We process personal data to provide you with secure access to the Compassana platform using the Compassana app and your user account.
Your personal data and health information will be stored and processed on servers in Switzerland in data centres in the Zurich region using the latest technology, current data protection concepts and encryption technologies.
Please do not hesitate to contact us with any further questions on the subject of data privacy:
Bluespace Ventures AG
Am Stadtrand 11
The Compassana app enables you to handle your health-related activities safely and responsibly.
The Compassana platform and the Compassana app are developed and operated by Bluespace Ventures AG.
You can use the Compassana platform after registering and creating a Compassana user account. For example, you can search for doctors and other medical service providers within the Swiss healthcare system, make appointments, save documents and exchange information, find out about medicines and make use of other additional services.
Your Compassana user account is confidential – you are the only person with exclusive access.
You will remain in full control of your personal data and health information at all times and can give your consent in order to use certain services and withdraw it later. You can delete your Compassana account at any time if you decide later that you do not want to use it.
It is also based on the European General Data Protection Regulation (‘GDPR’), which is the benchmark for strong data protection worldwide.
- what personal data we collect and process;
- for what purposes we use your personal data;
- with whom and why we share your personal data in certain cases with your permission;
- for how long we process your personal data;
- what rights you have in relation to your personal data and how
- you can contact us.
A Compassana user account offers you basic functionality that you can supplement with other third-party services through the Compassana platform.
Personal data is information that can be linked to a specific person.
Processing means any handling of that data, e.g. acquisition, storage, use, disclosure and deletion.
3.1 Bluespace Ventures AG’s responsibility as controller under data privacy law
Under data privacy law, the company responsible for certain data processing is the company that determines whether this processing should take place, for what purposes it is carried out and how it is arranged.
3.2 Data processing with your consent
The Compassana app provides you with an overview of the consents you have provided (‘consents’) and you can revoke them there at any time.
You can delete your user account at any time. Please note that this process is final and that even Compassana cannot restore your data.
3.3. Responsible parties on the Compassana platform
You can use your Compassana user account and the Compassana app to determine for yourself how to manage and disclose your personal data and your health data to third parties.
This means that you can use other third-party Compassana platform services at any time and share service-specific personal data and health information after you have given the necessary consent for the data processing in question.
These services are usually offered and operated by third parties who are responsible for their own data privacy.
We offer some services in direct cooperation with our partners. In these cases, your consent is required for data exchange between our partner and us in order for the processing to occur. In these cases, you can revoke your consent to either party at a later time and contact us or our partner at any time with questions or to exercise your rights when you choose to do so.
4.1. Master data
Master data refers to your basic data, e.g. salutation, name, contact details and date of birth.
We need master data in order to create a Compassana user account for you and then to be able to identify you securely each time you log in.
Master data includes:
- First name
- Last name
- Date and place of birth
Of this master data, which our service partner PXL Vision collects at the time of initial identification (see 5.1 below), we transfer only your first and last name and your date of birth to your Compassana user account.
4.2 Insurance data and single sign on
If you have purchased insurance from an insurance partner connected to Compassana, we are able to process your insurance data in order to offer you specific services based on your personal insurance situation.
- General information about your basic insurance
- The insurance model or the insurance product that the basic insurance relates to
Single Sign On
You have the option of registering with Compassana using the registration details of an insurance account that already exists (‘single sign on’ – SSO). In order to do this, the insurance partner must be connected with Compassana.
In this case, you can log into the Compassana account using the access data for your insurance account and we will receive confirmation that this has been successful. During the registration process, we will provide you with detailed information about the data that will be transferred if you give your consent.
4.3. Health data
Among other things, your Compassana user account enables you to store your personal documents and data containing information about you and your health in a central location.
On the one hand, you can store these documents and data yourself by uploading them to the Compassana app.
On the other hand, you can also have the information to be transmitted to your Compassana user account via third-party applications, insofar as this is technically supported by your healthcare professional.
In the latter case, however, this data is only saved as a copy in your Compassana user account, i.e. the original documents will be retained by the service providers.
Health data includes, for example
- relevant documents such as prescriptions, reports and certificates of incapacity for work;
- medical history and your patient file;
- laboratory results from a medical analysis, information from medical history or readings from an ECG that your doctors upload to the platform with your permission and
- doctor’s prescriptions that you save on the platform yourself.
