General Terms and Conditions
DocNote Service — Gilson GmbH · Version 1.3 · Effective date: January 27th 2026
These General Terms and Conditions (the "GTCs") govern access to and use of the DocNote solution (the "Service") offered by Gilson GmbH, having its registered office at Baarermattstrasse 8B, 6340 Baar, Switzerland, registered with the Swiss Commercial Register under number CH-170.4.018.382-0 (hereinafter "DocNote"). The Client acknowledges that it uses the Service exclusively in the course of its professional and institutional activities.
1. Definitions
- Client: any legal entity or natural person acting in a professional capacity and subscribing to the Service.
- User: any person authorised by the Client to access the Service (each access is named and strictly personal).
- Data: all information processed via the Service, including sensitive personal data within the meaning of Art. 5 lit. c of the Swiss Federal Act on Data Protection (FADP, revised; in force since 1 September 2023), in particular health data.
- Security Incident: any suspected or confirmed breach resulting, accidentally or unlawfully, in the destruction, loss, alteration, unauthorised disclosure of, or unauthorised access to, Data.
- Order Form: any contractual document (quote, order form, framework agreement) specifying the offer, scope, and service levels (Service Level Agreement, "SLA").
- Data Processing Agreement (DPA): appendix governing the Parties' obligations under the FADP and setting out the Technical and Organisational Measures ("TOMs").
2. Scope and order of precedence
2.1 In the event of any conflict, the following order of precedence applies: (a) the Order Form (including the SLA), (b) the DPA, (c) these GTCs.
2.2 The Client's general purchasing conditions or any other conditions are expressly excluded unless expressly accepted in writing by DocNote.
3. Licence, Service Description, and Usage Restrictions
3.1 Licence grant: DocNote grants the Client a personal, non-exclusive, non-transferable right to use the Service for the term of the agreement. The Client shall not share User accounts, perform reverse engineering, or attempt to circumvent security measures.
3.2 Assistance tool: The Service is a SaaS software solution assisting medical documentation. It is not a medical device and is not intended for diagnostic purposes.
3.3 Human validation: AI models may generate omissions or inaccuracies. The Client is strictly obliged to medically review and validate any document produced before any clinical use or integration into a patient record.
4. Security, Traceability, and Data Access
4.1 Technical and Organisational Measures (TOMs): DocNote implements documented Technical and Organisational Measures consistent with the state of the art for health data protection. Data is strictly isolated between clients through logical separation. Development, test, and production environments are strictly segregated, and no real health data is used outside production.
During temporary processing, physician identity data and consultation content are logically separated to reduce re-identification risk.
4.2 Encryption and authentication: All Data is protected by end-to-end encryption (AES-256 at rest; TLS 3.0 in transit).
4.3 Need-to-know and traceability: DocNote staff does not access Data in plaintext by default. Any exceptional access requires the Client's documented instruction, is time-limited, and subject to strict audit logging.
Systematic audit logs ensure full traceability of administrative access and processing activities.
4.4 Data lifecycle: All files containing health data are automatically and irreversibly deleted within forty-eight (48) hours. DocNote does not retain permanent copies of audio files, transcriptions, or medical reports unless expressly agreed in writing.
5. Client Obligations and Audio Consent
5.1 Legal basis: The Client warrants that it has the necessary legal basis under the FADP to process Data via the Service.
5.2 Recording: Where audio capture is used, the Client is responsible for informing the patient. DocNote provides features supporting transparency (for example visual recording indicators and a "push-to-talk" pause function).
6. Medical Professional Secrecy (Art. 321 Swiss Criminal Code)
6.1 Status: DocNote acts as an auxiliary person of the Client within the meaning of Art. 321 of the Swiss Criminal Code ("SCC").
6.2 Flow-down obligations: Any DocNote employee or subcontractor who may potentially access the infrastructure is bound by an enhanced confidentiality undertaking and is expressly informed of the criminal sanctions applicable to breaches of medical professional secrecy, which remain applicable after termination of the agreement.
7. Data Protection (FADP) and Data Location
7.1 Roles: The Client acts as Controller and DocNote acts as Processor.
7.2 Swiss hosting and access restrictions: DocNote warrants that all Data under this agreement is physically hosted in Switzerland (production storage and backups). Any remote access by DocNote teams from outside Switzerland to Data in plaintext (unencrypted form) is strictly prohibited. "Data in plaintext" means any Data rendered intelligible, including during support, administration, viewing, export operations, or through application logs containing Data. Key and secret management is designed to prevent any decryption or reconstruction of Data in plaintext from outside Switzerland. Subprocessors and third-party tools processing Data (including telemetry and logs) are documented in the DPA.
