Privacy policy

DATA PROTECTION

The protection of your personal data is of special concern to us. We process your data exclusively based on the statutory provisions (DSGVO, DSG, TKG 2003). In this document,
we will explain to you how we the process your personal data and the claims and rights
you are entitled to under data protection regulations.

The person responsible for data processing on this website (further provider) is: Ordination
MUDr. Martin Luzbetak, M.Sc., Sensengasse 3, 1090 Vienna, Austria.

Your data is collected when you provide it to us. Other data are recorded by our IT systems automatically or with your consent when you visit the website. This is mainly technical data (e.g., internet browser, operating system or time of the page was viewed). This data is collected automatically as soon as you enter this website.

Personal data
Personal data: The provider processes the following personal data that was provided to
him personally, by e-mail, fax or other channels:

  • identification data (especially first name, surname, title, date of birth, other data from the identity card, nationality)
  • contact details (address, email address, telephone number);
  • sociodemographic data (age, gender);
  • data required for the use of electronic services (IP address, software data, browser,
  • and cookies – more information in “What are cookies?”)

Special categories of personal data (sensitive data): the provider also processes special
categories of personal data of the persons concerned, namely health data. These are illness data, data on the course and results of medical examinations, data on treatment and
other important circumstances related to the health status of the person concerned and the
method of providing health care, data on the extent of health care, data on the treatment
regimen and important fact for the health care assessment of work performance, epidemiologically serious facts, data on collected, processed, tested, preserved, stored and distributed human tissue or human cells that a tissue establishment manages according to a
special regulation. The height, body weight, data on the health of relatives and close people of the data subject and other health data required for health care providers.

Purposes of processing personal data
The person responsible/provider processes the personal data of the data subject – the customer / patient for the purpose of providing healthcare services. If there is a contractual relationship between the person concerned and the person responsible, the person responsible processes the personal data of the persons concerned based on the legal title of the
contract and this exclusively to the extent to fulfill the purposes of this agreement. If the
person concerned voluntarily informs the person responsible about their personal data
without previous action, these personal data will be processed by the person responsible
to the extent necessary based on the legal title of legitimate interest (for the purpose of assessing the application of the person concerned and responding to the affected person).

Retention of personal data
All personal data will only be processed to the extent necessary to fulfill the above-mentioned purposes and only for the period of time to achieve the stated purposes, but for the
longest period stipulated by or in accordance with the relevant legal provisions.
The personal data that is processed by the person responsible based on the consent of
the person concerned will be processed until the consent is revoked.
The person responsible can process some of this data even after revoking the consent if
he has another legal reason to do so (e.g., to prove the correctness and legal validity of
the procedure for processing personal data or to be able to defend himself against legal
claims).

Personal data processed by the person responsible for the legal title of legitimate interest
or personal data processed by the person responsible for the purpose of direct marketing
will be processed until the data subject objects to the processing of their personal data.

The person responsible stores the personal data for the following periods:

Provision of health care services for clients / patients: for the duration of the contract /
agreement, whereby the practice according to the Doctors Act (1998 / version of May 24,
2018, §51 Paragraphs 1-5) is obliged to keep the patient’s health documentation since the
last entry of service or health care for the data subject for at least 10 years.

Marketing purposes: until the validity of the consent expires (3 years) or until the consent
is revoked. In the case of the processing of personal data based on a legitimate interest,
for the period necessary to fulfill the purpose of the processing, for a maximum period of
10 years.

Bookkeeping and contract documentation: for the duration of the contract and then for
a further 10 years after the year in which the contract expired / was executed.
If legal proceedings are initiated against the data subject as a debtor, the controller processes the personal data of the data subject for the required period in which the legal proceedings in question will last.

Identification and contact details: for the period necessary to contact these people, but
no longer than 5 years after receipt.

Identification of the recipients of the personal data
The person responsible can only make the personal data of the data subjects available to
third parties if this is required or permitted by law, or with the consent of the data subjects.
The person responsible only makes the personal data available to the processors or other
recipients to the usual extent:

a) Other health professions or health institutions, external laboratories, especially if the
provision of personal data requires the proper provision of our health care services for the
customer / patient, external cooperating doctors and members of the health professions, in
particular if the provision of personal data requires the proper provision of our health care
services for the customer / patient requires, to the competent body of the union, in the
medical documentation as part of the control of the performance of the health profession
concerned, the insurance company that offers individual health insurance in accordance
with a special regulation, namely in the medical records for the purpose of monitoring the
health care provided to which the insurance compensation applies.
b) External suppliers of the person responsible (e.g., technical programming or other support services, server services, e-mail distribution, services in connection with measuring
the number of visitors to the website and adapting its content to user preferences),
c) the operator of backup servers or the operator of technologies used by the provider that
process them to ensure the functionality of the provider’s relevant services
d) if necessary, the legal, economic and tax advisors of the provider and the provider of
the operator who process them for the purpose of advising the operator.