4.4. Communication data
If you contact our support team regarding a concern, we process the content of the communications that were exchanged and information about the type, time and location of the communication
In certain situations, we may also ask you for proof of identity in order to be able to identify you reliably.
Communication data includes, for example,
- name and contact information such as postal address, email address and telephone number;
- content of emails, written correspondence, chat messages, social media posts, comments on a website, telephone conversations, video conferences;
- information on the type, time and, under certain circumstances, location of the communication;
- proof of identity, such as copies of official ID;
- communications activity data (e.g. date and time of a call or email delivery).
4.5. Telemetric data
In order to ensure that ongoing operations continue, to achieve the high level of security we aim for and to enable us to design and further develop our services in the best possible manner, we automatically collect telemetric data that is generated through the use of the Compassana app and the network and server infrastructure required for this, as well as through the securing of the interfaces with partners.
We use this data for the purposes stated. It is recorded anonymously and is not used to create preferences or profiles.
This technical data includes
- your device’s IP address and other device identifiers (e.g. MAC address);
- identifiers assigned to your device by cookies and similar technologies;
- information about your device and its configuration, e.g. operating system or language settings;
- information on the operating system or browser that you use to access the offering and its configuration;
- information about your movements and actions on our websites and in our app;
- information about your internet provider;
- your approximate location and the time of use; and
- system-side records of access and other processes.
This technical data does not, on its own, allow us to draw any direct conclusions about your identity. We delete the logs (log files) in which this data is recorded regularly in an automated manner.
4.6. Image and sound recordings
Photos, videos or sound recordings can be stored on Compassana if you upload them to Compassana yourself or allow third parties or third-party applications to do so.
5.1 Data processing by PXL Vision (identification)
In order to use Compassana, you must have a Compassana user account. In order to create a secure platform for the exchange of health information and to be able to protect your account in the best possible manner, we rely on a standardised identification process provided by the company PXL Vision:
PXL Vision AG
This data is processed as part of the identification process:
5.1.1. Categories of personal data processed
1. When using the identification function, we collect and process the following data:
- The identification number of your end device (UDID)
- Device type
- Operating system of the end device
- Browser version
- Session cookie (for load balancing)
2. If you initiate and perform a verification process, the following personal data will be collected and processed (identification data):
- Master data Personal ID data – matching the data contained on the ID document: family name, maiden name, first names, doctoral degree, date of birth, place of birth, address, nationality, type of document, expiration date, service and card-specific identification code, country code, information on whether you are over or under a certain age, information on whether a place of residence corresponds to the requested place of residence, religious name, artist’s name, ID document number
- Image data: we collect a photo of both sides of your ID document, your personal photo from the ID or (if applicable and available) from the NFC data of your ID document and the selfie video of your face.
- Special categories of personal data: biometric data such as facial data
5.1.2. Purposes for which the personal data is processed as part of the identification process:
1. Performance of the identification process as part of providing consent: identification data and biometric data such as the ID photo and selfie video to perform the identification and verification process
2. Provision of the contractually agreed service:
- Processing of identification data for comparison with the data you have provided
- Processing of the photos and the selfie video to perform the comparison between the ID photo and the person recorded during use and for comparison of this data with the user data available to us
5.1.3 Automated decision-making
If the identification and biometric data are compared successfully, an automatic decision is made about your identity using the documents you have scanned. This decision is not based on your personal characteristics such as age, gender, interests, or knowledge, but solely on the algorithmic comparison of the image files and the comparison of the identification data. No profiling takes place.
5.1.4. Further provisions
In the context of data processing for identification purposes, you are entitled to all rights as the data subject provided for by law, as set out in item 12 below.
This data is processed by PXL Vision exclusively on servers in Switzerland, which are protected by state-of-the-art technical and organisational measures.
This data is used only for the purposes of identification and is not transmitted to third parties. They will be deleted after one week, during which time they will be temporarily available for any support that is needed for your registration process in the event of any problems.
5.1.5 Data processing by PXL Vision AG as the responsible party
During the identification process, as an option, you can give PXL Vision AG consent to use the data collected via Compassana to improve its recognition processes. This consent is not necessary to continue or complete the identification process.
In this case, PXL Vision AG is responsible for this data processing.
