Privacy policy
The alternative practitioner Stefanie Heinlein in Frankfurt

Thank you for your interest in our website. The trust of all visitors and customers, the security of your data and the protection of your privacy are of central importance to us.

Your personal data will therefore be treated by us in accordance with the applicable statutory data protection regulations and this data protection declaration. Personal data is information that can be used to find out your identity. Typical personal data include your surname, first name, address, telephone number, IP address, cookies and e-mail address.

When you view and use our website or otherwise explicitly transmit information to us, we process the data that is automatically transmitted to us with each request from your browser (see the section "Log data"). If you voluntarily provide us with personal data, the processing is solely for the purpose of the enquiry or the respective order. We would like to point out that data transmission on the Internet can never be completely protected against access by third parties.

In the following, we would like to explain to you in more detail in the individual sections which data we process, when and for what purpose. We will explain how our services work and how the protection of your personal data is guaranteed.

Name and address of the person(s) responsible:

The responsible person within the meaning of the EU General Data Protection Regulation and other data protection regulations is:

Stefanie Heinlein
Heilpraktikerin
Mercatorstraße 5
60316 Frankfurt am Main

E-mail:

Legal basis for the processing of personal data

As a provider, we may only process personal data of website visitors if one of the conditions explained below exists as a legal basis:

If we obtain the consent of the data subject for processing personal data, Art. 6 (1) a DSGVO serves as the legal basis.

For the processing of personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

If the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.

In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 (1) lit. d DSGVO serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f DSGVO serves as the legal basis for the data processing.

Data deletion and storage period

The personal data of the data subject shall be deleted as soon as the purpose of the storage ceases to apply.

In addition, storage may take place if this has been provided for by European or national laws or other regulations to which the controller is subject.

The data will also be blocked or deleted if a storage period prescribed by the aforementioned regulations expires, unless there is a need to continue storing the data for the conclusion or fulfilment of a contract.

Contact

When contacting us (e.g. by contact form, e-mail, telephone or via social media), your data will be processed for the purpose of handling the contact request and its processing pursuant to Art. 6 (1) lit. b) DSGVO (so-called pre-contractual measure).

We delete the requests if they are no longer necessary. We review this necessity every two years. Furthermore, the legal archiving obligations apply.

Legal basis

The legal basis for the processing of this data are so-called pre-contractual measures according to Art. 6 para. 1 lit. b DSGVO.

Protocol data

The provider of the Internet services (provider) automatically collects "log data" in server log files.

The log data includes the following information:

  • Date and time of the respective request
  • Internet address (URL) that was requested
  • URL that the visitor visited immediately before (referrer)
  • Browser and language used
  • Operating system used
  • IP address and host name of the visitor
  • Access status / http status code
  • Data volume transferred in each case

The transmission of this data to us takes place automatically and this data cannot be assigned to your person with reasonable effort.

Legal basis

The legal basis for processing this data is our legitimate interest pursuant to Art. 6 (1) sentence 1 lit. f DSGVO.

The logging serves to control access and monitor the technical processes and their optimisation. In addition, this data is used in accordance with § 76 BDSG to check the processing procedures under data protection aspects.

The data will not be passed on to third parties, except to law enforcement authorities following a court order in the event of an incident.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected or after the legally prescribed deletion period has been reached.

Consequently, there is no possibility for the user to object.

Your rights

You have a right to free information about the data we have stored about you and, if applicable, a right to correction, restriction of processing or deletion of this data. You also have the right to data portability. Finally, you also have the right to complain about the processing of your personal data by us to the data protection supervisory authority.

Right of objection

We would also like to point out that you can object to the future processing of your personal data in accordance with the legal requirements pursuant to Art. 21 DSGVO at any time. The objection can be made in particular against the processing for purposes of direct advertising.

