We take the protection of your personal data very seriously. Respecting your private sphere and handling your personal data in a trustworthy manner are important to us. We consider it a matter of course to comply with the legal regulations on data protection. Below, we provide you with an overview of how we guarantee the security of your personal data, what data of yours we process, and the purpose for which we process it.
Klinik Gut is responsible for the data processing activities described in this data protection declaration. If you have any questions about this or would like to exercise your rights as a data subject under data protection law, please let us know at the following address:
Klinik Gut AG
Via Arona 34
7500 St Moritz Switzerland
+41 81 836 34 34
We process the following types of personal data:
We process your personal data for the following purposes:
The legal basis for processing your personal data depends on the respective purpose of data processing in each case. In particular, this basis may include:
We process and store your personal data only to the extent and for the duration necessary for fulfilment of our contractual and legal obligations, or otherwise necessary for the purposes pursued via the processing, e.g. for the duration of the entire treatment contract and beyond that in accordance with statutory retention periods (particularly those arising from public legislation on health, or on health and accident insurance) and the duty to keep records. As soon as your personal data is no longer required for the aforementioned purposes or a prescribed retention period expires, it will be deleted or blocked as a matter of course and to the greatest possible extent.
The security of your personal data is important to us. We take appropriate and suitable technical and organisational measures to ensure the security of your personal data and to protect it against unauthorised or unlawful processing and/or accidental loss, alteration, disclosure or access. This includes, among other things, the use of recognised encryption procedures (e.g. SSL encryption). Access to your personal data is only granted to those staff, service providers or partners of ours who need such access for a business-related purpose or to perform their duties.
We also take our in-house data protection seriously. Our staff and the service providers whom we engage are obliged to maintain confidentiality and to comply with the provisions of data protection law. Moreover, they are only granted access to your personal data to the extent necessary.
As a matter of principle, we treat your personal data as confidential and only pass it on if you have expressly consented to this, if we are legally obliged or entitled to do so, or if this is necessary in order to assert our rights, in particular to assert claims arising from the contractual relationship. Here, the legal regulations regarding passing on personal data to third parties are adhered to as a matter of course.
In order to provide our services, to comply with contractual or legal regulations, or for the other purposes mentioned in this data protection declaration, it may be necessary for us to disclose your personal data to the following categories of recipients:
If we engage third parties to provide our services, we take appropriate legal precautions, as well as adequate technical and organisational measures, to ensure protection of your personal data in accordance with the relevant legal regulations.
Disclosure is generally made within Switzerland, or else to recipients either in EU or EEA member states or in other states with appropriate data protection legislation. If we make any disclosure to recipients in other countries, we do so on the basis of recognised guarantees (particularly contractual agreements) or with your consent in individual cases.
You have the right to demand information from us regarding whether we process your personal data and, if so, what data.
You have the right to demand rectification of your personal data if incorrect and the completion of any incomplete personal data of yours in our systems.
You have the right to demand that your personal data be deleted, e.g. when the data is no longer needed for the purposes pursued. However, in cases where we are nevertheless obliged or entitled to retain your personal data due to legal or contractual obligations, we may restrict or block your personal data only to the extent necessary.
You have the right to demand that we restrict the processing of your personal data.
Where applicable, you have the right to obtain, in a structured, common and machine-readable format, any of your personal data that we process automatically on the basis of your consent or for fulfilment of a contract, or to demand the transfer of this data to a third party. If you demand direct transfer of personal data to another responsible party, this will only be done insofar as technically feasible.
You have the right to object to the processing of your personal data at any time in accordance with the legal requirements. In particular, you have the right to object to the processing of your personal data for the purpose of direct advertising.
You categorically have the right to revoke your consent to the processing of your personal data at any time. The revocation will apply from that point onwards.
You also have the right to lodge a complaint with a competent supervisory authority if you believe that the processing of your personal data violates the provisions of data protection law.
