Skip to main content

Privacy policy

This privacy statement was last updated on 25. July 2023 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.

In this privacy statement, we explain what we do with the data we obtain about you via https://www.barbarabauer.ch/en/. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose, data and retention period

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

2. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy

3. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

We have concluded a data Processing Agreement with Google.

Google may not use the data for any other Google services.

The inclusion of full IP addresses is blocked by us.

4. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

5. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

6. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

7. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:

  • You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
  • Right of access: You have the right to access your personal data that is known to us.
  • Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
  • If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
  • Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
  • Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

8. Submitting a complaint

If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Data Protection Authority.

9. Contact details

Barbara Bauer
Hypnotherapy & Coaching
Dorfstrasse 4
6318 Walchwil
Switzerland
Website: https://www.barbarabauer.ch/en/
Email: bb@barbarabauer.ch
Phone number: +41 76 570 8414

Annex

WPML

WPML uses cookies to determine the visitor’s current language, the last language visited and the language of users who have logged in. While you are using the plugin, WPML will share data relating to the site via the installer. This will not share any data from the user themselves.

WPML Translation Management

WPML Translation Management will send the email address and name of each manager as well as the assigned translator and the content itself to the advanced translation editor and translation services used.

WPML Media Translation

WPML Media Translation will send the email address and name of each manager, the assigned translator, and the content itself to the enhanced translation editor and the deployed translation services.

WPML String Translation

WPML String Translation will send all strings to WPML’s advanced translation editor and to the assigned translation services.

Complianz | The Privacy Suite for WordPress

This website uses Complianz’s Privacy Suite for WordPress to collect and record browser- and device-based consent. For this feature, your IP address is anonymised and stored in our database. This service does not process any personally identifiable information and does not share any data with the service provider. For more information, please see the Complianz Privacy Policy.

LiteSpeed Cache

This website uses caching to provide faster response time and a better user experience. Caching potentially stores a duplicate copy of each web page displayed on this website. All cache files are temporary and are never viewed by third parties unless necessary to obtain technical support from the cache plugin provider. Cache files expire on a schedule set by the website administrator, but may be deleted by the administrator before their natural expiry date if necessary. We may use QUIC.cloud services to temporarily process and cache your data. https://quic.cloud/privacy-policy/ contains more information.

Supplementary privacy policy for sessions at the Praxis für Hypnosetherapie & Coaching Barbara Bauer

With this Supplementary Data Protection Statement the Office for Hypnotherapy & Coaching, Barbara Bauer (hereinafter referred to as “we” or “us”) informs data subjects how we collect and further process personal data and provides information about the rights to which the data subject is entitled. 

Our offer is aligned with the EU-General Data Protection Regulation (EU-GDPR), the Swiss Data Protection Act (DPA), and the revised Swiss Data Protection (revDPA). 

  1. Responsible for data processing and contact person for data protection concerns

Barbara Bauer – Hypnotherapy & Coaching
Dorfstrasse 4 – 6318 Walchwil
+41 76 570 8414
bb@barbarabauer.ch

  1. What personal data do we ask for?

We ask for personal data which is evident to the data subject. This is all information that relates to an identified or identifiable person. It includes master data and contact data of clients (name, telephone number, address, e-mail address, date of birth for coding in billing). In addition, data on health, for example, emotional state, social environment, privacy, records of the course of therapy or coaching, symptom descriptions, reactions, diagnoses, and medical information from referring physicians and therapists.

  1. Who do we pass on the personal data to?

In individual cases, it is also possible that we may pass on personal data to other third parties for their purposes, for example, if the data subject has given us his or her consent or if we are legally obliged or entitled to pass it on. In these cases, the recipient of the data is a separate controller under data protection law. These include, for example, the following cases:

  • referral to hospitals or other inpatient facilities;
  • disclosure of information about your state of health to your relatives, subject to professional secrecy;
  • communicating information about your health status to other healthcare providers;
  • transfer of invoices for proper accounting.

Of course, we comply with the provisions of professional secrecy insofar as they apply. In addition, we reserve the right to pass on the data within the meaning of this section 3. If, in the course of our professional activities, the data subject wishes to entrust us with information about himself or others that we treat differently than listed in section 3 or which is subject to special confidentiality and which is not already covered by professional secrecy, we ask you to inform us in advance so that we can examine this matter and, if necessary, take the necessary security measures.

  1. Processing of personal data

The processing of personal data is in accordance with Swiss data protection law. In all other respects, we process personal data – to the extent and to the extent that the EU GDPR is applicable – in accordance with the legal basis in connection with Art. 6 (1) GDPR.

We process personal data for the duration necessary for the respective purpose or purposes. In the case of longer-term storage obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.

Processing according to the revDPA includes any handling of personal data such as procurement, storage, use, processing, disclosure, archiving, and deletion of data, regardless of the means and procedures used.