Right to information

If you have any questions regarding the collection, processing or use of your personal data, for information, for the correction, blocking or deletion of data, as well as for the revocation of any consent given or for objection to a specific use of data, please contact us using the following e-mail address:

Encryption through SSL / TLS

For security reasons, our website uses SSL or TLS encryption. This protects transmitted data and prevents it from being read by third parties. You can recognise successful encryption by the fact that the protocol name in the status bar of the browser changes from "http://" to "https://" and that a closed
lock symbol is visible there.

Web hosting via all-inkl

We use the services of ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf for web hosting for our websites and have concluded an order processing contract with all-inkl.com in accordance with Art. 28 DSGVO. Further information is available in the privacy policy of all-inkl. at https://all-inkl.com/datenschutzinformationen.

Legal basis

The legal basis for the processing of this data is our legitimate interest in the operation and maintenance of the operational security of these websites pursuant to Art. 6 (1) lit. f DSGVO.

Google Web Fonts

We use Google Web Fonts. All fonts are loaded locally. When using Google Web Fonts, no personal data is forwarded to third parties.

Amelia

We offer various products on our website. In order to offer you these products in an attractive form and to ensure efficient and easy booking, we use the services of Touch Me Soft d.o.o. Milutina Milankovica 11b, 11000 Belgrade, Serbia (hereinafter referred to as Amelia).

The following categories of data are processed in the course of the booking:

  • Master data (first name, last name, telephone number, e-mail address, payment information)
  • Specific questions (Voluntary non-mandatory information)

No personal data will be forwarded to third parties.

If the offer is subject to a charge, your data will be forwarded to the payment service provider Paypal (see under Paypal in this DSE) in the course of the ordering process.

Your personal data will only be used to the extent that it is necessary for the processing of the booking procedure and will be stored in accordance with the statutory provisions.

Legal basis

The processing of this data in the course of the booking and ordering process is based on Art. 6, para. 1 lit b DSGVO.

Payment service provider - Paypal

In the course of our sales offer we use the services of PayPal. You will be redirected directly to the PayPal servers.

PayPal is an online payment service provider. The operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. In addition, PayPal offers the possibility of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an e-mail address, which is why there is no classic account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.

During the booking process, data is automatically transmitted to Paypal. By selecting this payment option, you consent to the transmission of personal data required for payment processing.

The personal data transmitted to PayPal is usually the IP address or other data that is necessary for the processing of the payment and the purchase contract, but also such personal data that is related to the respective booking.

The purpose of transmitting the data is payment processing and fraud prevention.

The controller will transfer personal data to PayPal in particular if there is a legitimate interest for the transfer. The personal data exchanged between PayPal and the controller may be transferred by PayPal to credit reference agencies. The purpose of this transmission is to check identity and creditworthiness.

We cannot say how PayPal processes this data.

PayPal's applicable privacy policy can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Legal basis

The legal basis for the processing of personal data during a booking or payment process results from Art. 6 para. 1 lit. b DSGVO.

Twilio
We use the services of Twilio Germany GmbH, Rosenheimer Str. 143C, 81671 Munich (hereinafter referred to as "Twilio") to send SMS.

Via our booking system, you will receive reminder text messages for the respective event after the booking has been made. The data required for processing will be forwarded to Twilio.

We would like to point out that there is a possibility that data will be transferred to the USA and processed by US authorities. According to the current legal situation, the USA is considered an unsafe third country with an inadequate level of data protection.

There is currently no adequacy decision pursuant to Art. 45 of the GDPR.

However, Twilio has committed to comply with the Standard Contractual Clauses for the transfer of personal data to third countries under Directive 2016/679 (Standard Contractual Clauses - SCC).

For more information on the standard contractual clauses, please visit
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clausesscc_de.