Please note that there are applicable exceptions to these rights. In particular, we may need to continue processing your personal data and store it in order to fulfil a contract with you, to protect vital interests of our own (such as the assertion, exercise or defence of legal claims) or to comply with legal obligations. Insofar as legally permissible, we may therefore also reject your data-protection-related requests, e.g. requests for information and erasure, or only comply with them to a limited extent.
When our website is visited, our servers temporarily record each instance of access in a log file. The following user data, device data and personal data are thus collected without any action on your part and stored by our hosting ISP (internet service provider):
This data is collected and processed solely for the purpose of enabling use of our website (connection establishment), to ensure lasting system security and stability, to optimise our website offering and for internal statistical purposes. This constitutes our legitimate interest in processing the data. This data is not combined with any other data sources. In addition, this data cannot be traced back to individual persons. We reserve the right to check this data if definite indications of illegal use come to our attention.
You have the option of contacting us (e.g. via a contact form, by email or telephone, or via social media). In this event, the information you provide is processed for the purpose of handling and processing your query. If a contact form is used, the respective contact form indicates what data is collected. Information marked with (*) is mandatory. All other information can be provided voluntarily by the person making the query.
You can object to this data processing in an email to email@example.com at any time. If you do so, your query will not be processed any further.
Your personal data will be deleted as soon as your query has been dealt with. This is the case if the circumstances indicate that the matter in question has been conclusively clarified and the erasure does not conflict with any legal obligations to retain data.
If you apply for a job with us, we process the personal data that you supply as part of the application procedure. Alongside the details you provide about yourself and about your education, work experience and skills, this includes the usual correspondence data such as postal address, email address and telephone number. Moreover, all documents that you submit in connection with the application, e.g. letter of motivation, curriculum vitae and references, are processed. Applicants can also voluntarily provide us with additional information. This data is only stored, evaluated, processed or forwarded within our organisation in connection with your application. It may also be processed for statistical purposes (e.g. reporting). If this occurs, it is done in such a way that no conclusions can be drawn about individual persons.
Processing may also be carried out by other electronic means. This is particularly the case if you send us relevant application documents electronically, for example by email.
Your application data is processed in order to fulfil our (pre-)contractual obligations within the scope of the application procedure.
You can object to this data processing at any time and withdraw your application. Please send your objection to the email address firstname.lastname@example.org or to the contact person named in the job advertisement.
If we enter into an employment contract with you, the transferred data is stored for the purpose of handling the employment relationship in compliance with legal regulations.
If the application procedure ends without appointment to a position, your personal data will be deleted unless you have given us your consent to use your details for any of our other application procedures and to possibly contact you again. You have the option of subsequently revoking this consent at any time. You can send your revocation to email@example.com or to the email address stated in the job advertisement.
We also process personal data to the respective necessary extent for fulfilment of our contractual and pre-contractual obligations, as well as for provision of other services that you request, as described in this data protection declaration. The personal data processed in this way, and the type, scope and purpose of the processing required in each case, are thus determined by the respective contract arranged with you or the services that you request.
If we store your personal data on the basis of a contractual relationship, this data remains stored for at least the duration of the contractual relationship and for no longer than the duration of the limitation periods for possible claims on our part, or of legal or contractual retention obligations.
In certain cases, we use so-called cookies. These are small text files that are placed and stored on your computer with the aid of a browser. They do not cause any damage to your computer. They cannot execute any programs or transfer any viruses. Cookies serve to make our website more user-friendly, effective and secure.
Most of the cookies we use are what are known as session cookies. These are automatically deleted when you log out or close your browser. Other cookies remain stored on your computer beyond the respective usage session and enable us or our partner companies (third-party cookies) to recognise your browser on your next visit and to ‘remember’ any settings you may have selected (e.g. language, font size and other display preferences) over a certain period of time. If other cookies (e.g. cookies for analysis of your surfing behaviour) are stored, these are addressed separately in this data protection declaration.
Most internet browsers are routinely set to accept cookies. If you do not want this, you can set your browser so that it informs you about the placement of cookies and so that you only allow the acceptance of cookies for certain individual cases or generally refuse them. You can also activate a function that automatically deletes cookies whenever the browser closes. Moreover, you can, at any time, use an internet browser or other software program to delete cookies that have already been placed.
