Privacy policy – Walk-in Labor Zürich

The protection of your privacy is important to us. Please note the following points of our privacy policy.

1. What is this privacy policy about?

The cooperative Laborgemeinschaft 1 (hereinafter also referred to as “lg1”) collects and processes personal data concerning you or other persons (so-called “third parties”). We use the term “data” here synonymously with “personal data”.

In this privacy policy, we, lg1, describe what we do with your data when you use the website www.walkin-labor.ch and/or our apps (both hereinafter referred to collectively as the “website”), purchase our services or products, are otherwise in contact with us as part of a contract, communicate with us or otherwise have dealings with us. In addition to this data protection declaration, we may inform you in writing about further processing of your data, insofar as this has not already been done in this declaration. This may take the form of a simple written notification, but may also result in us recommending that you conclude further contracts (e.g. a confidentiality agreement) or consent in connection with the use of our services.

If you transmit or disclose data about other persons to us, we assume that you are authorized to do so and that this data is correct. By transmitting data about third parties, you confirm this. We recommend that you ensure that you have informed the third parties about this privacy policy.

2. Who is responsible for processing your data?

lg1 is responsible for data processing as described in this privacy policy. This does not apply to individual deviations, insofar as these have been agreed in writing or verbally.

You have the right to request information about your data. To do so, please contact:

Genossenschaft Laborgemeinschaft 1 (Walk-in Laboranalysen)
Rautistrasse 11
8047 Zurich
walk-in@lg1.ch

3. What data do we process?

We process various categories of data about you. The main categories are as follows:

Technical data: When you use our website, we collect the IP address of your end device and other technical data to ensure the functionality and security of these offers. This data also includes logs in which the use of our systems is recorded. To ensure the functionality of these offers, we can also assign you or your end device an individual code (e.g. in the form of a cookie, see section 11). The technical data itself does not allow any conclusions to be drawn about your identity. However, in the context of user accounts, registrations, access controls or the processing of contracts, they can be linked to other data categories (and thus possibly to your person).

Registration data: Certain offers and services can only be used with a user account or registration, which can be done directly with us or via our external login service providers. You must provide us with certain data (e.g. user name, password, name, e-mail) and we collect data on the use of the offer or service.

Communication data: If you are in contact with us via the contact form, by e-mail, telephone, letter or other means of communication, we collect the data exchanged between you and us, including your contact details and the marginal data of the communication.

Health data: This is data that relates to the physical or mental health of a natural person, including the provision of healthcare services, and from which information about their health status is derived. We store such data if it is necessary for the provision of our services (e.g. for the performance of laboratory analyses).

Master data: Master data is basic data that we require in addition to the contract data (see below) for the processing of our contractual and other business relationships, such as name, contact details and information, e.g. about your role and function, your bank account(s), your date of birth, etc. We process your master data if you are a customer or other business contact or work for one (e.g. as a contact person of the business partner), or because we are contacting you for our own purposes or the purposes of a contractual partner. We may also process health data and information about third parties as part of master data.

Contract data: This is data that arises in connection with the conclusion or execution of a contract, e.g. information about contracts and the services to be provided or provided, as well as data from the run-up to the conclusion of a contract, the information required or used for processing and information about reactions. This also includes health data and information about third parties, e.g. about hereditary diseases in the family.

Behavioral and preference data: Depending on the relationship we have with you, we try to get to know you and better tailor our products, services and offers to you. To do this, we collect and use data about your behavior and preferences on our websites. We describe how tracking works on our websites in section Ziff. 11.

Other data: We also collect data from you in other situations. In connection with official or court proceedings, for example, data is collected (such as files, evidence, etc.) that may also relate to you. We may also collect data for health protection reasons (e.g. as part of protection concepts). We may also collect data about who uses our infrastructure and systems and when. The retention period of this data depends on the purpose and is limited to what is necessary.

4. For what purposes do we process your data?

We process your data for the purposes explained below. In addition, we refer to the purposes of use as explained in this privacy policy. The basis for data processing can be found in section 5 below. In detail:

We process your data as soon as you communicate with us, e.g. when we respond to your inquiry. For this purpose, we use in particular communication data and master data and, if necessary, data that you enter in the course of registering for the services you use. We store this data in order to document our communication with you, for training purposes, for quality assurance and for follow-up questions. Communication with you usually takes place in connection with other processing purposes, e.g. so that we can provide services or respond to a request for information. Our data processing also serves as proof of communication and its content.
We process your data for the initiation, administration and processing of contractual relationships, e.g. when we carry out a laboratory order from your doctor.
We process your data for marketing purposes and for relationship management (e.g. newsletters and other regular contacts).
We may also process your data for security purposes (incoming goods inspection, etc.).
We process your personal data to comply with laws, instructions and recommendations from authorities and internal regulations (“compliance”).
We also process your data for the purposes of our risk management and in the context of prudent business management, including business organization and business development.

We may process your data for other purposes, e.g. as part of our internal processes and administration or for training and quality assurance purposes.