You can find more information about data protection at Twilio under the following links:

https://www.twilio.com/legal/privacy
https://www.twilio.com/gdpr
https://www.twilio.com/legal/data-protection-addendum
https://support.twilio.com/hc/en-us/articles/4405290603803-Revised-Data-Protection-Addendum-for-new-EU-Standard-Contractual-Clauses

Legal basis

The legal basis for the processing of this data are so-called pre-contractual measures according to Art. 6 para. 1 lit. b) DSGVO in connection with your consent according to Art. 6 para. 1 lit. a DSGVO.

Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your terminal device and save certain information for exchange with our system.

Cookie types

First-party cookies - Necessary cookies

These are generated by our website and are necessary for the error-free operation of the application. These cookies are also called session cookies or transient and are automatically deleted after the browser session ends, i.e. after the browser is closed.

Without these cookies, the error-free operation of the website is not guaranteed.

Legal basis

The legal basis for the processing of this data is Art. 6 (1) sentence 1 lit. f DSGVO.

Third-party cookies

These are set by various services (e.g. analysis services or Facebook) and store a unique identifier that recognises your end device the next time you visit (persistent cookies).

These cookies remain on your end device for a predefined duration. This duration is variable.

Legal basis

The legal basis for the processing of this data is Art. 6 (1) sentence 1 lit. a DSGVO.

We would like to point out that with some providers, especially providers from the USA, there is a possibility that data will be transferred to the USA and processed by US authorities. According to the current legal situation, the USA is considered an unsafe third country with an inadequate level of data protection.

Currently, there is no adequacy decision pursuant to Art. 45 GDPR, nor can appropriate safeguards pursuant to Art. 46 GDPR be offered.

In some cases, US companies have agreed to comply with the Standard Contractual Clauses for the transfer of personal data to third countries under Directive 2016/679 (SCC).

Please note that in the event of non-compliance with the aforementioned standard contractual clauses, the legal basis is your express consent pursuant to Art. 49 (1) lit. a DSGVO.

Disable cookies

Please note that certain cookies are already set as soon as you enter our website.

You can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases, in particular cookies from third parties (third party cookies) or generally.

If you do not accept cookies, the functionality of our website may be limited for you.

Borlabs Cookie

This website uses borlabs cookie, which sets a technically necessary cookie (borlabsCookie) to store your cookie consent.

Borlabs Cookie does not process any personal data.

The cookie borlabs-cookie stores the consent you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

Cookie settings (borlabs)

[borlabs-cookie type="btn-cookie-preference" title="Cookie Settings"/]

Consent history (borlabs)

Your consent history:
[borlabs-cookie type="consent-history"/]

In the event of any queries, please contact us quoting the following UID.
UID: [borlabs-cookie type="uid"/]

Cookie List (borlabs)

We use the following cookies:
[borlabs-cookie type="cookie-list"/]

Google Tag Manager

This website uses Google Tag Manger. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

In order to centrally manage and configure data collection, this website uses the Google Tag Manager. This service allows website tags to be managed via an interface.

The Google Tag Manager only implements tags. This means that no cookies are used and no personal data is collected.

The Google Tag Manager triggers other tags, which in turn may collect personal data.

This is hereby pointed out separately. However, the Google Tag Manager does not access this data. Therefore, the Google Tag Manager does not collect or store any data. If deactivation has been carried out at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager.

Google provides further information here:
https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. According to the GDPR, the USA is considered a third country with an unsafe level of data protection.

However, in the event that IP anonymisation is activated on this website, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports and statistics on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

If you delete your cookies, you must click this link again.

You can also prevent the collection by setting an opt-out cookie. If you would like to prevent the future collection of your data when visiting this website, please click here:

Disable Google Analytics
[borlabs-cookie type="btn-switch-consent" id="google-analytics" title="Google Analytics Optin/Optout"/]

This website uses Google Analytics with the IP masking extension ("anonymizeIp"). This means that IP addresses are processed in abbreviated form; according to Google, this should virtually rule out the possibility of personal references. If the data collected about you is related to a person, this should therefore be excluded immediately and the personal data deleted immediately.

We use Google Analytics to analyse and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user.