Rights of the data subject
Information, deletion, and correction
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, their origin and recipient and the purpose of the
data processing and, if necessary, a right to correct or delete this data. You can contact
MUDr. Martin Lužbeták, M.Sc., Sensengasse 3, 1090 Vienna, Austria or drluzbetak@medvienna.at.

Restriction of processing
The data subject has the right to request the controller to restrict processing if one of the
following conditions is met:
a) the accuracy of the personal data is disputed by the data subject for a period that enables the person responsible to check the accuracy of the personal data,
b) the processing is unlawful, and the data subject refuses to delete the personal data and
instead requests that the use of the personal data be restricted;
c) the controller no longer needs the personal data for the purposes of processing, but the
data subject needs them to assert, exercise or defend legal claims, or
d) the person concerned has lodged an objection to the processing in accordance with Article 21 Paragraph 1 DGSVO, if it has not yet been determined whether the legitimate reasons of the person responsible outweigh those of the person concerned.

If the legal reason for processing the personal data of the person concerned is their consent, the person concerned can revoke this consent at any time free of charge at the email address given below. The revocation of the consent does not affect the legality of the
processing based on the consent given before the revocation. The person concerned has
the right to give consent at any time by email to drluzbetak@medvienna.at or in writing to
the address of the registered office of the operator, namely MUDr. Martin Lužbeták, M.Sc.,
Sensengasse 3, 1090 Vienna, Austria.

Data collection on this website

Contact form
If you send us an inquiry using the contact form on the website, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the request and in case of follow-up questions. We do not pass on this
data without your consent.
This data is processed based on Article 6 (1) (b) GDPR, provided that your request is related to the performance of a contract or is necessary to carry out pre-contractual
measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries sent to us (Art. 6 Paragraph 1 lit. f GDPR) or on your
consent (Art. 6 Paragraph 1 lit. a GDPR) if this was queried.
The data you enter in the contact form will be stored until you ask us to delete it, revoke
your consent to storage or the purpose for data storage no longer applies (e.g. after your
request has been processed). Mandatory legal provisions – in particular retention periods –
remain unaffected.

Inquiry by email, phone or fax
If you contact us by e-mail, telephone or fax, your request, including all personal data derived from it (name, request) will be stored and processed for the purpose of processing
your request. We do not pass on this data without your consent.
This data is processed based on Article 6 (1) (b) GDPR, provided that your request is related to the performance of a contract or is necessary to carry out pre-contractual
measures. In all other cases, the processing is based on your consent (Art. 6 Para. 1 lit. a
GDPR) and / or on our legitimate interests (Art. 6 Para. 1 lit.f GDPR), as we have a legitimate interest in the effective Processing the inquiries sent to us.
The data you send to us via contact requests will remain with us until you ask us to delete
it, revoke your consent to storage or the purpose for data storage no longer applies (e.g.,
after your request has been processed). Mandatory statutory provisions – in particular,
statutory retention periods – remain unaffected.

Server log files
The website operator collects data on access to the website based on legitimate interest
(see Art. 6 Paragraph 1 lit. f. GDPR) and saves these as “server log files” on the website
server. The following data is logged in this way:

  • Website visited
  • Time at the time of access
  • Amount of data sent in bytes
  • Source / reference from which you came to the page
  • Browser used
  • Operating system used
  • IP address used

The server log files are stored for a maximum of 7 days and then deleted. The data is
stored for security reasons, e.g., to clarify cases of abuse. If data must be kept for reasons
of evidence, they are excluded from deletion until the incident has been finally resolved.

COOKIES

What are cookies?
Cookies are small text files that are stored on a computer or mobile device (tablet or
phone) when you visit a website. They are used to store information about user preferences so that the web server does not have to request this information repeatedly, which
can slow down the loading time of the website. Cookies make it easier for web servers to
tailor information to the specific needs and preferences of a user when visiting a website.

