Privacy Notes

BlooRidge Company GmbH Privacy Policy

With this Privacy Policy, BloodRidge Company GmbH (hereinafter referred to as “Company”) informs you about which personal data we process in connection with our activities and operations. We inform you in particular about what, how and where we process personal data, how long the personal data is stored and whether personal data is passed on to third parties in Switzerland and abroad. We also inform you about your rights when your personal data is processed.

We are subject to Swiss data protection law and, if applicable, foreign data protection law, in particular that of the European Union (EU) with the General Data Protection Regulation (GDPR).

1. Contact Address

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this Privacy Policy.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data from access by third parties is not possible.

BloodRidge Company GmbH
Kirchstrasse 68
8957 Spreitenbach
Switzerland
info@myleihealth.ch

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

2. Terms and Legal Bases

2.1 Terms

Personal data are all information relating to an identified or identifiable natural person. An affected person is a natural person whose personal data is processed.

Processing includes any handling of personal data, regardless of the means and procedures used, in particular:

the storage
disclosure
procurement
collection
deletion
saving
archiving
modification
destruction
and use of personal data

The European Economic Area (EEA) includes the member states of the European Union (EU) as well as the Principality of Liechtenstein, Iceland and Norway. The General Data Protection Regulation (GDPR) refers to the processing of personal data as the processing of personal data.

2.2 Legal Bases

We process data in accordance with Swiss data protection law, in particular the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (VDSG). According to the FADP, the processing of personal data is only permitted if it is collected for a specific purpose that is recognizable to the data subjects and is only processed in such a way that it is compatible with this purpose (cf. Art. 6 para. 3 FADP). Express consent is required for the processing of particularly sensitive personal data, for profiling with a high risk by a private person or for profiling by a federal body (cf. Art. 6 para. 7 FADP). Our Privacy Policy always states the purpose of the processing and, if necessary, we always obtain the express consent of the data subjects.

We process personal data – if and to the extent that the General Data Protection Regulation (GDPR) is applicable – in accordance with at least one of the following legal bases:

Art. 6 para. 1 lit. a GDPR for the processing of personal data with the consent of the data subject.
Art. 6 para. 1 lit. b GDPR for the necessary processing of personal data for the performance of a contract with the data subject and for the implementation of pre-contractual measures.
Art. 6 para. 1 lit. c GDPR for the necessary processing of personal data to fulfil a legal obligation to which we are subject under applicable law of member states in the European Economic Area (EEA).
Art. 6 para. 1 lit. f GDPR for the necessary processing of personal data to protect our legitimate interests or the legitimate interests of third parties, unless the fundamental freedoms and rights and interests of the data subject outweigh them. Legitimate interests include in particular our interest in being able to carry out our activities and operations permanently, user-friendly, securely and reliably and to communicate about them, ensuring information security, protection against misuse, the enforcement of our own legal claims and compliance with Swiss law.

3. Personal Data (Type, Scope, Purpose and Duration)

We process personal data that is necessary to be able to carry out our activities and operations permanently, user-friendly, securely and reliably. Such personal data may fall into the categories of inventory and contact data (first name, e-mail address), browser and device data, content data, meta or marginal data and usage data (registration time, IP address, location, time zone, opening and click rates).

The personal data collected by us will only be stored for as long as is necessary to fulfil the respective purpose. Under certain circumstances, legal requirements or other obligations may lead to longer storage. Personal data whose processing is no longer required will be anonymized or deleted.

We may have personal data processed by third parties. We may also process personal data jointly with third parties or transmit it to third parties. Such third parties are in particular specialized providers whose services we use.

We generally process personal data only with the consent of the data subject, unless the processing is permitted for other legal reasons, for example to fulfil a contract between the data subject and the controller or for corresponding pre-contractual measures, to protect our overriding legitimate interests, because the processing is evident from the circumstances or takes place after prior information.

In particular, we process information that a data subject has voluntarily and personally transmitted to us when contacting us – for example by e-mail. We only process this information to the extent necessary to fulfil the processing purpose or to complete the order.

4. Data Security

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, misuse or destruction. These include encryption, firewalls and secure server software. However, we point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data from access by third parties is not possible.

