General
Based on Article 13 of the Swiss Federal Constitution and the revised Federal Act on Data Protection (revFADP, in force since 1 September 2023), every person has the right to protection of their privacy and protection against misuse of their personal data. Resident AG complies with these provisions. Personal data is treated strictly confidentially and is neither sold to third parties nor passed on without authorization.
Controller
Resident AG
Bahnhofplatz 5b, 8400 Winterthur, Switzerland
info@resi-dent.ch
Data Protection Officer
For data protection matters you can reach our data protection officer Dr. Markus Franke at info@resi-dent.ch.
Processing When Visiting the Website
When you access our website, your browser transmits technically necessary data to the server, including your IP address, the date and time of access, the page requested and information about your browser and operating system. These server log data are processed solely to operate the website securely and reliably (legitimate interest) and are not combined with other data sources. No analysis relating to your person takes place.
Hosting
Our website is hosted by a specialised hosting provider based in the USA. As a processor acting on our behalf, it processes the technically necessary connection data, in particular the server logs. This may involve disclosure of data to the USA. Such disclosure is based on appropriate safeguards, in particular the standard contractual clauses.
Cookies and Consent
On your first visit, a consent banner asks which categories of cookies and external services you wish to allow:
- Necessary (always active): technically required, e.g. to store your cookie choice and for online appointment booking.
- Statistics: audience measurement with Google Analytics, only after your consent.
- Marketing: measuring the success of our advertising with Google Ads, the Meta pixel and Microsoft Advertising, only after your consent.
- External media: embedding of Google Maps, only after your consent.
Without your consent, only technically necessary cookies are set and no statistics, marketing or map services are loaded. Your consent is voluntary and can be withdrawn or adjusted at any time, with effect for the future, via the «Cookie settings» link in the footer.
Your cookie choice itself is stored in a technically necessary first-party cookie («resident_consent») that contains only your category selection and remains valid for around 180 days. No data is stored in local storage. Before you give consent, Google Consent Mode sets no statistics or marketing cookies by default.
Statistics: Google Analytics
If you consent to the «Statistics» category, we use Google Analytics 4 (Google Ireland Ltd., Ireland, and Google LLC, USA) to analyze the use of our website and improve our offering. We use Google Consent Mode: before your consent, no analytics cookies are set and no data is transmitted to Google. Google Analytics truncates the IP address before further processing. This may involve disclosure of data to the USA (Swiss-U.S. Data Privacy Framework, standard contractual clauses). The legal basis is your consent, which you may withdraw at any time with effect for the future.
Marketing: Google Ads, Meta Pixel and Microsoft Advertising
If you consent to the «Marketing» category, we use services to measure the success of our advertising campaigns:
- Google Ads (Google Ireland Ltd., Ireland, and Google LLC, USA): measures which ads lead to appointment bookings or calls. It uses the same Google tag as the statistics function, but the advertising-related analysis takes place only with your marketing consent.
- Meta Pixel (Meta Platforms Ireland Ltd., Ireland, and Meta Platforms Inc., USA): measures the success of our advertising on Facebook and Instagram and enables more relevant ads.
- Microsoft Advertising (Microsoft Ireland Operations Ltd., Ireland, and Microsoft Corporation, USA): measures, via the Bing UET tag, which ads in the Microsoft advertising network (Bing) lead to appointment bookings or calls.
We use Google Consent Mode: before your consent, no advertising cookies are set and no data is transmitted to Google, Meta or Microsoft. This may involve disclosure of data to the USA (Swiss-U.S. Data Privacy Framework, standard contractual clauses). The legal basis is your consent, which you may withdraw at any time with effect for the future. The privacy policies of Google, Meta and Microsoft apply in addition.
Google Maps
To display our locations we embed maps from Google Maps (Google Ireland Ltd., Ireland, or Google LLC, USA). The maps are loaded only once you allow the «External media» category or actively load an individual map. Only then is a connection to Google established, your IP address transmitted and cookies may be set by Google. The Google privacy policy applies in addition.
