Protecting your personal data is incredibly important to us! We process your personal data strictly in accordance with legal provisions (General Data Protection Regulation – GDPR, Austrian Data Protection Act – DSG, Telecommunications Act – TKG 2021). In this privacy policy, we are happy to share with you the most important aspects of how we process data on our website, www.pvzentrum.at.
Controller within the meaning of the GDPR:
PVE Gesundheitspraxis Josefstadt Dr. Pichler & Dr. Amir Allgemeinmedizin GmbH
Lammgasse 5, 1080 Vienna
Telephone: +43 1 406 06 98
Email: backoffice@pvzentrum.at
Protecting your personal data is incredibly important to us! We process your personal data strictly in accordance with legal provisions (General Data Protection Regulation – GDPR, Austrian Data Protection Act – DSG, Telecommunications Act – TKG 2021). In this privacy policy, we are happy to share with you the most important aspects of how we process data on our website, www.pvzentrum.at.
Controller within the meaning of the GDPR:
PVE Gesundheitspraxis Josefstadt Dr. Pichler & Dr. Amir Allgemeinmedizin GmbH
Lammgasse 5, 1080 Vienna
Telephone: +43 1 406 06 98
Email: backoffice@pvzentrum.at
Getting in touch: If you contact us by email, phone, or via a contact form, we will process the details you provide (such as your name, email address, phone number, and the content of your message) to handle your enquiry and any follow-up questions. The legal basis for this is steps prior to entering into a contract or contract fulfilment (Art. 6(1)(b) GDPR), as well as our legitimate interest in responding to your enquiry (Art. 6(1)(f) GDPR). As a healthcare provider, we process health-related data on the basis of Art. 9(2)(h) GDPR. Please rest assured that we will never share this data with third parties without your consent, and it will be safely deleted once the statutory retention periods have expired.
Getting in touch: If you contact us by email, phone, or via a contact form, we will process the details you provide (such as your name, email address, phone number, and the content of your message) to handle your enquiry and any follow-up questions. The legal basis for this is steps prior to entering into a contract or contract fulfilment (Art. 6(1)(b) GDPR), as well as our legitimate interest in responding to your enquiry (Art. 6(1)(f) GDPR). As a healthcare provider, we process health-related data on the basis of Art. 9(2)(h) GDPR. Please rest assured that we will never share this data with third parties without your consent, and it will be safely deleted once the statutory retention periods have expired.
Hosting and Server Log Files
Hosting and Server Log Files
Our website is happily hosted by Framer B.V., Rozengracht 207B, 1016 LZ Amsterdam, Netherlands (acting as a data processor in accordance with Art. 28 GDPR). When you visit us online, access data is automatically processed in what we call server log files—this includes things like your IP address, the date and time of your visit, the file you requested, your browser type, and your operating system. We process this data solely to ensure our website runs smoothly, stays technically secure, and is protected against misuse. The legal basis for this is our legitimate interest in keeping our website operating safely and securely for you (Art. 6 (1) (f) GDPR). To make sure our content, such as images, fonts, and scripts, reaches you as quickly as possible, Framer uses Content Delivery Networks (CDNs), which means your IP address may be transmitted to CDN servers.
Our website is happily hosted by Framer B.V., Rozengracht 207B, 1016 LZ Amsterdam, Netherlands (acting as a data processor in accordance with Art. 28 GDPR). When you visit us online, access data is automatically processed in what we call server log files—this includes things like your IP address, the date and time of your visit, the file you requested, your browser type, and your operating system. We process this data solely to ensure our website runs smoothly, stays technically secure, and is protected against misuse. The legal basis for this is our legitimate interest in keeping our website operating safely and securely for you (Art. 6 (1) (f) GDPR). To make sure our content, such as images, fonts, and scripts, reaches you as quickly as possible, Framer uses Content Delivery Networks (CDNs), which means your IP address may be transmitted to CDN servers.
TLS encryption with HTTPS
TLS encryption with HTTPS
We use HTTPS to transmit your data securely and kept safe from eavesdropping on the internet (Data protection by design, Art. 25 para. 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission, we ensure your confidential details are fully protected. You can easily spot the encrypted connection by the padlock symbol in your browser's address bar and the use of 'https://' at the start of our web address!
We use HTTPS to transmit your data securely and kept safe from eavesdropping on the internet (Data protection by design, Art. 25 para. 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission, we ensure your confidential details are fully protected. You can easily spot the encrypted connection by the padlock symbol in your browser's address bar and the use of 'https://' at the start of our web address!