Types of cookies
Due to the storage time, they divide the cookies temporarily and permanently.
While the short-term cookies are automatically deleted after the browser is closed, permanent cookies remain stored in the Internet browser even after the browser is closed.
Depending on where the cookies come from, they are divided into “first-party cookies” and
“third-party cookies”. The first party cookies are created and used by the person responsible for the website. The third-party cookies come from other providers, e.g., tools for traffic
measurement (e.g. Google Analytics).
In terms of the function they perform, cookies are divided into essential, analytical, conversion, remarketing and tracking functions. The necessary cookies are required for the website to function properly. Analytical cookies are important for analyzing website traffic to improve the performance and speed of the website. Conversion cookies measure and evaluate various sales channels. In combination with conversion cookies, tracking cookies help
analyze different channels sold. Remarketing cookies are used to properly target and personalize advertising.

Why and which cookies do we use?
We use cookies to improve the use of the website, to analyze traffic and to personalize advertising in a targeted manner. We use our own cookies as well as third-party cookies.

How can you change the cookies settings?
Most internet browsers automatically accept cookies by default. However, the user can
change the settings of the Internet browser and manage or deactivate cookies.

Google Analytics
The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4,
Ireland. Google Analytics uses so-called “cookies”. These are text files that are saved on
your computer and that enable your use of the website to be analyzed. The information
generated by the cookie about your use of this website is usually transferred to a Google
server in the USA and stored there.
The storage of Google Analytics cookies and the use of this analysis tool are based on Art.
6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising. If a corresponding consent has been
requested (e.g. consent to the storage of cookies), processing takes place exclusively on
the basis of Art. 6 Paragraph 1 lit. a GDPR; the consent can be revoked at any time.

Google Ads
This website uses Google Ads. Google Ads is an online advertising program from Google
Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use so-called conversion tracking as part of Google Ads. If you click on an ad placed
by Google, a conversion tracking cookie is set. Cookies are small text files that the internet
browser stores on the user’s computer. These cookies lose their validity after 30 days and
are not used to personally identify users. If the user visits certain pages on this website
and the cookie has not yet expired, we and Google can see that the user clicked on the ad
and was redirected to this page.
Each Google Ads customer receives a different cookie. The cookies cannot be tracked
through the websites of Google Ads customers. The information obtained using the conversion cookie is used to generate conversion statistics for Google Ads customers who
have opted for conversion tracking. Customers find out the total number of users who
clicked on their ad and were redirected to a page with a conversion tracking tag. However,
they do not receive any information with which users can be personally identified. If you do
not want to participate in tracking, you can object to this use by easily deactivating the
Google conversion tracking cookie in your internet browser under user settings. You will
then not be included in the conversion tracking statistics.
The storage of “conversion cookies” and the use of this tracking tool are based on Article 6
(1) lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in
order to optimize both its website and its advertising. If a corresponding consent has been
requested (e.g. consent to the storage of cookies), processing takes place exclusively on
the basis of Art. 6 Paragraph 1 lit. a GDPR; the consent can be revoked at any time.
You can find more information about Google Ads and Google Conversion Tracking in the
data protection provisions of Google: https://policies.google.com/privacy?hl=de.
You can set your browser so that you are informed about the setting of cookies and only
allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in
general, and activate the automatic deletion of cookies when you close the browser. If
cookies are deactivated, the functionality of this website may be restricted.

Google DoubleClick
This website continues to use the online marketing tool DoubleClick by Google. DoubleClick uses cookies to show ads that are relevant to users, to improve reports on campaign performance, or to prevent a user from seeing the same ads multiple times. Google
uses a cookie ID to record which advertisements are shown in which browser and can thus
prevent them from being shown multiple times. In addition, DoubleClick can use cookie
IDs to record so-called conversions that relate to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later calls up the advertiser’s website with the
same browser and buys something there. According to Google, DoubleClick cookies do
not contain any personal information.
Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the extent and further use of the data
that is collected by Google using this tool and therefore inform you according to our level
of knowledge: By integrating DoubleClick, Google receives the information that you are using the corresponding part of our have accessed our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to
your account. Even if you are not registered with Google or have not logged in, there is a
possibility that the provider will find out your IP address and save it.
In addition, the DoubleClick Floodlight cookies used enable us to understand whether you
are performing certain actions on our website after you have accessed or clicked one of
our display / video ads on Google or on another platform via DoubleClick (conversion
tracking) to have. DoubleClick uses this cookie to understand the content you have interacted with on our websites to be able to send you targeted advertising later.
Further information about DoubleClick by Google is available at www.google.de/doubleclick and support.google.com/adsense/answer/2839090, as well as general data protection at Google: www.google.de/intl/de/policies/privacy
Legal basis: Art. 6 (1) S. 1 lit. a GDPR

