. In the event of suspected misuse of the Online Services (e.g. repeated entry of an incorrect password), SWICA reserves the right to block access to the Online Services temporarily at any time.

 

5.3 Contract termination

Unless otherwise stipulated in the Special Conditions, Online Services are automatically terminated as soon as the User no longer has a contractual relationship with SWICA. It is the User’s responsibility to save all data and documents that he wishes to keep after the end of the contract outside the Online Services. The use of Online Services in the context of the legal right of representation or a legally valid power of attorney remains reserved.
Upon termination of the Online Service, all User data held by SWICA will be deleted to the extent that this is technically and reasonably possible and legally permissible. Data stored in backups is not subsequently removed.

 

VI Data protection and data usage

6.1 Data protection

SWICA complies with the provisions of the Swiss Data Protection Act. In particular, SWICA does not share personal information about Users with third parties unless authorised to do so and protects the personal data entrusted to it against unauthorised access by taking appropriate technical and organisational measures. SWICA’s executive bodies, employees and agents are legally obliged to maintain confidentiality with regard to Users’ personal data and business documents.

 

6.2 Data usage

The data entered in the course of registration (e.g. insured person no., date of birth, postcode) are used for authentication purposes only. Users of Online Services are advised to observe the data protection provisions in the respective Special Conditions and the corresponding purposes for data processing and data usage.

 

VII Cookies and web analysis services

SWICA analyses usage of the Online Services and produces anonymous evaluations. These help SWICA to continually optimise its Online Services. Cookies (small text files which include an identification number) enable SWICA to improve the User service and identify former visitors.
If the User does not wish to have cookies, the browser can be set so that incoming cookies are rejected or are stored only after permission has been given. In order to enhance navigation convenience for Users, SWICA recommends that they accept cookies and do not delete them. If cookies are blocked, it may not be possible to make full use of all Online Services.

 

VIII Hyperlinks / third-party content

Online Services may contain hyperlinks to the websites or online services of third parties (hereinafter: “Third-Party Services”) which are not maintained by SWICA and which are unconnected with SWICA. SWICA has no control over Third-Party Services and therefore accepts no responsibility and offers no guarantee in respect of such services.

 

IX Foreign legal systems / import and export restrictions

Under some circumstances the use of Online Services abroad may violate the rules of foreign law. It is the User’s responsibility to inform himself accordingly. SWICA rejects all liability in this regard.
The User further acknowledges that there may be import and export restrictions for encryption algorithms which he may infringe if he uses Online Services abroad.

 

X Intellectual property

All intellectual property rights to the contents of the Online Services remain with the owners of these rights. Any reproduction, publication, modification or distribution of the contents of the Online Services without prior authorisation from SWICA is prohibited.

 

XI Warranty and liability

SWICA takes all appropriate technical and organisational measures to ensure the proper operation of the Online Services, but cannot guarantee that the Online Services will be available at all times or will be error-free. In particular, maintenance work may cause temporary interruptions to the Online Services. If the User suffers any damage in these cases, SWICA will not be held liable.
To the extent possible under the law, SWICA rejects all liability for direct or indirect damage which the User may suffer in connection with using the Online Services. In particular, this includes damage caused as a result of using information and damage caused by transmission errors, technical problems, interruptions, disruptions or illegal acts by third parties.
SWICA will also not be held liable if the Online Services are interrupted, limited in part or in whole, or rendered inoperative due to force majeure or third party culpability. Force majeure includes but is not restricted to power failure, malware (e.g. viruses), natural phenomena of special intensity (e.g. earthquakes, avalanches, floods and landslides), warlike events, insurrection and unforeseeable official restrictions.

 

XII Fees

As a matter of principle, access to the Online Services is provided to the User free of charge. SWICA reserves the right to introduce fees for its Online Services or to modify existing fees at any time. In such cases, new GTC will be submitted to Users for acceptance in accordance with section 1.2.
The use of Online Services may entail fees charged by network operators (e.g. fees for transmission, data and roaming), for which the User alone is responsible. This is particularly important when large volumes of data are downloaded in the context of Online Services.

