Privacy & Cookies Policy

Data privacy is of high importance for Hero AG and we want to be open and transparent with our processing of your personal data. We therefore have a Policy setting out how your personal data will be processed and protected. In each chapter, we describe in even more detail what personal data we have about you, how we use it, and which are your rights.

Who is the controller of your personal data?
The Swiss company Hero AG, with registered office at Karl Roth – Strasse 8, 5600, Lenzburg, Switzerland, is the controller of the personal data you submit to us and it is responsible for your personal data under the applicable data protection law.

Why do we use your personal data?
When you sign up to receive a Newsletter we ask for your email address, furthermore you can edit your profile providing additional personal information as full name, password, language preferences, professional title, company / hospital where you work and your profession.

We will use your personal data to process your registration to this website, provide you with any marketing materials you have consented to receive (unless you subsequently inform us that you do not wish to receive such information).

Apart from the personal data you directly provide us we also collect other information when you browse in the website. For more information see the cookies section of this Privacy Policy.

Who has access to your data?
Your data may be shared within the Hero Group for legitimate business purposes (for details on the companies within the Hero group, please refer to our annual report which may be found at about https://hero-group.ch/annual-reports).

We never pass on, sell or swap your data for marketing purposes to third parties outside the Hero group. The local Hero company will only act on behalf of Hero AG; and when it is placed outside the EEA we will use Standard Contractual Clauses and Privacy Shield as safeguards for countries without adequacy decision from the European Commission.

Furthermore, we use the marketing automation platform “Mailchimp” to keep in contact with you by sending emails. This service is provided by the US company The Rocket Science Group, LLC and it implies that your full name and email address will be transmitted to and also stored in the United States. The Rocket Science Group, LLC is covered by the “Privacy Shield” framework, a regulatory implementation designed to guarantee European citizens are adequately protected under EU data protection laws as their data passes into and out of the United States.

What is the legal ground to process your personal data?
The processing of your personal data is based on your consent when you agree to receive our Newsletter. 

What cookies do we use?

  • Functional cookies: these cookies enable us to improve the usability and performance of the website and to provide various features, they give us information on how the website is used. Functional cookies can store language settings, for example. These cookies collect anonymous information and cannot track your movements on other websites.

  • Google Analytics: this website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your anonymized IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. Anonymous data collection and storage can be cancelled at any time with effect on a future date.

  • Vimeo Video Player: this website uses Vimeo Inc.’s embeddable video player. Vimeo uses first-party cookies that are essential to the video player experience, they do not make use of cookies for analytics or advertising purposes. You can check here their Cookies Policy.

How long do we save your data?
We will keep your data for direct marketing until you cancel your Newsletter subscription.

What are your rights?

  • Right to withdraw your consent: you have the right to withdraw your consent for the processing of your personal data at any time and object to direct marketing. When you do so Hero AG won't be able to send you, any further Newsletter, or information based on your consent. You can opt out from direct marketing by the following means:

- Following the instruction in each Newsletter e-mail (“unsubscribe”)

- By editing the settings of your profile

  • Right to access: You have the right to request information about the personal data we hold on you at any time. You can contact Hero AG that will provide you with your personal data via e-mail.

  • Right to portability: whenever Hero AG process your personal data by automated means based on your consent or based on an agreement you have the right to get a copy of your data transferred to you or to another party. This only includes the personal data you have submitted to us.

  • Right to rectification: you have the right to request rectification of your personal data if they are incorrect, including the right to have incomplete personal data completed.

  • Right to erasure: you have the right to erase any personal data processed by Hero AG at any time.

  • Right to object to processing: you have the right to object to processing of your personal data that is based on Hero AG legitimate interest. Hero AG will not continue to process the personal data unless we can demonstrate a legitimate ground for the process which overrides your interest and rights or due to legal claims.
    Your right to object to direct marketing: you have the right to object to direct marketing, including profiling analysis made for direct marketing purposes.

  • Right to restriction: you have the right to request that Hero AG restricts the process of your personal data under the following circumstances:

- If you object to a processing-based Hero AG legitimate interest, Hero AG shall restrict all processing of such data pending the verification of the legitimate interest. 

- If you have claim that your personal data is incorrect, Hero AG must restrict all processing of such data pending the verification of the accuracy of the personal data.

- If the processing is unlawful you can oppose the erasure of personal data and instead request the restriction of the use of your personal data.

- If Hero AG, no longer needs the personal data but it is required for you to make of defending legal claims.

How can you exercise your rights?
We take data protection very seriously and therefore we have dedicated personnel who handles your requests in relation to your rights stated above. You can always reach them at data@hero.ch

Data Protection Responsible:
We have appointed a Data Protection Responsible to ensure that we continuously process your personal data in an open, accurate and legal manner. You can contact our Data Protection Responsible at data@hero.ch .

Right to complain with a supervisory Authority:
If you consider Hero AG to process your personal data in an incorrect way you can contact us. You also have the right to turn in a complaint to a supervisory authority, which shall be the one of your country of residence. Here a link to the list of EU national data protection authorities: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

Updates to our Privacy Notice:
We may need to update our Privacy Notice. The latest version of the Privacy Notice is always available on our website. We will communicate any material changes to the Privacy Notice, for example the purpose of why we use your personal data, the identity of the Controller or your rights.