Privacy Policy

Date: 14.02.2025

Augmedi AG is committed to the protection of your personal data. That is why we have created this privacy policy to explain what personal data we, Augmedi AG, based in Zollikon, Switzerland (hereinafter referred to as "Augmedi", "we") process about you. When we talk about personal data, personal data or data, we mean all information that relates to an identified or identifiable person.

Below you will find out what personal data we collect from you when you visit our website or our app, which can be used to teach medical content, how we process it and your rights and obligations in relation to your data.

1. Person in charge

   The person responsible for the data processing described in this privacy policy is:

   • Augmedi AG
     Alte Landstrasse 70
     8702 Zollikon
     Schweiz
     
     Email: info@augmedi.com
     
     

   If you have any concerns or questions about data protection or in connection with this privacy policy, please feel free to contact us at any time.

2. Collection, processing and use of personal data
   1. Data subjects

      Augmedi collects and processes personal data of visitors to the website www.augmedi.com, from users of the App augmedi.app or other Augmedi channels, as well as from newsletter subscribers. The personal data is usually collected from the data subjects themselves, for example when a user account ("Augmedi account") is created or a registration for our newsletter is made. ​​
      However, every time you visit the app augmedi.app or our website www.augmedi.com, our system also automatically collects information that is transmitted to us by the Internet browser of your device. In particular, the following data are concerned:

      • Date and time of access
      • Browser type/version
      • Operating system
      • URL of the previously visited website
      • accessed domain
      • Search term when using a web browser
      • IP address
      This data is collected for technical reasons and stored in so-called server log files for a short time until automated deletion in order to be able to provide you with a functional, stable and secure website or app as well as the content and services it contains. We use this data for error analysis, to ensure the security of the systems, to log access to our website and app and to improve our offer, and thus in our legitimate interest in accordance with the purpose.
      
      
3. Data collected and purposes of data processing

   In addition to the data described in 2.1, we collect the following personal data:

   1. Learning service

      Our app enables users, regardless of whether they use our paid or free offer, to learn medical content such as anatomy and access procedures interactively using 3D models. As part of the use of our app, we collect and store certain usage data in order to provide, improve and use our service for research purposes.

      When using the App, we collect personal data such as:

      • Answers and related questions from multiple-choice tests
      • the duration of learning (how long a person has been actively learning)
      • the time of the last activity

      The data collected is used to improve our service, in particular to optimize learning content and user experience, for marketing measures such as targeted user contact and the analysis of learning patterns, as well as for research purposes for the scientific analysis of learning behavior in medical applications.

      All collected data is stored on secure servers and transmitted in encrypted form. The data is automatically deleted after a defined storage period or at the request of the user.

      For the storage period of data stored in connection with our offer and thus an Augmedi account, we refer to the following section 3.2.

   2. Creating an Augmedi account

      You can create a free Augmedi account at any time. Registration is a prerequisite for taking out a membership and using the learning service in accordance with our Terms and Conditions.

      To register, you have the following options:

      • E-mail login: Registration with username, e-mail address and password.
      • Single sign-on (SSO): Sign in with an existing Google, Apple, or Microsoft account.

      User accounts are authenticated and managed via Auth0. For more information on the processing of your data as part of the registration process, please refer to section 7.

      The data you provide will be processed for:

      • Creation and management of the Augmedi account
      • Access control and fraud prevention
      • Provision and billing of our learning service
      • Storage of relevant usage data (e.g. membership status, payment processing)
        
        
4. Disclosure and transfer of data abroad

   The personal data collected by us from the users of our learning service will be transferred by us to processors, in particular to processors. in the area of IT services that help us to provide our services. Depending on where Augmedi's service providers are located, your data may be transferred to countries inside and outside the EU/EEA, in particular to the European Union. also to the USA. If data is transferred by Augmedi to a processor in a country without so-called adequate data protection, Augmedi ensures adequate protection by using contractual guarantees, namely on the basis of the EU standard contractual clauses, or relies on the exception of consent or the initiation and execution of contracts.

   In order to process payments, we pass on the required payment data to the payment service provider Stripe Payments Europe Ltd., Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland. To the extent necessary, Stripe also transmits the data to Stripe, Inc., based in the USA. You can find more information about data protection at Stripe here.

5. Cookies and Web-Storage Objects

   Augmedi uses cookies and web storage objects to provide you with a variety of functionalities and to improve your user experience. Cookies and web storage objects are small text files that are stored on your device via your browser. If you do not want us to use cookies or web storage objects, you can change this accordingly in the settings of your browser. Please note that the functionality and scope of our website and app will be impaired if web storage objects are disabled, as these are necessary for the functionality of the website. These services allow, for example, the display of maps, the playing of videos or the integration of social media content. Personal data may be processed, and cookies may be stored on your device.

