Privacy Policy

This Privacy Policy describes how Specto Medical AG, Elisabethenstrasse 18, 4051 Basel, Switzerland, processes personal data in connection with spectomedical.com, Specto Medical's online information and sales environment, related communications, product-support processes and, where applicable, online orders or subscriptions. This version is drafted to remain compatible with a Paddle-enabled web sales flow while preserving Specto Medical's broader website and product-privacy framework.

1. Controller

The controller for the processing described in this Privacy Policy is Specto Medical AG, Elisabethenstrasse 18, 4051 Basel, Switzerland. General privacy inquiries may be directed to info@spectomedical.com.

2. Scope

This Privacy Policy applies to visits to spectomedical.com and related Specto Medical web pages, to demo requests, contact requests, newsletter registrations, product-support communications, website analytics and security processes, and to online purchases or subscriptions initiated through Specto Medical's website. It does not govern data processing performed solely by independent third parties outside Specto Medical's sphere of responsibility, except to the extent such processing is described here for transparency purposes.

3. Categories of Personal Data

Depending on the interaction, Specto Medical may process identity data, contact data, account data, communication data, enquiry content, professional information, usage data, technical device and browser data, IP-related metadata, cookie identifiers, subscription or licence information, support information and, where relevant, transaction-related information made available to Specto Medical in connection with Paddle-processed web sales.

4. Purposes of Processing

Specto Medical processes personal data in particular to operate and secure the website; answer enquiries; arrange demos; provide newsletter communications; administer user accounts and software access; provide product support; improve website usability, security and performance; comply with legal obligations; document contractual relationships; and protect Specto Medical against abuse, fraud, security incidents and unlawful use.

5. Legal Bases

Where Swiss data protection law applies, Specto Medical processes personal data in accordance with the revised Swiss Federal Act on Data Protection (FADP) and other applicable Swiss law. Where the EU General Data Protection Regulation (GDPR) applies, Specto Medical generally relies on one or more of the following legal bases: consent; performance of a contract or pre-contractual steps; compliance with legal obligations; protection of vital interests where relevant; and legitimate interests, including secure website operation, fraud prevention, product improvement, support management and the enforcement or defence of legal claims. Where UK GDPR applies, equivalent legal bases apply.

6. Website Use, Server Logs and Security

When visitors access spectomedical.com, technical data is processed automatically for the purpose of making the website available and secure. This may include IP-related metadata, browser type and version, device information, operating system, referring URL, time of access, requested resources, error information and server-log data. Specto Medical uses such information to ensure website stability, maintain security, detect misuse, investigate incidents and improve performance.

7. Contact Forms, Demo Scheduling, Newsletter and Direct Communications

If a visitor contacts Specto Medical through a website form, direct email, phone call, a demo scheduler or another communication channel, Specto Medical processes the information submitted in order to respond to the enquiry, arrange a meeting, document the communication, provide requested information and follow up on the request. If a visitor subscribes to a newsletter or update service, Specto Medical processes the email address and any related consent records for subscription administration, mailing delivery and opt-out management.

8. Product-Support and Account-Related Processing

Where Specto Medical provides user accounts, software access, updates, patches, bug fixes, support communications or software-related troubleshooting, Specto Medical processes account data, support tickets, technical diagnostic information, environment information, log data and communication content to deliver and improve software-related support. Specto Medical's support role remains limited to the software and related supplier-side support processes described in its product terms.

9. Cookies and Similar Technologies

Specto Medical uses cookies and similar technologies that are necessary for website operation, security and user-interface continuity, and may also use analytics, performance or preference technologies to the extent legally permitted and properly disclosed. Depending on the applicable legal framework and the specific technology used, Specto Medical may rely on consent or legitimate interests. Visitors may control certain cookie settings through browser controls or the consent-management tool made available on the website.

10. Analytics, Embedded Content and Third-Party Website Tools

Specto Medical may use third-party tools and content integrations for website analytics, spam protection, embedded media, mapping, scheduling, contact management, forms, newsletter handling and similar website functions. Where such tools are used, the relevant provider may receive technical usage data, device or browser information and, depending on the integration, interaction data or contact information submitted by the visitor. Specto Medical seeks to use such tools in a manner consistent with applicable law and with appropriate contractual and organisational safeguards where required.