The following principles apply to the processing of personal data:

— The processing of personal data is generally lawful if the applicable legal system and data protection requirements are complied with.

— In connection with the processing of personal data, doctors and therapists have a duty to inform and inform patients and clients (hereinafter referred to as “data subjects”). You must inform the data subjects about the data processing in an understandable manner about the purpose for which the personal data is collected and processed and to which categories of recipients the data is passed on.

— For this purpose, we use a corresponding information form for sufficient information, which is signed by the persons concerned after the preparatory meeting, confirming that they have understood the information on data protection and agree to the therapy / coaching.

— The collection and the purpose of the processing shall be transparent and shall be carried out in good faith. If the data acquisition and the purpose of the processing are not apparent to the data subject, he or she must be informed. Good faith also means that the data will only be processed in the way that the data subject can expect.

— The processing of personal data is proportionate. Proportionality is given if the processing is limited to the data that is suitable and necessary for the performance of the task or the achievement of the stated purpose. Furthermore, proportionality means that personal data is only stored for as long as it is actually required for the performance of the task or as long as a legal obligation to retain it requires. If personal data is no longer needed and there is no legal obligation to retain it, it will be irrevocably deleted.

— The processing is appropriate. The expediency is given if the processing of personal data is only carried out for the purpose that was defined and specified when the data was obtained.

— If the personal data is incorrect, it will be corrected or deleted.

— In order to protect the personal and fundamental rights of data subjects, personal data are protected against unauthorised access, alteration and loss. Barbara Bauer’s office has taken appropriate technical and organizational measures for data security. The technical and organizational measures to be selected are generally based on the risk. In doing so, the requirements for data security in accordance with the current law are observed.

  1. Every data subject has the right to:

Right to confirmation

Every data subject has the right to request confirmation as to whether personal data concerning data subjects are being processed.

Right to information 

Any person affected by the processing with personal data has the right to obtain at any time and free information from the person responsible for data protection (here: Barbara Bauer) about the personal data stored about him or her and a copy of this information. 

Furthermore, the data subject has a right to information as to whether personal data has been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.

Right to rectification

Any person affected by the processing of personal data has the right to request the immediate rectification of inaccurate personal data concerning him or her. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.

Right to erasure (right to be forgotten)
Any person affected by the processing of personal data has the right to obtain from the controller (here: Barbara Bauer) the erasure of personal data concerning him or her without undue delay, provided that one of the following reasons applies and insofar as the processing is not necessary:

  • the personal data have been collected or otherwise processed for purposes for which they are no longer necessary;
  • the data subject withdraws his or her consent on which the processing was based and there is no other legal basis for the processing;
  • the data subject objects to the processing for reasons arising from his or her particular situation and there are no overriding legitimate reasons for the processing, or the data subject objects to the processing in the case of direct marketing and related profiling;
  • the personal data have been processed unlawfully;
  • the deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the person responsible is subject.

If one of the aforementioned reasons applies, and the data subjects wish to request the erasure of personal data stored by the controller (here: Barbara Bauer), the data subjects may contact the controller at any time. Barbara Bauer shall promptly ensure that the erasure request is complied with immediately.

Right to restriction of processing 

Any person affected by the processing of personal data has the right to obtain from the controller (here: Barbara Bauer) restriction of processing if one of the following conditions is met:

  • the accuracy of the personal data is contested by the data subject, for a period of time that enables the controller to verify the accuracy of the personal data;
  • the processing is unlawful, the data subject rejects the deletion of the personal data and instead requests the restriction of the use of the personal data;
  • the controller no longer needs the personal data for the purposes of processing, but the data subject needs them to assert, exercise or defend legal claims;
  • the data subject has objected to the processing for reasons arising from his or her particular situation and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

If one of the above-mentioned conditions is met and you wish to request the restriction of personal data stored by the controller, you can contact Barbara Bauer at any time.

Right to data portability

Any person affected by the processing of personal data has the right to receive the personal data concerning him or her in a structured, common and machine-readable format. He or she also has the right to have this data transmitted to another person responsible if the legal requirements are met.

Furthermore, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.

To assert the right to data portability, you can contact the person responsible (here: Barbara Bauer) at any time.

Right to object 

Any person affected by the processing of personal data has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her.

The controller (here: Barbara Bauer) shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.

Right to revoke consent under data protection law 

Any person affected by the processing of personal data has the right to revoke their consent to the processing of personal data at any time. 

  1. Amendments

We may amend this Data Protection Statement at any time without prior notice. The current version published on our website applies. To the extent that the Data Protection Statement is part of an agreement with you, we will inform you of the change by e-mail or other appropriate means in the event of an update.

The form for signing after the preliminary conversation can be found here.