Book an appointment

Privacy policy

We take the protection of your personal data very seriously. Below we inform you about how your data is processed on our website in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the Telecommunications and Telemedia Data Protection Act (TTDSG).

1. Controller

Marina Romić
Sole Proprietorship
Hochstrasse 18
94032 Passau
Germany
Phone: +49 152 387 97 747
Email: [email protected]

2. Purpose of Data Processing

We process your personal data for the following purposes:

  • Appointment scheduling via our website

  • Payment processing via Stripe

  • User account management

Processing is always based on the GDPR and only insofar as necessary.

3. Legal Basis for Processing

  • Art. 6(1)(b) GDPR – Performance of a contract or pre-contractual measures (e.g. appointment booking, payment processing)

  • Art. 6(1)(a) GDPR – Consent (e.g. for cookies and tracking)

  • Art. 6(1)(f) GDPR – Legitimate interests (e.g. IT security, log analysis by Cloudflare)

4. Stripe Payment Processing

We use Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Dublin, Ireland, to process payments. Stripe may also transfer data to the USA.

Stripe processes the following data:

  • Payment information

  • Name and address

  • Email address

  • IP address

  • Other technical data

Data transfers take place under Art. 44 ff. GDPR using the EU Standard Contractual Clauses (SCCs) to ensure an adequate level of protection. For details, see Stripe’s Privacy Policy:
https://stripe.com/en/privacy

5. Google Analytics

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

  • IP Anonymization: Your IP address is shortened within the EU.

  • Cookies: Google Analytics uses cookies to analyze website usage.

  • Legal basis: Your consent under Art. 6(1)(a) GDPR (via cookie banner).

  • Opt-out: You can withdraw your consent at any time via our cookie banner or disable cookies in your browser. More info: https://tools.google.com/dlpage/gaoptout

6. Cloudflare

We use Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA, to deliver content via a Content Delivery Network (CDN) and ensure website security.

Cloudflare processes the following data:

  • IP addresses

  • Access data and security logs

Legal basis: Legitimate interest under Art. 6(1)(f) GDPR (IT security and fast delivery).
We have signed a Data Processing Agreement with Cloudflare to govern the processing of personal data.

7. Cookies & Tracking

We use the following categories of cookies:

  • Essential cookies: Required for website operation

  • Functional cookies: Improve user experience

  • Analytics cookies: For statistical analysis (e.g. Google Analytics)

Legal basis:

  • Essential cookies: Art. 6(1)(f) GDPR

  • Functional and analytics cookies: Art. 6(1)(a) GDPR (consent via cookie banner, TTDSG §25(1))

For more details, see our Cookie Policy. You can change or withdraw your consent at any time via the cookie banner.

8. Data Retention Periods

  • Appointment and account data: Until the contractual purpose is fulfilled and in line with legal retention obligations

  • Payment data: In accordance with tax and commercial retention periods (typically 6–10 years)

  • Analytics data: Until you withdraw your consent or in line with Google Analytics’ rules

9. Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

  • SSL encryption of the website

  • Pseudonymization and data minimization

  • Access restrictions and security logs

10. Your Rights (Art. 15–21 GDPR)

You have the right:

  • to access your stored data (Art. 15 GDPR)

  • to correct inaccurate data (Art. 16 GDPR)

  • to request deletion of your data (Art. 17 GDPR)

  • to restrict processing (Art. 18 GDPR)

  • to data portability (Art. 20 GDPR)

  • to object to processing (Art. 21 GDPR)

Please contact:
Email: [email protected]

11. Contact for Data Protection Inquiries

If you have any questions about data protection, you can contact us at any time:
Marina Romić
Email: [email protected]

12. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy to reflect changes in the law or technical developments. Please check regularly for the latest version.

Stolica preko koje se prelamaju sunčeve zrake