5. On what basis do we process your data?

If we ask for your consent for certain processing, we will inform you separately about the corresponding purposes of the processing.

Where we do not ask for your consent for processing, we base the processing of your personal data on the fact that the processing is necessary for the initiation or execution of a contract with you (or the entity you represent) or that we or third parties have a legitimate interest in it, in particular in order to pursue the purposes and associated objectives described above under Section 4 and to be able to carry out corresponding measures. Our legitimate interests also include compliance with statutory provisions, insofar as this is not already recognized as a legal basis by the applicable data protection law.

6. to whom do we disclose your data?

In connection with our contracts, the website, our services and products, our legal obligations or otherwise to safeguard our legitimate interests and the other purposes listed in Section 4, we also transfer your personal data to third parties, in particular to the following categories of recipients:

Service providers: We work with service providers in Switzerland and abroad who process data about you on our behalf or under joint responsibility with us or who receive data about you from us under their own responsibility (e.g. IT providers, medical laboratories, advertising service providers and login service providers). This may also include health data. We provide these service providers with the data required for their services, which may also relate to you. In addition, we conclude contracts with these service providers that provide for data protection provisions, unless such protection is required by law. Service providers provide information about their independent data processing in their own data protection declarations.

Contractual partners including customers: This initially refers to our customers and other contractual partners (e.g. service recipients) because this data transfer arises from these contracts. This may also include health data. The recipients also include contractual partners with whom we cooperate.

Authorities: We may disclose personal data to offices, courts, health authorities and other authorities in Switzerland and abroad if we are legally obliged or authorized to do so. This may also include health data.

Other persons: This refers to other cases where the inclusion of third parties arises from the purposes set out in section 4. Other recipients are, for example, other third parties, including in the context of agency relationships (e.g. if we send your data to your doctor).

All these categories of recipients may in turn involve third parties, so that your data may also become accessible to them. We can restrict the processing by certain third parties (e.g. IT providers), but not by other third parties (e.g. authorities).

7. will your personal data also be sent abroad?

As explained in section 6, we also disclose data to other bodies. These are not only located in Switzerland. Your data may therefore be processed in Europe, but in exceptional cases in any country in the world.

If a recipient is located in a country without adequate statutory data protection, we contractually oblige the recipient to comply with the applicable data protection law (for this purpose we use the revised standard contractual clauses of the European Commission or those that the Federal Data Protection and Information Commissioner (FDPIC) has previously approved, issued or recognized), unless the recipient is already subject to a legally recognized set of rules to ensure data protection and we cannot rely on an exemption provision.

8. How long do we process your data?

We process your data for as long as required by our processing purposes, the statutory retention periods and our legitimate interests in processing for documentation and evidence purposes or for as long as storage is technically necessary. If there are no legal or contractual obligations to the contrary, we delete or anonymize your data after the storage or processing period has expired as part of our normal processes.

9. how do we protect your data?

We take appropriate security measures to protect the confidentiality, integrity and availability of your personal data, to protect it against unauthorized or unlawful processing and to counteract the risks of loss, unintentional modification, unwanted disclosure or unauthorized access. However, security risks cannot generally be completely ruled out; residual risks are unavoidable.

10. What are your rights?

To make it easier for you to control the processing of your personal data, you also have the following rights in connection with our data processing, depending on the applicable data protection law:

The right to request information from us as to whether and which of your data we process;
the right to have us correct data if it is incorrect;
the right to request the deletion of data;
the right to obtain from us the personal data concerning you in a commonly used electronic format or to transmit those data to another controller;
the right to withdraw consent where our processing is based on your consent;
the right to receive, on request, further information necessary for the exercise of these rights;

If you wish to exercise the above-mentioned rights against us, please contact us in writing or by e-mail; our contact details can be found in Section 2. In order for us to rule out misuse, we must identify you (e.g. with a copy of your ID, if this is not otherwise possible).

Please note that these rights are subject to conditions, exceptions or restrictions under the applicable data protection law. We will inform you accordingly if necessary.

11. do we use online tracking and online advertising techniques?

We use various technologies on our website with which we and third parties engaged by us can recognize you when you use our website and, under certain circumstances, track you over several visits (“cookies”). We will inform you about this in this section.

We use such technologies on our website and allow certain third parties to do the same. You can program your browser to block or deceive certain cookies or alternative technologies or to delete existing cookies. You can also add software to your browser that blocks tracking by certain third parties. You can find more information about this on the help pages of your browser (usually under the heading “Data protection”) or on the websites of the third parties listed below.

A distinction is made between the following cookies (technologies with comparable functions such as fingerprinting are also included here):

Necessary cookies: Some cookies are necessary for the functioning of the website as such or for certain functions. They ensure, for example, that you can switch between pages without losing information entered in a form.

Performance cookies: In order to optimize our website and corresponding offers and to better tailor them to the needs of users, we use cookies to record and analyze the use of our website, possibly even beyond the session. We do this by using third-party analysis services. We have listed these below. Details can be found on the websites of the third-party providers.

