Colosseum Dental Group Privacy Policy
1. Introduction
In the context of our activities, we collect, hold, use and/or otherwise process personal data. Based on applicable data protection and privacy law, we qualify as the “controller” with respect to the personal data that we process in that context.
Colosseum AG, hereinafter “Colosseum” or “us” and “we”, understands that your privacy is important and that you care about how your personal data is used. We respect and value your privacy and will only collect and use personal data in the manner and for the purposes as described in this document and in a way that is consistent with our obligations and your rights under the applicable legislation and regulations. By using our website (www.colosseumdental.com), sending an inquiry on our Contact Us page, entering into a business relationship with Colosseum and by sharing your personal data with us, you acknowledge that your personal data will be processed in the manner described in this Privacy Policy.
2. Information about us
Colosseum AG is registered with the commercial register of the Canton Zurich, Switzerland, under company number CHE-428.972.946.
Registered address: Talstrasse 70 | CH-8001 Zurich, Switzerland
Email address: dataprotection@colosseumdental.com
Postal Address: Colosseum AG, Group Privacy Officer, Talstrasse 70, CH-8001, Zürich, Switzerland
This Privacy Policy covers our activities on headquarter level. This Privacy Policy does not cover our activities with respect to (i) job applicants, (ii) the activities of our country organizations with respect to business development, or (iii) our clinics in connection with our patients. The relevant privacy policies on these topics can either be found at the “Governance” section on our website or on the local website of the respective Colosseum country organization.
3. What does this Privacy Policy cover and whose personal data do we process?
This Privacy Policy is intended to ensure compliance with European and Swiss privacy regulations and is relevant for anyone whose personal data we may process in the context of our (business) activities, including but not limited to:
- partners;
- dentists who are interested in selling their practice to Colosseum;
- directors, authorized representatives, employees and/or (other) contact persons of our current and former professional advisers, consultants and service providers;
- users of our corporate website (www.colosseumdental.com).
This Privacy Policy explains on what legal basis we may process your personal data and:
- what personal data we collect;
- for what purposes and how we may use/process such personal data;
- how we collect the personal data;
- how we store the personal data;
- for what period we store the personal data; and
- what your rights are under the applicable data protection and privacy legislation.
In view hereof, we encourage you to carefully read this Privacy Policy. From time to time, we may need to update this Privacy Policy. This may be necessary, for example, if the law changes or if we change our business in a way that affects the way we process personal data. The most recent version of this Privacy Policy will always be available on our website www.colosseumdental.com in the “Governance” section.
4. What personal data do we collect and how do we collect this personal data?
If we collect your personal data, we may collect information about you in various ways:
- when you provide us with your personal information by means of a contact form or when a contact person provides his/her personal data by email or by means of a business card;
- when you contact us or one of our group companies in case you are interested in selling your practice to Colosseum or one of its affiliates;
- when you visit our website www.colosseumdental.com and use the contact form and contact information provided on this website to get in touch with us; on our corporate website we only use session cookies to enhance the experience when you browse the website;
- when we enter into a business relationship and you provide us contact details;
- from other companies of the Colosseum group;
- from public sources such as the trade register or your website.
We may collect or process some or all of the following personal data:
- Names
- Contact details, including but not limited to addresses, telephone numbers and email addresses
- Position/job title
- Signatures
- Business/company information
- Excerpts of registers (public or not, for example, excerpts from the commercial register)
- Payment information/bank account details
5. Purposes for processing
We will use the personal data described above for the following purposes: to identify you, to three supply services to you, to enter into a contract with you and for the performance of these contracts, to contact you/to communicate with you, for example via email correspondence and/ or telephone calls, to send you our invoices, to collect debts, to deal with possible disputes, to establish, defend and exercise our (legal) position, for business continuity, for a possible transaction with respect to your dental clinic. If you contact one of our local representatives listed on our website, please also check the website of our local affiliate for more information on how your personal data is processed.
If any kind of processing is based on your consent, we hereby inform you that you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
6. How long will we keep your personal data?
We will not store or keep your personal data for a longer period than is necessary in light of the purposes for which we process them (please refer to the purposes listed above in paragraph 5). Only where we are legally obliged to, or where this is necessary for defending our interests in the context of judicial proceedings, we will store the personal data for longer periods. Generally, Swiss law requires us to store business relevant and critical information for a period of at least ten years.
7. How do we protect your personal data?
We have implemented the necessary administrative, technical and organizational measures for ensuring a level of security appropriate to the specific risks that we have identified. We protect your personal data against destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed.