7.3 Assistance: DocNote will assist the Client in responding to data subject rights requests, carrying out data protection impact assessments (DPIAs), and documenting institutional compliance.
8. Security Incident Notification
8.1 Notification: In the event of a Security Incident, DocNote will notify the Client's designated security contact without undue delay and in any event no later than 24 hours after becoming aware of it.
8.2 Content and support: The initial alert will be followed by a detailed report including the nature of the incident, the Data concerned, mitigation measures taken, and available indicators of compromise (IoCs). DocNote will actively assist the Client in assessing risk and, where required, notifying the Swiss Federal Data Protection and Information Commissioner (FDPIC).
9. Subprocessing
9.1 Subprocessors: DocNote uses subprocessors (cloud infrastructure, support tools, maintenance). An exhaustive list is appended to the DPA. DocNote prioritises partners hosted in Switzerland and holding recognised security certifications (for example ISO 27001 and, where applicable, ISO 27017 or ISO 27018, or an equivalent recognised certification).
9.2 Changes: Any addition or change of subprocessors will be notified with at least 30 days' prior notice, allowing the Client to object on legitimate security or compliance grounds.
9.3 Consequences of objection: If the Client raises a justified objection and DocNote cannot maintain the prior subprocessor or provide a compliant alternative, the Client may terminate the affected Order Form without penalty, effective on the date the change would otherwise take effect.
10. Intellectual Property and AI Training
10.1 Ownership: The Client remains the sole owner of its Data. DocNote retains all rights in the Service.
10.2 No training on Client Data: DocNote shall not use the Client's real textual or audio Data to train or fine-tune AI models. Any use of a third-party AI model must be disclosed in the DPA and must include strict guarantees of non-reuse of Data and Swiss localisation.
10.3 Statistical data: DocNote may use only strictly and irreversibly anonymised usage metadata (so that it no longer constitutes personal data under the FADP) to improve technical performance.
11. Service Continuity and Billing
11.1 Service Level Agreement (SLA): Availability commitments are set out in the SLA.
11.2 Non-payment: Non-payment triggers a formal notice. If not remedied within a 30-day grace period, DocNote may suspend the Service. To avoid compromising continuity of care, access to prior Data will be maintained at least on a read-only basis or via an export function.
12. Data Retention and Deletion
12.1 Limited retention period: Unless expressly agreed otherwise in the applicable Order Form, production Data is retained for a maximum period of 48 hours after processing. After this period, Data is automatically and irreversibly deleted from production systems.
DocNote is not intended to serve as a long-term storage or archiving solution. The Client remains solely responsible for exporting, integrating, and storing validated medical documents within its own patient record systems.
12.2 Backups: Data temporarily contained in encrypted system backups may persist solely for technical resilience purposes and is automatically deleted in accordance with the retention schedule defined in the DPA. Such backup Data is not accessible in plaintext and cannot be restored selectively for operational use.
12.3 Early deletion: Upon documented request, DocNote may confirm deletion of Data still within the 48-hour processing window.
12.4 Legal retention exceptions: In exceptional cases where retention is required by applicable law, by a competent authority, or in the event of a dispute, DocNote may retain strictly necessary Data for the legally required duration, subject to restricted access and enhanced safeguards, in accordance with the DPA.
13. Liability
13.1 Standard cap: Subject to Section 13.2 and to the extent permitted by applicable law, DocNote's liability for direct damages is limited to the amounts paid by the Client in the 12 months preceding the incident. DocNote excludes indirect damages and any damages arising from a medical error attributable to the Client's failure to review.
13.2 Exceptions: The liability cap does not apply in cases of wilful misconduct, gross negligence, proven breach of medical professional secrecy (Art. 321 SCC), or breach of the security obligations under these GTCs and the DPA resulting in a Data breach.
14. Audit
14.1 The Client may, with 30 days' prior notice, arrange an audit (maximum once per year). To limit operational impact, DocNote may provide recent independent third-party audit reports (for example penetration tests, ISO 27001) to reduce the scope of an on-site audit, without removing the Client's audit right.
14.2 The annual limit and notice period do not apply in the event of a major Security Incident or a well-founded suspicion of a serious breach of the FADP.
15. General Confidentiality
15.1 In addition to Data, the Parties shall keep strictly confidential all commercial, technical, or financial information exchanged in connection with the agreement during its term and for 5 years after termination.
16. Amendments, Governing Law, and Jurisdiction
16.1 Amendments: DocNote may amend these GTCs for minor changes with 30 days' prior notice. Any material change that reduces security, data location commitments, medical secrecy protections, or that affects prices requires the Client's express consent. If the Client refuses, it may terminate without penalty.
16.2 Governing law and jurisdiction: Swiss substantive law applies. The competent courts of Geneva, Switzerland, shall have exclusive jurisdiction.
