Privacy Policy

1. Data controller

Per Art. 37 GDPR appointing a data protection officer is not mandatory due to the size of the practice. Please address data protection requests directly to the controller above.

2. Principles of data processing

We process personal data only within applicable data protection regulations and only as necessary. Legal bases per Art. 6 GDPR:

• lit. a – Consent of the data subject
• lit. b – Performance of contract or pre-contractual measures
• lit. c – Compliance with legal obligations
• lit. f – Protection of legitimate interests

Health data (Art. 9 GDPR) is processed exclusively for the documentation of medical treatment (Art. 9 (2) lit. h GDPR) and is subject to medical confidentiality (§ 203 StGB).

3. Hosting & server logfiles

This website is hosted at Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA); domain registrar is IONOS SE (Montabaur, Germany). When the page is accessed the following data is automatically stored in server logfiles: browser type, operating system, referrer URL, IP address, time, HTTP status code.

Legal basis: Art. 6 (1) lit. f GDPR. Cloudflare is certified per EU-US Data Privacy Framework (dataprivacyframework.gov). Cloudflare processes data as a processor under Art. 28 GDPR. Privacy: cloudflare.com/privacypolicy

4. Cookies & consent management

Our website uses cookies. Per § 25 TTDSG your explicit consent is required for cookies that are not technically necessary. On the first visit a cookie banner appears with the options: Accept all · Necessary only · Settings. Your consent is valid for 12 months.

Change settings at any time: Open cookie settings ↗

Detailed info: View cookie policy →

5. Contact & forms

When you contact us by email, phone or form, your transmitted data (name, email, phone, message, possibly photos) is stored for the processing of your request. We do not pass on this data without consent. Patient files are kept for 10 years per § 10 BO ÄK Nordrhein.

6. Web3Forms

For technical form submission we use Web3Forms (operated by Statickit / Polywrap Inc., USA). When submitting a form your entered data is routed through Web3Forms servers and forwarded to our email address. Processed data: name, email, phone, message, optional photo attachments, IP address, timestamp. web3forms.com/privacy-policy

7. Google Fonts

This website uses Google Fonts (Google Ireland Limited). When loading the page your IP address is transmitted to Google servers. Google is certified per EU-US DPF. policies.google.com/privacy

8. Calendly

For online appointment booking we use Calendly LLC (Atlanta, USA). When booking Calendly processes name, email and desired appointment. calendly.com/privacy

9. WhatsApp Business

Our website contains a link to WhatsApp Business (Meta Platforms Ireland Limited). Data transmission to Meta only happens when actively clicking the button. whatsapp.com/legal/privacy-policy-eea

10. Social media links

Our website contains external links to Instagram, Facebook and TikTok. No social media plugins are embedded — data transmission only happens on active click.

11. Your rights (Art. 15–21 GDPR)

To exercise your rights: drfetai@mail.de

12. Right to complain to the supervisory authority

13. Data security

This website uses SSL/TLS encryption. We take technical and organisational protective measures per Art. 32 GDPR. As of: May 2026.

→ Imprint   → Cookie Policy