Version: July 2022
Suva, Fluhmattstrasse 1, CH-6002 Lucerne (hereafter “Suva”) authorises the use of its customer portal and/or the “MySuva” application, as well as the active services offered therein (hereafter “online services”), under the following conditions. Suva is responsible for the processing of data within the customer portal and “MySuva” app.
2 Scope of the rights of use
The online services allow users to retrieve information, settle claims, access selected services and exchange data with Suva.
Users may only engage with these online services in accordance with the conditions stipulated in this document. Any use of these services that deviates from this is prohibited. Suva may block the user‘s account in the event of misuse.
3 Access to the online services/identification and authentication
An account is required in order to use Suva‘s online services. The services are accessed via the Internet. Users log in by entering their username and password in Suva‘s Identity and Access Management System.
Certain services that involve sensitive data require the user to enter a PIN for personal identification or to authorise their use.
Any individual who is able to log in using the identifiers mentioned above is considered by Suva to be a legitimate user.
An activation code can be requested via the customer portal for authentication purposes when a company is first registered in the system.
Suva reserves the right to restrict access to the customer portal, app and services without prior notification, and may delete accounts if it suspects they are being misused. Users can also delete their accounts themselves at any time, or request that Suva delete an account on their behalf. Account deletions cannot be undone. Suva saves collected user data on the company‘s core system and stores it accordance with the applicable legal provisions. The customer may choose to continue corresponding with Suva via other established channels, e.g. by post, once their account has been deleted.
5 What kind of data does Suva process for its customer portal and app?
Users are able to exchange information with Suva and access activated services via the customer portal and app. Use of the customer portal and app may entail the processing of any personal data required for performing these processes. Information can be shared with users via in-app, push or e-mail notifications, as well as by conventional post.
6 Bestimmungen für den digitalen Sicherheitspass
Mit dem Online-Service «digitaler Sicherheitspass» (nachfolgend «DSP») unterstützt die Suva ihre Nutzer bei der Definition, Umsetzung und Überwachung der Instruktion und Ausbildung von permanent und insbesondere auch temporär Angestellten. Die Verantwortung für die Instruktion und Ausbildung bleibt dabei stets beim Nutzer (Verleih- bzw. Einsatzbetrieb): Die Suva stellt lediglich den Online-Service zur Verfügung und ist weder für die Vermittlung der im DSP abgebildeten Ausbildungsinhalte verantwortlich, noch haftet sie für die Richtigkeit und Aktualität dieser Informationen.
7 Due diligence on the part of the user
Users are required store their personal login details confidentially and to take all appropriate measures to guard them against misuse by unauthorised parties. Users shall notify Suva of any changes to their home address, e-mail address, telephone number or other personal information without delay. The user shall accept any consequences arising from the use of their personal login details by unauthorised third parties insofar that Suva bears no responsibility for such misuse. Users must immediately change their password and/or delete their account if they have good reason to suspect that an unauthorised third party has gained access to their personal credentials.
8 Note on security
Data security can never be fully guaranteed, even when the user's device is equipped with the state-of-the-art encryption technology. Users therefore acknowledge that data transmitted via the Internet is never fully immune to third parties' attempts to access it despite all precautions and security measures taken, and that further errors and/or delays/disruptions can still occur.
It can likewise never be ruled out that unauthorised third parties could gain undetected access to the user's device while they are using the customer portal or app, without adequate security measures in place. Suva therefore recommends that customers keep their device up to date.
Although data sent between Suva and the user is encrypted, certain information relating to data traffic, such as the sender's and receiver‘s addresses, is not. This makes it possible to deduce or infer that the user is a Suva customer.
9 Data protection
Suva uses every appropriate technical and organisational measure at its disposal to protect user data from unauthorised access or unlawful data processing. The information and documents displayed to users when using the online services is taken from the relevant departments and systems within Suva and remains visible only while the user is logged in. As a basic principle, any exchange with Suva is carried out via encrypted channels.
By using the online services, users authorise Suva to record and store all of their login and access data, transactions, modifications and movements and to process the, for the purposes of application security and further development, in accordance with company guidelines on data protection (https://www.suva.ch/de-ch/allgemein/datenschutz – German). The data protection guidelines also outline any possible options for objection (see https://www.suva.ch/de-ch/allgemein/datenschutz).
Users have the right to request information at any time regarding their personal data stored and processed by Suva, to ask for this data to be amended or supplemented where necessary, and to object to its processing or request its deletion where applicable by law and under the terms of this agreement.
Suva's data protection policy can be found (in German) at https://www.suva.ch/de-ch/allgemein/datenschutz.
Requests for information or to amend or delete user data must be submitted in writing, accompanied by both a signed declaration and a copy of the requester‘s passport or identity card, to the following office:
Data protection officer
10 Warranty and liability
Suva keeps the customer portal and App up to date in line with the latest technological standards. Users cannot make any claims regarding warranty.
Suva shall only be liable for any damages incurred while using the customer portal and app in cases of gross negligence and/or wilful misconduct.
Any further liability is expressly excluded.
Liability is also completely excluded in cases involving Suva auxiliary staff.
To the extent permitted by law, Suva accepts no liability for direct or indirect damage arising from data transfer errors, technical faults and/or failures, service disruptions, network overloads and/or unlawful interference or access by third parties, failure to recognise defects, imprudent use of personal login credentials, blocking of access/accounts, use of the customer portal, app and associated services while outside Switzerland, lack of security and/or functionality as regards thehardware and software employed by the user, or for any other reason in connection with the use of the customer portal, the app and the services.
11 Beginning and termination of the agreement
Suva reserves the right to adjust content within the customer portal and app, to modify the scope of services at any time and/or to adapt these services in line with legal or technical developments.
13 Place of jurisdiction and applicable law
The exclusive place of jurisdiction is Lucerne (subject to any mandatory places of jurisdiction under Swiss law). This agreement is subject exclusively to Swiss law.
14 Blocking of accounts, complaints and support
The Suva customer services department can be reached from 7.30 a.m. To 5.00 p.m. from Monday to Friday by calling +41 41 419 58 00. You can also get in touch with us by filling out our contact form, which is available (in German) here: https://www.suva.ch/de-ch/allgemein/kontakt.