Privacy Policy

Privacy Notice

Privacy and the protection of personal rights are particularly important to Medicall AG, especially when handling personal data. Below, we provide detailed information about the collection and further processing of personal data.

“Processing” of personal data means any operation related to data, such as collecting, storing, retaining, using, modifying, disclosing, archiving, deleting, or destroying data. The term “personal data” refers to information relating to an identified or identifiable individual that allows conclusions about their identity, either through the data itself or in conjunction with additional information.

Medicall AG acts as the “data controller” and processes personal data of prospects, customers, or other individuals (“data subjects”) who order or use services or products. Below, you will find general and specific information on the processing of personal data in connection with Medicall AG’s services or products. This privacy notice forms the basis for the processing of personal data within the various business activities of Medicall AG and is designed in accordance with the requirements of the Swiss Federal Act on Data Protection (FADP).

What Data Do We Use?

1. Master, Case, and Contract Data

This includes:

Master Data: Information that identifies a data subject. The data subject may be an insured person of a client or another service provider. Master data includes salutation, first name, last name, address, date of birth, and additional information such as insurance number. Master data of auxiliary persons may also be collected.

Case Data: Information concerning the specific matter of the person and, in particular, the circumstances under which the person requires assistance from Medicall. This may include medical data, data about personal life circumstances, or medical patient data.

Contract data such as type of contract, start date, duration, and content

Data related to the application process

2. Usage and Connection Data

This includes:

Connection data resulting from the use of the emergency call service, as well as recorded voice calls.

3. Technical Data

This includes:

Information about your browser type and settings

Information about addressing elements such as phone numbers or IP addresses

Technical information (e.g. type, brand, software versions, device IDs, and device settings, e.g. emergency call devices, alarm buttons, etc.)

4. Financial Data

This includes:

Account information, payment history, creditworthiness, and turnover

5. Location Data

This includes:

Information derived from Bluetooth, Wi-Fi, or GPS signals, IP address, or mobile networks about where you or the respective device are located at a specific time, i.e. when an alarm is triggered.

6. Voice Interaction and Chat Data

This includes:

Conversations and chats, such as recordings of your conversations with Medicall AG Customer Care

Triggering an alarm via voice control in the event of an alarm

Transcription: written, machine-readable capture of your voice commands as text

Purposes of Data Processing We use your data for the following purposes:

Conclusion, performance, and termination of your contracts, billing for services, and detecting, preventing, and addressing misuse of our products or services

Procurement of third-party services billed through your account

Development, expansion, and improvement of services, products, their usability, and our support

Fulfillment of legal obligations

Communication with customers, suppliers, service providers, and partners

Provision and operation of infrastructure, websites, and apps

Marketing (e.g. mailings with unsubscribe link/option, events) and relationship management

Market analysis, planning, product and service development, research & development

Compliance (adherence to laws, industry standards, directives, etc.)

Legal proceedings, investigations, crime and fraud prevention

Training, instructions, further education, applicant management

Source of Data In addition to information you provide to us yourself (through your communications and activities with us), we may also obtain information about you from third-party sources, including:

Information about you from a customer or your employer with whom we do business (e.g. your contact details)

Creditworthiness checks, references, address update partners

Orders we receive from third parties concerning you (e.g. if we are to deliver something or perform services for you)

Documents relating to you, certificates, authorizations (e.g. direct debit authorizations)

Extracts from public registers (e.g. commercial register)

Recommendations or information from third parties about you

Your social media/online activities

Publications mentioning you

Recipients of Data We share data with:

Group companies

Service providers, distribution partners, and other third parties acting as contractors for the provision of our services, maintenance of our products, distribution, and marketing, who receive your data and process it either on their own responsibility or jointly with us, and from whom you may receive additional services via us

Federal and cantonal law enforcement authorities and other authorities in Switzerland and, if applicable, abroad. Upon official request, we are obliged to provide the competent authority with data regarding your use of the emergency call service or specific alarm events.

Business partners, such as suppliers

Customers, marketing, and project partners

Third parties collecting data about you via our website/app (see list on our website). On websites and apps, you may be recognized and tracked using so-called cookies and similar technologies. You can restrict, block, or delete these cookies in your browser (see the corresponding menus) and sometimes manage this tracking directly on the website or, if applicable, in the app.

Where Are Your Data Processed? Your data may also be processed abroad, especially when we engage service providers and distribution partners to fulfill our services, maintain our products, and for distribution and marketing purposes. In principle, processing of your data worldwide is conceivable (e.g. for online services we use), but it mainly occurs in Switzerland or other countries in the European Economic Area.

If processing takes place in countries whose laws do not provide an adequate level of data protection, your data will be protected through legally required measures and appropriate technical and organizational safeguards.