Further, we seek to ensure that we keep your personal data accurate and up to date. However, you are responsible for this and we kindly request that you inform us of any changes to your personal data (such as a change in your contact details).
8. Do we transfer and/or share your personal data?
In the context of the purposes as listed above, we may share your personal data with third parties in the following situations:
- We may share your personal data with other group companies of the Colosseum group for the following purposes: for performing a contract that is to the benefit of the whole Colosseum group, for administrative purposes, for quality management, if a possible transaction concerns a specific country where a Colosseum group company operates in. For an overview of the different locations where Colosseum is present, please visit colosseumdental.com/who-we-are.
- In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of insurers or a government authority such as data protection authorities. • We may engage third parties to process the personal data on our behalf (for example providers of certain IT applications that we use in the context of our activities or for assistance in our procurement activities). We will enter into the required contractual arrangements with those parties to ensure lawful and fair processing of your personal data on our behalf.
- We may also transfer personal data in the event of the sale or transfer of all or any part of Colosseum’s business.
Where relevant, we will implement safeguards to ensure the protection of your personal data when disclosing your personal data to a third party. For example, we will enter into data processing agreements with relevant parties (providing for restrictions on the use of your personal data and obligations with respect to the protection and security of your personal data).
As a general rule, we do not share your personal data as set out above with other parties located in countries outside the EU and Switzerland. This may, however, be different in the event that we engage service providers in a country located outside the EU and Switzerland. In such case, we will ensure that adequate measures are taken to ensure adequate protection of your personal data in accordance with applicable data protection legislation. Generally, we will enter into the Standard Contractual Clauses (as approved by the European Commission and recognized by the Federal Data Protection and Information Commissioner) with the recipient of your personal data. With respect to third parties located in the United States, we will enter into these Standard Contractual Clauses, unless the third party is part of the Privacy Shield. You may contact our Group Privacy Officer (see below) if you wish to obtain a copy of the Standard Contractual Clauses entered into or insight in other adequate measures taken.
9. Can I access my personal data?
If you want to know what personal data we have of you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “data subject access request”. All such requests must be made in writing, contain verification of your identity and be sent to the email or postal addresses shown in paragraph 12 below. In principle, there is no charge for a subject access request. If your request is manifestly unfounded or excessive (for example, if you have already been provided with the requested information in the twelve months prior to the application and have no legitimate interest in the further provision of information), a fee may be charged to cover our administrative costs in responding. We will respond to your subject access request within 30 days after receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months after the date on which we received your request. In this case you will, of course, be kept fully informed of our progress.
10. What are your other rights?
Under certain circumstances you have the right to:
- receive additional information regarding the processing of your personal data;
- rectify your personal data;
- the erasure of your personal data;
- object to (part of) the processing of your personal data;
- the restriction of (part of) the processing of your personal data.
Finally, you also have the right to lodge a complaint with the competent local data protection authority. In Switzerland, the competent data protection authority is the Federal Data Protection and Information Commissioner:
Office of the Federal Data Protection and Information Commissioner FDPIC Feldeggweg 1 CH - 3003 Berne
11. Automated decision making and profiling
We do not undertake any automated decision making or profiling.
12. Cookies
On our corporate website www.colosseumdental.com, we use certain cookies. Cookies are small pieces of data or text files that are stored on your computer or mobile device via your browser. These cookies can be used to make your website experience more efficient. You decide whether or not you give us your permission by using the cookie button that immediately appears on your screen when you visit our website.
Our website uses so-called session cookies, which we use to ensure that you are recognized when you move from page to page within our website and that any information you have entered is remembered. We also use Google Analytics, a web analytics service provided by Google, Inc., which helps us to measure how users interact with the content of our website.
All major internet browsers offer the option to manage the cookies that were installed on your computer or mobile device. In case you do not wish that this Website places cookies on your computer, you may limit or delete these easily by adjusting your mobile or browser settings. In addition, you can set you mobile or browser settings in such a way that you get a notification every time you receive a cookie on your computer or mobile device, so that you can decide whether you wish to accept this cookie or not. Please note that when you disable certain cookies of which we are making use, the possibility exists that certain parts of our Website will no longer function properly, and you will no longer enjoy an optimal user experience.
13. Contact details
To contact us about anything related to your personal data and/or data protection, including exercising your data subject rights as discussed above in paragraphs 9 and 10, in particular your right to object, please use the contact details below:
For the attention of: Group Privacy Officer
Email address: dataprotection@colosseumdental.com
Postal address: Colosseum AG, Talstrasse 70, CH-8001, Zürich, Switzerland