Last update: December 2025
This privacy policy explains how we handle your personal data. The data processing consent governs the further processing of your personal data. You may withdraw or withhold your consent at any time. In such cases, we may not be able to provide certain services (for example, the «Skin Analysis») and may refer you to alternative offerings (for example, an «Initial Consultation»). If you have any questions, please do not hesitate to contact us at any time.
The following company («we» or «us») is responsible for the processing of personal data in connection with everskin:
Skinspan Technologies AG
Gotthardstrasse 50, 8002 Zürich
In this privacy policy, we describe how we collect and process your personal data when you:
If you have any questions regarding the processing of your personal data in connection with everskin or wish to exercise one of your data protection rights, you may contact us at: hello@everskin.ch
When you visit our website, general technical information is automatically collected by the server. This includes, for example, your IP address, your device’s operating system, the date and time of access, the website from which you visit us, and the type of browser you use.
We use cookies and other tracking technologies, social media plugins, and embedded media to ensure the functionality of our website and to make it more user-friendly. These technologies also help us analyze the use of our website (e.g. with Google Analytics), collect information to improve our offerings, and pursue marketing purposes (e.g. retargeting cookies), see Section 9 below.
When you use our services (e.g. book and attend appointments, undergo analyses or treatments), we process the following personal data, depending on the type of service:
Within the everskin app, we process in particular:
Health data is particularly sensitive personal data within the meaning of applicable data protection laws and is therefore subject to enhanced protection. This privacy policy includes specific information on how we handle and protect such data.
If you apply for a position with us, we process the personal data required to review your application and conduct the recruitment process, including in particular:
If your application is successful, we will process the personal data collected during the recruitment process and any additional data you provide in order to prepare and conclude the employment contract.
In the course of our business activities, we may also process personal data that we receive from third parties, such as contact persons at business partners, suppliers, or service providers. This typically includes identification data, contact details, communication content, and other necessary personal data in this context.
We process your personal data for the following purposes:
We may create evaluations and statistics based on your data (including health data) in order to provide you with personalized treatment and health-related recommendations and may use such data for research purposes and for the development, improvement, expansion, and marketing of our offerings and algorithms (profiling). This includes the use of skin images generated during skin analyses for the training of AI models (computer vision) to identify skin aging characteristics. Where possible, personal data is anonymized or pseudonymized. Where this is not possible, processing is carried out based on your consent.
Based on our interest in informing individuals interested in our offerings about new developments, we may send you marketing information (e.g. newsletters). You may opt out at any time.
As a rule, we do not make automated individual decisions. Automated individual decisions are decisions that are made entirely automatically, without human involvement, and that have legal consequences for you or significantly affect you. If we were to use such decisions in individual cases, we would inform you separately and give you the opportunity to have the decision reviewed by a human.
To fulfill contracts, safeguard our interests, or comply with legal requirements, it may be necessary to disclose your personal data to third parties, in particular:
We also transfer personal data abroad, in particular to IT service providers located in the EU or EEA. Transfers outside Switzerland, the EU, and the EEA are limited as far as possible but cannot be completely excluded. In such cases, data may be processed in any country where our service providers are located. If the respective country does not have a level of data protection recognized by Switzerland, we use standard contractual clauses and, where necessary, additional safeguards. In certain cases, transfers may also be based on your consent or be necessary for contract performance or legal proceedings abroad.
We may share your data (including health data) with private or public research institutions for research purposes if (a) you have given your consent, or (b) you are not identifiable for the research institution (anonymized or pseudonymized data) and you do not object after appropriate information.
We do not sell or rent personal data to third parties.
We protect your personal data through appropriate technical and organizational measures against accidental, unlawful, or unauthorized manipulation, deletion, alteration, access, disclosure, use, or loss. We maintain a state-of-the-art IT infrastructure, and our employees only have access to personal data insofar as this is necessary for the performance of their duties.
Your health data is protected in the everskin app and in our patient database in particular through:
We retain your personal data only for as long and to the extent necessary for the purposes described or as required by law. Data relating to analyses and treatments (patient records) is retained for 20 years for legal reasons. Health data from deactivated everskin app accounts is archived accordingly.
Under applicable data protection law and to the extent provided therein, you have the following rights:
Please note that these rights are subject to limitations. In particular, we may be required or entitled to continue processing personal data to fulfill a contract, protect our legitimate interests (e.g. assertion or defense of legal claims), or comply with legal obligations.
If you are not satisfied with how we process your personal data, you have the right to lodge a complaint with the competent supervisory authority (Federal Data Protection and Information Commissioner – FDPIC / Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter, EDÖB). We encourage you to contact us first so we can address your concern directly. You can reach us at hello@everskin.ch.