 

XIII Applicable law and place of jurisdiction

All legal relationships of the User are subject to Swiss law with the exception of any conflict-of-law rules and the provisions of the UN Convention on Contracts for the International Sale of Goods (CISG). The exclusive place of jurisdiction is SWICA’s head office in Winterthur, unless otherwise provided for in mandatory Swiss law or the General Insurance Conditions (GIC) for insurance contracts.

 

XIV Final provisions

If any provision of these General Terms and Conditions should be or become ineffective, this shall not affect the effectiveness of the remaining provisions.
All ancillary arrangements and agreements between the User and SWICA must be in writing. The place of performance is SWICA’s head office.



Version 5/2018

 

 

 

Special conditions for BENECURA

I General

Use of the BENECURA app (hereinafter «BENECURA») is subject to prior consent to these Special Conditions for BENECURA (hereinafter «BENECURA Conditions»). They constitute a supplement to the «General Terms and Conditions for SWICA Online Services» (GTC) and, unless expressly defined otherwise, supersede the GTC. The «BENECURA Conditions» can be supplemented, modified or replaced in accordance with section 1.2 of the GTC. Information about changes will be provided via BENECURA and will require users to give renewed consent to the «BENECURA Conditions».
BENECURA is classified as a Class I Medical Product under the Medical Devices Ordinance (MedDO) published by the Federal Council on 17 October 2001 and the European Medical Device Directive 93/42/EEC (MDD) of the Council dated 14 June 1993 regarding medical devices. It was developed in line with the statutory standards.
The distributor of BENECURA is SWICA Healthcare Insurance Ltd., Römerstrasse 38, 8400 Winterthur, UID CHE-109.337.400 (acting for the following group companies of SWICA Healthcare Organisation: SWICA Insurance Ltd. and PROVITA Health Insurance Ltd.), hereinafter «SWICA». Health advice is provided by santé24 which is part of SWICA Management Ltd., Römerstrasse 38, 8400 Winterthur, UID CHE-102.433.304 (hereinafter «santé24»).
The operator of BENECURA is AD Swiss Net AG, Steinackerstrasse 35, 8902 Urdorf, UID CHE-489.204.316 (hereinafter «AD Swiss»). BENECURA uses the technology of Helmedica AG, Technopark Winterthur, Technoparkstrasse 2, 8406 Winterthur, UID CHE-233.904.725, (hereinafter «Helmedica»). The backend infrastructure is provided by the high-security data centre of Aspectra AG, Weberstrasse 4, 8004 Zürich, UID CHE-105.612.642 (hereinafter Aspectra). The service provided by Health Info Net AG, Seidenstrasse 4, 8304 Wallisellen, UID CHE-103.489.218 (hereinafter HIN) is used for email communications. All service providers act on behalf of SWICA.

II Using BENECURA

BENECURA offers initial support on health and medical issues, but does not constitute a complete replacement for a consultation with a medical specialist. By agreeing to the «BENECURA Conditions», the user confirms that he has understood and accepted them.
BENECURA is intended exclusively for use in Switzerland. The use of BENECURA via foreign mobile networks or internet connections is at the user’s risk. In this context, SWICA explicitly points out that use of BENECURA abroad can be subject to the law of the country in which the user is located at the time. SWICA has no influence on this and therefore advises against using BENECURA outside Switzerland. Furthermore, it is not guaranteed that the information and services provided by BENECURA can be accessed outside Switzerland.

2.1 Registration and identification

The use of BENECURA requires prior registration through the following personal means of identification:

  • Email and password
  • Information from the insurance policy

    The minimum age for independent use of BENECURA is 18 years.

 

2.2 Use by customers

As a matter of principle, BENECURA is available to all SWICA customers for the duration of the customer relationship. The customer can also use the «SymptomCheck» function for third parties by entering their symptoms in «SymptomCheck» for them. The minimum age of the third party whose symptoms are entered by the user is 16 years. To this end, the surname, first name, postcode, date of birth and gender of the third party must first be entered in BENECURA (see section V for further data protection provisions). The «BENECURA Conditions» also apply to all third parties registered in BENECURA by the main user.

