Privacy Policy of health.tech events GmbH

For readability, gender-specific terms are used generically without implying any gender preference.

We operate our websites in accordance with applicable data protection laws and in line with the principles of data minimisation and data avoidance.

1. Controller and Contact Details

Controller in the sense of the GDPR and applicable national data protection laws:

health.tech events GmbH

c/o VISCHER AG
Aeschenvorstadt 4
4051 Basel
Switzerland
E-mail: hello@health.tech

Website: https://health.tech

At present, no statutory data protection officer is required under GDPR or Swiss law. For all privacy-related inquiries, please contact us via the e-mail above.

2. Definitions

This Privacy Policy is intended to be clear and transparent. Terms used in the GDPR (e.g., “personal data”, “processing”, “controller”, “processor”, etc.) are defined in Art. 4 GDPR.


3. Legal Basis for Processing

We process your personal data only where a legal basis applies:

  • Art. 6(1)(a) GDPR – Consent
  • Art. 6(1)(b) GDPR – Performance of a contract or pre-contractual steps
  • Art. 6(1)(c) GDPR – Legal obligation
  • Art. 6(1)(d) GDPR – Vital interests
  • Art. 6(1)(e) GDPR – Public interest / official authority
  • Art. 6(1)(f) GDPR – Legitimate interests pursued by us or a third party

We specify the applicable legal basis in the respective sections of this Privacy Policy.

4. Disclosure of Personal Data

We only transmit personal data to third parties if a legal basis applies.

Recipients may include:

Processors under Art. 28 GDPR (e.g., IT service providers, hosting partners, CRM providers). All processors are contractually bound to GDPR compliance.

Partners or service providers where necessary to fulfil contractual obligations.

Authorities, where required by law.

We do not sell or commercially trade your personal data.

5. Storage Period and Deletion

We delete or anonymise personal data once it is no longer required for the purposes for which it was collected, unless:

  • statutory retention duties apply,
  • the data is required to establish, exercise or defend legal claims,
  • exceptional circumstances under Art. 17(3) GDPR allow continued storage.

6. SSL Encryption

Our website uses SSL/TLS encryption. You can recognize an encrypted connection by the “https://” prefix and lock symbol in your browser.

7. Cookies

We use cookies and similar technologies on our website.

7.1 Technically Necessary Cookies (Essential Cookies)

These are required to operate the website (e.g., security, load balancing, language settings).
Legal basis: Art. 6(1)(f) GDPR.

7.2 Non-Essential Cookies (Analytics, Marketing, Retargeting)

Placed only with your consent under Art. 6(1)(a) GDPR.
You may revoke your consent at any time, without affecting the lawfulness of processing already performed.

Browser settings can also block cookies, though this may limit website functionality.

8. Collection of Data When Visiting Our Website

When you access our website, your browser automatically sends the following data to our server (log files):

  • IP address of the requesting device
  • Date and time of access
  • Requested file (URL)
  • Referrer URL
  • Browser type/version
  • Operating system
  • Name of access provider

Purposes:

  • Ensuring stable website operation
  • Security and error diagnostics
  • Optimising our service

Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

9. Ordering Event Tickets

If you purchase a ticket for our event, additional data may be collected by our ticketing provider (Vivenu GmbH, Völklinger Strasse 33, 40221 Düsseldorf).
You will be informed separately during the booking process.

10. Newsletter

10.1 Content and Registration

We will send newsletters only if you explicitly subscribe and provide consent (Art. 6(1)(a) GDPR).
Mandatory: e-mail address
Optional: name or other details (for personalisation only)

10.2 Logging

We document:

  • registration and confirmation
  • IP address
  • timestamps
  • changes to your data

This ensures traceability in line with GDPR accountability requirements.

10.3 Revocation

You may unsubscribe at any time via the link in each email or by contacting hello@health.tech

10.4 HubSpot

We use HubSpot, Inc., 25 First Street, Cambridge, MA 02141 USA for sending newsletters and storing newsletter-related data.

Data may be transferred to the USA. We use EU Standard Contractual Clauses (SCCs) to ensure GDPR-compliant safeguards.

HubSpot’s privacy policy: https://legal.hubspot.com/privacy

11. CRM & Marketing Automation with HubSpot

We use HubSpot CRM for:

  • customer and lead management
  • website analytics
  • marketing automation
  • landing page evaluations

HubSpot may process:

  • IP address (shortened in the EU where possible)
  • geographic location
  • browser data
  • visit duration
  • pages viewed
  • UTMs (traffic sources)

Legal basis: Art. 6(1)(a) GDPR for analytics and tracking;
Art. 6(1)(f) GDPR for CRM and operational usage.

12. Third-Party Services

A full overview of all third-party tools, data categories and cookies used on our site can be found at any time in our Cookie Banner.

Legal basis: Art. 6(1)(a) GDPR (consent), unless essential for operation.

13. Rights of the Data Subject

You have the following rights under GDPR:

13.1 Right of Access (Art. 15 GDPR)

Information about personal data processed by us.

13.2 Right to Rectification (Art. 16 GDPR)

Correction of inaccurate or incomplete personal data.

13.3 Right to Erasure (Art. 17 GDPR)

Deletion of your data unless exceptions apply (e.g., legal obligations).

13.4 Right to Restriction of Processing (Art. 18 GDPR)

13.5 Notification Obligation (Art. 19 GDPR)

13.6 Right to Data Portability (Art. 20 GDPR)

13.7 Right to Withdraw Consent (Art. 7(3) GDPR)

13.8 Right to Lodge a Complaint (Art. 77 GDPR)

With a supervisory authority, e.g.:

  • In Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
  • In the EU: your local data protection authority

13.9 Right to Object (Art. 21 GDPR)

  • Always for direct marketing
  • Otherwise if based on legitimate interest

Send your request to: hello@health.tech

13.10 Automated Individual Decision-Making (Art. 22 GDPR)

We do not use automated decision-making that produces legal effects concerning you.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version is available on our website.