Our website uses cookies. Cookies are text files that are stored on your device by your browser when you visit our website. Cookies do not cause any damage to your device and do not contain viruses. Some cookies are technically necessary for the operation of the website. Most cookies we use are session cookies and are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them or they expire.
We use cookies in order to make our website more user-friendly, effective, and secure based on the data collected. In particular, cookies are used to store your preferences (such as language and location settings), to enable fast delivery and an attractive presentation of website content (for example through the use of fonts and content delivery networks), and to analyze the use of this website for statistical evaluation and continuous improvement (generally by means of third-party cookies). The specific purposes for which non-essential cookies are used are described in more detail in the following sections of this privacy policy.
The disclosure of data by us is governed by our provisions on data sharing (see Section 4). In addition, the following sections of this privacy policy concerning individual data processing activities apply.
Cookies are stored on your device. You may delete cookies entirely or restrict or disable their transmission by adjusting your browser settings. If cookies are disabled for our website, some functions of the website may no longer be fully available.
Instructions for the most common browsers can be found here:
For cookies used for performance measurement, reach analysis, or advertising purposes, many services offer a general opt-out via the Network Advertising Initiative (NAI), YourAdChoices (Digital Advertising Alliance), or Your Online Choices (European Interactive Digital Advertising Alliance, EDAA).
We may use tracking pixels on our website or in our emails. Tracking pixels are also referred to as web beacons. These are small, usually invisible images that are automatically retrieved when you visit our website or open our emails.
Tracking pixels may collect the same information as log files. In addition, movement and interaction profiles for the entire session may be created. Tracking pixels are in particular used by third parties whose services we use. Information about these third-party services is provided in detail below.
Tracking pixels are used by various tracking services to analyze the use of this website for statistical evaluation and continuous improvement. Tracking pixels may also be used for email tracking.
The disclosure of data by us is governed by our provisions on data sharing (see Section 4). Please also refer to the information in this privacy policy regarding the individual tracking services.
To prevent data processing via tracking pixels, you may install suitable browser extensions (such as uBlock Origin) and block external images in your email program.
We use Google Analytics on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow Street, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA together with «Google».
Google Analytics is an analytics service used to collect information about the use of the website. In particular, the following information may be processed:
The IP address is anonymized by Google Analytics so that personal identification is no longer possible. When a visitor accesses our website for the first time, Google Analytics may generate an identifier to recognize the visitor on subsequent visits. If you are logged into your Google account, data processing may also occur across devices.
Your IP address is used to determine your approximate location, enabling us to assess the relevance of our offerings in different regions. We also use the IP address to determine how visitors reach our website. Technical information is processed to ensure proper display of the website on different devices. Interaction data, visit duration, date, and time are processed to evaluate and optimize our marketing campaigns and offerings and to analyze how visitors interact with our website. The referrer URL is processed to measure the effectiveness of different marketing channels.
The disclosure of data by us is governed by our provisions on data sharing (see Section 4). As Google is a multinational company, your data may be transferred worldwide, in particular to the United States, where data protection laws may not provide an adequate level of protection.
We use the Meta Pixel on our website, a service provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, with its headquarters at Meta Platforms Inc., 1601 Willow Road, Menlo Park, CA 94025, USA (together «Meta»)
Meta Pixel is an analytics service that collects information about website usage. In particular, the following information may be processed:
The IP address is anonymized so that personal identification is no longer possible. Meta Pixel may generate an identifier to recognize visitors on subsequent visits.
Your IP address is used to determine your approximate location. The information obtained in this way enables us to assess the relevance of our offerings in different geographic regions. We also use the IP address to determine how visitors access our website, in particular from which sources or channels they reach us.
Technical information is processed to ensure that our website is displayed correctly and functions properly across different devices and browser environments. Data relating to interactions, visit duration, as well as the time and date of website access is processed in order to analyze, evaluate, and optimize our marketing campaigns and offerings. In addition, this information allows us to understand how visitors interact with our website, including which content is accessed most frequently or is of particular interest to certain groups of users.
The processing of referrer URLs serves the purpose of measuring the effectiveness and analyzing the performance of different marketing channels. Furthermore, data collected via the Meta Pixel may be used to display Meta advertisements exclusively to individuals who have shown an interest in our offerings or who exhibit similar interests. For this purpose, certain personal data may be transmitted to Meta for the creation of target audiences to whom personalized advertising may be shown.
Meta may process this data for its own advertising purposes. Such processing by Meta is outside of our control as the website operator. The data collected through the use of this service is not used by us to personally identify you. However, Meta may associate this data with your respective Meta account, provided that you have such an account.
The disclosure of data by us is governed by our provisions on data sharing (see Section 4). As Meta is a multinational company, your data may be transferred worldwide, in particular to the United States, where data protection laws may not provide a level of protection equivalent to that in Switzerland, the EU, or the EEA.
