Vite Clinic is raising funds to conquer Switzerland. Contact us to learn more.

Privacy Policy

Effective date: 26 August 2025

Who we are: Vite Clinic (“we”, “us”, “our”) provides an AI-powered virtual receptionist for healthcare providers.

Scope. This policy explains how we handle personal data when:

  • visitors browse our website and contact us; and
  • Swiss clinics use our service to handle patient calls, including automated call handling, transcripts and analytics.

Under the Swiss Federal Act on Data Protection (FADP), we act as:

  • Controller for website and business-contact data; and
  • Processor for patient call data we process on behalf of a clinic (the Controller).

1) Who to contact

Controller (website & sales): Vite Clinic [SA / Sàrl / SAS] [Registered address in Switzerland] Email: privacy@viteclinic.com

Processor (service to clinics): Vite Clinic processes patient data on documented instructions from each clinic (the Controller). Clinics remain responsible for their own patient communications and notices to callers.

Data protection contact: privacy@viteclinic.com

Supervisory authority: Federal Data Protection and Information Commissioner (FDPIC). See your rights below.

2) What we collect

A) Website & sales

  • Contact details you submit (name, email, phone), meeting notes.
  • Usage data (device, pages, limited IP-derived region), cookies/SDKs for security, performance and basic analytics.
  • Communications you send to us.

B) Service data (clinic customers)

  • Call metadata: caller number, time, duration, routing outcome.
  • Audio & transcripts: recordings and automated transcripts where the clinic enables recording/transcription.
  • Scheduling & CRM data: appointment details and fields the clinic sends or retrieves.
  • Performance analytics: intent/topics, conversion/appointment rates, after-hours stats.

Sensitive data. Health-related information disclosed during calls can be particularly sensitive personal data under Swiss law. We process such data only to deliver the service under the clinic’s instructions and safeguards.

3) Why we process data

Website & sales: respond to enquiries, provide demos, improve our site, detect abuse/security incidents, maintain legal records.

Service to clinics: answer and route patient calls, create transcripts (if enabled), book appointments, provide audit trails, deliver analytics to improve access and quality of service, ensure security and continuity, and comply with law.

Legal bases (FADP concepts): performance of contract, overriding private interests (balanced against data subject interests), consent where required (see Cookies & recording), and legal obligations.

4) Cookies & tracking

Switzerland uses an inform and opt-out approach for cookies and similar technologies. We tell users what we use and how to refuse (e.g., browser settings or a site control). Explicit consent is required for high-risk profiling (e.g., personalized advertising or complex cross-site tracking).

We use:

  • Essential cookies (security, load balancing, session).
  • Analytics/diagnostics (aggregated insights). You can opt-out via your browser or (where available) our cookie controls.

5) Call recording & transcripts

Important: In Switzerland, participants must be informed in advance if a call will be recorded. Clinics using our recording/transcription features must ensure the pre-call announcement or first-utterance notice is enabled and lawful for their use case. We provide configurable disclosures; continuing the call after the notice constitutes consent.

Clinics can disable recording or configure retention (see Section 8).

6) Where we process data

We host service data in Switzerland or the EEA (European Economic Area). If data is transferred outside Switzerland/EEA (e.g., to vetted infrastructure or telephony providers), we use legally recognized safeguards such as:

  • adequacy decisions under Swiss law (Annex 1 to the Data Protection Ordinance),
  • the Swiss–U.S. Data Privacy Framework where a U.S. provider is certified, and/or
  • standard contractual clauses with a Swiss addendum where needed.

A current list of core sub-processors is maintained below and in our DPA.

7) Sub-processors (core providers)

We rely on specialized vendors to deliver telephony, cloud and AI capabilities. Typical categories include:

  • Telephony carriers for inbound/outbound calls and SMS;
  • Cloud infrastructure (compute, storage, databases) in CH/EEA regions;
  • Speech-to-text / LLM providers used to transcribe and understand natural language;
  • Analytics & monitoring (product telemetry, security logs).

[Append your public list here, e.g., “Twilio (telephony), Microsoft Azure (cloud), OpenAI (AI)”, with region, purpose, DPA link, and DPF/SCC status.]

8) Retention

  • Website/contact data: retained while we have an active business relationship and then [12] months, unless longer is required by law.
  • Service data: by default, call logs [12] months; audio/transcripts [30] days (configurable by the clinic); system logs [90] days for security. Clinics may request export or deletion at any time (limits may apply to backups and legal holds).

9) Security

We apply industry-standard technical and organizational measures, including encryption in transit and at rest, strict access controls (least privilege, MFA), network isolation, monitoring, audit logging, regular backups, and vendor DPAs with security commitments. (For details, request our Security Overview.)

Breach notification. We assess incidents promptly and notify impacted clinics and, where the risk is high, the FDPIC “as soon as possible,” consistent with the FADP. Clinics must notify affected individuals where required.

10) Automated processing & fairness

Our system uses automated processing to understand caller intent and route calls. We do not make decisions that produce legal effects or similarly significant effects without human involvement. If a clinic configures automated decisions that could significantly affect callers, we will help them provide notice and a way to obtain human review, as required by FADP.

No medical advice. The service provides logistical assistance (e.g., booking, reminders). It does not provide diagnosis, treatment decisions, or emergency triage.

11) Your rights (Swiss residents)

You may request: access to your data, information about processing, correction, deletion, and data transfer (portability, where applicable). To exercise rights about a call with your clinic, contact the clinic (Controller). For website/sales data, contact privacy@viteclinic.com.

12) Marketing

We only send electronic marketing with your consent or where permitted with existing customers, and you can opt-out at any time.

13) Emergencies

Do not use Vite Clinic in an emergency. In Switzerland call 144 for medical emergencies, or 112 (EU emergency).

14) Changes

We’ll post updates here and change the “Effective date.” Material changes will be communicated to customers.

Contact the founder

Vite Clinic is going live soon. Before that, let's schedule a call to discuss your needs.

Benjamin Crozat

+33 6 37 61 04 15

benjamin@viteclinic.com

@benjamincrozat

Receive a test number in your inbox

We'll send you a test number in your inbox so you can get a feel for the service.

Benjamin Crozat

+33 6 37 61 04 15

benjamin@viteclinic.com

@benjamincrozat