Facebook plugin
Plugins of the social network Facebook are integrated on this website. The provider of this
service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However,
according to Facebook, the data collected will also be transferred to the USA and other
third countries.
You can recognize the Facebook plugins by the Facebook logo or the “Like” button on this
website. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
When you visit this website, a direct connection is established between your browser and
the Facebook server via the plugin. Facebook receives the information that you have visited this website with your IP address. If you click the Facebook “Like” button while you are
logged into your Facebook account, you can link the content of this website to your Facebook profile. This enables Facebook to assign your visit to this website to your user account. We would like to point out that, as the provider of the website, we have no
knowledge of the content of the data transmitted or its use by Facebook. You can find
more information on this in Facebook’s data protection declaration at: https://de-de.facebook.com/privacy/explanation
If you do not want Facebook to be able to assign your visit to this website to your Facebook user account, please log out of your Facebook user account.
The Facebook plugins are used based on Art. 6 Para. 1 lit.f GDPR. The website operator
has a legitimate interest in the widest possible visibility in social media. If a corresponding
consent has been requested, processing takes place exclusively based on Art. 6 Paragraph 1 lit. a GDPR; the consent can be revoked at any time.

Facebook pixel
Our website uses the visitor action pixel from Facebook, Facebook Ireland Ltd, 4 Grand
Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”) to measure conversion.
In this way, the behavior of the site visitors can be tracked after they have been redirected
to the provider’s website by clicking on a Facebook ad. This enables the effectiveness of
Facebook advertisements to be evaluated for statistical and market research purposes
and future advertising measures to be optimized.
The data collected are anonymous for us as the operator of this website; we cannot draw
any conclusions about the identity of the users. However, the data is stored and processed
by Facebook so that a connection to the respective user profile is possible and Facebook
can use the data for its own advertising purposes, in accordance with the Facebook data
usage guidelines. This enables Facebook to place advertisements on Facebook pages as
well as outside of Facebook. As the website operator, we cannot influence this use of the
data.
You can find more information on handling user data in Google’s data protection declaration: https://www.facebook.com/privacy/explanation
The use of Facebook pixels is based on Art. 6 Para. 1 lit. f GDPR. The website operator
has a legitimate interest in effective advertising measures, including social media.

Google Tag Manager
This website uses the Google Tag Manager. Google Tag Manager is a solution that enables marketers to manage website tags from one interface. The Tag Manager tool itself
(which implements the tags) is a cookie-less domain and does not collect any personal
data. The tool triggers other tags, which in turn may collect data. Google Tag Manager
does not access this data. If a deactivation has been made at the domain or cookie level, it
will remain in effect for all tracking tags that are implemented with Google Tag Manager.
You can find more information on handling user data in Google’s data protection declaration: https://www.google.de/intl/de/policies/privacy/

Polylang
This website uses the Polylang program for the multilingualism of the website. Polylang is
a product of WP SYNTEX, 28, rue Jean Sebastien Bach, 38090 Villefontaine, France. Polylang cookies are only set to recognize and record the language used or selected by the
user. These cookies are stored for one year and are then deleted.

You can find more information on data protection compliance here: https://polylang.pro/doc/is-polylang-compatible-with-the-eu-cookie-law/

Google Maps
This website uses the Google Maps map service via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To ensure data protection on this website, Google Maps is deactivated when you enter this
website for the first time. A direct connection to the Google servers is only established if
you activate Google Maps yourself (consent in accordance with Art. 6 Para. 1 lit. a GDPR).
This prevents your data from being transferred to Google the first time you enter the site.
After activation, Google Maps will save your IP address. This is then usually transferred to
a Google server in the USA and stored there. The provider of this site has no influence on
this data transfer after activating Google Maps.
You can find more information on handling user data in Google’s data protection declaration: https://www.google.de/intl/de/policies/privacy/.

Google Web Fonts
This site uses web fonts provided by Google, for the uniform display of fonts. When you
call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose, the browser you are using must connect to the Google servers. This
gives Google knowledge that this website has been accessed via your IP address. The
use of Google Web Fonts takes place in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6
Para. 1 lit.f GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s data protection declaration: https://policies.google.com/privacy?hl=de.

Antispam Bee
We use the Antispam Bee plug-in on our website. This is open-source software. To the
best of our knowledge, Antispam Bee does not store any user data. You can find more information on the “Antispam Bee” plugin at: https://wordpress.org/plugins/antispam-bee/.

Cookies