PRIVACY POLICY


1. Data Controller

The person responsible for data processing is:

Szilvia Ötvös
Im Buchhorn 2
74545 Michelfeld
+49 155 10059282
szilvia.oetvoes@gmail.com
www.szilviaotvostattoo.de

2. Collection and Processing of Personal Data

a) When registering and booking an appointment

When you book an appointment or visit us for a consultation, we collect the following personal data:

  • First and last name

  • Address

  • Date of birth

  • Phone number

  • Email address

  • Health information (e.g., allergies, skin conditions, previous surgeries), insofar as this is necessary for carrying out the tattoo.

We collect this data to process your request, provide the requested service (tattoo), and contact you in case of changes or issues with your appointment. The legal basis for processing is Art. 6(1)(b) GDPR (contract fulfillment).

b) During tattoo procedures

While tattooing, we collect and store your health data, particularly regarding allergies or skin reactions, to ensure the tattoo is performed safely and in consideration of your health conditions.

This processing is based on Art. 9(2)(h) GDPR (health data in relation to health care or medical treatment).

c) When contacting us via our website

If you use our contact form on the website or email us for inquiries, we collect the following data:

  • Name

  • Address

  • Date of birth

  • Email address

  • Message

We process these data to respond to your inquiry. The legal basis is also Art. 6(1)(b) GDPR.

d) When using our website

When you visit our website, technical data such as IP address, date and time of access, browser type, and operating system are collected automatically to ensure functionality and analyze website usage. Further details are in the Cookies section.

e) When subscribing to the newsletter

If you subscribe to our newsletter, we collect the following personal data:

  • Email address

  • If applicable, first and last name

This data is collected to send you information and offers via email. Subscription is based on your consent under Art. 6(1)(a) GDPR. You may withdraw your consent at any time via the unsubscribe link in the newsletter or by emailing szilvia.oetvoes@gmail.com.

3. Use of Health Data

The health data we collect from you (e.g., allergies, skin conditions) is used exclusively for planning and performing your tattoo treatment. These data are not shared with third parties unless necessary to provide the service (e.g., a doctor in an emergency). They are stored only as long as needed for the tattoo procedure and aftercare, in accordance with legal requirements.

4. Disclosure of Data

Your personal data will only be shared with third parties if:

  • You have previously given explicit written consent (e.g., for marketing purposes)

  • Disclosure is necessary to fulfill the contract (e.g., payment providers for online payments)

  • There is a legal obligation to disclose

5. Cookies

Our website uses cookies to analyze website usage and improve functionality. You can prevent cookie storage in your browser settings, though some cookies are required for website use.

Types of cookies:

  • Essential cookies: necessary for website operation (e.g., booking function)

  • Analytics cookies: help analyze and improve website usage

Cookie usage is based on Art. 6(1)(f) GDPR (legitimate interest).

6. Your Rights

You have the right to access your personal data at any time and to request correction, deletion, or restriction of processing.

If processing is based on your consent (e.g., marketing purposes), you may withdraw it at any time. Withdrawal does not affect the legality of processing before it was withdrawn.

Your rights include:

  • Right to access

  • Right to rectification

  • Right to erasure (“right to be forgotten”)

  • Right to restrict processing

  • Right to data portability

  • Right to object

To exercise these rights, contact us using the contact information above.

7. Retention Period

We store your personal data only as long as necessary to fulfill its purpose. Health data may be stored longer to comply with legal retention obligations.

8. Data Security

We take all necessary technical and organizational measures to protect your data against unauthorized access, loss, or destruction. This includes data encryption and regular security checks.

9. Changes to the Privacy Policy

We reserve the right to update this privacy policy as needed to reflect changes in legal or technical requirements. The current version is always available on our website.