Privacy Policy

General

Responsibility for data processing

Compliance with data protection laws is not only a legal obligation for VOSS – Praxis für Physiotherapie und Sportphysiotherapie, but also an important factor of trust. With the following data protection provisions, we would therefore like to inform you transparently about the type, scope and purpose of the personal data collected and processed from you within this website, as well as your rights.

Data Protection Officer

VOSS – Praxis für Physiotherapie und Sportphysiotherapie, Wolfsgartenweg 1A, 5020, Salzburg, (hereinafter: ‘we’), as the operator of the website www.jakobvoss.com, is the controller pursuant to Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR). If you have any questions, please contact hello@jakobvoss.com.

The data protection officer is Jakob Voss.

Your rights as a data subject

As a data subject, you have the following rights with regard to your personal data. You have:

    • A right to information about, among other things, the categories of data processed, the purposes of processing, the storage period and any recipients, in accordance with Art. 15 GDPR and §34 BDSG.

    • A right to rectification or erasure of incorrect or incomplete data, in accordance with Art. 16 and 17 GDPR and §35 BDSG.

    • Under the conditions of Art. 18 GDPR or Section 35 (1) sentence 2 BDSG, a right to restriction of processing.

    • A right to object to the processing in accordance with Art. 21 para. 1 GDPR, insofar as the data processing was carried out on the basis of a legitimate interest.

    • A right to withdraw consent given with effect for the future in accordance with Art. 7 (3) GDPR.

    • A right to data portability in a commonly used format in accordance with Art. 20 GDPR.
    • You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us in accordance with Art. 77 GDPR, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

If you assert your rights against us in accordance with the GDPR and the BDSG, we will process the data you provide to us in order to grant you your rights. We will then store the data you have transmitted to us and the data we have transmitted to you in return for the purpose of documentation until the expiry of the limitation period under regulatory offences law (3 years). The legal basis for the storage of the data is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from the need to be able to exonerate us in possible fine proceedings by proving that we have duly complied with your request.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice. However, we would like to point out that the processing of your data to prove compliance with the rights of the data subject is mandatory within the meaning of Art. 21 para. 1 GDPR, as other means of proof do not exist or are not equally suitable.

Data protection measures

We use technical and organisational measures to protect our website and other systems – and therefore also your data – against loss, destruction, access, modification or dissemination by unauthorised persons. In particular, your personal data is transmitted in encrypted form via the Internet. We use the TLS (Transport Layer Security) coding system for this.

However, the transmission of information via the Internet is never completely secure, which is why we cannot guarantee 100% security of the data transmitted from our website.

Modalities of data processing

Data transfer to third countries outside the EU

All information that we receive from you or about you is generally processed on servers within the European Union. Your data will only be transferred to or processed in third countries without your express consent if this is provided for by law and an appropriate level of data protection is ensured in the third country.

Forwarding of data, order processing

We never pass on your personal data to third parties without authorisation. However, we may disclose your data to third parties in particular if you have consented to the disclosure of data, if the disclosure is necessary to fulfil our legal obligations or if we are entitled or obliged to disclose data due to legal provisions or official or court orders. In particular, this may involve the provision of information for the purposes of criminal prosecution, security or the enforcement of intellectual property rights.

We may also transfer your data to external service providers who process data on our behalf and in accordance with our instructions (processors) in order to simplify or relieve our own data processing. Each processor is bound by a contract in accordance with Art. 28 GDPR. This means in particular that the processor must provide sufficient guarantees that suitable technical and organisational measures are implemented by the processor in such a way that the processing is carried out in accordance with the requirements of the GDPR and the protection of your rights as a data subject is guaranteed. Despite commissioning processors, we remain the controller for the processing of your personal data within the meaning of the data protection laws.

Purpose of data processing

We only use the data for the purpose for which it was collected from you. We may further process the data for another purpose, unless this other purpose is incompatible with the original purpose (Art. 5 para. 1 lit. c) GDPR).

Storage duration

Unless otherwise specified in detail, we will only store data collected from you for as long as is necessary for the respective purpose, unless statutory retention obligations prevent deletion, e.g. under commercial law or tax law.

Individual processing activities

In the following, we would like to show you as transparently as possible which of your data we process, on what occasion, on what basis and for what purpose.

Server log files

Each time you visit our website, the following general information is automatically transmitted from your browser to our server (so-called server log files): Your IP address, product and version information about the browser and operating system used, the website from which your access took place (so-called referrer), the date and time of the request and possibly your internet service provider. In addition, the status and the amount of data transferred as part of this enquiry are recorded.