We use Hotjar on our website, a service provided by Hotjar Ltd., Level 2, St. Julians Business Centre, 3 Elia Zammit Street, St. Julian’s STJ 1000, Malta.
Hotjar is an analytics service for websites used to collect information about the use of the website. In particular, the following information may be processed:
The IP address is anonymized by Hotjar so that you are no longer identifiable. In addition, Hotjar may record user sessions (session recordings). These are screen recordings that document mouse movements, clicks, and keyboard inputs.
Your IP address is used to determine your approximate location. The information obtained in this way enables us to assess the relevance of our offerings in different regions. We also use the IP address to determine how visitors reach our website (i.e., from which sources they arrive).
Technical information is processed to ensure that the website is displayed correctly across different devices. Session recordings and data on interactions, visit duration, and the time and date of access are processed to evaluate and optimize our marketing campaigns and offerings and to better understand how visitors interact with our website (e.g., which content is particularly popular with which groups of users).
The referrer URL is processed to measure the effectiveness and analyze the performance of different marketing channels. The data collected is not used by us to personally identify you.
The data collected is anonymized locally and transmitted to Hotjar only in anonymized form. Any further disclosure of data by us is governed by our provisions on data sharing (see Section 4).
We use Google Maps on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow Street, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (together «Google»).
Google Maps is a mapping service for websites that enables the integration of interactive maps. In particular, the following information may be processed:
The IP address is anonymized by Google Maps so that personal identification is no longer possible. If you have a Google account and are logged in, data processing by Google Maps may also take place across devices.
Your IP address is processed in order to determine your approximate location, so that the appropriate map section can be displayed when the website is accessed. Technical information is processed to ensure that the map is displayed correctly across different devices and browser environments. Interaction data is processed to enable the interactive use of the map and to improve the functionality and usability of the map service. If you are logged into your Google account, data may be synchronized across your devices, for example with regard to saved locations or planned routes.
The disclosure of data by us is governed by our provisions on data sharing (see Section 4). As Google is a multinational company, your data may be transferred worldwide, in particular to the United States, where data protection laws may not provide a level of protection equivalent to that in Switzerland, the EU, or the EEA.
We use Google Tag Manager on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow Street, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (together «Google»).
Google Tag Manager is a tool that allows us to centrally manage various tracking tags (such as Meta Pixel, Google Analytics, Hotjar, etc.). Google Tag Manager itself does not process or store any personal data. Any data processing is carried out solely by the individual tracking services integrated via Google Tag Manager, which are described separately in this privacy policy.
We use so-called web fonts provided by Google to ensure a consistent and visually appealing presentation of fonts on our website. When you access one of our pages, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
To load the web fonts, your browser establishes a connection to Google’s servers. Through this connection, Google becomes aware that our website has been accessed via your IP address. If your browser does not support web fonts, a default font installed on your device will be used instead.
The use of Google Web Fonts is based on our interest in a uniform and attractive presentation of our online offerings. Further information on Google Web Fonts can be found in Google’s Web Fonts FAQs https://developers.google.com/fonts/faq.
We use Amazon Web Services (AWS), a cloud computing platform provided by Amazon Web Services, Inc., which offers a wide range of services to support the development, operation, and management of websites and applications.
Personal data processed via AWS may be stored and processed on servers located outside Switzerland, the EU, or the EEA.
Google Hosted Libraries is a collection of JavaScript libraries hosted by Google that can be integrated into websites. These libraries are used to enhance the functionality and performance of websites by providing commonly used features such as animations, effects, form validation, data manipulation, and other functionalities.
By using Google Hosted Libraries, website developers do not need to download and host each library individually on their own servers, which saves time and storage space. The libraries are delivered quickly and reliably through Google’s global server infrastructure, resulting in improved performance and faster page load times for users.
In addition, the libraries hosted by Google are regularly maintained and updated, ensuring that website developers have access to the latest, stable, and secure versions.
We use Cookiebot on our website to ensure compliance with applicable European data protection laws. Cookiebot can be integrated into websites to give users control over cookies and other tracking technologies that are used on their devices. Cookiebot is used in particular to inform users about the use of cookies on the website and to obtain their consent before non-essential cookies or similar technologies are used. It also helps to verify whether the website displays a cookie banner and other consent mechanisms in accordance with legal requirements.
We use eTracker, an analytics tool that is used to collect detailed information about visitors to the website. eTracker allows us to track various user actions, such as the number of visitors, which pages are accessed most frequently, whether specific actions (e.g. purchases or clicks) are performed, and other usage-related information.
The use of eTracker helps us to better understand how users interact with our website and to optimize the website in line with our objectives and user needs.
Contentsquare is an analytics and optimization platform for websites and mobile applications. It helps us to understand and improve the user experience by collecting and analyzing behavioral data of website visitors.
