In this privacy policy, we inform you about how we, the University Hospital Zurich (USZ), collect and process your personal data when you contact us via one of our online services.
The processing of data that is not collected via our online services is regulated in separate documents. If specific data protection declarations are also posted on our services, this data protection declaration applies to the extent that it goes beyond the specific data protection declaration.
The collection and processing of your data takes place exclusively in accordance with the applicable laws, in particular the law on information and data protection of the Canton of Zurich, and in accordance with our high standards of information security and data protection.
The University Hospital Zurich (USZ), Rämistrasse 100, 8091 Zurich, is responsible for the data processing described here.
You can contact the Data Protection Office for data protection concerns:
Data Protection Office
University Hospital Zurich
Rämistrasse 100, 8091 Zurich
E-mail: datenschutz@usz.ch
The competent supervisory authority is the data protection officer of the Canton of Zurich.
We collect and process information that you voluntarily provide to us via our online services, for example by using contact forms. This also includes information about your health.
We also automatically collect personal data whenever we have contact with you via our online services: As soon as you access or use one of our online services, certain personal data such as your IP address, MAC address of the smartphone or computer, details of your device, browser and operating system, internet service provider, cookies, date and time of the visit, pages and content accessed, functions used, referring website, location details, language and country settings are collected.
A cookie is a small file that is stored by your web browser when you visit one of our websites or install our app. When you visit a website again or use our app, the web browser is recognized. We don’t know who you are. No security-relevant data is stored in the cookies.
All cookies used by us are only valid temporarily and are then deleted. In most web browsers, it is also possible to block the use of cookies, to receive a warning before a cookie is created or to delete cookies afterwards. In these cases, however, certain content and offers of our services may not be usable in the same quality. You can usually find out how to block the use of cookies in your browser in the settings of your browser or on the website of the provider of your browser.
We collect and process your data for various purposes.
If you have voluntarily provided us with your personal data for a specific purpose, we will process your personal data exclusively within the scope of the following purposes and for the purpose that we stated at the time of transmission or that is evident from the circumstances of the transmission.
We process personal data that you automatically leave behind when you use our online services because we want to offer you better services. These can be summarized as follows:
You can revoke your consent to the offer of information and advertising via newsletter or registration for other services at any time in the respective newsletter or on the other registration page or via the e-mail address internet@usz.ch.
We process your personal data as long as it is necessary for the fulfillment of our contractual and legal obligations or otherwise for the purposes pursued with the processing and beyond that in accordance with the legal storage and documentation obligations. As soon as your personal data is no longer required for the above-mentioned purposes, it will be deleted, anonymized or archived.
The USZ has appropriate, state-of-the-art security measures in place to protect your personal data from unauthorized access and misuse. Such security precautions include technical cyber security measures such as IT and network security solutions, encrypting your data and ensuring need-to-know when accessing your data, as well as organizational and administrative measures such as ensuring regular checks of controls, employee training and a set of relevant directives.
In principle, your personal data remains at the USZ.
We only share your personal data externally in order to make use of technical or organizational services that we require for the fulfilment of the aforementioned purposes or our other business activities.
Your personal data will only be passed on beyond this if you have given your express consent or if the data has been anonymized in such a way that it is no longer possible to identify you personally.
If data has to be passed on, this is always done in accordance with the applicable legal basis.
The USZ uses Piano Analytics (formerly: AT Internet), a service of Applied Technologies Internet SAS, Parc d’Activité La Devèze, 8 impasse Rudolf Diesel, 33700 Mérignac, France (AT Internet) for web analysis.
AT Internet collects your cookie ID, mobile ID, IP address for us. We need this data to analyze user behavior on the website and to ensure a high quality of use. The data generated by the cookie about usage behavior (including the IP address) is anonymized immediately after data collection and stored on an AT Internet server in the European Union. We do not have access to this server. After 6 months, the anonymized IP addresses are completely deleted. The cookies from AT Internet remain on your browser for 13 months. This allows us to recognize returning website visitors. As mentioned above, you have the option of blocking the use of cookies in your web browser.
We use the extended opt-out function of Piano Analytics on our website. This function enables us to collect anonymized data from visitors who have opted out of the use of cookies. This means that we can continue to gain valuable insights into the use of our platform without processing personal data. The extended opt-out function ensures that the privacy of users is protected and at the same time compliance with data protection regulations is guaranteed.
We use the Gilroy font from Monotype Imaging Inc. USA. To verify compliance with the paid license, Monotype measures the number of pages viewed. Your IP address is passed on anonymously for this purpose.
We also use plug-ins from social networks such as Facebook, Twitter, YouTube, Google+ and Instagram on our websites. You can see this in each case, typically via corresponding symbols. We have configured these elements so that they are deactivated by default. If you activate them (by clicking on them), the operators of the respective social networks can register that you are on our website and where and can use this information for their purposes. The processing of your personal data will then be the responsibility of this operator in accordance with its data protection provisions. We do not receive any information about you from him.
You are entitled to assert your data protection rights at any time, in particular to request information about your data stored by us or the correction, addition or deletion of your personal data, provided that your request does not conflict with any statutory processing obligations.
We may amend this privacy policy at any time without prior notice within the framework of the legal requirements. The current version published on our website applies. We therefore recommend that you re-read the privacy policy from time to time.
Version 1.3 from April 17, 2025
The University Hospital Zurich (USZ) manages and processes information in the following types of systems:
Type of information processed:
Type of information processed:
Type of information processed:
This is only done with the consent of the patient (general consent).
Type of information processed:
Type of information processed:
Type of information processed:
Type of information processed:
The retention period is based on the legal requirements.