Data Privacy Statement of

The European General Data Protection Regulation, which will come into force on 25 May 2018, has top priority at healthbank cooperative and is reflected in our data privacy statement.

With this data privacy statement, which is an integral part of the General Terms and Conditions (hereinafter “GTC”), healthbank Coop undertakes to handle your personal data responsibly. The security and protection of your personal data have absolute priority at healthbank. The terms used in the GTC have the same meaning in this data protection statement.

This includes full transparency in the collection and use of data, control over their data from the users of our services and the principles of “Data Privacy by Design & Default”.

1. Handling of personal data

We will not disclose your personal data to third parties unless we are required to do so by law or you have given your consent in accordance with the following paragraphs. Affiliated organizational units of healthbank Coop are not considered third parties.

2. Definition of personal data

According to the Swiss Federal Data Protection Act and the European General Data Protection Regulation, personal data are all data that relate, alone or in combination, to a specific or identifiable person.

This includes, for example, your name, your address, your date of birth, your medical and fitness data stored at healthbank, your password, your e-mail address, the Internet address (IP address) of your computer that is visible to us when you visit our website as well as our records of the healthbank websites you visit, including the user behavior.

The business model of healthbank also includes the processing of particularly sensitive personal data, such as health, gender, nationality, country of origin or health insurance.

This data privacy statement covers both historical and future data.

3. Data collection and processing

By becoming a user of, you consent that healthbank processes your personal data for the provision of services within In accordance with the GTC and the data privacy statement, healthbank will, if necessary, use service providers who are obliged to comply with the applicable laws.

All documents uploaded by the user are encrypted and therefore unreadable for healthbank.

healthbank offers the user a variety of functions that are individually adapted to this (e.g. healthbank provides certain information, offers, recommendations and services based on collected data and promotes interaction on the communication platform). This requires your explicit consent.

4. Your data on usage behavior in particular

By visiting the platform of you agree that healthbank may collect, process and use your data on usage behavior in connection with the use of healthbank services with the support of electronic tools. healthbank records, for example, when you use

healthbank collects the frequency and scope of use of the services offered by healthbank. These data transactions can be shared with service providers providing services through healthbank, with companies providing data to healthbank, and with healthbank itself to maintain high availability of services offered to users.

5. Linked websites

healthbank may contain links to third-party websites. healthbank is neither liable for the data protection statement nor for the collection and use of personal data nor for the contents of these websites. If you use a link to another website, you should therefore carefully read the data privacy statement applicable to that website.

6. Handling and disclosure in connection with fraudulent acts / judicial and administrative authorities

By becoming a user of, you consent to the collection, processing, use and disclosure of personal data necessary to uncover and prevent illegal or non-contractual acts or acts of fraudulent intent, insofar as this is necessary in individual cases or if there are plausible indications.

In addition, we may be required to disclose personal data on the basis of a judicial or administrative request (e.g. requests for information) in connection with an investigation or administrative procedure or on the grounds of suspicion of a criminal offence or an illegal act.

7. Storage and use after deleting your account

By deleting your account, your own data will be irrevocably deleted within 72 hours. By setting up your user profile you agree that your data can be automatically deleted by healthbank after 2 years if no activity is visible on your account. You agree to the storage and use of your data beyond the termination of the use of the healthbank services, insofar as this storage and use is required by law.

8. Data security

We use suitable and extensive technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments. We also take internal data protection very seriously. Our employees and the third parties commissioned by us have been obliged to maintain confidentiality and to comply with the provisions of data protection law.

9. Right to information, rectification and deletion

You have the right to obtain information about your personal data stored by us at any time and without giving reasons. Furthermore, you may at any time request that we correct, supplement or completely delete your personal data.

Please note that an application for deletion may be subject to legal retention obligations. For information, correction and deletion requests, please send an e-mail to:

10. Changes to this data privacy statement

healthbank reserves the right to revise, amend or otherwise update this data protection statement at any time. We will inform you about changes, additions or revisions to our data protection statement by means of a corresponding notification when you register, as well as through additional communication channels such as our newsletter. Without a new declaration of consent, the services or partial services of can no longer be used.

Questions regarding this data privacy statement can be directed to the following e-mail address:

Baar, May 24, 2018