We will obtain your express consent for the disclosure of particularly sensitive personal data to PXL Vision AG. PXL Vision AG uses the data in question exclusively to improve the processes described.
5.2 Data processing by SASIS AG (creation of a Compassana user account)
In order to complete the identification process, we require card and coverage information, which is provided to us by SASIS AG.
SASIS is responsible for this data processing:
In order to keep your insurance data up to date, a query will be made to SASIS AG once or twice per year with your prior express consent to check whether the insurance data uploaded via SASIS AG is still up to date.
If SASIS AG detects a discrepancy, the stored insurance data will be automatically deleted and the Compassana app will prompt you to upload it again (no automatic upload will take place). Consent for repeated queries will be valid until the end of the period of validity of your current insurance card.
5.3 Data processing by SAP Ireland (identity management)
We will share your email address and Compassana password with an identity management service provided by SAP Ireland.
1012/1014, Kingswood Ave, City West Business Campus
- Your email address
- Your password
- Success of the registration process
In these cases, data is disclosed in another country in accordance with Swiss law, see 5.4 below.
5.4 Data processing by the Trifork Group (operations and support)
In order to assist you in support cases and to solve technical and operational problems and to improve our service, we share communications data, technical information and telemetry data with companies in the Trifork Group, which is our technical service provider:
Trifork AG, Neuhofstrasse 10, CH-8834 Schindellegi, Switzerland
netic A/S, Alfred Nobels Vej 25, DK-9220 Aalborg Ø, Denmark
Personal data will only be disclosed in individual cases, insofar as is necessary to resolve support cases and to guarantee technical and operational security and reliability.
Even in these cases, direct access or viewing of your Compassana user account and the health data stored there will only be possible with your express consent in order to be able to provide you with the desired assistance or to enable you to exercise the rights to which you are entitled in accordance with item 12.
In these cases, data is transferred to another country in accordance with Swiss law and the European General Data Protection Regulation on the basis of a ‘data processing contract’ to a state with an appropriate level of protection in accordance with the requirements of the FDPIC. The contract will include standardised processes, coordinated technical and organisational measures and staggered access rights.
6.1 Additional services on the Compassana platform
The Compassana platform offers you a variety of additional services from third parties, which are constantly being expanded.
Depending on the type of specialised service, various personal and health data can be exchanged between your user account and the service provided by the third-party provider or the healthcare professionals participating in the service.
In this case, the Compassana app will request your consent before using the service and, as a function of the system, offers you an overview of the services used and their status with regard to consent.
You will find concrete information on any access requirements in the terms and conditions of use of the third-party providers.
6.2 Third party identification
For individual service providers, further personal information must also be transmitted to their systems for the purposes of identification.
This applies in particular in the case of single sign-on with our insurance partners, in which case you must identify yourself as an insurance customer in order to be able to use certain services in the Compassana app.
6.3 Storage and sharing of medical documentation
You are able to store documents and health information in your Compassana user account for your own reference.
You can also share these documents with a healthcare professional via ‘secure messaging’.
Finally, with the help of the Compassana app, you can also allow a doctor or other service provider to send medical documents (e.g. treatment plans or test results) directly to your Compassana user account via ‘secure messaging’.
This provides you with direct access to your personal health information.
6.4 Secure communications
You can use the ‘secure messaging’ service to communicate with your preferred doctors and other medical service providers at a specific location directly within the Compassana app.
This communication will take place via a secure, encrypted email service that is suitable for the transmission of health information and is provided by Health Info Net AG (HIN) and meets the high level of requirements for a confidential exchange of information relating to health. Bluespace has no influence or insight at all over the content and progress of the communications. We also have no influence on the completeness of the list of locations, the specialists listed there so that they can be contacted or whether they can be reached and are available.
The arrangements regarding your chosen communication partner and their rules relating to possible charges, response times and further processing of the information you send are therefore the only rules that are decisive for you.
- The Compassana app simply provides the communication channel. You are responsible for the concrete exchange of data and the communicated content.
- When using this service, you are dependent on the communication arrangements and regulations of your healthcare professional. This applies in particular with regard to the acceptance of this type of communication, the response time and any establishment of a paid contractual relationship.
- This communication channel is not suitable for urgent communications in the event of an emergency. In this case, please call 144.
