.avif)
Privacy Policy
1. Data Controller
Heiva Massagepraxis
Salome Vogel
Missionsstrasse 13a, 4055 Basel
salome@heiva.ch
2. Use of Online Booking
Through the online booking system, we offer you the opportunity to book appointments at Heiva Massage Practice Salome Vogel. The online booking service is operated by HealthAdvisor Group AG and its sister company, GIMA Services AG, both based in Switzerland («HealthAdvisor»). This is also why, when accessing the online booking, you directly or indirectly (in an integrated area on the website of Heiva Massage Practice Salome Vogel) collect data on the website app.healthadvisor.ch. However, Heiva Massage Practice Salome Vogel remains responsible for your personal data.
We have entered into a data processing agreement with HealthAdvisor, in which we obligate HealthAdvisor to protect personal data of our patients, not to disclose it to unauthorized third parties or use it for their own purposes, and to store your data exclusively on servers in Switzerland.
2.1. Server Log Files
When you access the online booking, the browser used on your device (e.g., smartphone, notebook, or computer) automatically sends data to the HealthAdvisor server. This data is temporarily stored in a log file, the so-called server log files. The access data includes in particular the IP address, name and version of the web browser used, the operating system used, amount of data transferred, and the name of your internet service provider. With the exception of data you collect yourself (e.g., as part of an online appointment booking), this is exclusively information that does not allow conclusions to be drawn about your person.
This data is processed for the purpose of enabling the use of the online booking (connection establishment), ensuring system security and stability on a permanent basis, optimizing HealthAdvisor's services, and for internal statistical purposes. This data is not disclosed to third parties or otherwise evaluated. No personal user profile is created.
2.2. Cookies and Browser Storage
When using the online booking, so-called "cookies" are placed on the device you use. These are small text files that serve to make websites more user-friendly and effective overall and to make your use of the online booking as pleasant as possible. Cookies do not cause any damage to your device and cannot execute programs or contain viruses. Most cookies used by HealthAdvisor are so-called session cookies. These are automatically deleted when you log out or close the browser. Other cookies remain stored on your computer beyond the respective usage process and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit. If other cookies (e.g., cookies for analyzing your browsing behavior) are stored, these are treated separately in this privacy policy. In addition, certain data such as the language used, first and last name, as well as phone and email address are stored in the browser on your device to avoid re-entering this information during the next booking. You can set your browser to inform you about the setting of cookies and allow or generally exclude the acceptance of cookies for certain cases only on a case-by-case basis. You can also delete the data stored in the browser at any time.
2.3. Online Appointment Booking
If you wish to use the online booking, you must provide various personal data such as first/last name and possibly further personal information such as email address, mobile phone number, address, date of birth, and health insurance. You are also free to use the "Comments" field.
The information you provide is processed for the purpose of appointment booking and its processing.
The mandatory information is required to make an appointment with you. The voluntary provision of further data facilitates the processing of your request and enables us to provide you with more precise information.
You can object to this data processing at any time. Please send your objection to the email address mentioned under point 1.
3. Google Services
When using the online booking, various services of Google LLC based in the USA, or if you have your habitual residence in the European Economic Area (EEA) or Switzerland, Google Ireland Limited, based in Ireland («Google») are used. Google LLC is always responsible for the processing of personal data when using «Google Maps». We use the following Google services on our websites: Google Analytics, Google Maps, Google reCAPTCHA. More detailed information about the individual services can be found below. Google uses technologies such as cookies, web storage in the browser, and tracking pixels that enable an analysis of your use of the online booking. The information generated about your use of the online booking may be transmitted to a Google server in the USA or to other countries and stored there. Information about the locations of Google data centers can be found here. We use tools provided by Google that, according to Google, can process personal data in countries where Google or its Subcontractors maintain facilities. Google promises in its «Data Processing Addendum for Products where Google is a Data Processor» to ensure an adequate level of data protection by relying on EU standard contractual clauses. More detailed information about processing by Google and privacy settings can be found in the Privacy Policy or Google's privacy settings.
3.1. Google Analytics
For the purpose of analyzing our online booking and its users as well as for marketing and advertising purposes, we use the web analytics service Google Analytics 4.
