Privacy Policy

Long Covid Online Clinic
Dr. Corinna Geiger
Wiesingerstraße 3/19
1010 Vienna

www.longcovidklinik.at

(the “Controller”)
(hereinafter also referred to as “we” or “us”)

1. Preamble

1.1. The protection of natural persons when processing personal data is a fundamental right that we take very seriously. All data processing is carried out in accordance with the EU General Data Protection Regulation (GDPR) and the applicable laws of the Republic of Austria.

1.2. This statement is intended to inform you about how we, as the data controller, process your personal data in connection with this website and our online presence, as well as your rights as a data subject. Personal data means all information that relates to you personally, e.g., name, address, email address.

2. Purpose and Legal Basis of Data Processing

2.1. On our website “www.longcovidklinik.at,” we present our company and aim to communicate with our clients. The data we collect when you visit our website is used to make this website available to you and to improve it further. The legal basis for these processing activities is our legitimate interest under Art. 6 (1) (f) GDPR, which consists of being able to operate this website.

3. Data Processed When Visiting Our Website

3.1. When you use our website for information purposes only, i.e., without providing any other information to us, we process the personal data that your browser automatically transmits to our server. The following data is technically necessary for us to display our website and ensure stability and security, and must therefore be processed by us:

IP address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (page visited)
Access status/HTTP status code
Amount of data transferred
Referring website
Browser
Operating system
Language and version of browser software

3.2. This data, which is collected due to technical processing, is automatically collected by our server when you visit our website. If this data is not provided, our website may not be accessible.

3.3. When you contact us via email or through our contact form, your email address, and, if provided, your name and phone number, will be stored by us in order to respond to you. If you do not provide this information, we may not be able to communicate with you.

4. Data Transfer

Your data will only be transferred if it is necessary to fulfill a contract or if you have explicitly consented. Transfer to third parties for marketing purposes will only take place with your explicit consent.

5. Your Rights

5.1. You have the following rights regarding your personal data:

Right of access
Right to rectification or deletion
Right to restriction of processing
Right to object to processing
Right to data portability

5.2. You also have the right to lodge a complaint with a data protection authority (for us, this is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, www.dsb.gv.at) about the processing of your personal data.

6. Patient Management Software and Data Transfers to Third Parties

6.1. For managing the practice and patient data, we use the practice software “docsy” by MediPrime GmbH, Mohsgasse 11/3-5, 1030 Vienna. This software is used for documentation, appointment scheduling, billing, and organizational purposes as part of medical activities. We are joint controllers, meaning we store data together with MediPrime GmbH (see Section 7 of the Privacy Policy).

6.2. MediPrime GmbH acts as a data processor and processes your data exclusively on our behalf and under our instructions. Data is stored exclusively on servers in Austria. Sensitive medical data is stored in encrypted form. Access is only possible via a secure connection (HTTPS). More information can be found here: https://www.docsy.at/wp-content/uploads/2024/01/MediPrime-Datenschutzinformation-20240101.pdf.

6.3. In certain cases, it may be necessary to transfer medical records to another treating physician or hospital. For tax purposes, invoicing data is transferred to our tax advisor, but medical history data is not affected. In individual cases, data may also be forwarded to pharmacies or the medical association.

7. Processing of Personal Data by Wix.com

7.1. Our website is created and hosted using the Wix.com Ltd. platform, 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (“Wix”). Wix provides us with the platform to operate this website. In this context, personal data of visitors to our website is also processed on Wix’s servers. This may include IP addresses, technical information (e.g., browser type, operating system), and communication data automatically collected when visiting our website.

7.2. Wix acts as a data processor within the meaning of Art. 28 GDPR. We have signed a data processing agreement with Wix to ensure your data is processed exclusively in accordance with our instructions and in compliance with applicable data protection laws.

7.3. Wix may also process data outside the European Union, particularly in Israel and the USA. However, Wix is required under GDPR to provide adequate safeguards for the protection of personal data. Israel is recognized by the European Commission as a country with an adequate level of data protection. Where data is transferred to third countries, Wix provides appropriate safeguards such as standard contractual clauses.

7.4. Our website contains an online store that is also operated via the Wix platform. This store allows you to order products directly online. Wix processes personal data on our behalf as part of the order process.

7.5. The data processed includes, in particular:

Master data (e.g., name, address)
Contact data (e.g., email address, phone number)
Order data (e.g., ordered items, payment method, delivery address)
Payment information (e.g., card details or other payment data, depending on the chosen payment service provider)
IP address and technical information (e.g., browser, device type)

7.6. This data processing is carried out for the purpose of order fulfillment, product delivery, payment processing, and compliance with statutory retention requirements. Without this data, you cannot purchase products via our shop.

7.7. Further information on Wix’s data processing can be found in Wix’s Privacy Policy: https://www.wix.com/about/privacy.

8. Storage Period

8.1. Technically required data will be deleted from our server after 12 months.

8.2. Data received via email or our contact form will be deleted once it is no longer required, or restricted if there are legal retention obligations. If the lawfulness of storage is based solely on your consent and you withdraw this consent, we will delete the data immediately in accordance with Art. 17 (1) (b) GDPR. Your personal data will only be stored as long as it is necessary for the respective processing purposes. Health data will be deleted as soon as it is no longer required for a legally permissible purpose.

8.3. In individual cases, data may be stored for longer (e.g., as evidence for legal proceedings). Deletion will take place once the purpose of the extended storage period is fulfilled.

9. Storage Location and Data Collection

9.1. All data processing activities of our website and communication traffic are carried out exclusively within the EU or EEA, unless exceptions (e.g., Wix) are explicitly mentioned in this Privacy Policy.

9.2. In addition to technically required data (e.g., your device’s IP address), we only process data that you consciously provide. We do not collect data from individuals without a valid reason for its storage.

Vienna, 01.07.2025