PRIVACY POLICY AND PERSONAL DATA PROTECTION
Dr. Alessandro Massa places great importance on the confidentiality and safekeep of your personal data and the respect of your privacy and rights in relation to it. This Privacy Policy aims to inform you about how Dr. Alessandro Massa processes your personal data, including its collection, use, storage, transmission and other processing activities, when you visit and use his website.
The processing of your personal data is carried out in accordance with the current legislation on the protection of personal data, in particular the Swiss Federal Act on Data Protection (SR 235.1) and its implementing Ordinance (SR 235.11), as well as the Regulation (EU) 2016/679 of 27 April 2016 on the General Data Protection (hereinafter together the “Data Protection Legislations”).
This Policy was last updated in October 2025.
1. DATA CONTROLLER
Name and Professional title: Dr. Alessandro Massa – Psychiatrist & Psychotherapist
FMH – Swiss Medical Association (the “Data Controller”)
Name of the Clinic: Cabinet Dr. Alessandro Massa
Address of the Clinic: Boulevard des Philosophes 15, 1205 Geneva, Switzerland
Email Adress: alessandro.massa@hin.ch
Phone Number: +41 78 229 39 02
Website: https://www.alessandromassa.ch
2. Scope of the Personal Data Collection
The personal data collected through the website is processed for the following purposes in accordance with the Data Protection Legislations:
- To manage and respond to your requests and queries submitted through the contact form.
- To schedule initial or following-up appointments.
- To maintain secure and confidential communication with you
- To comply with legal and administrative obligations arising from the Data Protection Legislations, medical legal obligations and/or any other applicable and relevant legal and regulatory obligations (e.g., provide the necessary information to the relevant authorities in the event of a cyberattack)
- To improve the user experience and the technical performance of the website (through analytical tools)
- To ensure the long-term functionality of the IT infrastructure and the technical aspects of the website.
Your personal data will be used for the purposes for which it is collected. If your personal data needs to be used for a purpose not described above, Dr. Alessandro Massa will notify you and explain the legal basis which allows him to do so.
Your personal data will never be used for advertising or commercial purposes without explicit consent.
3. Type of Personal Data Collected
Through the website’s contact form, the following personal data may be collected:
- Contact information and message content: any data submitted via contact forms, such as your first name, surname, date of birth, email address, and phone numbers (including international prefix), person or source that recommended to contact me, as well as the contents of the message sent. The latter may include the reason for inquiry, the reason for the timing of your enquiry, attachments, metadata and any information freely provided in the open fields of the form;
- Technical data: Including IP address or user, browser type, operating system, and device information
- Usage data: pages visited, time spent on the website, clickstream data, and referring URLs.
- Cookies and tracking technologies: used to enhance user experience and analyse website traffic (see Cookies Policy).
Once the purpose is achieved, personal data is securely deleted. The data may be used to determine liability in the event of hypothetical cyber crimes against the website.
Concerning the use of cookies and tracking technologies, please refer to the Cookies Policy.
Such sensitive data is processed only with your explicit consent and exclusively through secure and protected website environments, in strict accordance with professional confidentiality obligations and the Data Protection Legislations.
4. Sensitive Personal Data
The following data shared through the website is considered sensitive personal data:
- Data relating to religious, philosophical, political or trade union-related views or activities.
- Data relating to health, the private sphere or affiliation to a race or ethnicity.
- Genetic data.
- Biometric data that uniquely identifies a natural person.
- Data relating to administrative and criminal proceedings or sanctions.
- Data relating to social assistance measures.
Such sensitive data is processed only with your explicit consent, in strict accordance with professional confidentiality obligations and the Data Protection Legislations.
5. Legal Basis for Data Collection
The processing of personal data is based on:
- The user’s explicit consent when submitting a form or voluntarily providing information;
compliance with legal obligations arising from the Data Protection Legislations as well as medical practice and obligations under Swiss legislations; - Legitimate interest in ensuring the security and proper functioning of the website.
In the case of sensitive personal data, consent must be clear, informed, and freely given.
6. Recipient Personal Data
The personal data is processed exclusively by:
- The Data Controller.
- Service providers, including website hosting, IT support, analytics platforms, email delivery services, and patient relationship management tools.
- Health or judicial authorities, only where there is a legal obligation or with your explicit consent and authorization.
Service providers are subject to strict contractual obligations regarding confidentiality and data protection.
Sensitive personal data will be processed exclusively and only by the Data Controller. Health or judicial authorities might process sensitive personal data only if required or requested by law or with your explicit consent and authorization.
