Data protection

Privacy Policy

The Philae Center places the highest priority on protecting the privacy and security of the personal data of its patients and website visitors. This policy explains what data we collect, why we collect it, how we protect it, and what your rights are.

Last updated: May 2026

1. Legal Framework

We comply with the revised Federal Data Protection Act (nLPD), which has been in effect since September1, 2023, its implementing ordinance (OPDo), and, where applicable, the General Data Protection Regulation (GDPR) for individuals residing in the European Union.

2. Data Controller

The data controller within the meaning of the nLPD is:

Entity
Centre Philae — Solen Duclos
Sole Proprietorship
Addresses
Chemin de la Joliette 2, 1006 Lausanne
Rue Saint-Laurent 19, 1003 Lausanne
Phone
078 213 95 98
E-mail
info@centre-philae.ch

If you have any questions regarding the protection of your personal data or wish to exercise your rights, please contact us at the address above.

3. Categories of data collected

We collect only the data necessary to provide our services:

  • Personal information: last name, first name, date of birth.
  • Contact information: mailing address, email address, phone number.
  • Health data: medical information relevant to treatment, prescriptions, and medical history.
  • Administrative and billing information: details regarding your health and accident insurance, and reimbursement information.
  • Technical and browsing data: IP address, browser type, pages viewed, session duration, cookies.

Sensitive data

Health data constitutes sensitive data within the meaning of Article 5(c) of the new Data Protection Act (nLPD) and is subject to enhanced protection: access is restricted to authorized personnel, data transmission is encrypted, and traceability is ensured.

Data sources

  • Directly with you: scheduling appointments, filling out forms, communicating by phone, email, or in person during consultations.
  • Automatically: when you visit the site, through cookies and third-party tools (see §9).
  • To authorized third parties: prescribing physicians, insurers, to the extent necessary for your care.

4. Purposes of the processing

Your data is processed for the following purposes:

  • scheduling appointments and consultations;
  • the delivery and monitoring of physical therapy and wellness treatments;
  • communication with your prescribing physician and continuity of care;
  • billing for services and managing relationships with insurers;
  • responding to your inquiries and communicating with you;
  • compliance with our legal obligations (maintaining patient records, accounting);
  • to improve our services and the functioning of the website (anonymized statistics).

5. Legal Basis for Processing

The processing of your data is based on:

  • your consent, which may be revoked at any time;
  • the performance of a contract or pre-contractual measures (scheduling appointments, therapeutic follow-up);
  • compliance withlegal obligations (retention of patient records, requirements under the LAMal and Vaud cantonal law);
  • the legitimate interest of the Philae Center in ensuring the security and proper functioning of its website, without infringing on your fundamental rights.

6. Recipients and Data Sharing

Your data is never sold, rented, or transferred for commercial purposes. It is accessible only to authorized personnel and shared only when necessary:

  • Healthcare and administrative staff at the Philae Center, who are bound by professional confidentiality;
  • Prescribing physician, to ensure continuity of care;
  • Health and accident insurers (KVG, UVG, supplemental insurance), as well as, where applicable, disability insurance (DI). These insurers are responsible for their own data processing and are subject to their legal and confidentiality obligations;
  • Technical service providers (subcontractors) who are contractually bound by confidentiality and security obligations.

Key subcontractors

Medioline & Medidata
Service Management and Billing (Physicians' Fund)
Agenda.ch
Book an appointment online
Microsoft OneDrive
Secure storage of administrative documents
HIN.ch
Encrypted exchange of medical information with physicians, in compliance with Swiss standards

This list is subject to change. Any sharing of information beyond what is necessary for the provision of our services and the reimbursement of your medical expenses requires your prior explicit consent, particularly with regard to health data.

7. Hosting and Data Transfers

Administrative and medical documents stored via Microsoft OneDrive/365 are hosted in data centers located in Switzerland. The Philae Center ensures that appropriate contractual and technical safeguards are in place to govern all access to this data.

Certain other tools, including web analytics solutions (Google Analytics, Google Ads), may involve the transfer of data to countries outside Switzerland or the European Union, particularly the United States. In such cases, the Philae Center ensures that appropriate safeguards are in place to guarantee an adequate level of protection in accordance with Articles 16 and 17 of the nLPD.

8. Shelf life

Your data is retained only for as long as necessary to fulfill the purposes for which it was collected:

  • Patient records and health data: for at least 10 years from the date of the last treatment, in accordance with Swiss legal requirements (Art. 40 of the Health Insurance Act and Vaud cantonal law);
  • Billing data: 10 years (accounting requirements);
  • Requests submitted via form or email: retained for the duration of the request processing, then deleted;
  • Technical data (logs, cookies): between 13 and 25 months, depending on the tool in question.

After these periods, the data is permanently deleted or anonymized.

9. Cookies and Similar Technologies

Our website uses cookies to:

  • Essential cookies: ensure the website functions properly (no consent required);
  • Analytics and advertising cookies: to measure traffic and improve the user experience through Google Analytics and Google Ads (subject to your prior consent).

During your first visit, a consent banner allows you to accept, decline, or customize your preferences. You can change your settings at any time via this banner or your browser settings. Declining non-essential cookies does not affect your access to the site’s main features.

10. Data Security

The Philae Center implements appropriate technical and organizational measures to protect your data against unauthorized access, loss, alteration, or disclosure, including:

  • secure connection (HTTPS) throughout the site;
  • encryption of medical communications via HIN.ch;
  • access to data is strictly limited to authorized personnel;
  • hosting with providers that offer adequate security guarantees;
  • raising staff awareness of professional confidentiality and data protection.

11. Your rights

In accordance with the nLPD (and the GDPR, if applicable), you have the following rights:

  • the right toaccess your personal data;
  • the right to have inaccurate or incomplete data corrected;
  • the right toerasure, subject to legal retention obligations;
  • right toobject to processing;
  • right to restriction of processing;
  • the right to data portability;
  • the right to withdraw your consent at any time, without retroactive effect;
  • the right not to be subject to an automated decision that produces legal effects concerning you.

To exercise these rights, please contact us at info@centre-philae.ch. We may ask you to provide proof of identity to prevent disclosure to unauthorized third parties. We generally respond within 30 days.

12. Changes to this policy

The Philae Center reserves the right to modify this policy at any time to bring it into line with legal, regulatory, or technical changes. The date of the last update is shown at the top of the document. In the event of a substantial change, you will be notified via the website.

Legal Notice Terms and Conditions Contact