- Bluespace will in no way be held liable for the initiation of communication, for any consequential costs resulting from the use of this service (such as the creation of a treatment order) or for it being unavailable or for its availability being delayed or restricted.
- The technical and legal framework conditions of the operating system manufacturer will be decisive and relevant regarding the use of the notification functions on your smartphone (Apple for iOS and Google for Android).
HealthInfo Net AG
Data shared by us with HIN:
- Your Compassana user ID
The communication partner reports back to your Compassana user account:
- Confirmation of the connection or creation of the communication channel
6.4 Doctor search and appointment booking (OneDoc)
OneDoc provides you with a booking platform for healthcare professionals and service providers (HPSPs). As a Compassana user, you can make an appointment directly.
Avenue de Secheron 15
Data transmitted by you to OneDoc:
- Usage data (your search criteria, such as name of the professional or healthcare facility, specialisation, location/postcode)
- Master data (e.g. telephone number and address)
- Registration data (user ID)
- Additional information collected from you, such as comments, appointment requests
The third party will report back the following to your Compassana user account:
- Appointment availability
- Confirmation that appointment has been booked
6.5 Medication search
The medication search provides you with a list of prescription and non-prescription medications with information on their use and composition. The package insert can be accessed digitally.
HCI Solutions AG
3000 Bern I
Data passed on to us by the third-party provider:
The third party will report back the following to your Compassana user account:
- Bar codes for the identification of the medication
7.1 Other purposes
We process data for other purposes relating to the use of the Compassana app and the Compassana platform.
These other purposes include:
- Compliance with laws, guidelines and recommendations issued by authorities and internal regulations (‘compliance’).
- Processing of technical data to ensure and improve the system’s security and the stability of the Compassana platform and the Compassana app. This includes analysis, testing, error checking, troubleshooting and backup copies.
- We also process personal data in order to improve our functions and offerings. For example, on the basis of anonymous data, we analyse which functions are used by which groups of people and how they are used.
- We process your personal data for communication with you, e.g. to answer inquiries and to assert your rights and to inform you in case of queries. For this purpose, we use communications data in particular, if applicable also master data, registration data and, to resolve support cases in connection with the functions and offerings you use, also data that you have exchanged with third-party providers.
- We also process data for market research, marketing, and customer services. For example, we may send you information, advertising, and our product offerings, as well as those of third parties.
- Like most companies, we also personalise communications so that we can provide you with information and offerings that are of interest to you. For these purposes, we use master data in particular, as well as information on behaviour and preferences.
- We also process your data anonymously for other purposes. For example, for risk management, as part of prudent corporate management and for corporate development, as part of our internal processes and administration for training and education purposes, to enforce rights and to defend against claims, as well as to protect other legitimate interests.
If we are not obliged to process or disclose or even to maintain confidentiality under Swiss law, we will ensure that you are informed about the collection and its purposes, as well as any disclosure of personal data and you will be able to grant us your approval.
You can revoke your consent at any time by changing the settings in the Compassana app or by deleting your Compassana user account.
You can also object to the processing of your personal data for marketing purposes at any time by notifying us in writing, this also applies to individual communication channels (e.g. advertising by email only) or for individual advertising campaigns.
7.2 Notifications to authorities
We transmit data to departments, courts and authorities in Switzerland and other countries if we are legally obliged or entitled to do so under Swiss law or if this appears necessary to protect our interests and yours. In these cases, the authorities themselves are responsible for the processing of this data.
Use cases for example are criminal investigations, police measures (protection against violence, combating violence, etc.), supervisory requirements and court proceedings, reporting obligations, pre-judicial and extra-judicial proceedings, as well as statutory obligations to provide information and to cooperate.
Data may also be disclosed if we have to obtain information from third parties or public authorities in order to fulfil the legal claims you have asserted for information, for example to be able to clarify your identity reliably.
In order to be able to measure and improve technical and operational security, the availability and responsiveness and therefore the user-friendliness of the Compassana app and the Compassana platform, we collect technical status and process data in the form of telemetry data.
We use the services of the company DataDog based in New York, USA. Dashboards, automated warnings, visualisations, and specialised metrics are offered as part of an infrastructure monitoring service.
