Aokang Medical Center Privacy Policy (GDPR compliant)

Effective Date: 07.02.2025

1. Introduction

Welcome to Aokang Medical Center. We are committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

This Privacy Policy explains:

What personal data we collect
How we process, store, and protect your data
Your rights under GDPR
How you can contact us regarding your data

By using our website and services, you consent to the processing of your personal data as described in this policy. If you do not agree, please refrain from using our services.

2. Data Controller

The Data Controller responsible for your personal data is:

Prim. Dr. Thomas Platz

Aokang Medical Center

Wiener Gasse 8, 9020 Klagenfurt, Austria

If you have any questions regarding how your data is handled, you can contact us using the details above.

3. Personal Data We Collect

We collect and process different types of personal data, depending on how you interact with our website and services.

3.1 Information You Provide Directly

Identity Data: Name, date of birth, gender
Contact Data: Email, phone number, mailing address
Payment Data: Billing address, transaction history
Health Data: Information related to health if voluntarily provided for service customization

3.2 Automatically Collected Data

Technical Data: IP address, browser type, device type
Usage Data: Pages visited, session duration, referral sources

3.3 Cookies & Tracking Technologies

We use cookies to improve website functionality, analyze traffic, and enhance user experience. You may disable cookies through your browser settings, but some features may not function properly.

4. Legal Basis for Processing Personal Data

Under GDPR, we process your personal data based on the following legal grounds:

Contractual Necessity: To provide products and services you have requested
Legitimate Interests: To improve our website and services
Legal Obligations: To comply with applicable laws and regulations
Consent: When required, such as for marketing communications (you can withdraw consent at any time)

5. How We Use Your Data

We process your personal data for the following purposes:

To process and manage service bookings and product purchases
To provide customer support and respond to inquiries
To send transactional emails, confirmations, and invoices
To analyze website usage and improve our services
To comply with legal and regulatory obligations
We do not use your data for automated decision-making or profiling.

6. Data Sharing and Third Parties

We do not sell or rent your personal data. However, we may share data in the following cases:

6.1 Service Providers & Third Parties

We engage trusted third-party service providers who process your data on our behalf, including:

Payment processors (to process transactions securely)
IT service providers (to ensure website security and functionality)
Shipping providers (for product deliveries)
These third parties are contractually obligated to handle your data securely and in compliance with GDPR.

6.2 Legal & Regulatory Requirements

We may disclose personal data if required by law or to protect our legal rights.

6.3 Business Transfers

If our business undergoes a merger or acquisition, your data may be transferred to the new entity with continued protection under GDPR.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes stated in this Privacy Policy.

Service & Order Records: Retained for 5 years to comply with tax and legal obligations
Marketing Communications: Retained until you withdraw your consent
Website Usage Data: Retained for up to 12 months for analytics purposes
Once data is no longer needed, we securely delete or anonymize it.

8. Data Security

We implement technical and organizational measures to protect your data, including:

Encryption of sensitive data
Access control measures (limiting access to authorized personnel only)
Secure payment processing
Regular security assessments

While we take all reasonable precautions, no system is completely secure. Users should take steps to protect their data, such as using strong passwords and avoiding public Wi-Fi for transactions.

9. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

9.1 Right to Access

You have the right to request a copy of the personal data we hold about you.

9.2 Right to Rectification

You can request corrections to inaccurate or incomplete personal data.

9.3 Right to Erasure ("Right to Be Forgotten")

You can request the deletion of your personal data under certain conditions (e.g., if the data is no longer needed for its original purpose).

9.4 Right to Restriction of Processing

You can request that we limit the processing of your personal data in certain situations.

9.5 Right to Data Portability

You can request a structured, machine-readable copy of your data for transfer to another service provider.

9.6 Right to Object

You can object to processing based on legitimate interest, including marketing communications.

9.7 Right to Withdraw Consent

If we process your data based on consent, you can withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided below.

10. International Data Transfers

We do not transfer your personal data outside the European Economic Area (EEA). If we do in the future, we will ensure appropriate safeguards are in place to protect your data in accordance with GDPR.

11. Complaints & Supervisory Authority

If you believe we have not handled your data correctly, you have the right to file a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) or your local EU data protection authority.

Austrian Data Protection Authority (Datenschutzbehörde):

Website: https://www.dsb.gv.at

However, we encourage you to contact us first so we can address any concerns.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in legal requirements or our data practices. Any changes will be posted on this website. Significant updates will be communicated directly where applicable. Continued use of our website or services after updates constitutes acceptance of the new policy.

13. Contact Information

For any questions or requests regarding this Privacy Policy, you can contact us at:

Aokang Medical Center

Wiener Gasse 8, 9020 Klagenfurt, Austria

By using our website and services, you acknowledge that you have read, understood, and agreed to this GDPR-compliant Privacy Policy.