Our website uses cookies and similar technologies. Cookies are handy little text files that are stored on your device via your browser. We use technically necessary cookies (for example, to remember your cookie preferences or your language choice) based on § 165 Paragraph 3 TKG 2021 and Article 6 Paragraph 1 (f) GDPR – these are essential for running our website smoothly and won't cause any harm at all. Any non-essential cookies and technologies will only be used if you have given us your express consent via our cookie banner (Article 6 Paragraph 1 (a) GDPR). You can happily withdraw your consent at any time for the future simply by deleting the cookies in your browser – the banner will then reappear on your next visit. Your consent is safely stored for a maximum of 12 months, after which we will kindly ask you again.
Our website uses cookies and similar technologies. Cookies are handy little text files that are stored on your device via your browser. We use technically necessary cookies (for example, to remember your cookie preferences or your language choice) based on § 165 Paragraph 3 TKG 2021 and Article 6 Paragraph 1 (f) GDPR – these are essential for running our website smoothly and won't cause any harm at all. Any non-essential cookies and technologies will only be used if you have given us your express consent via our cookie banner (Article 6 Paragraph 1 (a) GDPR). You can happily withdraw your consent at any time for the future simply by deleting the cookies in your browser – the banner will then reappear on your next visit. Your consent is safely stored for a maximum of 12 months, after which we will kindly ask you again.
Web analytics (Framer Analytics)
Web analytics (Framer Analytics)
We use the privacy-friendly analytics feature of our hosting provider, Framer (Framer B.V., Amsterdam, Netherlands). Framer Analytics works completely without cookies or cross-device tracking; it only generates aggregated, anonymised statistics (such as page views, country of origin, and device type). Your IP address is never permanently stored, nor is it used to identify you personally. The legal basis for this is our legitimate interest in statistically evaluating and improving our online services for you (Art. 6(1)(f) GDPR). We do not use Google Analytics or any similar third-party tracking services.
We use the privacy-friendly analytics feature of our hosting provider, Framer (Framer B.V., Amsterdam, Netherlands). Framer Analytics works completely without cookies or cross-device tracking; it only generates aggregated, anonymised statistics (such as page views, country of origin, and device type). Your IP address is never permanently stored, nor is it used to identify you personally. The legal basis for this is our legitimate interest in statistically evaluating and improving our online services for you (Art. 6(1)(f) GDPR). We do not use Google Analytics or any similar third-party tracking services.
To keep our website looking beautifully consistent (including our lovely "Outfit" font!), we use Web Fonts. Some of these are kindly hosted on Google servers (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). When you visit one of our pages, your browser simply loads the font files it needs. During this process, your IP address is shared with Google so they know our website was accessed through your connection. Please be aware that this data might be transferred to the USA; however, Google LLC is certified under the EU-US Data Privacy Framework, ensuring your data is kept safe and secure with an adequate level of protection (adequacy decision according to Art. 45 GDPR). The legal basis for this is our legitimate interest in presenting you with a consistent, technically secure, and great-looking website (Art. 6(1)(f) GDPR). For more details, you can easily check out Google's FAQ at https://developers.google.com/fonts/faq or view Google's privacy policy here: https://policies.google.com/privacy
To keep our website looking beautifully consistent (including our lovely "Outfit" font!), we use Web Fonts. Some of these are kindly hosted on Google servers (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). When you visit one of our pages, your browser simply loads the font files it needs. During this process, your IP address is shared with Google so they know our website was accessed through your connection. Please be aware that this data might be transferred to the USA; however, Google LLC is certified under the EU-US Data Privacy Framework, ensuring your data is kept safe and secure with an adequate level of protection (adequacy decision according to Art. 45 GDPR). The legal basis for this is our legitimate interest in presenting you with a consistent, technically secure, and great-looking website (Art. 6(1)(f) GDPR). For more details, you can easily check out Google's FAQ at https://developers.google.com/fonts/faq or view Google's privacy policy here: https://policies.google.com/privacy
Book your appointment online (CGM LIFE / CLICKDOC)
Book your appointment online (CGM LIFE / CLICKDOC)
To make booking appointments online easy for you, we have integrated the CGM LIFE eSERVICES / CLICKDOC service by CompuGroup Medical (CompuGroup Medical SE & Co. KGaA, Maria Trost 21, 56070 Koblenz, Germany) as an external booking widget (iFrame) on our appointments page. When you open our appointment booking page, your browser establishes a direct connection to CGM's servers, which transmits your IP address. Any details you enter into the booking widget (such as your name, contact details, preferred appointment, and any relevant health information) are processed by CGM on behalf of our clinic to manage your appointments (data processing on behalf of a controller in accordance with Art. 28 GDPR). Your health data is processed on the basis of Art. 9(2)(h) GDPR. For further details, please refer to CGM's own privacy policy, which you can access directly within the booking widget.