Google Analytics uses cookies that are stored on your device (laptop, tablet, smartphone, etc.) and enable an analysis of your use of our online booking service. This allows us to evaluate usage behavior on our online booking service and make our offer more interesting based on the statistics/reports obtained. We can use Google Signals. This captures additional information about users who have personalized ads enabled (interests and demographic data) and ads can be delivered to these users in cross-device remarketing campaigns. In Google Analytics 4, IP address anonymization is enabled by default. This means your IP address is truncated by Google within Switzerland or the EU/EEA before transmission. Only in exceptional cases is the full IP address transmitted to a Google server and truncated there. Google uses this information to evaluate your pseudonymous use of our online booking service, to compile reports on booking activities, and to provide us with further services related to the use of the online booking and internet usage. According to Google, the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. When using our online booking, your user behavior is captured in the form of events (such as page views, interactions, or your «click path») as well as other data such as your approximate location (country and city), technical information about your browser and the devices you use, or the referrer URL. You can prevent the collection and transmission of data generated by the cookie and related to your use of our online booking service (including your IP address) to Google as well as the processing of this data by Google by downloading and installing the Browser Add-on to Deactivate Google Analytics. If you wish to object to interest-based advertising by Google, you can use the settings and opt-out options provided by Google. An overview of data usage in Google Analytics and the measures taken by Google to protect your data can be found in the Google Analytics Help. Further information on the Terms of Use for Google Analytics and data protection at Google can be found in the respective documents.
3.2. Google Maps
To embed interactive maps in our online booking, we use the online map service Google Maps. When you call up a page on which Google Maps maps are embedded, Google Maps will set a cookie. This cookie is usually not deleted by closing the browser, but expires after a certain time, unless you delete it manually beforehand. By using Google Maps, information about your use of our online booking service (including your IP address) may be transmitted to a Google server in the USA and stored there. Google may store this data as usage profiles for the purposes of needs-based design of services, advertising, and market research. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish this, you must log out beforehand. If you do not agree with this processing of your information, you have the option to deactivate the Google Maps service. To do this, you must deactivate the JavaScript function in your browser. However, this may also affect other functions of our online booking. Further information can be found in the Terms of Use for Google Maps and the Privacy Policy of Google.
3.3. Google reCAPTCHA
The reCAPTCHA function serves to distinguish whether an input (e.g., when booking online) is made by a human or automatically by a computer program (so-called Bots). This is intended to ensure the security of the online booking and protect it in particular from automated inputs (or attacks) and spam. For this purpose, reCAPTCHA analyzes the behavior of the online booking user based on various characteristics. These analyses run completely in the background and start automatically as soon as you access the online booking. To distinguish between humans and bots, Google analyzes various information, such as the IP address of the device used, time spent on the online booking, the browser and operating system used, or mouse movements and typing behavior made by the user. Further information on the use of the data collected in this way by Google can be found in the Privacy Policy as well as the Terms of Use of Google.
4. Data Security
HealthAdvisor has implemented appropriate technical and organizational security measures to protect the personal data it processes, in particular against accidental or intentional manipulation, loss, destruction, or unauthorized access by third parties. This includes, for example, the use of recognized encryption methods (e.g., encryption using SSL/TLS). The security measures taken are continuously improved in line with technological developments. The measures taken are intended to ensure the confidentiality and integrity of your personal data as well as the availability and resilience of HealthAdvisor systems and services when processing your personal data on a permanent basis. Furthermore, they also ensure the rapid restoration of the availability of your personal data and access to it in the event of a physical or technical incident. If HealthAdvisor commissions other service providers (e.g., cloud storage services) with the processing of your personal data, these are obligated to maintain confidentiality and comply with data protection regulations. Moreover, these service providers are only granted access to personal data to the extent necessary.
5. Data Retention
In principle, your personal data is retained for as long as is necessary for the respective purpose. If legal retention obligations exist, the relevant personal data is stored for the duration of the retention obligation. After the retention obligation expires, it is checked whether there is a further necessity for processing. If there is no longer a necessity, your data will either be deleted or anonymized. If your data is stored due to a contractual relationship with you, this data remains stored at least as long as the contractual relationship exists and at most as long as limitation periods for possible claims by us are running or legal or contractual retention obligations exist. Personal data is retained for as long as required by legal and contractual retention periods. After the retention period expires, the personal data is deleted or anonymized.
6. Data Subject Rights
You generally have the rights to information, correction, deletion, restriction, data portability, objection to processing, and revocation of consent with regard to your personal data. Please note, however, that we reserve the right to assert the legally provided restrictions, for example if we are obligated to retain or process certain data, have an overriding interest in it (to the extent we may rely on this), or need it for the assertion of claims. Please note that the exercise of these rights may conflict with contractual agreements and may have consequences such as premature contract termination or cost consequences. We will inform you in advance in such cases, where this is not already contractually regulated. If you believe that the processing of your personal data violates data protection law, or your data protection claims have otherwise been violated in any way, you can also complain to the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (EDÖB). The exercise of your data protection rights generally requires that you clearly prove your identity (e.g., by means of a copy of your ID, where your identity is otherwise not clear or cannot be verified). To assert your rights, please contact us by email at the email address mentioned under point 1.
Version October 5, 2025