2.3 Use by non-customers

BENECURA can be used in full for the duration of the contractual relationship with SWICA. SWICA can at its own discretion agree to make BENECURA available to a reduced extent when the contractual relationship ends. SWICA can make BENECURA available to non-SWICA-customers at its own discretion. If BENECURA remains available to the user after termination of the contractual relationship with SWICA, SWICA may present further «Special Conditions» which the user must accept in order to continue using BENECURA.

III BENECURA services (functions)

 

3.1 Profile

After successful registration and identification, BENECURA automatically displays the master data (including first name, surname, insured person number, address, date of birth, gender, social security number, email, and telephone number) together with the insurance cover and the associated user information (hereinafter «Profile Data») in the «Profile» function. The «Profile Data» is retrieved from SWICA's insurance management system and updated automatically. It is not possible for the user to edit the «Profile Data» in BENECURA.
The «Profile Data» is used in the BENECURA services so that personal recommendations can be made and in the «Specialist Search» function so that the provisions of the relevant basic insurance model (e.g. GP, list of doctors) can be taken into account.

3.2 «SymptomCheck»

«SymptomCheck» was developed by a panel of medical experts and provides support for further action in the event of illness or health problems.
In the «SymptomCheck» function, the user answers a series of questions about a particular medical problem. Based on this input, the user then receives a recommendation on how to proceed with regard to the specific medical problem he has described. The user is responsible for answering the questions completely and correctly.
The questions and recommendations contained in «SymptomCheck» were prepared by a panel of medical experts on the basis of current medical guidelines. A separate independent team of doctors and specialists (Medical Advisory Board) regularly reviews the questions and recommendations contained in «SymptomCheck».
The user acts at his own risk at all times. Correct answering of the questions and correct data entry are essential in arriving at an appropriate recommendation. Use of the information provided and compliance with the recommendations received is at the user's risk. In the event of a medical emergency, a doctor or the emergency services must always be contacted immediately. The user is responsible for contacting the doctor or the emergency services.

3.3 PreventionCheck

The «PreventionCheck» function shows which medical check-ups could make sense for the user based on the user's individual history, age, gender and risk factors. The user answers a series of questions and then receives personal check-up recommendations based on his or her answers.
The user is responsible for answering the questions completely and correctly.
The content of the «PreventionCheck» function was drawn up by an independent panel of medical experts.

3.4 Health dossier

In the «Documents» function of the «Health dossier», users can upload and categorise documents and data relating to their health. They can also send the documents to their family doctor via encrypted email (see section 4.2).

The «Health dossier» also includes all other data created by the user through the various BENECURA services, including the history from the «SymptomCheck» function and the recommendations from the «PreventionCheck» function.

IV Data release and storage

After completing a service, the user can select the following functions:

  • send the entered data to the santé24 health advice helpline as per section 4.1
  • send the survey to the family doctor by encrypted email (HIN) as per section 4.2
  • save the data in the «History» or «Dossier» function as per section 4.3

    Each function can be selected independently of the others.

 

4.1 Data release to the santé24 health advice helpline

If the user selects the function «Release data to the santé24 health advice helpline / Send survey», the information entered (i.e. the questions and answers from the service and the recommendations received) will be made available to the santé24 health advice helpline. If the user subsequently calls santé24, this will provide the medical staff with important information which will assist them in assessing the user's medical problem or discussing the recommendation received.
santé24 will not contact the user proactively on the basis of the service used, not even if the data was released to the santé24. It is always the user's personal responsibility to follow a recommendation or call santé24. The santé24 health advice helpline will only access the data in the context of a telephone call initiated by the user.
The data from the services released by the user to santé24 and the result of the telephone call are recorded by santé24 in a patient file. All data and entries in the patient file are subject to medical confidentiality in accordance with Article 321 of the Swiss Criminal Code (StGB). They cannot be viewed by SWICA or third parties at any time and will not be shared. The general duties of care which must be exercised within the framework of a medical service apply to the storage and maintenance of the patient file. The data can also be released to santé24 via the «History» function at a later date.

