Privacy Policy

neuropsychiatricum ahmad & van der staay

1. Controller and Contact

neuropsychiatricum ahmad & van der staay
Ringstrasse 18a
8600 Dübendorf, Switzerland
Email: info@neuropsychiatricum.ch

If you have any questions about how we process your personal data or wish to exercise your data protection rights, please contact us at the address above.

2. Scope and Legal Basis

This privacy policy explains how we collect, process, and protect your personal data in accordance with the Swiss Federal Act on Data Protection (nDSG/FADP), the Ordinance on Data Protection (DPO), and, where applicable, the European General Data Protection Regulation (GDPR).

We process personal data on the following legal bases:

  • Your consent (Art. 6 para. 6 nDSG; Art. 6(1)(a) GDPR)
  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
  • Compliance with legal obligations, in particular medical record-keeping duties under Swiss cantonal health legislation and federal law (Art. 6(1)(c) GDPR)
  • Legitimate interests, provided your interests do not override ours (Art. 6(1)(f) GDPR)
  • Protection of vital interests of the data subject (Art. 6(1)(d) GDPR)

3. Categories of Personal Data Collected

We may collect and process the following categories of personal data:

  • Identity data: first name, last name, date of birth, gender
  • Contact data: postal address, email address, telephone number
  • Insurance data: health insurance details, insurance number, policy information
  • Health data: medical history, diagnoses, treatment plans, clinical notes, prescriptions, referral correspondence, laboratory results (sensitive personal data under Art. 5(c) nDSG)
  • Financial data: billing information, payment records
  • Technical data: IP address, browser type, device information, access times (when using our website)

4. Purpose of Data Processing

Your personal data is processed exclusively for the following purposes:

  • Provision of psychiatric, psychotherapeutic, and neurological medical care
  • Scheduling and management of appointments
  • Billing, invoicing, and processing of health insurance claims
  • Communication with referring physicians and other healthcare providers involved in your care
  • Compliance with statutory obligations, including medical record-keeping (10-year retention under Swiss cantonal law), reporting duties, and quality assurance
  • Operation, security, and improvement of our website

5. Processing of Sensitive Data

Health data constitutes sensitive personal data (besonders schützenswerte Personendaten) under Art. 5(c) nDSG. We process this data solely for the purpose of providing medical care and only with your explicit consent or where required by law. Health data is subject to medical confidentiality (Berufsgeheimnis) under Art. 321 of the Swiss Criminal Code.

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients, only to the extent necessary:

  • Healthcare providers: referring physicians, specialists, laboratories, and hospitals involved in your care
  • Health insurers: for billing and claims processing
  • IT service providers: hosting, maintenance, and support of our practice management systems (bound by data processing agreements)
  • Public authorities: where required by law (e.g., cantonal health authorities, FOPH)

We do not sell your personal data. We do not transfer data outside of Switzerland unless adequate data protection is ensured (Art. 16 ff. nDSG) or appropriate safeguards are in place.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes described above or as required by law:

  • Medical records: minimum 10 years after the last consultation, in accordance with cantonal health legislation of the Canton of Zürich
  • Billing records: 10 years in accordance with Swiss commercial law (Art. 958f CO)
  • Website log data: maximum 12 months

After the applicable retention period, data is securely deleted or anonymised.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, or destruction, in accordance with Art. 8 nDSG. These measures include:

  • Encryption of electronic records and communications
  • Access controls restricted to authorised clinical staff
  • Secure storage of paper records in locked facilities
  • Regular security reviews and updates
  • Use of HIN (Health Info Net) encrypted email for medical correspondence

9. Your Rights

Under the Swiss Federal Act on Data Protection (nDSG) and, where applicable, the GDPR, you have the following rights:

  • Right of access: You may request information about whether and which personal data we process about you (Art. 25 nDSG)
  • Right to rectification: You may request the correction of inaccurate personal data
  • Right to deletion: You may request deletion of your data, subject to statutory retention obligations
  • Right to data portability: You may request your data in a commonly used electronic format (Art. 28 nDSG)
  • Right to object: You may object to the processing of your data in certain circumstances
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise your rights, please contact us in writing at the address above. We may request proof of identity before processing your request.

10. Website Analytics

Our website may use cookies and third-party analytics services (such as Google Analytics) to analyse usage patterns and improve our services. These tools may collect anonymised technical data such as IP addresses, browser type, and pages visited. No personally identifiable health information is collected through the website. For further details, please refer to our Cookie Policy.

11. Supervisory Authority

If you believe that the processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority:

Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1
3003 Bern, Switzerland
www.edoeb.admin.ch

12. Changes to This Privacy Policy

We reserve the right to update this privacy policy at any time. The current version is always available on our website. We recommend reviewing this page periodically.

Last updated: March 2026

Terminanfrage
Scroll to Top