Dosilab is a leading European dosimetry service provider and personal dosimetry system supplier, primarily serving the medical sector.
We are dedicated to helping our clients create a safe work environment for their employees who may be exposed to ionizing radiation in the workplace.
Data protection is important to us and we process your data only in accordance with the statutory provisions. In this data protection declaration we explain to you how we collect or otherwise process personal data. By personal data we mean all information relating to a specific or identifiable person.
Responsible for the data processing illustrated in this data security explanation is the:
We take data security very seriously and use appropriate technical and organizational security measures to protect your personal data against accidental or intentional manipulation, loss, destruction or against unauthorized access by third parties. We continuously improve our security measures in line with technological developments.
Within our website, we use SSL (Secure Socket Layer) technology in conjunction with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the lock symbol in the status bar of your browser.
You have the right to receive information from us about which personal data about you is stored. You may also request the correction of inaccurate data or the deletion of personal data, provided that there are no legal obligations to retain such data or no legal grounds for permitting such data to be processed. Furthermore, you may under certain circumstances have the processing of your personal data restricted or object to it.
We draw your attention to the fact that the exercise of your rights may be subject to legal restrictions. We reserve the right to assert these restrictions, e.g. if we are obliged to store or process certain data, if we have an overriding interest in them (to the extent that we may invoke them) or if we need them for the assertion of claims. Please note that the exercise of your rights may under certain circumstances conflict with contractual agreements and may have corresponding effects on the execution of the contract (e.g. premature termination of the contract or cost consequences). Where this is not already contractually agreed, we will inform you in advance.
The exercise of your rights requires that you prove your identity (e.g. by means of a copy of your identity card if your identity cannot otherwise be determined). If you incur any costs, we will inform you in advance.
In the area of data processing within the framework of dosimetry, you can only assert your rights to the extent that these can be granted within the framework of the statutory provisions on radiation protection and dosimetry (see also below).
We reserve the right to amend this privacy statement at any time without prior notice. The current version published on our website applies.
We engage in the processing of personal data for a variety of specific purposes, including but not limited to:
Contractual Obligations: This encompasses all data processing activities that are essential for the initiation, execution, and conclusion of contracts between you and us.
Communication: This category involves the handling of data associated with communication, encompassing both the communication’s content and associated metadata.
Marketing and Information: We may send you informational content about our products or services through various channels.
Legal Claims Enforcement: There may be instances where we require personal data processing to assert and uphold legal claims.
Compliance with Legal Mandates: In specific circumstances, we process personal data to meet legal obligations. Please refer to Section 5 for details regarding data related to the Radiation Protection Ordinance.
Other Objectives: This category covers various purposes such as security measures, process enhancement, infrastructure development, service improvement, administrative tasks, analysis of user behavior on our website, and safeguarding other legitimate interests.
By providing transparency about these purposes, we aim to ensure clarity and compliance with data processing practices.
Under specific circumstances, we may share personal data with third parties. In the context of our role as a personal dosimetry laboratory, this sharing can occur with individuals or entities as stipulated in the Radiation Protection Ordinance (refer to Section 5 for details).
Furthermore, we may engage third-party service providers to conduct data processing on our behalf (known as data processors). These third parties are contractually obligated to adhere to the same stringent requirements that we uphold. They may include service providers in sectors such as IT, finance, consulting, or other domains where outsourcing is necessary.
In some instances, outsourcing may extend to international borders, potentially affecting countries worldwide. If data processing involves countries lacking adequate data protection measures, data transfer will only proceed once standard data protection clauses have been established and approved by the competent supervisory authority. This ensures the safeguarding of data privacy across borders.
Data processing within the framework of the Radiation Protection Ordinance
Dosilab AG is a personal dosimetry laboratory pursuant to Art. 66 et seq. of the Radiation Protection Ordinance (RPO). In this function, we are obliged pursuant to Art. 73 RPO to record the following personal data of persons exposed to radiation (Art. 51 RPO):
We report the data to the Central Dose Registry (Art. 69 lit. 2 RPO). According to Art. 74 RPO, the following persons and authorities have access to the data in the Central Dose Registry:
In addition, as a personal dosimetry laboratory we are obliged to retain the data for 2 years. On behalf of our clients, we have the capability to extend the duration of data storage. In such instances, our role is solely that of a data processor.