The platform provides insights into how users interact with the website, such as clicks, scrolling behavior, input behavior, and mouse movements. This enables us to identify which areas of the website perform particularly well and which areas may require improvement.
Using heatmaps, user journeys, and other visual representations, Contentsquare allows us to better understand user behavior and make targeted adjustments in order to improve conversion rates, reduce bounce rates, and increase overall user satisfaction. Contentsquare also offers A/B testing functionality, enabling different versions of website content to be compared and evaluated to determine which variant performs best.
We use Mailchimp, an online service for managing and sending email newsletters and marketing campaigns. Mailchimp provides various tools that allow us to segment recipient groups, create personalized emails, and analyze the performance of marketing campaigns.
Mailchimp may be used on the website to enable visitors to subscribe to our newsletter and receive regular information and updates. It may also be used to send promotional messages or product-related information to customers. In addition, Mailchimp allows the integration of subscription forms on the website to collect contact data and support marketing and sales activities.
Overall, Mailchimp helps us to establish and maintain direct communication with users and to make our marketing activities more effective.
Cloudflare is a content delivery network (CDN) and web security platform that is used to improve website performance, enhance loading times, and protect the website against various types of attacks.
In particular, Cloudflare may be used for the following purposes:
We use Google Ads Conversion Tracking on our website, a service provided by Google Ireland Ltd., Google Building Gordon House, Barrow Street, Dublin 4, Ireland, with its headquarters at Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (together «Google»).
Google Ads Conversion Tracking is an analytics service used to collect information about the performance of Google Ads advertising campaigns. Data processing only takes place if you access our website via a Google Ads advertisement. In particular, the following information may be processed:
The IP address is anonymized by Google Ads Conversion Tracking so that personal identification is no longer possible.
Your IP address is used to determine your approximate location, allowing us to assess the regional relevance of our offerings. We also use the IP address to determine how visitors reach our website via Google Ads advertisements.
Technical information is processed to ensure that both the website and the advertisements are displayed correctly on different devices. Interaction data, visit duration, and access times are processed to analyze, evaluate, and optimize our Google Ads marketing campaigns and offerings. This also enables us to determine which advertisements lead to higher conversion rates. The referrer URL is processed to measure the effectiveness and performance of our Google Ads campaigns.
The disclosure of data by us is governed by our provisions on data sharing (see Section 4). As Google is a multinational company, your data may be transferred worldwide, in particular to the United States, where data protection laws may not provide a level of protection equivalent to that in Switzerland, the EU, or the EEA.
DoubleClick Floodlight is a tracking technology used on websites to monitor user activity. It uses cookies to determine which pages are visited and which actions are performed by users. This enables us to measure the effectiveness of our advertising campaigns. In particular, DoubleClick Floodlight may be used to measure conversion rates (i.e. the proportion of users who perform a specific action on the website), count users who click on advertisements, and analyze other campaign-related interactions. The data collected helps us to evaluate and optimize our advertising measures.
Webflow is a professional web design platform that can be used to create complete websites without requiring programming knowledge. It is a visual design and development tool that enables the creation of customized, responsive, and interactive websites.
Webflow provides a wide range of features and tools that allow websites to be designed in detail and developed efficiently. These include drag-and-drop design, grid systems, intuitive navigation structures, animations, pre-built templates, and additional design functionalities.
Using Webflow, designers and developers are also able to manage the code layer of a website. This allows for the addition of custom code or the modification of existing code, providing a high degree of creative freedom and flexibility in website design.
Webflow is used by web designers, developers, companies, agencies, and other users who wish to create professional websites without functional limitations. It is a powerful platform that facilitates the creation and management of websites in accordance with current data protection standards. Webflow ensures that websites created on the platform can integrate data protection–compliant features such as cookie banners, privacy policies, and secure data transmission mechanisms. Users can therefore be confident that their web projects meet applicable legal requirements and respect the privacy of website visitors.
We use PrivacyBee on our website, a service provided by PrivacyBee AG, Laupenstrasse 1, 3008 Bern, Switzerland. PrivacyBee is used to identify data protection–relevant services on the website and to generate an individualized privacy policy for the website.
The processing of this data enables us to display the privacy policy correctly on your device configuration and to ensure that the content is accurate and up to date.
The disclosure of data by us is governed by our provisions on data sharing (see Section 4). Data collected through the use of PrivacyBee remains with PrivacyBee.
To prevent data processing by PrivacyBee, you may disable JavaScript in your browser. Please note, however, that disabling JavaScript may result in certain functions of our website no longer being fully available. We do not provide a specific opt-out option for PrivacyBee itself, as the service is essential for the provision of our privacy policy.
Our website may contain links to third-party websites that are not operated or controlled by us. We are not responsible for whether or how these third parties comply with applicable data protection regulations.
We may amend this privacy policy at any time. The version published on the website at the relevant time shall apply.