Google Reviews
On the home page we display selected Google reviews of our practices. These are retrieved when the website is built (at build time) and stored as static content. As a result, no connection to Google takes place when you visit the website and no cookies are set.
Online Booking via Zawin
For online appointment booking we use the Zawin tool (Zawin Software AG, Switzerland). When you use the booking widget, your entries are transmitted directly to Zawin and processed there. The Zawin privacy policy applies.
Contacting Us
If you contact us by email or telephone, we process the information you provide solely to handle your request. We do not use a contact form with its own data submission on this website. The section on Zawin above applies to online appointment booking.
Social Media Profiles
We operate profiles on Facebook and Instagram (Meta Platforms Ireland Ltd., Ireland, and Meta Platforms Inc., USA). Our footer links to these profiles; a connection to Meta is established only when you follow one of these links or visit a profile. If you visit or interact with our profiles, Meta processes your data under its own responsibility and in accordance with its privacy policy; we have no influence over this processing. For the analysis of anonymous statistics about our pages, we and Meta may be joint controllers. The Meta privacy policy applies in addition.
Processing in the Practice
As part of dental treatment, we collect health, identification and billing data. The legal basis is the treatment contract (Art. 31 para. 1 lit. a revFADP). We retain medical records for at least ten years after the last treatment, based on the cantonal health acts and the general statutory retention obligation.
Data is passed on to third parties only:
- to insurers, with your consent, for billing purposes;
- to co-treating specialists, with your consent;
- to authorities, where a statutory duty to disclose exists.
Retention and Deletion
We retain personal data only for as long as necessary for the respective purpose or as required by law:
- Server log data: only for the period required to operate the website securely.
- Cookie consent: around 180 days, after which we ask for your consent again.
- Statistics and marketing data: in line with the retention periods of the respective providers (Google, Meta, Microsoft).
- Medical records: at least ten years after the last treatment (see the «Processing in the Practice» section).
Once the respective period has expired, the data is deleted or anonymized, unless a statutory retention obligation applies.
Data Security
We take appropriate technical and organizational measures to protect your data against unauthorized access, loss or misuse. The website is transmitted exclusively in encrypted form via TLS/HTTPS. In addition, we use security measures such as HTTP Strict Transport Security (HSTS), a Content Security Policy and a restrictive Permissions Policy, and we limit access to personal data to authorized persons. However, absolute security of data transmission over the internet cannot be guaranteed.
No Automated Decision-Making
We do not use automated individual decision-making within the meaning of Article 21 revFADP, and we do not carry out profiling that produces legal effects concerning you or similarly significantly affects you.
Minors
We do not knowingly collect data from minors via this website without the consent of their parents or legal guardians. As part of the dental treatment of minors, we process the necessary data through their legal representatives.
Disclosure Abroad
As described above, data may be disclosed to service providers in the USA (our hosting provider, Google, Meta and Microsoft). In these cases we ensure an adequate level of protection, in particular through the standard contractual clauses and, where the respective provider is certified, through the Swiss-U.S. Data Privacy Framework.
Your Rights
Within the scope of the applicable data protection law, you are entitled at any time to:
- information about the data processed about you;
- correction of incorrect data;
- deletion of your data, unless a statutory retention obligation applies;
- release or transfer of your data in a common format;
- withdrawal of consent given, with effect for the future;
- complaint to the Federal Data Protection and Information Commissioner (FDPIC).
Notice for Persons in the EU
If you visit our website from the European Union or reside there, the EU General Data Protection Regulation (GDPR) may additionally apply. The legal bases for processing are then, in particular, performance of a contract (Art. 6(1)(b) GDPR), your consent (Art. 6(1)(a) GDPR) and our legitimate interest in the secure operation of the website (Art. 6(1)(f) GDPR). In this case you additionally have the right to lodge a complaint with the competent data protection authority of your country of residence.
Contact for Privacy Inquiries
Last updated: 22 June 2026