   We use the following third-party services to provide interactive content and features on our website:

   • Borlabs Cookie

     Borlabs GmbH, Hamburger Strasse 11, 22093 Hamburg, Deutschland
     Purpose: The technically necessary borlabs cookie stores your consent. No personal data is collected. You can revoke this by deleting the cookie in your browser or by changing your preferences at any time via the cookie banner. When you visit the website again, you will be asked for consent again.

   • Meta (Facebook, Instagram, WhatsApp, Oculus VR)

     Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland.
     Purpose: Integration of social media content and sharing functions.
     Privacy Policy: here
     Cookie Policy: here

   • LinkedIn

     LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland.
     Purpose: To provide social media features and business network integration.
     Datenschutzerklärung: here
     Cookie-Richtlinie: here

   • Google (Google Maps, Google reCAPTCHA, YouTube)

     Google LLC, Gordon House, Barrow Street, Dublin 4, Irland.
     Purpose: Display of interactive maps (Google Maps), security through bot detection (reCAPTCHA), and integration of video content (YouTube).
     Privacy Policy: here
     Cookie-Richtlinie: here

   • Vimeo

     Vimeo Inc., 330 West 34th Street, 5th Floor, New York, NY 10001, USA.
     Purpose: Integration of video content.
     Privacy Policy: here
     Cookie-Richtlinie: here

   • Automattic (Jetpack, WordPress, WooCommerce)

     Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Irland.
     Purpose: Website optimization, analysis, and performance tracking.
     Privacy Policy: here

   By default, all external media services are disabled, i.e. blocked, and require your manual Consent to activation. After activation, data can be sent to the respective third-party providers including possible data transfers outside the EU/Switzerland, subject to the respective privacy policies. You can manage your settings for external media services at any time and withdraw your consent via the cookie settings.

6. Using Hotjar for analytics

   We use Hotjar on our app to better understand how our users interact with our services and to optimize our services as well as the user experience.

   Hotjar allows us to visualize user interactions, which allows us to better understand the user experience and improve our services by identifying issues and friction points. To provide these services, Hotjar uses first-party cookies and other technologies to collect personal information about the behavior of our users as well as their devices on our behalf. This may include personal data such as online identifiers (e.g. device IP address, user ID), identification data (e.g. name, email address if we specifically collect it), technical data (e.g. device type and screen size, browser information), geographical location data (country only), behavioural data (interactions with our website/app such as clicks, taps, scrolling movements) as well as additional personal data that is explicitly submitted through Hotjar.

   This processing of your data is carried out in our legitimate interest to evaluate the use of our learning service and the successful further development of the learning service, as well as to prevent fraud, abuse, etc. in connection with our learning service.

   If you do not want your usage data to be collected for analysis purposes, you can deactivate this in the cookie settings of your browser.

   For more information, please visit the Trust Portal and Hotjar's Privacy Policy.

7. Nutzung von Auth0 zur Authentifizierung / Account Erstellung

   We use Auth0, a service provided by Okta, Inc., based in San Francisco, USA, to enable secure login and management of user accounts. Auth0 allows our users to log in either via a classic registration (email & password) or via single sign-on (SSO) with existing Apple, Microsoft or Google accounts.

   Auth0 uses first-party cookies and other technologies to process personal data on our behalf. This includes:

   • Online identifiers: username, email address, authentication token
   • Technical data: IP address, browser information, operating system
   • Authentication data: time of login, type of login (email/password or SSO), third-party provider used (Apple, Microsoft, Google)

   This data is processed exclusively for secure login, management of user accounts and fraud prevention.

   Since Auth0 is a global provider, data may be processed on servers outside the EU/Switzerland, especially in the US. To ensure the protection of user data, Auth0 relies on appropriate data protection measures, including the EU Commission's Standard Contractual Clauses (SCC) as well as additional security measures.

   Data processing by Google, Apple and Microsoft for SSO login:

   If you log in with Google, Apple or Microsoft via Single Sign-On (SSO), your login data will be processed directly by the respective third party and used for authentication via Auth0. In this case, in addition to our privacy policy, the privacy policies of the respective providers apply:

   • Apple: Privacy Policy
   • Google: Privacy Policy
   • Microsoft: Privacy Policy

   You can manage or remove the permissions and stored data associated with your Google, Apple, or Microsoft account directly in the provider's account settings. If you use Google, Apple or Microsoft to log in, Augmedi will not have access to your password. Authentication is done directly by the respective provider.

   For more information, please see Auth0's Privacy Policy .

8. Using Sentry for Error Monitoring

   We use Sentry, a service of Functional Software, Inc., based in San Francisco, USA, for error monitoring and error analysis in our application. Sentry helps us identify, track, and fix bugs in our code to improve the stability and performance of our website and app.

   Sentry uses first-party cookies and other technologies to collect personal information and help us analyze errors. This includes:

   • Online identifiers: user's IP address, user ID (if any)
   • Technical data: device type, operating system, browser information
   • Error-related data: stack traces, logs, timestamps of error events
   • Interaction data: Usage data required to reproduce and analyze errors
   • Location data: Geographic location (country only)

   This data is used exclusively for error analysis and to improve the stability of our service.

