Privacy policy

Information under Art. 13 and 14 GDPR

Note: this is an English courtesy translation. The German version is legally authoritative, as German law (GDPR/BDSG) applies.

1. Data controller

Milad · Soma-Nexus
Occupational therapy & ILF neurofeedback · mobile practice
Home visits in the Hanover area
Business address: to be registered
Phone:
E-mail: Admin@soma-nexus.com

The full mandatory information under § 5 TMG can be found in the legal notice. The business address will be added during practice registration.

2. General handling of your data

The protection of your personal data is important to us. We process your data confidentially and in accordance with applicable data-protection law, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Where health data is processed within the context of treatment, this is done in accordance with the particular confidentiality duties in the healthcare sector.

3. Collection and storage of personal data

a) When visiting the website

When this website is accessed, the hosting provider processes technically required information, in particular IP address, date and time of access, browser type, operating system and referrer URL. This data serves the technical provision, stability and security of the website. The legal basis is Art. 6(1)(f) GDPR.

b) When contacting us

If you contact us via contact form, e-mail or telephone, we process the data you provide — such as name, e-mail address, telephone number and your message — solely to handle your enquiry. The legal basis is Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR.

c) In the context of treatment

In order to carry out occupational therapy services and accompanying procedures, health data may be processed, such as case history, assessment findings, course of treatment and training-related documentation. The legal basis is Art. 9(2)(h) GDPR in conjunction with § 22 BDSG.

4. Storage period

Personal data is stored only as long as necessary for the respective purpose or as long as statutory retention obligations exist. Treatment records are kept in line with statutory requirements. Pure contact enquiries without subsequent treatment are generally deleted after an appropriate period, unless statutory retention obligations require otherwise.

5. Disclosure to third parties

Your data is only disclosed to third parties if this is legally permitted, necessary for the performance of a contract, or if you have explicitly consented. Transmission to treating physicians, cost bearers or other bodies takes place only to the extent required and, where necessary, on the basis of your consent or a statutory obligation.

6. Your rights

Within the framework of the statutory requirements, you have in particular the following rights:

  • Access to the data processed under Art. 15 GDPR
  • Rectification of inaccurate data under Art. 16 GDPR
  • Erasure under Art. 17 GDPR
  • Restriction of processing under Art. 18 GDPR
  • Data portability under Art. 20 GDPR
  • Objection to certain processing under Art. 21 GDPR
  • Withdrawal of consent with effect for the future

To exercise your rights, you may contact the controller named above.

7. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data-protection supervisory authority. In Lower Saxony, the competent authority is in particular:
The State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5, 30159 Hanover
lfd.niedersachsen.de

8. Hosting

This website is hosted by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. As part of the hosting, technically required access data is processed. The legal basis is Art. 6(1)(f) GDPR.

9. Google Fonts

This website uses Google Fonts for consistent typography. When the page is loaded, a connection to Google servers may be established. In particular, your IP address may be transmitted to Google. The legal basis is Art. 6(1)(f) GDPR, insofar as the integration is technically and visually necessary.

Further information: Google privacy policy.

Note: a switch to locally embedded fonts may be made in the future.

10. SSL/TLS encryption

For security reasons and to protect confidential content, this website uses SSL/TLS encryption.

11. Cookies and tracking

At present, this website does not use any own tracking tools such as Google Analytics. Should this change, this privacy policy will be updated accordingly and, if required, a consent management tool will be used.

12. Contact form (Web3Forms)

The contact form on this website is processed via the Web3Forms service. When the form is submitted, the data you enter is transmitted to Web3Forms servers and forwarded to us. The legal basis for processing is Art. 6(1)(b) GDPR, insofar as your enquiry is directed at pre-contractual communication, and additionally Art. 6(1)(f) GDPR.

Further information: Web3Forms Privacy Policy.

13. Currency and amendment of this privacy policy

This privacy policy is currently valid. Continued development of the website or changes in statutory or regulatory requirements may make it necessary to amend this policy.

Note: Please have this privacy policy legally reviewed before going live and adapted to the actual technical and organisational processes of your practice. The German version is legally authoritative.

Last updated: 2026-04-08