5. Cookies and Server Log Files

5.1 Cookies

Our website uses cookies to facilitate and optimize the use of our offers. Cookies are small text files that are stored on your end device. Some cookies are necessary for the technical functionality of the website (so-called session cookies), others are used to analyze user behavior or personalize content (so-called persistent cookies).

You can prevent the storage of cookies in your browser or delete already stored cookies. Please note that the functionality of our website may be limited as a result.

5.2 Server Log Files

Each time you access our website, information is automatically collected in so-called server log files, which your browser transmits to us. These are:

Date and time of access
IP address of the accessing device
Name of the retrieved file or page
Amount of data transferred
Message about successful retrieval
Browser type and version
Operating system used
Referrer URL (the previously visited page)

This data serves to ensure the smooth operation of the website, to analyze system errors and to ward off attacks. Direct assignment to your person is generally not possible for us based on this data. The storage is based on our legitimate interests according to Art. 6 para. 1 lit. f GDPR.

6. Services of Third-Party Providers

For the operation of our landing page and the sending of our newsletter, we use Brevo. Brevo is a third-party provider that provides us with the technical infrastructure for the provision of our website and the sending of e-mails. By using Brevo, personal data (such as e-mail addresses, first name, registration time, IP address, location, time zone, as well as usage data of the newsletter such as opening and click rates) can be processed. Brevo’s servers are located in the European Union. A data processing agreement (DPA) has been concluded with Brevo. Further information can be found in Brevo’s privacy policy.

We have no influence on how data processing or the use of data by such third-party providers takes place beyond what is mentioned here. We also have no influence on the extent, location and duration of data storage, to what extent they comply with any existing deletion obligations, what evaluations and links they make with the data. To whom the third-party providers pass on this data is not recognizable to us.

The use of these service providers is necessary for the operation of our landing page and the implementation of our communication activities. We select our service providers carefully and strive to ensure compliance with data protection standards.

7. Data Transfer to Third Countries and Associated Risks

We point out that data processed via our service providers (Brevo) or their subcontractors may be transferred to countries outside the European Union (EU), the European Economic Area (EEA) or Switzerland for which there is no adequacy decision by the EU Commission or the Federal Data Protection and Information Commissioner (FDPIC) and for which we cannot ensure standard contractual clauses or other suitable guarantees. In such cases, there is a risk that your data will not be protected to the same extent as within the EU/EEA or Switzerland. In particular, the authorities of these third countries could gain access to your data without effective legal remedies being available to you. We strive to limit data transfer to the necessary minimum and to use service providers based in the EU/EEA or Switzerland, but cannot guarantee this in every case. For detailed information on the server locations and data transfers of our service providers, please refer to their respective privacy policies.

8. Your Rights as a Data Subject

You have the right at any time to request information about your personal data processed by us. In particular, you can request information about:

the purposes of processing
the category of personal data
the categories of recipients to whom your data has been or will be disclosed
the planned storage period
the existence of a right to rectification, erasure, restriction of processing or objection
the existence of a right to lodge a complaint with a supervisory authority
the origin of your data, if it was not collected by us
the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details

Furthermore, you have the right to demand the immediate rectification of inaccurate or the completion of incomplete personal data. You have the right to demand the erasure of your personal data stored by us, provided that the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims.

You have the right to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse its erasure and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims, or you have objected to the processing and it has not yet been determined whether our legitimate grounds outweigh yours.

You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request its transmission to another controller.

You have the right to withdraw a given consent at any time with effect for the future. The lawfulness of the processing carried out on the basis of the consent until the withdrawal is not affected by the withdrawal.

You have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for data protection issues is the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland or the competent data protection authority in your EU member state.

9. Changes to this Privacy Policy

We reserve the right to adapt this Privacy Policy as required to always comply with current legal requirements or to implement changes to our services in the Privacy Policy, e.g. when introducing new services. The new Privacy Policy will then apply to your renewed visit.

10. Contact

If you have any questions regarding this Privacy Policy or the practices of this Website, please contact us by e-mail at info@myleihealth.ch.

Last updated: This Privacy Policy was last updated on July 15, 2025.

“`