   As Sentry is a global provider, data may be processed on servers outside the EU/Switzerland, especially in the US. To ensure the protection of user data, Sentry relies on appropriate data protection measures, including the EU Commission's Standard Contractual Clauses (SCC) as well as additional security measures.

   For more information, please see Sentry's Privacy Policy .

9. Augmedi Newsletter and Customer Satisfaction Surveys

   If you sign up for our newsletter, you will receive information from us from time to time by e-mail about our company and our products and services, special offers, news, etc. This processing of your data is carried out on the basis of your consent, which you can revoke at any time for the future by sending an e-mail to info@augmedi.com. Of course, our e-mails also contain an unsubscribe link at the end.

   To send our newsletters and email communications, we use Mailchimp, a service provided by Intuit Inc. Mailchimp allows us to analyze the sending and performance of our emails. The following data is processed:

   • Identification data: name, email address
   • Engagement data: open rates, clicks on links, times of interactions, bounces
   • Technical data: Device type, IP address, location (only at country level)

   Mailchimp may store and process data on servers outside the EU/Switzerland, in particular in the USA. The protection of your data is ensured by standard contractual clauses (SCCs) of the EU Commission. For more information, please see Mailchimp's Privacy Policy.

   From time to time, we also invite you to participate in a customer satisfaction survey by e-mail. Participation in such surveys is voluntary, and the question can generally be answered anonymously. To the extent you have the opportunity to provide your name and/or email address, you do so voluntarily and allow us to contact you at a later date to learn more about your experience with Augmedi. You can revoke this consent at any time with effect in the future. Sending the e-mails inviting you to participate in a customer satisfaction survey and sending and evaluating the anonymously fillable survey corresponds to our legitimate interests in improving our products and developing them further in accordance with the wishes of our customers.

10. Augmedi company profiles on social media

    If we create and manage a company profile on social media channels such as Facebook, LinkedIn, Xing, etc., we do this in order to present Augmedi's offer and to be able to communicate with interested parties. If you contact us through this and are a member of the relevant social network, we may receive data that allows us to identify you. We use personal data that you provide to us when communicating with us via these social media channels exclusively for the purpose of processing contact and communication with you.

    As the operator of the company profile pages, we may also be given the opportunity to view anonymous statistics about the interaction of visitors with our profile (insights function). For this purpose, the operators of the social networks record your interactions with our profile pages using cookies and similar technologies. For more information on the data processing by these services or channels, we refer to the privacy policy of the operator of the respective service or channel. The use of company profiles on social media channels as well as the insights functions is based on our legitimate interest in using the site as an information channel about our company. Regarding the insights function, we have a legitimate interest in understanding the visits, uses and interactions with our site in order to be able to further and purposefully improve our appearance. If consent to data processing by the users has been given within the framework of the respective social platform, the processing is carried out on the basis of this consent.

    Please note that we are jointly responsible with the operator of the respective social media channel for the data processing triggered by your visit to our company profile page, but the operators of the social networks may use your data in this context. Also, for its own purposes, which are not reflected in this data protection declaration. It is also possible that data collected about you will be transferred to third countries, in particular the USA. We have no influence on these data processing processes and refer to the data protection declarations of the operator of the respective service or channel.

11. Data integrity

    We take administrative and technical safeguards that we believe are appropriate to protect the confidentiality, integrity, and availability of your personal information.

    The data we collect is stored on secure servers of Microsoft Azure and transmitted in encrypted form (SSL transmission). Microsoft Azure adheres to high security standards and is subject to applicable data protection regulations. You can learn more about Microsoft Azure security policies.

12. Your rights

    You can delete your account with Augmedi at any time. Please follow the instructions in the app.

    As a user of Augmedi or a visitor to our website, you are also entitled to specific rights as a data subject, such as the right to information, data correction and deletion, the right to restriction of data processing or the right to object to data processing. You can revoke your consent to certain data processing, which we have explained in the previous sections, at any time with effect for the future.

    In countries of the EU or the EEA, the data subject has the right in certain cases to receive the data generated when using online services in a structured, commonly used and machine-readable format that enables further use and transmission.

    If you have any concerns, you can contact us at any time at info@augmedi.com. Please note that some of your rights are not absolute and we reserve the right to limit the rights of data subjects to the extent permitted by applicable law and, for example, not to provide a particular information in certain circumstances.

13. Changes to the Privacy Policy

    As we wish to amend this Privacy Policy from time to time, we reserve the right to amend the Privacy Policy. The current version of the Privacy Policy is available at any time on our website and app, and we encourage you to consult our Privacy Policy regularly.

    To the extent that the Privacy Policy is part of an agreement with users of Augmedi or another data subject, we will inform them of the change by email or other appropriate means in the event of an update. If no objection is made within 30 days, the new privacy policy shall be deemed to have been agreed. If objection, we may terminate the agreement in whole or in part extraordinarily and without notice, or limit or adjust our services to the data subject in order to take appropriate account of the refusal of consent.