We would like to point out that there is a possibility that data will be transferred to the USA and processed by US authorities. According to the current legal situation, the USA is considered an unsafe third country with an inadequate level of data protection.

There is currently no adequacy decision pursuant to Art. 45 of the GDPR.

However, Google has committed to comply with the Standard Contractual Clauses (SCC) for transfers of personal data to third countries under Directive 2016/679.

For more information on the standard contractual clauses, please visit
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de and https://policies.google.com/privacy/frameworks?hl=de.

In order to protect your personal data, we have concluded a data processing contract in accordance with Article 28 of the GDPR and a special supplementary data processing addendum with Google, and we have accepted the amendment to Google's terms and conditions and the amended data processing terms and conditions with regard to the use of the standard contractual clauses.

You can find more information at:
https://privacy.google.com/businesses/processorterms/

The users' personal data is deleted or anonymised after 14 months.

You can find more information about Google here:
Terms of use: https://www.google.com/analytics/terms/de.html

Overview of data protection: https://policies.google.com/?hl=de, as well as the data protection declaration:
https://www.google.de/intl/de/policies/privacy

Legal basis

The legal basis for this processing of data is your consent pursuant to Art. 6 para. 1 lit. a DSGVO.

Zoom
As part of our service, we use the services of Zoom Video Communications, Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA, represented by Lionheart Squared, 2 Pembroke House, Upper Pembroke Street 28-32, Dublin, DO2 EK84, Republic of Ireland, for online meetings, webinars and video conferences.

We would like to point out that there is a possibility that data will be transferred to the USA and processed by US authorities. According to the current legal situation, the USA is considered an unsafe third country with an inadequate level of data protection.

There is currently no adequacy decision pursuant to Art. 45 of the GDPR.

However, Zoom has committed to comply with the Standard Contractual Clauses (SCC) for the transfer of personal data to third countries under Directive 2016/679.

For more information on the standard contractual clauses, please visit
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
and https://blog.zoom.us/de/sicherheit-und-datenschutz-bei-zoom-unsere-antworten-auf-ihre-fragen/.

We have concluded a data processing agreement with Zoom Video Communications, Inc. for the protection of your data in accordance with Art. 28, DSGVO.

For more information, please see Zoom's privacy policy, https://zoom.us/de-de/privacy.html, and https://zoom.us/de-de/gdpr.

Legal basis

The legal basis for this processing of data is your consent pursuant to Art. 6 para. 1 lit. a DSGVO as well as your express consent pursuant to Art. 49 para. 1 lit. a DSGVO.

Google Maps

In order to offer you an appealing internet presence, our website has an interface to Google Maps. In order to use Google Maps, your IP address must be stored on a Google server in the USA.

The recipient of the data is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

This service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

We would like to point out that there is a possibility that data will be transferred to the USA and processed by US authorities. According to the current legal situation, the USA is considered an unsafe third country with an inadequate level of data protection.

There is currently no adequacy decision pursuant to Art. 45 of the GDPR.

However, Google has committed to comply with the Standard Contractual Clauses for the transfer of personal data to
third countries under Directive 2016/679 (Standard Contractual Clauses - SCC).

For more information on the standard contractual clauses, please visit
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de and https://policies.google.com/privacy/frameworks?hl=de.

In order to protect your personal data, we have concluded a data processing contract in accordance with Article 28 of the GDPR and a special supplementary data processing addendum with Google, and we have accepted the amendment to Google's terms and conditions and the amended data processing terms and conditions with regard to the use of the standard contractual clauses.

You can find more information at:
https://privacy.google.com/businesses/processorterms/

Supplementary information is provided in the Google privacy policy at https://www.google.de/intl/de/policies/privacy
.

Legal basis

The legal basis for this processing of data is your consent pursuant to Art. 6 para. 1 lit. a DSGVO.

[borlabs-cookie type="btn-cookie-preference" title="Customise cookie & tracking settings"/]