DocNote Service — Gilson GmbH · Version 1.3 · Effective date: January 27th 2026
These General Terms and Conditions (the "GTCs") govern access to and use of the DocNote solution (the "Service") offered by Gilson GmbH, having its registered office at Baarermattstrasse 8B, 6340 Baar, Switzerland, registered with the Swiss Commercial Register under number CH-170.4.018.382-0 (hereinafter "DocNote"). The Client acknowledges that it uses the Service exclusively in the course of its professional and institutional activities.
1. Definitions
- Client: any legal entity or natural person acting in a professional capacity and subscribing to the Service.
- User: any person authorised by the Client to access the Service (each access is named and strictly personal).
- Data: all information processed via the Service, including sensitive personal data within the meaning of Art. 5 lit. c of the Swiss Federal Act on Data Protection (FADP, revised; in force since 1 September 2023), in particular health data.
- Security Incident: any suspected or confirmed breach resulting, accidentally or unlawfully, in the destruction, loss, alteration, unauthorised disclosure of, or unauthorised access to, Data.
- Order Form: any contractual document (quote, order form, framework agreement) specifying the offer, scope, and service levels (Service Level Agreement, "SLA").
- Data Processing Agreement (DPA): appendix governing the Parties' obligations under the FADP and setting out the Technical and Organisational Measures ("TOMs").
2. Scope and order of precedence
2.1 In the event of any conflict, the following order of precedence applies: (a) the Order Form (including the SLA), (b) the DPA, (c) these GTCs.
2.2 The Client's general purchasing conditions or any other conditions are expressly excluded unless expressly accepted in writing by DocNote.
3. Licence, Service Description, and Usage Restrictions
3.1 Licence grant: DocNote grants the Client a personal, non-exclusive, non-transferable right to use the Service for the term of the agreement. The Client shall not share User accounts, perform reverse engineering, or attempt to circumvent security measures.
3.2 Assistance tool: The Service is a SaaS software solution assisting medical documentation. It is not a medical device and is not intended for diagnostic purposes.
3.3 Human validation: AI models may generate omissions or inaccuracies. The Client is strictly obliged to medically review and validate any document produced before any clinical use or integration into a patient record.
4. Security, Traceability, and Data Access
4.1 Technical and Organisational Measures (TOMs): DocNote implements documented Technical and Organisational Measures consistent with the state of the art for health data protection. Data is strictly isolated between clients through logical separation. Development, test, and production environments are strictly segregated, and no real health data is used outside production.
During temporary processing, physician identity data and consultation content are logically separated to reduce re-identification risk.
4.2 Encryption and authentication: All Data is protected by end-to-end encryption (AES-256 at rest; TLS 3.0 in transit).
4.3 Need-to-know and traceability: DocNote staff does not access Data in plaintext by default. Any exceptional access requires the Client's documented instruction, is time-limited, and subject to strict audit logging.
Systematic audit logs ensure full traceability of administrative access and processing activities.
4.4 Data lifecycle: All files containing health data are automatically and irreversibly deleted within forty-eight (48) hours. DocNote does not retain permanent copies of audio files, transcriptions, or medical reports unless expressly agreed in writing.
5. Client Obligations and Audio Consent
5.1 Legal basis: The Client warrants that it has the necessary legal basis under the FADP to process Data via the Service.
5.2 Recording: Where audio capture is used, the Client is responsible for informing the patient. DocNote provides features supporting transparency (for example visual recording indicators and a "push-to-talk" pause function).
6. Medical Professional Secrecy (Art. 321 Swiss Criminal Code)
6.1 Status: DocNote acts as an auxiliary person of the Client within the meaning of Art. 321 of the Swiss Criminal Code ("SCC").
6.2 Flow-down obligations: Any DocNote employee or subcontractor who may potentially access the infrastructure is bound by an enhanced confidentiality undertaking and is expressly informed of the criminal sanctions applicable to breaches of medical professional secrecy, which remain applicable after termination of the agreement.
7. Data Protection (FADP) and Data Location
7.1 Roles: The Client acts as Controller and DocNote acts as Processor.
7.2 Swiss hosting and access restrictions: DocNote warrants that all Data under this agreement is physically hosted in Switzerland (production storage and backups). Any remote access by DocNote teams from outside Switzerland to Data in plaintext (unencrypted form) is strictly prohibited. "Data in plaintext" means any Data rendered intelligible, including during support, administration, viewing, export operations, or through application logs containing Data. Key and secret management is designed to prevent any decryption or reconstruction of Data in plaintext from outside Switzerland. Subprocessors and third-party tools processing Data (including telemetry and logs) are documented in the DPA.
