Data protection
1. Who is responsible for your personal data?
In this privacy policy we describe how we collect and process your personal data when you visit our website, use our services or order or purchase our products.
contact details
NAILSxBEAUTY Sihlcity GmbH
Kalanderplatz 1
CH-8045 Zurich
sihlcity@nxb.ch
2. What personal data do we process, for what purpose and on what basis?
2.1 When you visit our website (without booking an appointment)
When you visit our website, the server automatically logs general technical visit information. This includes, for example, the IP address and operating system of your device, the date and time of use, the website from which you visit us and the type of browser you use to access our website.
We also use cookies and similar technologies. You can find more information about this in our Cookie Policy, which is part of this data protection declaration.
To the extent that we process personal data when you visit our website, we do so based on our interest in providing the website, offering you the best possible user experience and further developing and marketing our products and services.
2.2 If you are interested in our services and products or use them or order or purchase them
When you book an appointment, inquire about our products and services, come to us for a suitability assessment or check-up, use a treatment plan or products or our website, we collect your contact details and other relevant personal data that you provide to us on these occasions.
The contents of our pages were created with great care. However, we cannot guarantee that the content is correct, complete or up-to-date. As a service provider, we are responsible for our own content on these pages in accordance with general laws. However, as a service provider, we are not obliged to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information in accordance with general law remain unaffected. However, liability in this regard is only possible from the time of knowledge of a specific legal violation. If we become aware of any corresponding legal violations, we will immediately remove this content.
We process this personal data for the following purposes and on the basis of the following bases:
(a) to prepare, conclude and fulfill the (treatment) contract with you and to enforce claims arising from it;
(b) based on our legitimate interests in communicating with you, optimizing your user experience, improving and expanding our offers, services and products, analyzing demand patterns or creating other evaluations, ensuring IT security and business operations, to ensure the governance and development of our company and to enforce or defend legal claims;
(c) to comply with legal obligations (e.g. obligation to retain business records).
In connection with the treatment, we collect certain health data from you. Health data is sensitive personal data that requires particular protection within the meaning of data protection law. We therefore ask you for your explicit consent before we collect this personal data.
3. When and how do we pass on your personal data to third parties?
In order to fulfill the contract, protect our interests or comply with legal regulations, it may be necessary for us to pass on your personal data to third parties. This includes, for example, our IT service providers and third-party providers in the areas of payment transactions, billing, debt collection, consulting, sales and marketing.
Even if we pass on your personal data to third parties outside Switzerland, the EU and the EEA, we comply with the applicable data protection laws, e.g. by taking appropriate contractual, technical and organizational measures.
4. Data security
We protect your personal data in particular by using the following technical and organizational security measures against unintentional, illegal or unauthorized manipulation, deletion, alteration, access, disclosure, use or loss:
(a) Our employees only have access to your personal data if this is necessary or useful for the performance of the relevant employee's duties;
(b) We have the most modern IT infrastructure, internal IT specialists and modern IT regulations;
(c) Whenever possible and sensible, personal data is encrypted (during transmission and/or storage).
5. How long do we keep your personal data?
We only store your personal data for as long and to the extent necessary for the purposes described or for legal reasons.
We retain data relating to treatments (patient files) for 20 years for legal reasons.
6. What rights do you have?
Under the conditions of applicable data protection law, you have the following rights in connection with your personal data:
Right to information about the personal data we process about you;
Right to correct inaccurate personal data;
Right to have your personal data deleted (“right to be forgotten”);
Right to restrict the processing of your personal data;
Right to data portability (transfer of your personal data to you or a third party);
Right to object to the processing of your personal data.
Please note that exceptions apply to these rights. In particular, we may be obliged to continue processing your personal data in order to fulfill a contract, to protect our own legitimate interests such as the assertion, exercise or defense of legal claims, or to comply with legal obligations. In these cases, we can or must reject certain requests or only comply with them to a limited extent.
If you are not satisfied with the way we process your personal data, you have the right to complain (see section 8).
7. Links to Other Websites
Our website may link to third party websites that are not operated or controlled by us. We are not responsible for whether and how these third parties comply with data protection regulations.
8. Right to complain
If you are not satisfied with the way we process your personal data, you have the right to complain to the Federal Data Protection and Information Commissioner (FDPIC) or, if the FDPIC is not responsible for your concern, to the responsible supervisory authority .
Please contact us first before filing a complaint. This way we can try to solve your problem directly. The easiest way is to contact us by email at sihlcity@nxb.ch.
9. Changes to this Privacy Policy
We may change this privacy policy at any time. New versions will come into effect for you as soon as we have notified you of this by publishing them on our website.
Zurich, April 2024