Data protection statement

Date of this version: 2023-11-15


The following information is intended to explain what data we process on our website and your rights in this regard. We take the protection of your personal data seriously, and we process it only in accordance with the legal requirements.


“Personal data” means any information concerning an identified or identifiable natural person. This includes all the basic data provided to us, such as, in particular, your name, address, e-mail, telephone number and IP address. It does not cover statistical data or anonymised data which cannot be directly associated with you as an individual.


“Data subject” means a natural person whose personal data is processed; “processing” means any operation involving personal data (for example, combining data with an identifier such as a name, an identification number or location data).


We have no influence whatsoever on the current or future design or content of any sites linked or referred to. This applies to all links and references included on our own website. Liability for illegal, inaccurate or incomplete content – and in particular for damage arising from the use or non-use of such information – rests solely with the operator of the site to which reference is made, and not with the operator of the site merely making reference (via links) to the publication in question. To the extent legally permissible, any liability is excluded.

1. Legal basis

This data protection statement is in line with the requirements of federal legislation on data protection.

2. Responsibility for data processing

Responsible for data processing on our website:

Coordination Office for Human Research (kofam)
c/o Federal Office of Public Health FOPH
CH-3003 Bern

If you have queries of any kind, you can contact us via e-mail (kofam@bag.admin.ch). This requires you to provide a valid e-mail address and contact data (e.g. surname, first name), so that we know who has submitted the query. Further details may be provided voluntarily. Data processing which enables you to make contact with us is undertaken on the basis of your voluntary consent. The personal data collected by us will be automatically deleted after your query has been dealt with.

3. Website hosting

BEGASOFT AG
Laupenstrasse 17
CH-3008 Bern
www.begasoft.ch

4. Collection and processing of personal data

Insofar as is permissible and considered appropriate, we process the personal data collected from users during the operation of our website. We use this data to ensure error-free utilisation of the website and for analysis and further development of the site.

The following data is saved automatically in log files by the hosting provider when our website is accessed:

  • IP address (i.e. the address that uniquely identifies your computer on the internet)
  • date and time of the browser request
  • browser type and version
  • operating system used
  • referrer URL
  • host name of the computer accessing the site

This data cannot be assigned to specific individuals. It is not combined with other data sources. We use previously anonymised IP addresses to ensure the functioning of the website, to facilitate site management and to collect general demographic information on overall use. This usage data provides the basis for anonymous statistical evaluation for the purpose of identifying trends which enable us to improve our offerings.

5. Cookies, tracking and third-party services

We use session cookies on our website; these are needed to ensure that the basic functions operate correctly (e.g. secure connection or language settings). These cookies are small text files that are stored temporarily on your computer and deleted from your hard drive at the end of the browser session. No personal data is stored when these cookies are used.

You can delete cookies entirely, or disable or restrict cookie transmission, by changing your browser settings. If cookies are disabled for our website, you may not be able to use all the functions.

Google Fonts
We use the Google Fonts library on our website to ensure that it is correctly displayed on all browsers. Google Fonts is supplied by Google Ireland Limited (based in Ireland). Google Ireland uses Google LLC (based in the US) as a subcontractor (hereafter “Google”). The web fonts are stored in the cache of your browser so that they do not have to be repeatedly loaded when you access the website.

A connection to Google is established automatically whenever Google Fonts is used. As the operator of this website, we have no influence on this connection. It is theoretically possible that, when this connection is established, Google may collect data and use it to identify visitors, set up personal profiles and link this data to individuals’ Google accounts for its own purposes. If you have already registered with Google, you will be recognised. In this case, the processing of your personal data by Google will be carried out under the responsibility of your service provider and in accordance with its own data protection provisions.

You can obtain information on how Google processes data in its Privacy Policy, available at: https://policies.google.com/privacy

Browsers that do not support Google Fonts will display content using a standard font.

6. Transmission of data and transfer of data abroad

Use of your personal data in any way other than those mentioned in Sections 4, 5 and 7 – in particular, the sale, transmission or transfer of data to third parties (in Switzerland or abroad) – is expressly excluded.

7. Retention period for personal data

As soon as your personal data is no longer required for the above purposes, it will generally, as far as possible, be deleted or anonymised. Under the Federal Act on the Surveillance of Post and Telecommunications (SPTA), our hosting provider (see Section 3) has a legal obligation to store access data (see Section 4) from the past six months. Access data is transmitted only on request and in connection with potential offences to authorised federal or cantonal authorities and departments. In all other cases, access data is deleted once the retention period has expired.

8. Security

We take appropriate technical and organisational security measures to protect your personal data against any unauthorised access or misuse.

On our website, for security reasons and to protect the transmission of confidential information, we use SSL or TLS encryption. You can recognise an encrypted connection by the fact that the browser’s address line changes from “http://” to “https://” and the padlock icon is displayed. Once SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

9. Rights to information, restriction of processing and erasure

Information
On written request, we will inform you at any time as to what personal data is stored when you visit our website.

Rectification, erasure, restriction of processing, right to object
You may have personal data which is stored when you visit our website rectified, blocked or erased by us. In addition, you may object to the disclosure of certain personal data. Exempt from erasure is data which we require to complete outstanding tasks or to uphold existing rights and claims, as well as data which we are legally obliged to retain.

Data disclosure and transfer
On written request, you have the right to receive personal data which is stored when you visit our website in a structured, commonly used and machine-readable format (e.g. PDF file). You also have the right to request the return of data provided to us when visiting our website.

Right to withdraw consent
Insofar as, in using our website or availing yourself of our services, you have given consent to the collection, storage, use, etc., of personal data, you may withdraw this consent at any time. The withdrawal of consent can be sent, by e-mail or in writing, to the body specified in Section 2. The effects of the withdrawal of consent are restricted to the storage and use of personal data which may not already, on legal grounds, be stored and used even without your consent. In addition, the withdrawal of consent does not affect the lawfulness of previous processing based on your consent.

Supervisory authority
The supervisory authority responsible for data protection matters is the Federal Data Protection and Information Commissioner.

Exercising these rights
To exercise your rights, please contact the body specified in Section 2, providing proof of your identity (copy of ID, passport or other official document). Please note that your rights may be restricted insofar as this is legally provided for or necessary on account of overriding public or private interests. For example, the right to data transfer is not applicable in particular for the processing of personal data which is necessary for the performance of a task carried out in the public interest.

10. Amendments

We may modify this data protection statement at any time without notice. The valid version is that currently published on our website.