Privacy
Note: "We" refers to the individual named in the legal notice ("Imprint").
General Use
The use of our website is generally possible without providing personal data. Should you enter personal data (e.g., for contact purposes or to subscribe to a newsletter), we pass on the necessary information to companies that process data on our behalf (e.g., to send the newsletter). We only work with companies that are subject to the General Data Protection Regulation (GDPR).
Encrypted Transmission
This website uses SSL encryption for security and data protection purposes. This prevents third parties from intercepting and reading the data you enter during transmission. You can recognize active encryption by the padlock or similar symbols in your browser's address bar.
Contacting Us
If you contact us via form, email, or any other method, the data you provide (name, email address, and optionally your phone number) will be stored for one year for the purpose of processing your request and any follow-up questions. If the inquiry leads to a contract, the legal retention periods apply. We do not pass on your data without your consent. Data processing is based on Art. 6(1)(b) (contract performance) and Art. 6(1)(a) (consent) GDPR.
Newsletter
You may subscribe to our newsletter via the website. To do so, we require your email address and confirmation that you agree to receive the newsletter.
After signing up, you will receive a confirmation email with a link to finalize your subscription. Data processing is carried out according to § 96(3) TKG and Art. 6(1)(a) GDPR.
You can unsubscribe at any time by emailing the address in the legal notice or using the link at the end of the newsletter. Your data related to the newsletter will then be deleted immediately.
Brevo
The newsletter is sent via “Brevo,” a brand of Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Your email address, the date of your subscription, and the IP address used will be stored on Brevo's EU-based servers. Brevo processes this data on our behalf for newsletter delivery and analytics. Brevo may also use the data to improve its services but will not share it or contact subscribers independently.
Newsletters may contain small images (tracking pixels) or redirected links to determine whether the newsletter was opened and which device type was used.
We have a data processing agreement with Brevo that includes EU Standard Contractual Clauses. Brevo’s privacy policy: https://www.brevo.com/de/features/data-security
Server Logs
The server hosting this website automatically collects and stores the following information in log files:
Browser type and version
Operating system
Referring page (URL)
IP address
Time of request
These logs are used solely for technical monitoring of the server (load, optimization, troubleshooting, security) and are essential for operation. They are not linked to other data and cannot be associated with individuals. Logs are deleted after 14 days.
Data processing is based on Art. 6(1)(f) GDPR (legitimate interest), namely the proper and secure operation of the website.
Appointment Scheduling
We use the services of anny GmbH, Cäcilienstraße 30, 50667 Cologne, Germany for scheduling appointments.
Anny processes the data you enter (name, email, optional topic) to schedule appointments and forwards this data to us. Anny also processes server logs and uses cookies for service delivery, improvement, and legal compliance. Details: https://anny.co/privacy
Data processing is based on Art. 6(1)(b) (contract performance) and Art. 6(1)(f) (legitimate interest) GDPR, namely simple and efficient appointment booking for clients.
We retain appointment booking data for 7 years for tax purposes. Anny stores data only as long as necessary.
We have a data processing agreement with Anny that includes EU Standard Contractual Clauses.
Use of Zoom for Online Appointments
We use Zoom (Zoom Video Communications Inc, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA) for online consultations.
Conversations via Zoom (audio and video) are encrypted and not recorded. However, Zoom may collect additional data such as name, phone number, email, IP address, MAC address, operating system, software version, hardware used, and participation details (audio/video/chat).
Data processing is based on Art. 6(1)(b) and Art. 6(1)(f) GDPR—legitimate interest being the efficient conduct of online meetings.
We have a data processing agreement with Zoom including EU Standard Contractual Clauses. Zoom’s privacy policy: https://zoom.us/de-de/privacy.html
Matomo Web Analytics
We use Matomo, an open-source analytics tool, locally hosted and configured without cookies. Instead, a daily-changing configuration ID is used. More info: https://matomo.org/faq/general/how-is-the-visitor-config_id-processed/
Matomo is operated by Christian Zehetner and hosted by Hetzner in Frankfurt, Germany. No data is shared with third parties.
Processed data includes:
Anonymized IP address
Pages visited during a session
Referrer page (parameters removed)
Time spent on the site
OS, browser version, plugins, language
Processing is based on Art. 6(1)(f) GDPR—legitimate interest being site optimization based on user behavior.
Matomo privacy policy: https://matomo.org/privacy-policy
Payment Processing for Appointments
For payment processing, we store the following data:
Name
Address
Phone number
Email
IP address used for the order
Payment is handled via Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin. Stripe’s privacy policy: https://stripe.com/at/privacy
Banking details (e.g., account or credit card numbers, passwords, TANs) are processed and stored only by Stripe. We only receive confirmation of payment and store no banking information.
Data processing is based on Art. 6(1)(b) GDPR and retained for 7 years per tax law.
Data Storage
For accounting purposes, we store:
Name
Address
Phone number
Email
Data is not shared, except with payment providers and our tax advisor for accounting and legal compliance. Data is stored only within the EU.
The data is required for contract performance and pre-contractual measures; contracts cannot be completed without it.
Retention period is 7 years. Storage methods include:
Encrypted, password- and access-protected local or portable computers
Encrypted, password-protected Microsoft Cloud (Microsoft Ireland Operations Ltd, Dublin 18, Ireland)
We have a data processing agreement with Microsoft including EU Standard Contractual Clauses. Microsoft privacy policy: [Insert link]
Processing is based on Art. 6(1)(c) (legal obligations) and Art. 6(1)(b) (contract performance) GDPR.
Instagram Fan Page
We operate an Instagram page via Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland.
Using Instagram Insights, we receive anonymized statistical data via cookies, including a user code active for two years. This code may be linked to login data by Meta.
Page administrators cannot disable this or prevent the data processing. More info: https://help.instagram.com/1533933820244654/?helpref=uf_share
Meta accepts primary responsibility for GDPR compliance regarding these data and fulfills all related obligations. Data shared with us is anonymized, and we cannot identify individuals. We may see demographic and behavioral summaries.
These are used solely to evaluate our Instagram page’s reach. Legal basis: Art. 6(1)(f) GDPR—legitimate interest being identifying audiences interested in our content.
Your Rights
You have the right to access, rectify, delete, restrict processing, transfer data, withdraw consent, and object to data processing. Requests can be sent to the email in the legal notice.
If you believe your data is being processed unlawfully or your privacy rights are violated, you can file a complaint with the Austrian Data Protection Authority.
Contact:
Andrea Rendl, PhD
Inclusive group practice mowa
Girardigasse 3/5
1060 Vienna, Austria
Versions
Update April 30, 2025
Initial version