2. DATA PROTECTION / PRIVACY POLICY
(GDPR-compliant, plain, technical, non-marketing)
Privacy Policy
Applied Brain Lab
1. Data Controller
Gwen Bach
Eichendorffstrasse 3
63773 Goldbach
Germany
2. Data Collected
Depending on use, the following data may be processed:
-
name and contact details
-
email address
-
payment and billing information (via payment providers only)
-
diagnostic responses and questionnaire data
-
booking and communication data
No sensitive health data is intentionally collected unless explicitly stated.
3. Purpose of Processing
Data is processed solely to:
-
provide purchased services and products
-
deliver diagnostics and results
-
manage appointments and communication
-
fulfil legal and contractual obligations
Data is not used for profiling, advertising, or automated decision-making.
4. Legal Basis (GDPR Art. 6)
Processing is based on:
-
contractual necessity (Art. 6(1)(b))
-
legal obligations (Art. 6(1)(c))
-
legitimate interest in service provision (Art. 6(1)(f))
-
consent where required (Art. 6(1)(a))
5. Third-Party Processors
Data may be processed by:
-
website and hosting providers (e.g. Kajabi)
-
payment processors (e.g. Stripe)
-
scheduling or communication tools (e.g. Outlook, Teams)
All processors are GDPR-compliant and operate under data processing agreements.
6. Data Storage and Retention
Data is stored only as long as necessary for the stated purpose or as required by law.
Diagnostic data is retained for analytical continuity unless deletion is requested.
7. Your Rights
You have the right to:
-
access your data
-
request correction or deletion
-
restrict or object to processing
-
data portability
-
withdraw consent at any time
Requests can be sent to: [Email address]
8. Cookies and Analytics
This website may use technically necessary cookies.
If analytics tools are used, they are configured to minimise personal data and comply with GDPR requirements.
9. Data Security
Appropriate technical and organisational measures are in place to protect data from unauthorised access or misuse.
