Privacy Policy

Responsible :

ORTHETHIC, Main Headquarters Carouge, Rue du Tir-au-Canon 6, 1227 Carouge

Data Protection Officer:

Giglio Paul, info@orthethic.ch

Any data subject may contact our Data Protection Officer at any time for questions or suggestions regarding data protection.

1.1.

This privacy policy aims to clarify the nature, scope, and purpose of the processing of personal information within our online services, including associated websites, features, and content (collectively referred to as “online offering” or “website”).

1.2.

The terms used, such as “personal data,” pseudonymization, consent, data controllers, or their “processing,” are based on the definitions outlined in Article 4 of the EU General Data Protection Regulation (GDPR).

1.3.

Terms such as “users” should be understood as gender-neutral.

1.4.

We process users’ personal data in compliance with data protection regulations (Swiss data protection law and application of Article 3 of the EU GDPR, as well as the GDPR itself). This means that users’ data will only be processed when there is a legal basis for doing so. Specifically, this includes cases where data processing is necessary to fulfill our contractual obligations (e.g., order processing) or to provide online services.

1.5.

Persons under the age of 18 should not submit any personal data to us without the consent of their parents or legal guardians. We do not knowingly request, collect, or share personal information from children or adolescents with third parties.

 

2. Collection of Access Data and Log Files

2.1.

We collect a series of general data and information whenever the website is accessed by an individual or an automated system. This data is stored in the server’s log files and may include:

  • Name of the retrieved web page
  • Files accessed
  • Date and time of access
  • Amount of data transferred
  • Confirmation of successful retrieval
  • Browser type and version
  • User’s operating system
  • Referrer URL (the previously visited page)
  • IP address
  • Requesting provider

When users leave comments or other messages, their IP addresses are also stored.

2.2.

Log file information is stored for security purposes (e.g., to investigate abusive or fraudulent activities) for a maximum of one month, after which it is deleted. Data retained for evidence purposes is exempt from deletion until the incident is fully resolved.

 

3. Disclosure of Data to Third Parties and Third-Party Providers

3.1.

Data collected during access to our website is only disclosed to third parties when we are legally, contractually, or otherwise obliged to do so, or in cases of legitimate interest. For instance, when processing orders for information materials, brochures, or products, we use personal data strictly within our organization or, if necessary, share it with the company responsible for order fulfillment. Data is not transferred to third parties for commercial or non-commercial purposes without your explicit consent.

3.2.

When engaging subcontractors to provide our services, we implement appropriate legal safeguards and technical and organizational measures to ensure the protection of personal data in accordance with applicable laws.

3.3.

If content, tools, or other resources from external providers (“third-party providers”) are used as part of this privacy policy, and the providers are based in a third country, data may be transferred to their country of residence.
Third countries are those where the GDPR does not directly apply, such as countries outside the EU or the European Economic Area (EEA). Transfers to third countries occur only when adequate data protection levels, user consent, or other legal authorizations are in place.

 

4. Data Processing in Connection with the Provision of Contractual Services

4.1.

We process inventory data (e.g., names, addresses, and contact information of users) and contract data (e.g., services utilized, contact names, and payment details) to fulfill our contractual obligations and provide services in accordance with Article 6(1)(b) GDPR.

 

5. Contact and Orders

5.1.

When users contact us (e.g., via a contact form or email), the information they provide is processed to handle their request in accordance with Article 6(1)(b) GDPR.

5.2.

When ordering informational materials, brochures, or products, we may request users’ names and other personal details. Providing this information is optional. These details are used solely for processing the order, including transfer to distributors tasked with fulfilling it. Data is exclusively used for direct correspondence with the user.

 

6. Cookies & Audience Measurement

6.1.

Cookies are small data files or other storage formats sent from our web server or third-party web servers to users’ web browsers for later retrieval.

6.2.

Users who do not wish cookies to be stored on their devices can disable this option in their browser’s system settings. Stored cookies can be deleted from the browser’s system settings. However, disabling cookies may limit the functionality of this online offering.

6.3.

Users can control the use of cookies for advertising purposes by visiting the following opt-out pages:

 

7. Google Analytics

7.1.

We use Google Analytics (with anonymization feature) on this website. Google Analytics is a web analytics service used to collect, gather, and analyze data about website visitor behavior. This includes data on referrer websites, subpages accessed, frequency, and duration of visits to specific pages. Web analytics helps optimize the website and analyze the cost-effectiveness of internet advertising.

Data anonymization ensures that users’ IP addresses are truncated and anonymized before being transmitted to the United States, preventing Google from associating the IP address with other data.

Provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA.

7.2.

Google is certified under the Privacy Shield Agreement, ensuring compliance with European data protection regulations. For details, visit Privacy Shield Certification.

7.3.

Google processes this data on our behalf to evaluate user interactions with our online services, generate reports, and provide additional services related to online usage and internet behavior. Pseudonymous user profiles may be created during this process.

7.4.

Google Analytics is used with IP anonymization enabled, meaning users’ IP addresses are truncated by Google within EU member states or other contracting states to the EEA Agreement. In exceptional cases, the full IP address may be transmitted to a U.S.-based Google server and truncated there.

7.5.

The IP address transmitted by users’ browsers will not be merged with other Google data. Users can prevent cookies from being stored by configuring their browser settings accordingly. Additionally, users can prevent Google from collecting data generated by cookies and related to their website usage by downloading and installing the browser plug-in available at: Google Analytics Opt-out.

7.6.

For more information about how Google uses data, including configuration options and objections, visit the following links:

Additional privacy information is available at Google Privacy Policy and Google Analytics Terms of Service. Further details on Google Analytics can be found here.

 

8. Integration of Third-Party Services and Content

8.1

Based on our legitimate interests (such as analyzing, optimizing, and economically operating our online services in accordance with Art. 6(1)(f) GDPR), we utilize third-party content or services to provide their content and services, such as integrating videos or fonts (collectively referred to as “content”). This always requires the third-party providers of this content to detect the users’ IP address, as they cannot send the content to their browser without the IP address. The IP address is therefore required to display this content. We strive to use only content from providers that use the IP address solely to deliver the content. Third-party providers may also use pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags can evaluate information such as visitor traffic on pages of this website. Pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, visit times, and other information related to the use of our online offerings.

8.2

Below is an overview of the third-party providers and their content, along with links to their data protection declarations, which contain further information on data processing and, as mentioned, options to opt out:

  1. External Fonts from Google, Inc., Google Fonts. Fonts are integrated through a server request at Google (typically in the USA).

  2. Maps Service from “Google Maps” by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

  3. Videos from the platform “YouTube” by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA).

  4. External JavaScript Code from the JavaScript framework “jQuery,” provided by the jQuery Foundation.

 

9. Comments and Posts

9.1

If users leave comments or other contributions on our blog, their IP addresses are stored based on our legitimate interests in accordance with Art. 6(1)(f) GDPR.

9.2

This is for our security, in case someone posts unlawful content in comments or contributions (e.g., insults, prohibited political propaganda, etc.). In such cases, we may be liable for the comment or post, and we therefore have an interest in identifying the author.

10. Newsletter

10.1

With the following information, we will inform you about the content of our newsletter, the registration procedures, dispatch, and statistical evaluation, as well as your right to object. By subscribing to our newsletter, you consent to receiving the newsletter and the processes described.

10.2

Content of the newsletter: We send newsletters, emails, and other electronic notifications containing advertising information (hereinafter referred to as “newsletter”) only with the recipient’s consent or based on a legal authorization. The specific content of the newsletter, when described, is considered proof of user consent. Our newsletters include information about our products, offers, promotions, and Giglio Orthopédie SA.

10.3

Double opt-in and logging: Subscription to our newsletter follows a double opt-in procedure. After registration, you will receive an email asking you to confirm your subscription. This confirmation is necessary to ensure that no one can subscribe using someone else’s email address. Your subscription will be logged to prove the registration process according to legal requirements, which includes storing the ID and confirmation time as well as the IP address. Similarly, any changes to your data stored with the service provider will be recorded.

10.4

Shipping provider: The newsletter is sent through MailChimp, a newsletter shipping platform owned by Rocket Science Group, LLC, located at 675 Ponce De Leon Ave, 5000, Atlanta, GA 30308, USA. The shipping provider’s privacy policy can be accessed here: MailChimp Privacy Policy. Rocket Science Group LLC is certified under the Privacy Shield Agreement, ensuring compliance with European data protection standards (Privacy Shield Participant).

10.5

Additionally, the shipping provider may, according to its own information, transmit this data in pseudonymized form (i.e., without user attribution) to optimize or improve its services, for example, to optimize the technical aspects of sending and presenting newsletters or for statistical purposes to determine the countries from which recipients originate. However, the shipping provider does not use the recipients’ data for writing or transmitting to third parties.

10.6

Identification Information: To subscribe to the newsletter, you must enter your email address. Additionally, we request your first name and last name for personalized addressing in the newsletter.