7. Cross-Border Data Transfers and Use of Google Analytics
Dr. Alessandro Massa’s website uses Google Analytics to analyse visitor behaviour and improve user experience. This service may involve the transfer of personal data — including IP addresses and usage patterns — to servers located outside Switzerland, particularly in the European Union and the United States.
In accordance with the Swiss legislations on data protection, such transfers are permitted only when the receiving country ensures an adequate level of data protection recognized by Swiss authorities.
Swiss authorities now consider the United States to have adequate data protection standards but only for companies certified under the Swiss-U.S. Data Privacy Framework (see annex 1 no. 44 of the Swiss Ordinance on Data Protection), such as Google LLC which includes Google Analytics. Concerning the European Union, please refer to the Regulation (EU) 2016/679 on the adequate level of protection of personal data under the EU-US Data Privacy Framework.
However, Dr. Alessandro Massa does not rely on passive consent mechanisms.
8. PERSONAL DATA RETENTION
Personal data collected through this website will be retained for as long necessary to fulfil the purposes for which it was collected, or as required by applicable legal and professional obligations.
Sensitive personal data, such as medical and health-related data, submitted via secure channels is stored in accordance with Swiss medical confidentiality laws and retained for the duration mandated by healthcare regulations.
Once the retention period has expired or as soon as personal data is no longer required for the purpose of processing, personal data is securely deleted or anonymized, unless legal obligations require a longer retention period.
9. PERSONAL DATA SECURITY
Personal data collected through this website will be retained for as long necessary to fulfil the purposes for which it was collected, or as required by applicable legal and professional obligations.
Sensitive personal data, such as medical and health-related data, submitted via secure channels is stored in accordance with Swiss medical confidentiality laws and retained for the duration mandated by healthcare regulations.
Non-medical data, such as website usage statistics (e.g., via Google Analytics), is anonymized and retained only for the period necessary to analyse and improve website performance.
Once the retention period has expired or as soon as personal data is no longer required for the purpose of processing, personal data is securely deleted or anonymized, unless legal obligations require a longer retention period.
Dr. Alessandro Massa adopts appropriate technical and organizational measures to protect personal data against loss, destruction, unauthorized access, disclosure, or alteration.
These measures include:
- Encryption of communications (HTTPS/TLS)
- Restricted access control to medical information
- Secure backups and protected data storage
- Confidentiality agreements with service providers and authorized employees.
Dr. Alessandro Massa regularly reviews and updates the security practices to reflect evolving legal requirements, technological advancements, and risk assessments.
10. YOUR RIGHTS
In accordance with the Regulations, you have the following rights with regards to your personal data:
the right to obtain information about the personal data being processed:
- The right to access your personal data.
- The right to request the correction of inaccurate or incomplete data.
- the right to request the deletion of personal data when it is no longer necessary or when consent is withdrawn. the right to object to or restrict data processing under certain circumstances.
- The right to withdraw consent at any time (without affecting the lawfulness of prior processing)
- the right to receive an exported file of the personal data Dr. Alessandro Massa holds about you, including any data you have provided him with.
Requests may be submitted via email to: alessandro.massa@hin.ch . Please include sufficient information to allow for the verification of your identity and please specify the nature of your request. Dr. Alessandro Massa will respond within a maximum of 30 days, unless justified reasons require an extension. Dr. Alessandro Massa will notify you of this extension and of how long it will take to provide the information.
11. Complaint to the Swiss’ Regulatory Authority
If you believe that your rights have been violated, you can lodge a complaint with the FDPIC if you are in Switzerland, or you may lodge a complaint with your national Data.
Protection Authority if you are in a country in the European Union.
12. CONTACTS FORM
Submitting a contact form constitutes the user’s explicit acceptance of this Privacy Policy and authorizes Dr. Alessandro Massa to contact the user for the purpose of handling their request.
The data provided will not be used for any other purposes without obtaining new explicit consent.
13. Security Breach Notification
In the event of a security breach that may affect personal data (e.g., unauthorized access or data loss), Dr. Alessandro Massa will report the incident to the competent authority and, when necessary, notify the affected individuals, in accordance with applicable Data Protection Legislations.
14. POLICY CHANGES
This Privacy Policy may be modified at any time to reflect legal, technical, or procedural changes. The updated version will always be available on the website and will display the date of the latest revision.
15. CONTACT
For any questions regarding this Privacy Policy or the processing of your personal data, you may contact:
Dr. Alessandro Massa – Psychiatrist & Psychotherapist FMH – Swiss Medical Association
Bd. des Philosophes 15, 1205 Geneva, Switzerland
Email: alessandro.massa@hin.ch
Phone Number: +41 78 229 39 02