7.3 Assistance: DocNote will assist the Client in responding to data subject rights requests, carrying out data protection impact assessments (DPIAs), and documenting institutional compliance.
8. Security Incident Notification
8.1 Notification: In the event of a Security Incident, DocNote will notify the Client's designated security contact without undue delay and in any event no later than 24 hours after becoming aware of it.
8.2 Content and support: The initial alert will be followed by a detailed report including the nature of the incident, the Data concerned, mitigation measures taken, and available indicators of compromise (IoCs). DocNote will actively assist the Client in assessing risk and, where required, notifying the Swiss Federal Data Protection and Information Commissioner (FDPIC).
9. Subprocessing
9.1 Subprocessors: DocNote uses subprocessors (cloud infrastructure, support tools, maintenance). An exhaustive list is appended to the DPA. DocNote prioritises partners hosted in Switzerland and holding recognised security certifications (for example ISO 27001 and, where applicable, ISO 27017 or ISO 27018, or an equivalent recognised certification).
9.2 Changes: Any addition or change of subprocessors will be notified with at least 30 days' prior notice, allowing the Client to object on legitimate security or compliance grounds.
9.3 Consequences of objection: If the Client raises a justified objection and DocNote cannot maintain the prior subprocessor or provide a compliant alternative, the Client may terminate the affected Order Form without penalty, effective on the date the change would otherwise take effect.
10. Intellectual Property and AI Training
10.1 Ownership: The Client remains the sole owner of its Data. DocNote retains all rights in the Service.
10.2 No training on Client Data: DocNote shall not use the Client's real textual or audio Data to train or fine-tune AI models. Any use of a third-party AI model must be disclosed in the DPA and must include strict guarantees of non-reuse of Data and Swiss localisation.
10.3 Statistical data: DocNote may use only strictly and irreversibly anonymised usage metadata (so that it no longer constitutes personal data under the FADP) to improve technical performance.
11. Service Continuity and Billing
11.1 Service Level Agreement (SLA): Availability commitments are set out in the SLA.
11.2 Non-payment: Non-payment triggers a formal notice. If not remedied within a 30-day grace period, DocNote may suspend the Service. To avoid compromising continuity of care, access to prior Data will be maintained at least on a read-only basis or via an export function.
12. Data Retention and Deletion
12.1 Limited retention period: Unless expressly agreed otherwise in the applicable Order Form, production Data is retained for a maximum period of 48 hours after processing. After this period, Data is automatically and irreversibly deleted from production systems.
DocNote is not intended to serve as a long-term storage or archiving solution. The Client remains solely responsible for exporting, integrating, and storing validated medical documents within its own patient record systems.
12.2 Backups: Data temporarily contained in encrypted system backups may persist solely for technical resilience purposes and is automatically deleted in accordance with the retention schedule defined in the DPA. Such backup Data is not accessible in plaintext and cannot be restored selectively for operational use.
12.3 Early deletion: Upon documented request, DocNote may confirm deletion of Data still within the 48-hour processing window.
12.4 Legal retention exceptions: In exceptional cases where retention is required by applicable law, by a competent authority, or in the event of a dispute, DocNote may retain strictly necessary Data for the legally required duration, subject to restricted access and enhanced safeguards, in accordance with the DPA.
13. Liability
13.1 Standard cap: Subject to Section 13.2 and to the extent permitted by applicable law, DocNote's liability for direct damages is limited to the amounts paid by the Client in the 12 months preceding the incident. DocNote excludes indirect damages and any damages arising from a medical error attributable to the Client's failure to review.
13.2 Exceptions: The liability cap does not apply in cases of wilful misconduct, gross negligence, proven breach of medical professional secrecy (Art. 321 SCC), or breach of the security obligations under these GTCs and the DPA resulting in a Data breach.
14. Audit
14.1 The Client may, with 30 days' prior notice, arrange an audit (maximum once per year). To limit operational impact, DocNote may provide recent independent third-party audit reports (for example penetration tests, ISO 27001) to reduce the scope of an on-site audit, without removing the Client's audit right.
14.2 The annual limit and notice period do not apply in the event of a major Security Incident or a well-founded suspicion of a serious breach of the FADP.
15. General Confidentiality
15.1 In addition to Data, the Parties shall keep strictly confidential all commercial, technical, or financial information exchanged in connection with the agreement during its term and for 5 years after termination.
16. Amendments, Governing Law, and Jurisdiction
16.1 Amendments: DocNote may amend these GTCs for minor changes with 30 days' prior notice. Any material change that reduces security, data location commitments, medical secrecy protections, or that affects prices requires the Client's express consent. If the Client refuses, it may terminate without penalty.
16.2 Governing law and jurisdiction: Swiss substantive law applies. The competent courts of Geneva, Switzerland, shall have exclusive jurisdiction.