Graf-Zeppelin-Platz 18/2/66, 5020 Salzburg, Tel.: +43 680 3338663

1. Data Protection at a Glance

 

General Information

This privacy statement explains how we process personal data on this website in accordance with the GDPR, the Austrian Data Protection Act (DSG), and the Telecommunications Act (TKG 2021). Personal data means any information relating to an identified or identifiable natural person.

 

Data Collection on This Website

 

Who Is Responsible for Data Processing?

Data processing on this website is carried out by the website operator. Contact details can be found below in the section “Information on the Controller”.

 

How Do We Collect Your Data?

Your data is collected when you provide it to us, for example when contacting us by email or phone.

 

Other data is collected automatically by our IT systems when you visit the website. This includes technical data such as:
– browser type and version
– operating system
– referrer URL
– hostname of the accessing device
– time of server request
– IP address (anonymised/truncated)

This data is collected to ensure secure and reliable operation of the website.

 

What Do We Use Your Data For?

Data is used for:
– error-free provision of the website
– technical security
– responding to inquiries

 

Your Rights

You have the right to:
– access
– rectification
– erasure
– restriction of processing
– data portability
– withdrawal of consent
– objection

You also have the right to lodge a complaint with the Austrian Data Protection Authority.

 

2. Hosting

 

All-Inkl

Our website is hosted by All-Inkl (ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf). The provider supplies the technical infrastructure.

Privacy policy of the host:
https://all-inkl.com/datenschutzinformationen/

 

Legal basis for hosting:
Art. 6(1)(f) GDPR (legitimate interest in secure and reliable website operation).

 

Data Processing Agreement

A data processing agreement in accordance with Art. 28 GDPR is in place with the hosting provider.

 

3. General Notes and Mandatory Information

 

Data Protection

We process personal data exclusively on the basis of legal requirements (GDPR, DSG, TKG 2021). Please note that data transmission over the Internet may have security gaps; complete protection against third-party access is not possible.

 

Information on the Controller

Mitten im Herz
Physiotherapy / CranioSacral Therapy
Andrea Ike
Graf Zeppelin Platz 18/2/66
5020 Salzburg

Tel.: +43 680 3338663
Telefax: +43 680 3338663
Email: physio(at)mittenimherz.at

 

The controller is the natural or legal person who determines the purposes and means of processing personal data.

 

Storage Period

Data is retained only as long as necessary for the respective purpose or legal retention requirements.

 

Legal Basis for Data Processing

We process personal data based on:
– Art. 6(1)(a) GDPR (consent)
– Art. 6(1)(b) GDPR (contract / pre-contractual measures)
– Art. 6(1)(c) GDPR (legal obligation)
– Art. 6(1)(f) GDPR (legitimate interests)
– § 165 TKG 2021 (consent for non-essential cookies)

 

Data Transfers to Third Countries

Transfers of personal data outside the EU/EEA occur only:
– with your explicit consent
– or based on Standard Contractual Clauses (SCCs)

Some countries (e.g. the USA) do not offer an adequate level of data protection.

 

Withdrawal of Consent

You may withdraw consent at any time. The legality of processing before the withdrawal remains unaffected.

 

Your Rights Under the GDPR / DSG

You have the following rights:
– right of access
– rectification
– erasure
– restriction of processing
– data portability
– objection
– withdrawal of consent

Complaints may be submitted to:

Austrian Data Protection Authority
Barichgasse 40–42
1030 Vienna
Email: dsb@dsb.gv.at
Website: www.dsb.gv.at

 

SSL / TLS Encryption

This website uses SSL/TLS encryption to protect transmitted data. An encrypted connection is indicated by “https://” and the padlock icon.

 

Objection to Unsolicited Advertising Emails

We object to any use of contact details published in the legal notice for sending unsolicited advertising or informational materials.

 

4. Data Collection on This Website

 

Cookies

We use cookies that are technically necessary for the operation of the website.

Non-essential cookies (e.g. analytics) are only set with your consent under § 165 TKG 2021.

Browser settings allow you to delete or block cookies at any time.

 

Consent with Usercentrics

If a consent management tool is used, it serves to record and manage cookie consents.

Data transmitted may include:
– consent status
– IP address (truncated)
– device information
– timestamp

Legal basis: Art. 6(1)(c) GDPR (legal obligation)

 

Server Log Files

The hosting provider collects the following data:

  • browser type and version
  • operating system
  • referrer URL
  • hostname of the accessing device
  • time of the server request
  • IP address (anonymised)

These data are used for technical security.

 

Requests via Email or Phone

If you contact us, we process:
– name
– contact details
– inquiry content

Legal basis:
Art. 6(1)(b) GDPR (contract),
Art. 6(1)(f) GDPR (legitimate interest)

 

5. Plugins and Tools

 

YouTube (Enhanced Privacy Mode)

Videos may be embedded using YouTube (Google Ireland Limited). When a video is played, data may be transmitted to YouTube and cookies may be placed.

Legal basis: Consent (Art. 6(1)(a) GDPR, § 165 TKG 2021)

 

Google Maps

Displaying maps requires transferring your IP address to Google.

Legal basis: Consent

 

Google Web Fonts (Local Hosting)

Fonts are hosted locally; no data is transmitted to Google.

 

Font Awesome (Local Hosting)

Icons are hosted locally; no data is transmitted to Fonticons servers.