To make booking appointments online easy for you, we have integrated the CGM LIFE eSERVICES / CLICKDOC service by CompuGroup Medical (CompuGroup Medical SE & Co. KGaA, Maria Trost 21, 56070 Koblenz, Germany) as an external booking widget (iFrame) on our appointments page. When you open our appointment booking page, your browser establishes a direct connection to CGM's servers, which transmits your IP address. Any details you enter into the booking widget (such as your name, contact details, preferred appointment, and any relevant health information) are processed by CGM on behalf of our clinic to manage your appointments (data processing on behalf of a controller in accordance with Art. 28 GDPR). Your health data is processed on the basis of Art. 9(2)(h) GDPR. For further details, please refer to CGM's own privacy policy, which you can access directly within the booking widget.
Newsletter (Brevo)
If you sign up for our newsletter using the form in the footer, we will process your email address to send you exciting updates and information about our centre. To send these to you, we use the service Brevo (Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany) as our processor in accordance with Art 28 GDPR. The legal basis for this is your consent (Art 6 Para 1 lit a GDPR). You can, of course, withdraw your consent at any time – simply use the unsubscribe link in any newsletter or send an email to marketing@pvzentrum.at. Once you unsubscribe, your email address will be promptly deleted from our mailing list.
Digital Phone Assistant (Ordicall)
For booking appointments over the phone and handling enquiries outside our consultancy hours, we use the lovely digital telephone assistant 'Emilia' provided by Ordicall (ordicall.ai). When you use this service, the details you share during the call (such as your name, phone number, preferred appointment time, and your query) will be processed so we can take down your request and pass it on to our friendly team (data processing is carried out in line with Art. 28 GDPR). The legal basis for this is the initiation or performance of a contract (Art. 6(1)(b) GDPR), and your health data is always securely processed on the basis of Art. 9(2)(h) GDPR to keep you safe and well.
External content & content delivery networks
To help us deliver certain technical features smoothly, we load resources (such as CSS files for the Lenis scroll library) via the content delivery network unpkg.com (operated by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA). When this happens, your IP address is securely shared with the CDN's servers. You'll be pleased to know that Cloudflare is certified under the EU-US Data Privacy Framework (adequacy decision according to Art. 45 GDPR). This means our legal basis is our legitimate interest in providing you with a safe, secure and high-performing website (Art. 6para. 1 lit. f GDPR).
Links to external services & social media
Our website includes links to external services such as Google Maps (for directions), Instagram, Facebook, and LinkedIn. Please rest assured these are simple links – just by visiting our website, no data is transferred to these providers. Only when you click on a link will you leave our website, and from that point onwards, the privacy policies of the respective providers will apply.
How long we keep your data
We only keep your personal data for as long as we need it to support your care or to meet our legal obligations. For your medical records, we follow the retention periods set by the Austrian Physicians Act, which is typically 10 years (§ 51 ÄrzteG 1998). For any business or financial documents, we keep these for 7 years in line with local corporate and tax laws (UGB and BAO).
Please rest assured that you have full rights regarding your personal data! Under the GDPR, you are entitled to information (Art 15), rectification (Art 16), erasure (Art 17), restriction of processing (Art 18), and data portability (Art 20). You can also withdraw any consent you have given us (Art 7 Para 3) or object to data processing altogether (Art 21). Simply get in touch with us – you can find our contact details below or in our legal notice. If you ever feel that your data is not being handled in line with data protection laws, you have the right to lodge a complaint with a supervisory authority. In Austria, this is the Austrian Data Protection Authority (Österreichische Datenschutzbehörde, Barichgasse 40–42, 1030 Vienna, Telephone: +43 1 52 152-0, Email: dsb@dsb.gv.at, Web: www.dsb.gv.at).
Please rest assured that you have full rights regarding your personal data! Under the GDPR, you are entitled to information (Art 15), rectification (Art 16), erasure (Art 17), restriction of processing (Art 18), and data portability (Art 20). You can also withdraw any consent you have given us (Art 7 Para 3) or object to data processing altogether (Art 21). Simply get in touch with us – you can find our contact details below or in our legal notice. If you ever feel that your data is not being handled in line with data protection laws, you have the right to lodge a complaint with a supervisory authority. In Austria, this is the Austrian Data Protection Authority (Österreichische Datenschutzbehörde, Barichgasse 40–42, 1030 Vienna, Telephone: +43 1 52 152-0, Email: dsb@dsb.gv.at, Web: www.dsb.gv.at).
