1. Principle
We take the protection of your privacy seriously. The following privacypolicy details which of yourpersonal data we process ifyou visit our website, use our online services, use our online coachingservices or if we provide any services to you generally.
We gather andprocess your personal data carefully and exclusively for the purposes describedin this privacy policy and only to the extent necessary within the framework ofapplicable legal provisions. We store your personal data exclusively to the extentand for the duration necessary to provide our services, or as required by law. In close cooperation withour hosting providers, we make every effort to ensure that databases areprotected from unauthorized access, loss, misuse and falsification.
This privacy policy is based,in particular, on the EU’sGeneral Data Protection Regulation (GDPR). Although the GDPR is a regulation of the EuropeanUnion, it is ofsignificant relevance to us. The Swiss FederalAct on Data Protection (FADP) is heavily influenced by EU law,and companies outside the European Union and the European EconomicArea must comply with the GDPR under certain circumstances.
2. Data protection officer
Legal Services - General Law, Designs and Enforcement is responsible for ensuring compliancewith the applicable provisions on data protection. If you have concernsregarding data protection, you may send them tous at the following address:
Lealy AG
Rütistrasse 28
8032 Zürich
data-protection@lealy.health
3. Collection and processing of personal data
We process the personal data that we receive within the scope of interacting with you andcoaching you in the area of long-term habit change of eating habits. This includes data on name, address, email, telephone number, age, occupation,physical activities, weight/BMI, gender, eating behavior, marital status, andother relevant health information such as diagnoses and comorbidities.
To the extentpermitted and needed, we gather certain data from publicly accessible sources (e.g. debt enforcement registers, the internet).
To conduct online meetings, video conferences and/orwebinars as well as for the exchange of information and for interaction betweenthe participants, we use the “circle.so” service. You can find more information about the processing of personal data in circle.soPrivacy Statement and European Privacy Statement.
4. Purposes of data processing and legal basis
We use the personal data that we collect for coaching on habit change of eating habits.
We also use thedata for the purpose of processing and concluding contracts with our customers and business partners.
In addition, we also process personal data from you and other persons, to the extent permitted and deemed appropriate by us, in which we (and sometimes third parties) have a relevant legitimate interest for the following purposes:
- Providing information about offers, services, websites and other platforms where we have an online presence
- Communicating with third parties and processing their queries
- Examining and optimizing needs analysis procedures for the purposeof directly addressing customers, as well as collecting personal data frompublicly accessible sources for the purpose of customer acquisition
- Advertising and providing information about our services and offers (including conducting events and sending the annual report) if you have not refused permission for the use of your data (if we send you advertising as a current customer, you may refuse permission at any time and we will place you on a list to block the sending of further advertising)
- Safeguarding our operations, in particular our IT, our websites and other platforms
- Conducting online meetings
- Sending you meeting reminders,nudges and similar motivational information
- Sending you our newsletter with recipes and other information
If you have given us consent to process your personal data for specific purposes (e.g. when you register for our webinar or when you register to receive newsletters or submit other requestsvia online forms on our website), we process your personal data within the scope of and based on this consent, unless another legal basis or other legitimate grounds exist.
Consent that has been given can be revoked at any time but has no effect on any data processing that has already been carried out. If the processing of your personal data is within the scope of the administration of health-relatedd ata we may process and in what form.
5. Cookies/tracking and other technologies in connection with the use of our website / Marketing Tools
5.1 Cookies und figurative elements
We typically use cookies and other similar techniques which can identify your browser or your device. A cookie is a small file which is sent to your computer or stored automatically on your computer or mobile device by your web browser when you visit our website. If you visit this website again, we can then recognize you even if we do not know who you are. In addition to cookies which are only used for one session and are deleted after your visit to the website ("session cookies"), permanent cookies can also be used to save your user settings and other information for a specific duration of time (e.g. two years). However, you can adjust your browser settings so that it rejects cookies, only saves them for one session, or deletes them after a set time. Most browsers are pre- set to accept cookies. We use permanent cookies to better understand how you use our offers and content. If you block cookies, it is possible that certain functions (e.g. language options) will no longer work.
