nursearchnursearch
Get started

Privacy Policy

This policy describes which personal data nursearch collects, what it is used for, with whom it is shared, and which rights you have as a data subject.

Data Controller

Per Swedenborg, owner of nursearch (sole proprietorship). Contact: admin@nursearch.l121.org. Full postal address see Imprint.

Data Collected

Account data (email, name, language, role); Pflegefachperson profile (Diplom documents, certificates, CV, language proficiencies, preferences); hospital data (hospital name, canton, members); intros (requests + replies); audit log (changes with timestamp + actor). Diplom documents are processed via OpenRouter (Vision AI) and stored as a Swiss-equivalence suggestion (Pflegefachperson HF, Pflegefachperson FH, FaGe, AGS).

Purpose of Processing

Matching qualified Pflegefachpersonen with Swiss hospitals; producing Anerkennung dossiers for the SRK Anerkennung process; managing accounts and intros.

Legal Basis

Art. 6(1)(b) GDPR (performance of a contract with the Pflegefachperson and the hospital); Art. 6(1)(f) GDPR (legitimate interest for matching functionality); revDSG Art. 31 (processing in the context of a contract).

Retention

Account data and profile: kept until the user deletes the account (see Delete account at /account/privacy). Audit log and closed intros: retained anonymized for up to six years (revDSG + tax-law obligations).

Recipients and Subprocessors

Supabase (EU/Frankfurt — hosting, database, storage, authentication); Resend (Germany — transactional emails); OpenRouter (USA — Vision AI for Diplom extraction; Standard Contractual Clauses); Sentry (USA — error monitoring; Standard Contractual Clauses); Vercel (USA company, hosting in EU/Frankfurt — application hosting).

Your Rights (GDPR Art. 13/15/17/20/21 + revDSG Art. 19)

You have the right at any time to access, rectification, erasure, data portability, and objection. Access + portability: GET /api/gdpr/export returns a JSON file with all your data. Erasure: /[locale]/account/privacy offers 'Delete account' (confirmed with password and typing DELETE).

Data Protection Officer

As nursearch is a sole proprietorship without large-scale regular processing of special categories of data, no Data Protection Officer has been appointed (revDSG Art. 10(2); GDPR Art. 37). Requests directly to admin@nursearch.l121.org.

Complaint

Switzerland: Federal Data Protection and Information Commissioner (FDPIC), https://www.edoeb.admin.ch. EU: the data protection authority of your member state of residence; list at https://edpb.europa.eu.

We only use essential cookies (sign-in, language). More in our Privacy Policy