Data Protection Notice for Mira
1. Responsible person
The online appointment assistant “Mira” is used by medical practices or institutions on their website.
The respective practice or organization is responsible for processing personal data within the meaning of applicable data protection law.
Coorpix AG, Switzerland, provides Mira as a technical platform as part of order processing
2. Purpose of data processing
Mira is used exclusively for administrative support in finding and booking appointments in a structured way.
Mira is not a medical diagnostic system and does not provide medical services.
The information entered during use is used exclusively for administrative allocation and appointment organization.
3. Processed data
In particular, the following personal data may be processed during use:
- First and last name
- birthdate
- address
- email address (e.g. for appointment confirmations)
- Voluntarily entered information about the visit request
The information entered in the chat may contain health-related information. These are processed exclusively for the purpose of administrative appointment allocation.
Mira does not store medical records, makes no diagnoses and does not access existing patient histories.
4. Legal basis
Data processing is carried out:
- as part of the initiation or implementation of a treatment relationship
- based on applicable data protection regulations (in particular RevDSG and — where applicable — GDPR)
Particularly sensitive personal data is processed exclusively for a specific purpose and to the extent necessary.
5. Technical implementation and order processing
The technical provision of Mira is carried out by Coorpix AG as an order processor.
Identification data (e.g. name, date of birth, email address) is processed separately from the content entered.
Identification data is processed on servers in Switzerland. External service providers can be used for certain technical analysis or processing processes. No directly identifying personal data is transmitted in the process.
If data is transferred abroad, this is done in compliance with the legal requirements for international data transfers (e.g. appropriate guarantees or recognized data protection mechanisms).
Personal data will not be passed on to unauthorized third parties.
6. Booking an appointment
If the appointment is successfully selected, the required information is transmitted to the respective practice management system of the practice.
In addition to the identification data, a short administrative note about the visit request is stored, insofar as this is necessary to organize the appointment.
Medical documentation is provided exclusively in the practice management system of the respective institution.
7. Storage period
Chat and interaction data is processed exclusively for technical provision, quality assurance, security and error analysis.
They will be deleted or anonymized no later than 90 days after completion of the respective interaction, provided that no legal storage requirements or documented security incidents require longer storage.
Long-term storage of medical data takes place exclusively in the system of the respective practice.
8. Rights of data subjects
Within the framework of applicable data protection laws, data subjects have in particular the right to:
- information
- rectification
- erasure
- Restricting editing
Requests must be addressed to the respective practice as the responsible body. Further information can be found in the privacy policy of the respective institution.
Data subjects also have the right to complain to the competent data protection supervisory authority.
.svg)
.png)