To the extent permitted, we sometimes integrate visible and invisible figurative elements into our newsletters and marketing emails which, when retrieved from our servers, allow us to know if and when you have opened the email. In this way, we can also measure and better understand how you use our offers,and can tailor them to you. You can block them in your email program.
5.2 Newsletters and marketing emails
By using our websites and giving your consent to receive newsletters and other marketing emails, you agree to the use of these techniques. If you do not want this, you must adjust the settings of your browser and email program accordingly.
5.3 Google Analytics
We sometimes use Google Analyticson our websites, which is a service by third partiesthat could be locatedanywhere in the world (in the case of Google Analytics, it is Google LLC in theUSA, www.google.com).
Google Analytics allows us to measure and evaluate the use (non-personal) of the website. Forthis purpose, permanent cookies are also used, which are set by the serviceprovider. The service provider does not receive any personal data (and does notstore any IP addresses) but can track your use of the website, combine thisinformation with data from other websites you have visited and are also tracked by the serviceprovider, and use these insights for its own purposes (e.g. to tailor advertising). If you haveregistered yourself with the service provider, then this service provider alsocan identify you. The processing of your personal data by the service provideris therefore the responsibility of the service provider in accordance with itsown data protection provisions. The service provider merely informs us as tohow our respective website is used (no personal information about you).
We have activated IP anonymization on thiswebsite, which means that the IP addresses of visitors to the Lealywebsite that must be sent to the Google Analytics server are automaticallyshortened by removing the final digits within a very short time.For more information, see Google Marketing Platform.
5.4 Google reCAPTCHA
We sometimesuse Google reCAPTCHA on our websites. Theseare third-party servicesthat may be located in any country in the world (in the caseof Google reCAPTCHA, it is Google LLC in the USA).
We use GooglereCAPTCHA to protect online forms on our website. Data processing is based on your consent. The purpose of reCAPTCHA is to check whether a human or anautomated program is entering data on ourwebsites (e.g. in a contactform). reCAPTCHA analysesthe behavior of the websitevisitor on the basisof various characteristics. Cookies are also used for this purpose and are setby the service provider. The analysis starts automatically as soon as thevisitor opens the website and runs entirely in the background.Website visitorsare not informedthat an analysisis taking place.
For the analysis,Google can evaluate all the information on these form pages (including the IPaddress, how long the visitorstays on the websiteand the user’smouse movements). The data collected during the analysis is forwarded to Google.The use of the reCAPTCHA service is in accordance with Google’sPrivacy Policy and Termsof Service. For more information, see the website to GooglereCAPTCHA.
5.5 Plug-ins
We also use plug-ins on our websites for social networks such as Facebook, Instagramand google analytics, which are clearly indicated(usually with a corresponding icon).We have configured these elements to be disabledby default. If you activate them (by clicking on them), the operator ofthe corresponding social network registers that you are on our website andwhere you are, and can use this information for its own purposes. Theprocessing of your personal data by the operator is therefore theresponsibility of the operator in accordance with its own data protectionprovisions. We do not receive any information about you from the operator.
5.6. Further Marketing and Communication Tools
We additionally use the following tools for marketing purposes and data collection:
Bigmarker (www.bigmarker.com),
mailchimp(www,mailchimp.com),
whereby (www.whereby.com),
WhatsApp,
webflow (www.webflow.com) and
typeform (www.typeform.com).
In this context, we refer to the relevant data protection guidelines the respective companies comply with. By using these tools, the customer also expressly agrees to their privacy policies.
6. Transfer of data to thirdparties
Your personaldata is neither transferred nor sold or otherwise transmitted to third partiesin any form, unless this is required for the purpose of processing a contractor to fulfil our statutory tasks, or if you have expressly consented to this(e.g. to ensure the security of the entry forms on our website ).In addition, data may be transmitted to thirdparties if we are under obligation to do so by law or by an enforceable official or courtorder.
