Privacy Policy

Controller

The controller responsible for data processing on this website is:

Dr. med. Manuela Lotz, M.A.
Niebuhrstraße 63
10629 Berlin
E-Mail: info@meno-life.com

General information on data processing

The protection of your personal data is important to us. We process your data exclusively on the basis of the applicable legal provisions (GDPR, BDSG, TMG, MStV). Personal data is only collected to the extent necessary to provide a functional website and to deliver our services.

Access data (server log files)

When you visit our website, data is automatically collected that your browser transmits to our server. This includes:

  • IP address

  • Date and time of access

  • Page/file accessed

  • Data volume transferred

  • Notification of successful retrieval

  • Browser type and version

  • Operating system of the user

  • Referrer URL

This data is technically required to correctly display the contents of our website and to ensure system stability and security. The data will not be combined with other data sources. The legal basis is Art. 6 para. 1 lit. f GDPR.

SSL/TLS encryption

Our website uses SSL/TLS encryption to protect the transmission of confidential content (e.g. enquiries via the contact form). You can recognise an encrypted connection by the browser address line (“https://”) and the lock symbol.

Website hosting (Squarespace)

Our website is hosted on the platform Squarespace. The provider is Squarespace Ireland Ltd., Le Pole House, Ship Street Great, Dublin 8, Ireland. In the course of use, personal data (e.g. IP address, technical log data) is processed on Squarespace servers. A transfer to the USA may occur. Squarespace safeguards such transfers by implementing Standard Contractual Clauses pursuant to Art. 46 GDPR.

Cookies

Our website uses only technically necessary cookies required for its operation. These cookies do not store personal data and are automatically deleted after your visit. The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest in error-free and optimised website provision).

Contact by e-mail or telephone

If you contact us by e-mail or telephone, the data you provide (name, contact details, content of the enquiry) will be processed in order to respond to your request and, where applicable, arrange an appointment. The legal basis is Art. 6 para. 1 lit. b GDPR (pre-contractual measures and treatment contract). Your data will be deleted once it is no longer required to process your enquiry, unless statutory retention obligations apply.

Communication via WhatsApp

We also offer the option to contact us via WhatsApp Business. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (a company of Meta Platforms). If you send us a message via WhatsApp, your phone number and the content you provide will be processed by WhatsApp. Metadata (e.g. time of communication, device information) may also be collected and transferred to servers outside the EU (in particular to the USA).

Please note that WhatsApp is an external service over which we have no control. Therefore, do not transmit sensitive health data or emergency requests via WhatsApp. Processing takes place on the basis of Art. 6 (1) (a) GDPR (your consent by actively contacting us). Further information can be found in the WhatsApp Privacy Policy

Appointment booking via the website

Our website offers the option to request appointments directly, either via a mail link (opening your e-mail programme), a contact form, or through the online booking function.

Mail link:
If you use the mail link, we only process the data you provide in your e-mail (see “Contact by e-mail” above).

Contact form:
If you use a form, the data you enter (name, e-mail address, telephone number, preferred appointment date) will be processed to respond to your enquiry and arrange an appointment. The legal basis is Art. 6 para. 1 lit. b GDPR. Mandatory fields are indicated; all other details are voluntary. Your data will be deleted once your enquiry has been processed, unless statutory retention obligations apply. The form can only be submitted after you have confirmed your consent to processing by ticking a checkbox (Art. 6 para. 1 lit. a GDPR).
Logging:
For verification purposes and to comply with legal requirements, the date and time of submission (timestamp) as well as the user’s IP address are stored when the form is submitted. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in documenting the form submission in the context of professional regulatory requirements).

Online consultations and video calls

In the context of online consultations or video calls, we process personal data necessary for the provision of the service. This includes master data (name, contact details), appointment and session data, as well as health-related information disclosed during the consultation.

Processing is carried out exclusively for the purposes of consultation and documentation. The legal basis is Art. 6 para. 1 lit. b GDPR, and where health data is concerned, Art. 9 para. 2 lit. h GDPR in conjunction with § 22 para. 1 no. 1 lit. b BDSG. Data will only be stored as long as necessary for the consultation and for compliance with statutory documentation obligations.

Consultations are conducted via the provider RED Medical Systems GmbH, Kaufering, which provides a GDPR-compliant technical platform with servers located in Germany. A data processing agreement pursuant to Art. 28 GDPR has been concluded with RED Medical.

Please note: Online medical consultations can only be conducted for patients who are located in Germany at the time of the session. Psychological counselling is not subject to this restriction and can also be provided internationally.

Payment

Billing is carried out on a self-pay basis only. Payment is made by bank transfer upon invoice. No payment data is transferred to external payment service providers.

Your rights

You have the right at any time to obtain information about the personal data we hold about you (Art. 15 GDPR). You also have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR) and to object to processing (Art. 21 GDPR). Where processing is based on your consent (Art. 6 para. 1 lit. a GDPR), you may withdraw this consent at any time with effect for the future.

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.

Competent supervisory authority for Berlin:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61
10555 Berlin

This English version is provided for convenience only. In case of any discrepancies, the German version shall be legally binding.