4.2 Transmission of data to the family doctor

If the user selects the «Send by email» function, the results of the service or the document from the «Health dossier» are sent by encrypted email (HIN) to the selected family doctor. This provides the family doctor with important information which will be useful in evaluating the medical problem and/or discussing the recommendation received.
Responsibility for arranging an appointment with the family doctor rests with the user.

4.3 Data storage in the «History / Dossier» function

If the user selects the «Data storage» function in a service, the data is saved in the «History / Dossier» or in the «Health dossier» function within BENECURA. This means that the user always has an overview of the information and recommendations received and a history of his medical incidents.
The data from any service that is used is write-protected. The user can therefore no longer change the data from a service after the data has been saved. However, deletion from the user’s terminal device is possible at any time.
For evidentiary purposes and to comply with the associated duty of care, data entered by the user in the services (as per section 5.2) will not be deleted from the database (backend) until the retention period has ended. For the same reason, data which has been released and sent to santé24 can no longer be revoked. Data is stored in accordance with the relevant statutory provisions or for as long as the purpose justifies its storage (see section 5.8).

V Data protection and data processing

 

5.1 Consent and data categories

By using BENECURA, the user expressly agrees that the data categories defined in these «Special Conditions» (e.g. «Profile data» as defined in section 3.1) and the data entered in the services (as defined in sections 3.2 to 3.4) may be processed by SWICA and santé24 respectively within the framework set out below. SWICA also gathers technical data (e.g. log files) which make data entry and data processing in BENECURA traceable and contribute to the user's security. The technical data does not contain any personal information about the user. The protection of personal data has top priority for SWICA. The statutory provisions relating to the protection of particularly sensitive personal data and to data security are always observed. The data entered in BENECURA by the user and transmitted to santé24 is subject to medical confidentiality in accordance with Article 321 of the Swiss Criminal Code (StGB) and is treated accordingly.

5.2 Purpose of data processing

The data supplied by SWICA to BENECURA and/or the user's input are processed for the purpose of delivering the BENECURA service. This includes in particular the provision of the services, the use of BENECURA, the recording and processing of data and photos entered by the user, the transfer of data to santé24 (if so initiated by the user), the maintenance of a patient file at santé24, and the transparency of the medical advice. If important information has to be provided in connection with BENECURA or to ensure compliance with statutory requirements, including compliance with the Medical Devices Ordinance or the Medical Devices Directive (see item VI), the user's contact data may be used to contact the user.
If system errors occur in BENECURA, technical data (e.g. model, device name, operating system version and the action during which the error occurred) is sent to Helmedica in anonymised form for troubleshooting purposes.
Furthermore, the data is processed in order to evaluate the medical efficacy of BENECURA, for healthcare research, for statistical purposes and for the further development of BENECURA. For these purposes, the data is analysed in anonymised form (i.e. it is not possible to identify individual users).
If the user uses the service and receives a recommendation, a log is kept of all the questions, the user's answers, and the recommendations from the service for evidentiary purposes and to fulfil mandatory due diligence requirements. Logging is carried out solely for this purpose and takes place even if the user does not release the data to santé24 and does not save the data in the «History / Dossier» (see section 4.2). The log is stored in a database (backend) held at the Aspectra high-security data centre. If access to this data is necessary for liability reasons or in a legal case, santé24 will contact the person concerned in advance.

5.3 Data processors

SWICA is the provider of BENECURA and makes the user's «Profile Data» (as per section 3.1) available. In the services, the user himself enters the sensitive health data.
BENECURA is operated by AD Swiss (as per section I). Helmedica can access the data under strict data protection regulations and only in the event of a technical emergency. In doing so, Helmedica becomes a medical assistant and is consequently subject to the medical confidentiality requirements set out in Article 321 StGB. AD Swiss, Helmedica and Aspectra are under a contractual obligation to comply strictly with all statutory provisions regarding data protection. Both companies, like SWICA, are subject to Swiss data protection legislation.
The «Profile Data» supplied by SWICA to BENECURA and the data entered by the user himself in the services are stored in encrypted form on the user's terminal device and in the Aspectra high-security computer centre. State-of-the-art data encryption is used on both the terminal device and the server. The data can only be accessed by authorised persons by means of a personal login with an individual user key and password. Information security measures are continuously reviewed, tested and adapted so that the highest level of protection for personal data is maintained at all times.
The technical systems (servers) on which BENECURA runs are separate from SWICA's technical infrastructure. By outsourcing the service to AD Swiss, the operator of BENECURA, SWICA can ensure that no data is disclosed to SWICA or third parties without authorisation. This means that SWICA has no access to the sensitive health data which the customer enters. However, SWICA remains responsible for the data processing as such and is identified as being responsible for it.