11. Paddle-Processed Web Sales

If a buyer completes a purchase, subscription or trial-to-paid conversion through a Specto Medical web checkout processed using Paddle's Services, Paddle acts as the authorised reseller and Merchant of Record for the transaction. In that context, Paddle processes transaction data, billing data, payment-related data, tax-relevant data, subscription-management data and buyer-support data within Paddle's own buyer-side framework.

Controller allocation. For personal data processed in the Paddle-enabled checkout and in Paddle's subsequent transaction-processing and compliance activities (including tax handling, fraud prevention, receipts, subscription management, buyer support, chargeback handling and legal record-keeping), Paddle acts as an independent controller under the GDPR and equivalent laws. Paddle's processing is governed by Paddle's own privacy notice (see https://www.paddle.com/legal/privacy). For personal data that Specto Medical receives from Paddle or via the integrated checkout flow and uses to identify the buyer, fulfil or activate the Software, manage licences or subscriptions, provide product support, prevent abuse, reconcile internal records and comply with legal or accounting obligations, Specto Medical acts as controller.

Transfers and categories of data shared with Paddle. To enable the web-sales flow, Specto Medical may share with Paddle product catalogue data, product and pricing configuration, webhook payloads required for licence activation, and information needed to respond to Paddle's buyer-support and compliance queries. Paddle shares with Specto Medical the transaction-related identifiers, purchaser contact details and subscription status information necessary for licence provisioning and product support.

12. Separation of Transaction Support and Product Support

For Paddle-processed transactions, transaction-side topics such as receipt access, subscription cancellation, refund routing, withdrawal requests and payment disputes are handled primarily through Paddle's buyer-facing channels. Specto Medical remains the supplier-side point of contact for software-related product support, including software functionality, updates, patches, bug fixes, workarounds and access to software features. This separation is reflected in Specto Medical's web-sales terms and in its Refund Policy.

13. Recipients and Service Providers

Specto Medical may disclose personal data to hosting providers, IT service providers, communication providers, scheduling and CRM providers, analytics or anti-spam providers, embedded content providers, legal or professional advisers, authorities where required by law, and other processors or independent controllers where this is necessary for the purposes described in this Privacy Policy. Such recipients may be located in Switzerland, the EEA, the United Kingdom or other jurisdictions, subject to appropriate legal safeguards where required.

14. International Transfers

Where personal data is transferred to a country that does not provide an adequate level of protection under applicable law, Specto Medical seeks to implement an appropriate transfer mechanism, such as standard contractual clauses, another recognised safeguard, or another lawful basis for the transfer. The legal basis and transfer mechanism may depend on the recipient, the service used and the applicable regulatory framework at the relevant time.

15. Retention

Specto Medical retains personal data only for as long as reasonably necessary for the relevant purpose, for as long as a contractual or support relationship exists, or for as long as legal retention, accounting, security, evidentiary or defence-related obligations require. Retention periods may therefore vary depending on the category of data and the relevant legal or operational context.

16. Data Subject Rights

Subject to the requirements and limitations of applicable law, data subjects may have rights of access, rectification, deletion, restriction, objection, data portability and withdrawal of consent, and may also have the right to lodge a complaint with a competent supervisory authority. Requests may be sent to Specto Medical using the contact details stated in this Privacy Policy. Specto Medical may request reasonable proof of identity before responding to a request. For rights relating to Paddle's own processing as independent controller, data subjects should contact Paddle directly.

17. Security

Specto Medical implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or unlawful disclosure, taking into account the nature of the processing and the risk involved. Absolute security cannot be guaranteed, especially for internet communications.

18. Changes to this Privacy Policy

Specto Medical may amend this Privacy Policy from time to time to reflect legal, technical, operational or website-related developments. The version published on the relevant Specto Medical website at the time of access shall apply, unless a more specific version was separately agreed.

19. Publication Together with Related Website Documents

This Privacy Policy, the General Terms and Conditions, the Refund Policy and the relevant buyer-support information are made available on Specto Medical’s website (www.spectomedical.com) and may at any time be accessed there in their then-current valid version. Where purchases are made through a Paddle-enabled checkout flow, additional transaction-related disclosures may also be presented in or near the checkout process.