The purpose of the data processing is to ensure the monitoring obligation in accordance with Art. 64 RPO.
According to Art. 71 RPO, as a personal dosimetry laboratory we may only disclose personal data and dose values of a monitored person to the following persons or authorities:
The legal basis for data processing is derived from the statutory provisions and consists of the aforementioned standards of the Radiation Protection Ordinance (RPO).
Registration on our website
You have the possibility to register for access to the protected area on our website and to create a login. In this case, we collect the data you enter in the input mask, such as name, e-mail address, etc., and store this data. The purpose of registering for the login area is to provide you with password-protected direct access to your basic data stored by us. You have the possibility to record persons of your company and to access the corresponding data.
Your consent serves as the legal basis for the use of your data within the scope of the login. You can revoke your consent at any time with effect for the future. Data processing carried out until your revocation is not affected by the revocation.
On our website you can get in touch with us via an electronic contact form. The input mask serves you for the registration and deregistration of persons, for the notification of temporary interruptions of the dosimeter dispatch, for the deregistration of individual dosimeters, for the notification of name changes or also for general inquiries. The data you enter in the input mask, such as name, e-mail address, etc., will be transmitted to us and stored.
The data you provide us with is used to process your enquiry and to fulfil our duties as a personal dosimetry laboratory in accordance with Art. 66 et seq. of the Radiation Protection Ordinance (RPO; see above, Data processing within the framework of the Radiation Protection Ordinance). The legal basis is provided by pre-contractual measures and our legitimate interests in dealing with the request. Insofar as the inquiry concerns the registration or deregistration of persons or other data processing within the framework of the Radiation Protection Ordinance, the above-mentioned principles apply (cf. under Data processing within the framework of the Radiation Protection Ordinance).
We only store your data for as long as is necessary to process your request or as long as we are obliged to do so by law.
You have the possibility to contact us by e-mail. If you contact us by e-mail, the following data will be processed:
Your details will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. Pre-contractual measures or our legitimate interests in processing the request serve as the legal basis.
We only store your data for as long as it is necessary to process your request or as long as we are obliged to do so by law.
We draw your attention to the fact that e-mails can be read or changed unauthorisedly and unnoticed during transmission. The spam filter can reject e-mails that have been identified as spam by certain characteristics.
We are entitled to inform you about news, offers or events. Our legitimate interests serve as the legal basis for this. You can object to the receipt of such information at any time with effect for the future.
Provision of the website and creation of log files
When you access our website, the provider of the pages automatically collects and stores information in so-called server log files, which your browser transmits to us. These are:
These data cannot be assigned to a specific person and there is no merging of these data with other data sources. The log files are stored in order to guarantee the functionality of the website and to ensure the security of our information technology systems. This is our legitimate interest, which serves as a legal basis.
The data will only be stored for as long as is necessary to achieve the purpose for which it was collected. Accordingly, the data will be deleted at the end of each session. The storage of the log files is absolutely necessary for the operation of the website, therefore you have no possibility to object.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser during your next visit. This allows us to save certain settings (such as language settings or location information) so that you do not have to re-enter them when you return to the website.
Use of Google Analytics
Google uses the data on Google Analytics on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The use of Google Analytics is based on the legal basis of our legitimate interests in the analysis of customer behavior on our website, which enables us to improve our services.
Right of objection: You can prevent the storage of cookies by adjusting the settings in your browser accordingly. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You can also deactivate Google Analytics by downloading and installing the browser add-on at http://tools.google.com/dlpage/gaoptout?hl=en.
We use Google Analytics with the functions of Universal Analytics on our website. This allows us to analyse the activities of our website across devices (e.g. when accessed via laptop and later via smartphone). This is made possible by a pseudonymous assignment of a user ID to a user. This happens, for example, when you register for a customer account or log in for your customer account. No personal data will be forwarded to Google. The additional functions of Universal Analytics do not restrict the aforementioned data protection measures such as anonymizing the IP address or the possibility of objecting to the use of Google Analytics.
The data collected within the framework of Google Analytics is stored for as long as is necessary for the analysis of the website. The data is automatically deleted after a period of 50 months at the latest.