As of Nov. 2019
The use of our website (iti.org or any subdomain) is possible without any indication of personal data. However, if you want to use special services via our website (e.g. ITI Academy) or become a Member of the ITI, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain your consent.
Information We Collect
When you visit our website, we will store: the website from which you visited us from, the parts of our website you visit, the date and duration of your visit, your anonymized IP address, information about the device (device type, operating system, screen resolution, language, country you are located in, provider information, and web browser type) you used during your visit, and more (user ID, tracking cookies IDs, order IDs, time in local user’s timezone, files that were clicked and downloaded, links to external websites that were clicked, pages generation time, random unique visitor ID, time of first visit, time of the previous visit, number of visits, mouse movements, clicks, and scrolls, form interactions, video and audio interactions, site searches, key words from search engines, custom dimensions and variables based on your account information etc.). We process this usage data for statistical purposes, to improve our site, to provide individual technical support and to recognize and stop any misuse.
If you contact us through our website, we will keep a record of our correspondence.
We collect the following personal information (Affiliate registration data) from users to register them as Affiliates (basic accounts to use extended services): first name, last name, email address and country. When registering, users must provide a password. Affiliate accounts cannot be created if any of the above information is not provided to the system.
We collect the following information (membership registration data) from users to register them as Members (full accounts with ITI membership): title, first name, last name, email, primary address, university/company/privat practice, department, clinic, phone number, preferred language. When registering, users must provide a password.
Additional information may be collected for specific roles in the system and to provide the corresponding services: middle name, birthdate, gender, billing address incl. VAT number, practice/business address, additional phone numbers, public profile (public profile e-mail, public profile web link, public profile phone number, CV text visible on public profile), information about membership status (membership type, status, joined, expires, package, Study Club), Study Club, degree/name on ITI membership certificate, ITI roles & functions, anonymized credit card for automatic renewal, degrees (e.g. DDS, DMD), PubMed ID, education, specialization, friends, Section/Region affiliation, Classroom membership, accessed learning items, transactions, vouchers, CPD/CME credit hours, medals, badges, events, messages and tasks, speaker profile (topic focus and language proficiency).
To create Partner accounts, we collect the following information from users to register them as Partners (full accounts without ITI membership): first name, last name, email address, primary address.
Diagnostic and Clinical Data
All diagnostic and clinical data (e.g. texts, images, videos) uploaded or submitted to our website by website users are voluntary and shall not include personal information relating to patients that is not anonymous, unless documented informed consent has previously been obtained from the patient (any recipient of health care services).
How We Use Information
We use registration data to register people as Affiliates, to administer our website and provide users with services available through the ITI. We also use registration data to contact users by email with newsletters and service-related announcements. We may use registration data to contact users about products and services that we think may be of interest to them and to request user participation in surveys or other activities related to our website or other projects with which we are involved.
We use registration data to register people as Members or Partners, to administer our website and provide users with services available through the ITI. We also use registration data to contact users by email with newsletters and service-related announcements. We may use registration data to contact users about products and services that we think may be of interest to them and to request user participation in surveys or other activities related to our website or other projects with which we are involved.
Diagnostic and Clinical Data
Users control the purpose for which their diagnostic and clinical data is used on our website. We store diagnostic and clinical data, and personal information relating to patients on behalf of users, but will not use them for our own purposes or make them available to anyone without informed consent.
Information We Share with Third Parties
We implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed.
Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
Among other practices, your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and personal information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
In case of a personal data breach we will notify our supervisory authority and the users affected by that breach. For more serious breaches you will also be notified.
Cookies and Website Tracking
Cookies are small files that are sent to your computer's hard drive using your web browser or other programs. These are stored locally on your computer and kept ready for later retrieval.
We utilize Matomo, a web analysis service, to better understand your use of our website and services. Matomo collects information such as how often users visit the website, what pages they visit and what other sites they used prior to visiting. Matomo uses the data collected to track and examine the use of the website, to prepare reports on its activities and share them with other Matomo services hosted by us. The data is stored in Switzerland.
We utilize social plug-ins (e.g. Facebook, Twitter, YouTube, Instagram). If you are logged in on such a platform when using our website, these plug-ins collect information about you and associate them with your account. If such a transmission of information is not desirable for you, then you may prevent this by logging off from your social media accounts before using our website.
Your Privacy Rights
You can accept cookies through our cookie banner. You can also do so by adjusting your web browser controls. You can set your browser to notify you when cookies are being enabled or to reject cookies altogether. However, when you reject cookies, you may not be able to use all our website features.
You can opt-out of receiving promotional or marketing communications from us at any time, by using the unsubscribe link in the email communications we send, or adjusting the preferences in your account settings (restriction of processing).
If you have any account for our services, we may still send you non-promotional transactional communications, like service or membership-related emails.
Data Subject Rights
We regularly review our information and erase or anonymize personal data when we no longer need it. If you would like to access, review, update, rectify, and delete any personal information we hold about you, or exercise any other data subject right available to you, you can use our contact form.
Please note that we may still use any aggregated and pseudonymized personal information that does not identify any individual, and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
International Data Transfer
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Data Protection Officer
Our Data Protection Officer:
Peter Merian-Weg 10
The data protection declaration of the ITI Foundation is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our Guests, Affiliates, Members and Partners.
Personal data means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Diagnostic and Clinical Data
Diagnostic and clinical data include any genetic or biometric data or data concerning health. Genetic data means personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question. Biometric data means personal data resulting from specific technical processing relating to the physical, physiological or behavioral characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as (facial) images, voice recordings or fingerprints. Data concerning health means personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Personal Data Breach
Personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Supervisory authority means an independent public authority which is established by a Member State pursuant to Article 51 GDPR.
In Switzerland this is the Federal Data Protection and Information Commissioner (FDPIC). The FDPIC supervises federal and private bodies, advises and comments on the legal provisions on data protection and assists federal and cantonal authorities in the field of data protection. The FDPIC informs the public about his findings and recommendations, and maintains and publishes the register for data files.