The IP address of your computer is only stored for the duration of your use of the website and is then immediately deleted or made partially unrecognisable by shortening it. The remaining data is stored for a limited period of time (maximum 7 days).

The legal basis for the use of the server log files is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from the necessity for the operation of our website, in particular to detect and eliminate errors on the website, to determine the utilisation of the website and to make adjustments or improvements and to ensure the security of the system. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice. However, we would like to point out that the processing of your data in server log files is mandatory within the meaning of Art. 21 para. 1 GDPR, as otherwise the website cannot be operated at all.

Contact us

Our website offers you the opportunity to contact us directly. By contacting us, you consent to the processing and storage of your transmitted data (in particular your e-mail address) for the purpose of processing your enquiry. You can object to this processing at any time with effect for the future. To do so, please use our contact details in the legal notice. Please note, however, that we will then no longer process your request.

With regard to the provision of particularly sensitive personal data within the meaning of Art. 9 GDPR (e.g. contact form, e-mail, SMS), we would like to point out that there are risks associated with the transmission of such data via the Internet, in particular through the interception/spying of the data. If you are unsure about this, we advise you to contact us by post or telephone.

We will only process the data you provide to us until the purpose for which you contacted us has been achieved, but for a maximum of 7 days after the purpose has been achieved, unless statutory retention periods prevent this. If the purpose of your contact is the assertion of data subject rights, the information provided in the section ‘Your rights as a data subject’ applies.

The legal basis for the use of the data you transmit to us by contacting us is Art. 6 para. 1 sentence 1 letter a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the contact details provided in the legal notice.

Newsletter

We offer to keep you regularly up to date with our newsletter and inform you about special offers. To subscribe to the newsletter, you can enter your e-mail address in our mailing list. You must then confirm your registration again (double opt-in procedure). We only use the data you send us for the purpose of sending the newsletter and do not pass it on to third parties for any other purpose.

The legal basis for the use of your email address is Art. 6 para. 1 sentence 1 letter a) GDPR (consent of the data subject). You can revoke your consent at any time with effect for the future. To do so, please use the link in every newsletter email or contact us using the contact details provided in the legal notice.

Third-party services

We use third-party services on our website, such as plugins or APIs (Application Programming Interface), to extend the functionality of our website. In doing so, data may be transmitted to the provider of these services. For this purpose, we have contractually obliged the providers of the services, if necessary, in accordance with Art. 28 GDPR. Specifically, we use the following services:

Google services

Our website uses services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

By using the services, data may be transmitted to Google. Google may process the transmitted data to create anonymised user profiles for statistical purposes. If you also have a Google account and are logged into it, Google can assign the transmitted data to your account – even across devices. In principle, we have no influence on this data processing. Google is therefore responsible for this data processing. You can find more information on the handling of user data in Google’s privacy policy:

https://www.google.de/intl/de/policies/privacy/.

In detail we use

Google Analytics

Our website uses the ‘Google Analytics’ service from Google. Google Analytics uses cookies (see above under ‘Cookies’) to enable us to analyse the use of the website by website visitors. The information generated by the cookie about the use of this website by users is usually transferred to a Google server in the USA and stored there. Among other things, the following may be transmitted Your IP address, product and version information about the browser and operating system used, the website from which your access took place (so-called referrer), the date and time of the enquiry and possibly your internet service provider.

IP anonymisation has been activated on our website so that your transmitted IP address is shortened before transmission outside the scope of the GDPR and thus made partially unrecognisable, i.e. anonymised. Only in exceptional cases will the full IP address first be transmitted to a Google server in the USA and shortened there immediately.

Google will use the transmitted information on our behalf to analyse your use of our website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can find more information on terms of use and data protection at Google Analytics at

http://www.google.com/analytics/terms/de.html  and https://www.google.de/intl/de/policies/.

You can prevent the data generated by the cookie and related to the use of the website (including IP address) from being transmitted to Google or processed by Google by downloading and installing the browser plug-in available under the following link. The current link is: http://tools.google.com/dlpage/gaoptout?hl=de.

You can also prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will then be set on your device, which prevents the future collection of data when you visit this website: Prohibit Google Analytics from tracking me

You can also prevent the setting of cookies altogether (see ‘How to avoid cookies’ above).

The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an anonymous analysis of user behaviour on our website in order to improve the design of our online offering in a user-oriented manner. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

Google APIs

Our website uses ‘Google APIs’ from Google. This service enables us to extend our website by integrating external code frameworks. For this purpose, the required frameworks are usually requested from a Google server in the USA. Through this request, the following information, among other things, is transmitted to the Google server and stored there: Your IP address, product and version information about the browser and operating system used, the website from which your access took place (so-called referrer), the date and time of the request and possibly your internet service provider.