5.4 Data transmission

The transmission of the «Profile Data» from SWICA to BENECURA and of the health data entered by the user takes place over public networks (e.g. the mobile phone network). This is protected by state-of-the-art measures but cannot be influenced by SWICA.

5.5 Transmission of data to santé24

santé24 has no access to the data entered by the user unless the user initiates the transmission of the data (as per section 4.1). Only the user can release the data for access by santé24. However, once the data release has been authorised by the user, it cannot be revoked.

5.6 Transmission of data to the family doctor

Users can send data from a service to their family doctor by encrypted email. This is only possible if the family doctor has access to HIN.

5.7 Cookies

Some BENECURA content is made available through a website operated by SWICA. This means that in order to display the content, BENECURA accesses a website outside of BENECURA. This website may use cookies and therefore store cookies on the user's terminal device. The SWICA cookie policy governs the administration of the cookie settings.

5.8 Retention periods

The data entered in BENECURA is retained for as long as the purposes (as defined in section 5.2) justify the processing or if there is a defined statutory retention period. At a minimum, however, the data is retained for up to 10 years following termination of the contractual relationship between SWICA and the user, even if BENECURA is deleted from the user's terminal device at an earlier date. The data is irrevocably deleted on expiry of the retention periods.

5.9 Rights of the user

The user may request information about the data processed; he may also request that the processing be restricted, deleted or rectified. The rights mentioned can be limited or reduced to a minimum by SWICA particularly if there is a statutory requirement to continue processing, if SWICA can assert a legitimate interest in further processing, or if data processing is necessary to fulfil the contractual agreement. Further retention for evidentiary purposes, for example, may constitute a legitimate interest. The aforementioned rights can be applied for by means of a written application, including a copy of an official identity document. Applications can be submitted to SWICA Healthcare Organisation, Data Protection Unit, Römerstrasse 38, 8400 Winterthur or by email to datenschutz@swica.ch.

VI Medical product

The Swiss Medical Devices Ordinance and the Medical Devices Directive of the European Union require, among other things, a clinical evaluation by BENECURA: The manufacturer must prove that the medical device actually provides the promised medical benefit, fulfils the stated performance characteristics and does not pose a risk to the user.
The Medical Devices Ordinance and the Medical Devices Directive therefore require post-market surveillance. To this end, individual users who have released their «SymptomCheck» to santé24 are asked in the course of a telephone interview about the quality of the recommendations given.

VII User’s duty of care

The user is responsible for his terminal device. He is aware that data can be misused by third parties through unauthorised access to his terminal device. The user can protect his terminal device with a password and set BENECURA’s auto-logout delay himself.

VIII Disclaimer

SWICA declines any liability for direct or indirect damage incurred by the user in connection with the use of BENECURA, particularly in the event of incorrect or incomplete data entry.
The information published in the «Specialist Search» function is for information purposes only and does not imply recognition of the specialists or the assumption of costs by SWICA. A definitive request regarding the assumption of costs must always be addressed to the relevant SWICA agency. SWICA accepts no responsibility for the completeness, up-to-dateness or professional competence of the listed experts.
The information published in the «Lexicon» and «Medication» functions relates to offers from third parties. While SWICA has carefully selected the providers, it assumes no liability or guarantee for the published information or for its correctness or completeness. The contents are not suitable for making independent diagnoses.
The «Important numbers» function includes public telephone numbers for which SWICA cannot accept any liability or guarantee.
In all other respects, the provisions of the GTC (in particular section XI regarding warranty and liability) shall apply.

 

Version 1/2020