Marketing cookies: We and our advertising contract partners have an interest in targeting advertising precisely, i.e. only displaying it to those we want to address. We have listed our advertising contract partners below. For this purpose, we and our advertising contract partners – if you consent – also use cookies with which the content accessed or contracts concluded can be recorded. This enables us and our advertising contract partners to display advertising that we can assume will be of interest to you on our website, but also on other websites that display advertising from us or our advertising contract partners.

In addition to marketing cookies, we use other techniques to control online advertising on other websites and thereby reduce wastage. For example, we may transmit the email addresses of our users, customers and other persons to whom we wish to display advertising to operators of advertising platforms (e.g. social media). If these people are registered there with the same email address (which the advertising platforms determine by means of a comparison), the operators will display the advertising we have placed to these people in a targeted manner. The operators do not receive personal email addresses of people who are not already known. In the case of known e-mail addresses, however, they learn that these people are in contact with us and what content they have accessed.

We may also integrate other third-party offers on our website, in particular from social media providers. These offers are deactivated by default. As soon as you activate them (e.g. by clicking a button), the relevant providers can determine that you are on our website. If you have an account with the social media provider, they can assign this information to you and thus track your use of online services. These social media providers process this data on their own responsibility.

We currently use offers from the following service providers and advertising contract partners (insofar as they use data from you or cookies set by you for advertising purposes):

Google Analytics: Google Ireland (based in Ireland) is the provider of the “Google Analytics” service and acts as our processor. Google Ireland relies on Google LLC (based in the USA) as its processor (both “Google”). Google uses performance cookies (see above) to track the behavior of visitors to our website (duration, frequency of pages accessed, geographical origin of access, etc.) and compiles reports for us on the use of our website on this basis. We have configured the service so that the IP addresses of visitors are truncated by Google in Europe before being forwarded to the USA and therefore cannot be traced. We have switched off the “Data sharing” and “Signals” settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can use this data for its own purposes to draw conclusions about the identity of visitors, create personal profiles and link this data to the Google accounts of these persons. You explicitly consent to such processing, including the transfer of personal data (in particular usage data for the website and app, device information and individual IDs) to the USA and other countries. You can find information on Google Analytics data protection here: https://support.google.com/analytics/answer/6004245 and if you have a Google account, you can find further information on processing by Google here: https://policies.google.com/technologies/partner-sites?hl=de.

12. what data do we process on our pages in social networks, linked platforms and integrated services?

We may operate pages and other online presences (“fan pages”, “channels”, “profiles”, etc.) on social networks and other platforms operated by third parties and collect the data about you described in Section 3 and below. At the same time, the platforms evaluate your use of our online presences and link this data with other data about you known to the platforms (e.g. about your behavior and preferences). They also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes (e.g. to personalize advertising) and to control their platforms (e.g. which content they display to you).

We process this data for the purposes described in section 4, in particular for communication, for marketing purposes (including advertising on these platforms, see section 11) and for market research. You will find information on the relevant legal bases in section 5. We may redistribute content published by you (e.g. comments on an announcement) ourselves (e.g. in our advertising on the platform or elsewhere). We or the operators of the platforms may also delete or restrict content from or about you in accordance with the usage guidelines (e.g. inappropriate comments).

For further information on the processing of the platform operators, please refer to the privacy policies of the platforms. We currently use the following platforms, which are also linked on our website (via a button):

Facebook: Here we operate the page https://www.facebook.com/lLaboranalysen. The controller for the operation of the platform for users from Europe is Facebook Ireland Ltd, Dublin, Ireland. Their privacy policy is available at www.facebook.com/policy. Some of your data will be transferred to the USA. You can object to advertising here: www.facebook.com/settings?tab=ads. We are jointly responsible with Facebook Ireland Ltd, Dublin, Ireland, for the data that is collected and processed when you visit our site for the creation of “Page Insights”. As part of Page Insights, statistics are compiled about what visitors do on our page (comment on posts, forward content, etc.). This is described at www.facebook.com/legal/terms/information_about_page_insights_data. It helps us to understand how our site is used and how we can improve it. We only receive anonymous, aggregated data. We have regulated our responsibilities regarding data protection in accordance with the information on www.facebook.com/legal/terms/page_controller_addendum.

Google Maps is integrated into the website to show visitors our locations. When you open the location maps, you use this Google service directly; data such as the IP address, Google ID, location, time, etc. are transmitted to the operator Google and processed there; the operator’s privacy policy applies. Google Maps is operated for Switzerland by Google Ireland Limited, a company of Google LLC, based in Gordon House, Barrow Street, Dublin 4, Ireland. You can find their data protection information here: https://policies.google.com/privacy?hl=de.

Please note: If you are logged into an account of the aforementioned services at the same time or access content stored there (e.g. the map from Google Maps or our Facebook profile), these services will recognize your access and can link this to a user profile that you have for this account. If you do not want this, log out of these services before you visit us or click on such a link.

13. can this privacy policy be amended?

This privacy policy is not part of any contract with you. We may amend this privacy policy at any time. The version published on this website is the current version.