Some recipientsof such data are located in Switzerland but can also be anywhere in the world.If we transmit data to a country that doesnot have appropriate data protection, we ensure an appropriate level of protection by employing contracts accordingly, or we act on the basis ofthe following statutory/legal exemptions: consent, performance of the contract,the establishment, execution or enforcement of legal claims, overriding publicinterests, published personal data, or the need to protect the integrity of thepersons in question.
The circle.so service used for theLealy coaching platform is suppliedby a provider in the USA. Therefore, personal data is also processed in a third country. Asuitable level of data protection is contractually guaranteed. No sensitivedata is stored in circle and thus no health-related data is transferred to the USA.
7. Duration of personaldata storage
We process andstore your personal data to the extent that it is required to fulfil our contractualand legal obligations or for the purposes pursued by the processing, which means, for example, for the entireduration of the contractual relationship (from the initiation and performance of a contractto its conclusion) and beyondthat in accordance with legalobligations for storage and documentation.
8. Data Security
We take appropriate technological and organizational securityprecautions to protectyour personal data againstunauthorized access and misuse, such as issuing instructions, training, IT andnetwork security solutions, access controls and restrictions, encrypting datacarriers and transmissions, pseudonymization and checks.
9. Duty to provide personal data
Within the scopeof our business relationship, you must provide those items of personalinformation required to be able to commence and carry out a businessrelationship and fulfilthe associated contractual obligations (youusually are not obliged by law to provide us with data). However, without thisdata we are generally not able to conclude a contractwith you (or with the office or person that youare representing), to process it nor to fulfil our legal tasks.
10. Profiling and automated decision-making
Personal data is not subject to any automateddecision-making. We do not conductprofiling with personaldata.
11. Rights of the person in question
Within the scopeof the applicable data protection law and to the extent required by the law(e.g. in the case of the GDPR), you have the right to information, amendment,deletion, the right to restrict the processing of data and otherwise to refusepermission to our processing of the data as well as the publication of certainpersonal data for the purpose of transfer to another office (known as dataportability). Please note, however, that we reserve the right to enforce therestrictions required by law, for example in cases where we are obliged tostore or process certain data, have an overriding interest to do so (to theextent that we may call on it) orrequire it to assert claims. We willinform you in advance if this incurs any costs for you. We have providedinformation about your option to revoke your consent under Section 4. Pleasenote that exercising your rights can conflict with contractual agreements, whichcan have consequences, such as the premature termination of a contract or incurred costs. In such cases, we willinform you in advance where this is not already contractually or legally regulated.
The exerciseof such rights generally requires that you clearly prove your identity (e.g. with a copy of an ID card, if your identity cannot otherwisebe clearly verified). To assert your rights, you can contact us via the addressprovided under Section 2.
Furthermore, every person affectedhas the right to legallyenforce their claims or to submit a complaint with theresponsible data protection authority. The responsible data protectionauthority in Switzerland is the Federal Data Protection and InformationCommissioner (http://www.edoeb.admin.ch).
12. Amendments
We may amend this privacypolicy without prior notice at any time. The version published on our website is theversion currently applicable. Where appropriate, wewill update you about amendments via email or in another suitable manner.
Third-party cookies and tracking technologies
The following technologies are used on our website.Click on the links provided to find detailedinformation about the tools.
Solution,Category / purposeProviderAddressLinks
Google Analytics
Web analytics
Google Inc.600 Amphitheatre Parkway Mountain View, CA 94043USA · Privacypolicy· Opt-out
Google reCAPTCHA
www.lealy.halth uses Google reCAPTCHA to protect forms on the Lealy website. This cookie is used for identification and security purposes.
Google Inc.600 Amphitheatre Parkway Mountain View, CA 94043USA · Privacypolicy
Google Fonts
Display
Google Inc.600 Amphitheatre Parkway Mountain View, CA 94043USA · Privacypolicy· Opt-out
Dession cookie / security cookie www.lealy.healthworks with circle.so This is an infrastructure provider. This cookie is used for identification and security purposes.
CircleCo·
228 Park Avenue South·
Private Mailbox 52933·
New York, NY 10003·
United States
Privacypolicy Opt-out