Contact Us

Privacy Policy of Rewoso AG

Effective Date: December 2024

About Privacy

Protecting your privacy is essential to us. Rewoso AG (“Rewoso”, “we”, “our”) is committed to:

  • Protecting personal data that we receive when we provide our services to clients.
  • Maintaining transparent practices and explaining how we collect, process, and share that data.

 

General Privacy Notice

This privacy notice explains how and why Rewoso AG collects and uses personal data in accordance with the New Federal Act on Data Protection (nFADP) effective from September 1, 2023, and other relevant regulations, including but not limited to the GDPR. This privacy policy also incorporates principles such as Privacy by Design and Privacy by Default to ensure the highest level of security for personal data.

Who are “We”?

Rewoso AG is based in Switzerland, specializing in Real World Evidence Solutions and Data-driven Health. Our company details are:

Rewoso AG
Eichhalde 15
CH-8053 Zürich
Switzerland

Represented by: Tobias Richter
Email: info@rewoso.com
Register Court: Zürich
Register Number: CHE-193.017.307

What Kind of Personal Data Do We Process?

The personal data we process depends on your relationship with Rewoso. Common categories include:

  • Personal Information: Name, age, gender, date of birth, nationality, marital status, and identification numbers (e.g., social security, passport, or tax numbers).
  • Contact Information: Email, address, or phone number.
  • Payment Information: Bank account details or other payment-related data.
  • Health Information: Smoker status, medical history, or other data relevant to insurance policies or claims.
  • Risk and Fraud Data: Credit history, criminal records, sanctions, and data from anti-fraud databases.
  • Employment History: Job role, employer details, and professional qualifications.


Sensitive personal data, such as genetic and biometric information, is processed only in compliance with the nFADP and other applicable laws.

Why Do We Process This Data?

We process personal data for legitimate purposes, such as:

  • Providing our services and fulfilling contractual obligations.
  • Managing and processing claims.
  • Conducting data analysis to improve risk assessment and product development.
  • Enhancing our understanding of markets and ensuring compliance with legal obligations.
  • Fraud prevention and ensuring system security.

Why Do We Process This Data?

We process personal data for legitimate purposes, such as:

  • Providing our services and fulfilling contractual obligations.
  • Managing and processing claims.
  • Conducting data analysis to improve risk assessment and product development.
  • Enhancing our understanding of markets and ensuring compliance with legal obligations.
  • Fraud prevention and ensuring system security.

How Do We Ensure Compliance with nFADP and GDPR?

Rewoso adheres to the following principles:

  • Privacy by Design: Ensuring privacy is embedded into our systems and processes.
  • Privacy by Default: Configuring all systems to use the highest level of data protection by default.
  • Retention Policies: Retaining data only for as long as legally or contractually required.
  • Profiling and Automated Decision-Making: Profiling is conducted only when necessary, with safeguards to protect your rights.

Where Do We Obtain Personal Data?

We collect data from the following sources:

  • Directly from individuals (e.g., event registrations, service requests).
  • Third parties such as industry participants.
  • Public databases, such as commercial registers and anti-fraud databases.

Who Do We Share Personal Data With?

We share personal data with:

  • Employees and contractors on a need-to-know basis.
  • Service providers, such as IT companies and auditors.
  • Regulatory authorities, law enforcement, and other entities as required by law.


We do not sell personal data.

For data transfers outside Switzerland or the EEA, Rewoso ensures adequate safeguards are in place, such as standard contractual clauses, to protect your information.

How Long Do We Keep Personal Data?

We retain personal data only as long as necessary for the purposes outlined in this policy or to comply with legal obligations. Once the retention period expires, personal data is securely deleted or anonymized.

Information Security

We implement technical and organizational measures to ensure the security of personal data. This includes:

  • Regular assessments of third-party service providers.
  • Secure processing environments for sensitive data.
  • Incident response procedures, including notification to the FDPIC in case of breaches.

Your Privacy Rights

Under the nFADP and GDPR, you have the following rights:

  • Access: Obtain information about the personal data we hold about you.
  • Rectification: Correct any inaccurate or incomplete data.
  • Erasure: Request deletion of your data where permissible by law.
  • Restriction: Restrict processing under certain conditions.
  • Data Portability: Receive your data in a portable format.
  • Objection: Object to data processing based on legitimate interests.


To exercise your rights, contact our Global Data Protection Officer (G-DPO):


Email: info@rewoso.com


We may request verification of your identity before processing your request.

Contact Us

For questions or to exercise your rights, contact:

Rewoso AG
Eichhalde 15, CH-8053 Zürich
Email: info@rewoso.com