10.7

Survey and Statistical Analysis: Newsletters contain a so-called “web beacon,” a 1-pixel file retrieved from the shipping provider’s server when the newsletter is opened. This request initially collects technical information such as browser details, system information, IP address, and retrieval time. These details are used to improve the technical performance of services based on their specifications, audience, and reading habits, as well as to determine location (via IP address) or access times. Statistical surveys also determine whether newsletters are opened, when they are opened, and which links are clicked. Technically, this information can be attributed to individual recipients of the newsletter. However, neither we nor the service provider attempt to monitor individual users. The evaluations are intended to recognize reading habits and adapt content to users or send different content based on users’ interests.

10.8

The use of the shipping provider, conducting surveys and statistical analyses, and logging the registration process is based on our legitimate interests according to Article 6, paragraph 1, lit. f GDPR. We aim to use a user-friendly and secure newsletter system that meets both our business interests and the expectations of our users. These statistical analyses will only be collected if you have consented to them during the newsletter subscription.

10.9

Cancellation / Revocation: You can stop receiving our newsletter at any time, i.e., revoke your consent. At the same time, your consent to the dispatch by the service provider and statistical analysis expires. A link to unsubscribe from the newsletter is provided at the end of each newsletter.

 

11. Rights of the Data Subject

11.1

Every data subject has the right to request confirmation from us as to whether we are processing personal data related to them.

11.2

Any data subject affected by the processing of personal data may request, free of charge (multiple or abusive requests may incur a fee), information regarding the personal data stored about them. We also provide the following information:

  • The purposes of processing
  • The categories of personal data being processed
  • The recipients or categories of recipients to whom personal data has been disclosed or is being disclosed, particularly recipients in third countries or international organizations
  • The intended duration for which the personal data will be stored or, if not possible, the criteria for determining this duration
  • The existence of the right to rectification or erasure of personal data, restriction of processing by the controller, or the right to object to such processing
  • The existence of a right to lodge a complaint with a supervisory authority
  • If the personal data has not been collected from the data subject, all available information about the source of the data
  • The existence of automated decision-making, including profiling, and – at least in these cases – useful information about the logic involved, as well as the scope and expected impact of such processing on the data subject

Additionally, the data subject has the right to know whether personal data has been transferred to a third country or an international organization. If so, the data subject has the right to obtain information about the appropriate safeguards in relation to the transfer.

11.3

Any data subject has the right to request the immediate correction of inaccurate personal data concerning them. Additionally, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement, taking into account the purposes of the processing.

11.4

Any data subject has the right to request the deletion of their personal data without undue delay, provided there is no legal basis for such retention and the processing is not necessary.

11.5

Any data subject has the right to request the restriction of processing if one of the following conditions is met:

  • The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful, the data subject opposes the erasure of the personal data but requests the restriction of its use.
  • The controller no longer needs the personal data for processing purposes, but the data subject requires it for the establishment, exercise, or defense of legal claims.
  • The data subject has objected to processing and it is not yet clear whether the legitimate grounds of the controller override those of the data subject.

11.6

Any data subject has the right to obtain personal data concerning them in a structured, commonly used, and machine-readable format, and to transmit those data to another controller, provided the data is processed using automated procedures.

11.7

Any data subject has the right, at any time, to object to the processing of personal data for reasons related to their particular situation.

11.8

Any data subject has the right to withdraw their consent to the processing of personal data at any time.
If a data subject wishes to assert one or more of their rights, they may contact our data protection officer at any time.

 

12. Data Deletion

12.1

Data stored with us is deleted as soon as it is no longer required, provided its deletion does not conflict with any legal retention requirements. If the data cannot be deleted because it is required for other legally authorized purposes, its processing will be restricted. In such cases, the data will be blocked and not processed for other purposes. For example, this applies to user data that must be retained for commercial or tax-related reasons.

 

13. Right to Object

13.1

Users may object to the processing of their personal data at any time in accordance with legal requirements. In particular, they may object to data processing for direct marketing purposes.

 

14. Security Measures

14.1

We implement organizational, contractual, and technical security measures in line with the current state of technology to ensure compliance with data protection laws and to protect the data we process from accidental or intentional manipulation, loss, destruction, or unauthorized access.

 

15. Changes to the Privacy Policy

15.1

As our websites evolve and new technologies are implemented, it may be necessary to amend this privacy policy. Therefore, we recommend reviewing this privacy policy periodically.

15.2

Users are encouraged to stay informed about the content of the privacy policy regularly.

Nous utilisons des cookies pour vous garantir la meilleure expérience sur notre site web. Si vous continuez à utiliser ce site, nous supposerons que vous en êtes satisfait. Informations: Politique de confidentialité