Data Retention We only use and store your data for as long as necessary to achieve the purposes, comply with legal retention periods, or fulfill our legitimate interests in documentation. Afterward, the data will be deleted or anonymized.

Protection of Your Data To protect your data from unauthorized or unlawful processing and against loss, accidental alteration, unwanted disclosure, or unauthorized access, we implement technical and organizational measures, such as:

Encryption and pseudonymization of certain data

Creation of backups

Logging access and implementing technical access restrictions, including the use of surveillance cameras in public areas at Medicall locations

Issuing binding data processing instructions to our employees

Entering into confidentiality and data protection agreements with our service providers, as well as conducting corresponding audits

The content of your communication with third parties is only recorded if we are obliged to do so under an order from a competent authority based on a relevant law, or if recording is part of the services you use (e.g. alarm events).

Unless a specific professional secrecy obligation applies in individual cases (e.g. medical secrecy) or banking secrecy, we are not subject to professional confidentiality. If you believe certain data is subject to confidentiality, please inform us so we can review your request.

Your Preferences and Rights Even if you are not or no longer a customer, you have certain rights, such as:

The right to access the data we process about you

The right to delete your data

The right to correct your data

The right to restrict processing

The right to object to processing and withdraw consent

The right to data portability

The right to lodge a complaint

If data subjects wish to exercise these rights, they may contact the respective data controller using the contact details provided in the section “Contact Details for Data Protection Matters.”

Data subjects should note that conditions, exceptions, and restrictions apply to these rights under applicable data protection law. In particular, Medicall AG may be required to continue processing and storing personal data to fulfill a contract, protect its own legitimate interests (such as asserting, exercising, or defending legal claims), or comply with legal obligations. Where legally permissible, especially to protect the rights and freedoms of other data subjects or to safeguard legitimate interests, Medicall AG may partially or fully refuse a data subject’s request (e.g. by redacting certain content relating to third parties or trade secrets). Medicall AG will inform data subjects separately in such cases.

Data Processing Related to Websites and Online Services “Medicall AG as the data controller” is responsible for websites and online services as well as other offerings clearly identifiable as belonging to Medicall AG, unless otherwise stated. In other cases, specific privacy notices may prevail over the general privacy notices provided here and designate different controllers.

Medicall AG processes data in connection with websites, online services, and other offerings primarily for handling inquiries when you contact us. Furthermore, data are processed to improve and optimize, operate, and secure the websites and online services, as well as for evidence purposes. Additionally, data are used for making individual offers, marketing purposes, market research, and statistical analyses, e.g. in customer surveys after using online services.

Medicall AG’s websites and online services may contain links to websites and services of other providers (e.g. as part of social plugins) for which this privacy notice does not apply. The respective privacy notices of those other providers apply.

Personal data are processed if you provide such data when using online services (e.g. via a contact form, direct online transactions, live chats, etc.).

Data transmitted via the internet are often routed through third countries. Website content may be delivered via globally distributed servers to optimize performance and security, meaning that data may, in exceptional cases, reach foreign countries even if the sender and recipient are in the same country.

Medicall AG assumes no liability for damages resulting from data loss or manipulation. Visitors to the websites are responsible for ensuring that their systems are adequately protected (e.g. virus protection) and that their systems and browsers are up to date.

We use cookies and other tracking technologies on our websites. You can manage your settings at www.medicall.ch and change them at any time.

Contact Details for Data Protection Matters For questions or concerns, you can contact Medicall AG’s Data Protection Officer or Data Protection Advisor as follows:

By email: datenschutz@medicall.ch

By mail: Medicall AG, Datenschutz, Zürichstrasse 38, CH-8306 Brüttisellen, Switzerland

Swiss Data Protection Authority:

Federal Data Protection and Information Commissioner (FDPIC) http://www.edoeb.admin.ch

Changes Medicall AG reserves the right to amend this privacy notice at any time without prior notice. The currently published version or the version valid for the respective period shall apply. This privacy notice has been written in multiple languages. In case of discrepancies, the German version shall prevail.

Website Analytics with Google Analytics This website uses Google Analytics 4, a web analytics service provided by Google LLC, after obtaining user consent. The responsible entities are Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, for users from the EU/EEA and Switzerland. Google Analytics 4 uses IP anonymization by default, meaning your IP address is shortened immediately when you interact with this website. Only in rare cases is your full IP address transferred to a Google server in the USA and shortened there. Google assures that the IP transmitted via Google Analytics is never merged with other Google data. Google Analytics 4 is activated only with your consent via the cookie banner and can be deactivated at any time via cookie settings.