We use so-called tracking tools on our website. These tracking tools monitor your surfing behaviour on our website. This monitoring aids continual optimisation of our website and helps to ensure that its design meets requirements. This involves the creation of pseudonymous usage profiles and the use of small text files stored on your computer (‘cookies’).
Third-party contractors may also use permanent cookies, pixel tags or similar technologies to this end. The third-party contractor does not receive any personal data from us, but can track your use of our website, combine this information with data from other websites you have visited that are also tracked by the third party contractor, and use this knowledge for their own purposes (e.g. to manage advertising). The processing of your personal data by the third-party contractor is then the responsibility of the service provider in accordance with their data protection regulations.
The following tracking tools are used:
Google Analytics is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google states that Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, is responsible for data pertaining to users whose usual place of residence is in the European Economic Area or Switzerland.
We would like to point out that, in order to improve data protection, our website only uses Google Analytics with IP anonymisation activated. Thus, any IP addresses subjected to further processing are in abbreviated form when this occurs. This rules out the possibility of any direct reference to persons during analysis of our website’s usage.
You can prevent storage of cookies by selecting the appropriate setting in your browser software, but please note that if you do this, you might not be able to use the full functionality of this website. Furthermore, if you wish to prevent Google from collecting and processing data, you can do so by downloading and installing the browser add-on available via this link: tools.google.com/dlpage/gaoptout. You can deactivate Google Analytics for display advertising and adjust the advertisements in the Google Display Network by accessing the advertisement settings here: adssettings.google.com.
In addition to this website, we also maintain pages on various social media platforms, which you can access via corresponding buttons on our website. If you visit such a page, personal data may be transferred to the provider of the respective social network. Please note that user data may thus also be transferred to a server in a third country and processed outside Switzerland, the EU or the EEA.
Furthermore, user data is usually processed within social networks for the purposes of market research and advertising. For such purposes, cookies that record users’ usage behaviour and interests are usually stored on the users’ computers. Moreover, data may also be stored in usage profiles regardless of the devices used by the users (particularly if the users are members of the respective platforms and are logged in to them).
For detailed descriptions of the respective forms of processing and the opt-out options, please refer to the following linked data protection declarations and statements from the operators of the respective networks:
Please also note that requests for information and assertions of data subject rights are most effective when lodged with the providers themselves. Only the providers have access to the respective users’ data, and are able to directly take appropriate measures and provide information. Nevertheless, if you require assistance, you are welcome to contact us.
Our website may contain links to other websites that are not operated by us and to which this data protection declaration does not apply. We have no influence over whether the operators of such websites comply with data protection regulations and we therefore accept no responsibility for the accuracy, up-to-dateness or completeness of the information provided there.
We expressly reserve the right to amend or alter this data protection declaration at any time. The version published on our website at the time in question shall apply.
The Klinik Gut is taking enhanced measures to contain the spread of the coronavirus, which include:
Staff, patients, and visitors must wear a face mask at all times inside the hospital.
Patients and visitors will obtain a disposable medical face mask upon entering the building. Other masks are not allowed.
Inpatients and outpatients coming in for surgery will be requested to fill out a form to exclude potential COVID-19 symptoms. Patients cann fill out the form in advance. To download the form, click on the preferred language – English, German, or Italian – or head to the PATIENTS section on our website. Please, bring a printed copy along to the appointment.
Patients with a doctor's appointment will be asked to show a valid COVID certificate or else questioned to exclude COVID symptoms.
Appointments for consultations are spaced out to avoid patients encountering other patients.
We strictly respect social distancing to the extent that patient treatment allows. We show special consideration towards patients who might be at higher risk for severe illness from COVID-19.
Inpatients and out-patients may be accompanied by one person.
Inpatients are welcome to receive visitors (one visitor a day for up to one hour). All visitors must present a valid COVID certificate.
Our restaurant PINOT in Fläsch is open to the public. Guests are required to show a valid COVID-certificate.