The technical data collected is anonymised and is processed in the European Union by DataDog Ireland in accordance with the European General Data Protection Regulation (‘GDPR’).
13-18 City Quay 1st Floor
Dublin, D02 ED70 Ireland
Data privacy information:
We store and process personal data for as long as
- this is necessary for the purpose of the processing;
- we have a legitimate interest in the storage (e.g. to assert legal claims, for archiving purposes and to ensure IT and system security);
- we are subject to a statutory retention obligation.
The following retention periods apply, although we may deviate from them in individual cases where there is justification:
- Compassana user account: The personal data is stored for the lifetime of your Compassana user account. If you request the deletion of your account, the account and the health data stored in it by you or by third parties will be deactivated immediately and marked for deletion. This will take place within 30 days at the latest. This deletion process cannot be revoked, the deletion is final. If the account is deactivated (e.g. in the event of inactivity or blocking as a result of misuse), the data will be deleted for a maximum period of 24 months.
- Master and contractual data: We generally retain master and contractual data for ten years from the time of the last contract activity or from the end of the contract. In individual cases, this period may be longer if this is advisable for reasons of evidence, as a result of legal or contractual requirements or for technical reasons. Transaction data relating to contracts are generally retained for ten years.
- Telemetry data: Depending on the purpose of the system, technical log data is automatically overwritten at certain intervals of time. We retain the data for a maximum of six months.
- Communication data: Emails, communications via the contact form and written correspondence are generally retained for ten years.
- Image and sound recordings: The retention period varies depending on the purpose. The storage period of health-related image and sound recordings depends on the customer account on which they are stored. If the corresponding customer account is deleted, the recordings will also be irretrievably deleted.
- Health protection concepts: Data for contact tracing is usually kept for a few weeks.
After these periods have expired and if there are no longer any legal or contractual obligations, your personal data will be automatically deleted or made anonymous as part of our usual procedures.
‘Profiling’ means the automated processing of personal data in order to analyse certain aspects or to make predictions, e.g. the analysis of interests, preferences, affinities and habits or to predict likely behaviour or to determine preference data.
The most important areas of application are customer care and our marketing activities.
We implement comprehensive technical and organisational security measures to ensure the security of your personal data, to protect it against unauthorised or unlawful processing and to counter the risk of loss, unintentional modification, unwanted disclosure or unauthorised access.
- The security measures of a technical nature include, for example, the encryption and pseudonymisation of data, logging, access restrictions and the storing of backup copies.
- Security measures of an organisational nature include, for example, instructions to our employees, non-disclosure agreements, risk audits and monitoring.
- We also oblige our platform providers and processors to implement appropriate technical and organisational security measures.
We use modern technical concepts such as security and privacy by design and default, zero trust, encryption on transit & on rest and security in depth for this purpose.
We also have regular security tests performed by independent experts to ensure the actual effectiveness of our security requirements.
Unfortunately, we cannot completely rule out data privacy incidents, especially in the event of force majeure.
In case such incidents occur, we have taken precautions in order to be able to meet our reporting obligations to the authorities and to you quickly and comprehensively.
You have the following rights:
- The right to request information from us as to whether and what data belonging to you we are processing
- The right to have inaccurate personal data corrected
- The right to request the deletion of your personal data
- The right to request that we provide certain personal data in a current electronic format or transmit it to another responsible party
- The right to revoke consent with effect for the future, insofar as processing is based on consent
- The right to receive, upon request, further information that is helpful with regard to the exercising of these rights
- Please note that you must identify yourself to us adequately in order to exercise these rights. These rights must be applicable in each specific individual case. As an exception, we can refuse to allow you to exercise a right if this is necessary to protect other people, to protect interests worthy of protection or to comply with legal obligations.
You can deactivate the receiving of certain offers and information in your user account at any time. You can also unsubscribe from newsletters and other promotional emails by clicking on the relevant link at the end of the email.
Please contact us (➔ item 13) if you want to exercise one of your rights or if you have any questions about the processing of your personal data.
You can contact the supervisory authority responsible for us at any time with any questions and complaints:
Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter, Feldeggweg 1, CH-3003 Bern
You can reach us by post at this address:
Bluespace Ventures AG
Am Stadtrand 11
© Bluespace Ventures AG | Compassana, Dübendorf, 20 April 2023, Version 1.1