Processed data include usage data (such as page views, website interactions, general location, and session duration) and communication data (such as truncated IP addresses, user agent, language settings, and screen resolution). The purpose of this processing is for Google to analyze the use of your website on your behalf, compile reports on website activity, and analyze website performance. This processing is lawful based on your consent under Art. 6 para. 1 sentence 1 lit. a GDPR and § 25 para. 1 sentence 1 TDDDG. Google Ireland Limited, Google LLC, and Alphabet Inc. are recipients of this data. Your website usage information is usually transferred to a Google server in the USA, a transfer legitimized by the European Commission’s adequacy decision of 10 July 2023 recognizing Google LLC’s certification under the EU-US Data Privacy Framework.

Regarding data retention, any data linked to cookies are automatically deleted after a certain time, monthly for data whose retention period has expired, and for a maximum of 2 years for Google Analytics cookies. For further information about Google Analytics terms of use and privacy policy, please visit https://policies.google.com/ and https://support.google.com/analytics/answer/12017362.

Google Analytics uses so-called “cookies,” text files stored on the visitor’s computer, enabling analysis of website usage. The information generated by the cookie about the visitor’s use of the website (including the truncated IP address) is usually transferred to a Google server and stored there. Google Analytics is used exclusively with the “_anonymizeIp()” extension on this website. This extension ensures IP anonymization by truncation and excludes direct personal identification. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The IP address transmitted by the respective browser in connection with Google Analytics is not merged with other Google data.

On behalf of the website operator, Google uses this information to evaluate the use of the website, compile reports on website activity, and provide further services related to website and internet usage (Art. 6 para. 1 lit. f GDPR). The legitimate interest in data processing lies in optimizing this website, analyzing website use, and adapting content. User interests are adequately protected through pseudonymization. Google LLC is certified under the so-called Privacy Shield (see listing here) and thus guarantees an adequate level of data protection. The data transmitted and linked to cookies, user IDs (e.g. User-ID), or advertising IDs are automatically deleted after 50 months. Deletion of data whose retention period has expired occurs automatically once per month.

The collection by Google Analytics can be prevented by adjusting the cookie settings for this website. Collection and storage of the IP address and data generated by cookies can also be objected to at any time with future effect. The relevant browser plugin can be downloaded and installed at the following link: https://tools.google.com/dlpage/gaoptout. Website visitors can also prevent Google Analytics collection on this website by clicking the following link. An opt-out cookie will be set to prevent future data collection when visiting this website. Further information on data use by Google, settings, and opt-out options can be found in Google’s privacy policy (https://policies.google.com/privacy) and in the settings for displaying Google ads (https://adssettings.google.com/authenticated).

Spam Protection with Google reCAPTCHA We have implemented Google reCAPTCHA in forms on our website to verify whether form entries are made by human visitors or by machines or automated programs (“bots”). This tool automatically analyzes the behavior of website visitors as soon as they interact with the website, using various information such as IP address, time spent, and mouse movements. The data processed includes usage data (such as the accessed website, date, and time of access, and mouse movements) and communication data (such as IP addresses, browser type, and operating system). This processing targets website visitors and users of online services. The primary purpose of this processing is to prevent misuse of our contact form and thereby enhance security. The legal basis for this is our legitimate interest under Art. 6 para. 1 sentence 1 lit. f GDPR. The data recipients are Google Ireland Ltd, located at Google Building Gordon House, Barrow St, Dublin 4, Ireland (https://policies.google.com/privacy), and our website hosting provider. While your personal data are processed within the EU, the retention period for data processed by Google Ireland Limited is determined by Google. For further information, see Google reCAPTCHA’s privacy policy: https://policies.google.com/privacy

Website Analysis When you visit our website, we collect information about your use via a web analytics tool provided by our hosting service. This tool collects and combines your IP address and user agent, shortens them, and stores these data using a hash function. This process creates a visitor ID encrypted with a randomly generated value (SALT) that changes every 24 hours. This method ensures that your IP address cannot be reconstructed from the stored visitor ID, preserving your anonymity. Moreover, we do not merge this information with other data, and it is stored only on the hosting provider’s server. We also process web analytics data, HTTP data, and web analytics profile data. The web analytics tool we use creates and stores a web analytics profile containing details about your use of the website, such as page views, frequency of visits, time spent on each page, and your device’s user agent. This includes usage data (e.g. pages visited and access times) and communication data (e.g. browser type, operating system, and IP addresses). We process these data to analyze user behavior in aggregated form to improve the presentation and content of our website. The legal basis for this processing is our legitimate interest (Art. 6 para. 1 lit. f GDPR), in particular in carrying out web measurements to improve our products and website. The collected data are shared with our website hosting provider and processed within the EU.

As of 05/2025