Data Privacy Policy

ON@PRO is operated by ASCENSIA Diabetes Care Holdings AG (referred to as “We” in this Policy), who is the “data controller” of your personal data, which means it is responsible for deciding how your personal data is used. This policy (together with the wider Privacy Policy that applies to our website) describes how we collect and use your personal data during your use of our site.

1. Types of data we collect about you

Data you give us

  • Name and email address – this is necessary to enable us to provide you with the service, for example to send you a log-in code, and to ensure we have the correct name to provide you with a certificate after completion.

Data we collect about you automatically

Log Files
Like many other websites, we make use of log files. These files log visitors to the site – usually a standard procedure for hosting companies and a part of hosting services’ analytics. The information inside the log files includes type of device (and its unique device identifier) you use to access our site, internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date/time stamp, referring/exit pages, and possibly the number of clicks. This information is used to analyze trends, administer the site, track users` movement around the site, and gather demographic information. IP addresses and other such information are not linked to any information that is personally identifiable.

Cookies
We use cookies to store information about visitors’ preferences, to record user-specific information on which pages the site visitor accesses or visits, and to personalize or customize our web page content based upon visitors’ browser type or other information that the visitor sends via their browser. Please see our Cookies Policy for more details.

2. Reasons we use your data

We will only use your data if we have a lawful reason. This will be one of the following reasons:

  • It is necessary for a contract you are a party to, or to take steps at your request to enter you into a contract, i.e. to provide you with the services and/or information you have requested (as set out above, and including enrolling on the course, viewing profile history, and making enquiries, managing accounts and certificates); and
  • For our legitimate business interests in operating this website, , for example, to ensure that we understand who uses our site and how our site is used, and to improve our site and ensure it is secure.

We will only use your data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related reason and that reason is compatible with the original purpose.

3. How we share your data

We may share your data with other parties. For example:

  • PHC Group companies. We are part of the PHC Group, so we work closely with other businesses and companies in the Group of companies. We may share certain information with other PHC Group companies (for example, to provide you with products or services, for marketing (if you have agreed to receive marketing), for internal reporting and where those companies provide services to us);
  • Third parties who provide services on our behalf, such as for administrative purposes, including hosting the site;
  • We may share your personal data with our business partners and suppliers in the normal course of business;
  • Any third party after a restructure, sale or acquisition of any PHC company or debt, as long as that person uses your information for the same purposes you originally gave it us for;
  • If we are under a duty to share your data to comply with any legal obligation, or to enforce our agreement with you; and
  • Anyone we transfer or delegate (or may transfer or delegate) our rights or obligations to, as allowed under the terms and conditions of any contract you have with us.

We may also share your personal data with third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our site terms of use or to protect the rights, property or safety of our site, our users, and others.

All our third-party service providers are required to take appropriate security measures to protect your data in line with our policies. We do not allow them to use your data for their own purposes. We permit them to process your data only for specified purposes and in accordance with our instructions. Where your data is shared with third parties, we will seek to share the minimum amount necessary.

4. Where we store or use your data

We may store data collected by the website manually or electronically. The data is stored on our secure servers in Europe or the USA, or in our premises in Switzerland, in accordance with appropriate measures (such as contractual commitments), to meet applicable legal requirements to make sure your personal data is adequately protected.

The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data transmitted to the website and any transmission is at your own risk.

5. Your rights

Under certain circumstances by law you have the right to:

  • request access to your data. This enables you to receive a copy of your data and to check that we are lawfully processing it;
  • request correction of your data. This enables you to ask us to correct any incomplete or inaccurate information we hold about you;
  • request erasure of your data. This enables you to ask us to delete or remove your data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your data where you have exercised your right to object to processing (see below); and
  • object to processing of your data where we are relying on our legitimate interests (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your data for direct marketing purposes.

In some countries you can also:

  • request the restriction of processing of your data. This enables you to ask us to suspend the processing of your data, for example if you want us to establish its accuracy or the reason for processing it; and
  • request the transfer of your data to another party.

If you would like to make a request, please contact: [email protected].

6. Security

We take appropriate security measures to prevent your personal data from being accidentally lost, used, shared, altered, or accessed in an unauthorized way. In addition, we limit access to your personal data to those who have a business need to know, and who agree to protect the data.

Where we have to share your personal data, for example with a supplier, they must keep your personal data confidential and secure and must only use it as instructed by us. For more details, and for any questions or concerns, please speak to the Data Protection Officer, using the details below.

7. Retaining your data

We will keep your personal data for as long as you are signed up to the site. Once our relationship with you has ended (for example, after you decide not to go ahead with the course), we will only keep your personal data for a period of time that is appropriate for the type of personal data, and what we hold it for. We will only keep information that allows us to:

  • maintain business records for analysis or audit purposes;
  • keep to relevant laws;
  • defend or take legal action; and / or
  • deal with any future complaints about the services we have provided.

The period we keep information for is often linked to the amount of time available to bring a legal claim, which in some countries is up to ten years after the relationship has ended. We will keep your personal data after this time if we have to do so to keep to the law, if there are existing claims or complaints that will reasonably require us to keep your information, or for regulatory or technical reasons. If we do need to keep your information for a longer period, we will continue to protect that information.

8. Online Privacy Policy Only

This privacy policy applies only to our online activities and is valid for visitors to our website and regarding information shared and/or collected there. This policy does not apply to any information collected offline or via channels other than this website.

9. Questions?

If you require any more information or have any questions about our privacy policy, please contact our Data Protection Officer at [email protected].

Ascensia Diabetes Care AG Holdings is the ‘data controller’ for your personal data. This means they are responsible for deciding how we can use your personal data. If you are an EU citizen or Regulator, for the purposes of GDPR, the appointed representative is Ascensia Diabetes Care Italy S.r.l and can be contacted by emailing  [email protected].

We are committed to working with you to settle any complaint or concern about privacy. However, if you are not happy with how we manage your complaint or concern, you can complain to the data protection authority of Switzerland using their website, or to your local regulator.

10. Update

We may make changes to this Policy. Any changes will be published and take effect immediately. This Privacy Policy was last updated: August 2024.