The legal basis for the processing of your data in relation to the ‘Google APIs’ service is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an appealing and uniform presentation of our online offer and for a technically flawless and fast presentation of our website. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

Google Tag Manager

Our website uses the ‘Google Tag Manager’ support service from Google. This service itself does not process any personal data. However, Google Tag Manager triggers scripts that are required by other services to collect data. It is not possible for Google Tag Manager to access this data.

Google Fonts

Our website uses the external font service “Google Fonts” from Google. This service enables us to display our website in a uniform and appealing way, even with very differently configured user devices, by loading fonts from an external server instead of from the user’s device. For this purpose, the required fonts are usually requested from a Google server in the USA. As a result of this request, the following information is transmitted to the Google server and stored there: Your IP address, product and version information about the browser and operating system used, the website from which your access took place (so-called referrer), the date and time of the request and possibly your internet service provider.

The legal basis for the processing of your data in relation to the “Google Fonts” service is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an appealing and uniform presentation of our online offering. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

Translated with DeepL.com (free version)

Google Maps

Our website uses the external map service “Google Maps” from Google. Google Maps is used to provide an interactive map on our website that shows you how to find and reach us. This service enables us to present our website in an appealing way by loading map material from an external server. The required data is usually requested from a Google server in the USA. As a result of this request, the following information is transmitted to the Google server and stored there: Your IP address, product and version information about the browser and operating system used, the website from which your access took place (so-called referrer), the date and time of the request and possibly your internet service provider.

The legal basis for the processing of your data in relation to the “Google Maps” service is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an appealing presentation of our online offer and the easy findability of the places indicated on our homepage. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

Content Delivery Network

Our website uses a so-called Content Delivery Network (CDN). A CDN is a network of powerful servers that cache content at various locations around the world. A CDN essentially has two tasks: firstly, to provide content in the shortest possible time and secondly, to relieve the web host by distributing the data traffic.

CDNs transmit two types of content: Static and dynamic content. All website visitors receive static content in the same form, such as video content from streaming services or code frameworks (e.g. Javascript, jQuery). Dynamic content is first adapted to the user and only created at the moment of the request. This includes content that takes place via web applications, e-mail or online stores and is personalized. In order to be able to use the latter, information about the website visitor must first be transmitted to the CDN. This may also involve the transmission of your personal data.

The legal basis for the use of a CDN and the transmission of your data to it is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

In detail, we use

Google APIs

Our website uses the “Google APIs” service provided by Google. See the data protection information above.

Analyse-Tools

We use certain services on our website that record the surfing behavior of our website visitors and make it available to us for analysis. We use this data to improve our website based on usage.

The legal basis for the use of analysis software is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an anonymous analysis of user behavior on our website in order to improve the design of our online offering in a user-oriented manner. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

In detail, we use

Google Analytics

Our website uses the “Google Analytics” service provided by Google. See the data protection information above.

Social-Media-Fansites

In addition to our website, we maintain online presences on social platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services.

If you visit our presence on a social platform, your data will generally be processed by the respective platform provider for our market research and advertising purposes. The provider may also process the data for its own purposes. Usage profiles can be created from your usage behavior and your resulting interests. These usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. For these purposes, cookies (see above) are usually stored on your end device, in which your usage behavior and interests are stored. In particular, if you are a member of the respective platforms and are logged in to them, additional data may be stored independently in the usage profiles. For a detailed description of the respective data processing and objection options, we refer to the following linked information from the providers, as only they know the exact processes of their data processing.

We would like to point out that your data may also be processed outside the European Union. This may result in risks, e.g. because it could make it more difficult to enforce your rights.

The legal basis for the use of the online presences and the associated data processing is generally Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to present ourselves to visitors and users of social networks and to introduce statements of all kinds to the media and opinion market. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

9If you are asked by the respective providers for consent to data processing, the legal basis for the processing is Art. 6 para. 1 sentence 1 letter a) GDPR (consent of the data subject). You can revoke this consent at any time with effect for the future. To do so, please contact the provider who asked you for your consent.

In the event that you wish to assert your above-mentioned rights, we would like to point out that these can be asserted most effectively with the providers, despite possible joint responsibility. As a rule, only the providers have direct access to your data and can take appropriate measures and provide information directly. Should you nevertheless require assistance, you can contact us and we will support you at any time within the scope of our possibilities.

In detail, we are represented on:

Status of the privacy policy: 09/2024

Source: Süddeutsche Datenschutzgesellschaft mbH