Legal

Privacy Policy

Last updated: July 2026 · English translation for convenience; the German version is legally binding.

1. Controller

Christian Hampel
Calle Blas Valero 88
30201 Elche, Spain
Email: [email protected]
Phone / WhatsApp: +34 675773491

2. Hosting and server log files

This website is operated via Cloudflare Pages (Cloudflare, Inc.) as hosting and delivery provider. When visiting the website, information is automatically collected by the hosting provider (so-called server log files), in particular IP address, browser type and version, operating system used, referrer URL, and date and time of the server request. This data serves the technically error-free presentation and security of the website. Processing is based on Art. 6(1)(f) GDPR (legitimate interest).

3. Contacting us

When you contact us (e.g. by email or contact form), your name, email address and any voluntarily provided information are processed. This data is used exclusively to handle your request. Legal basis: Art. 6(1)(b) GDPR.

4. Processing of health data

As part of the root-cause analysis and consulting, health data may also be processed. This processing takes place exclusively with the explicit consent of the user and to carry out the analysis and support. Legal basis: Art. 9(2)(a) GDPR.

5. Intake form / analysis

Information provided by the user is used for individual evaluation and consulting. This data is treated as strictly confidential and processed exclusively within the scope of the booked service.

6. AI chat assistant

This website offers an AI-powered chat assistant. When used, the messages you enter are transmitted to a server operated by Invara and forwarded to the Anthropic API (Anthropic PBC, USA) to generate a response. Transfer to the USA is based on appropriate safeguards (e.g. the EU-US Data Privacy Framework or standard contractual clauses pursuant to Art. 46 GDPR). Chat conversations are not stored permanently; only anonymous technical metrics (timestamp, token count, requesting IP address) are recorded for abuse prevention and capacity planning. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a functioning chat feature protected against abuse).

7. External services

This website links to external services (Calendly for booking appointments, WhatsApp, Telegram, Instagram, TikTok, YouTube). When you access these services, their own privacy policies apply.

8. Disclosure to third parties

To carry out diagnostic tests, data may be disclosed to external providers, in particular Nordic Laboratories. Disclosure only takes place where necessary to perform the service.

9. Payment provider

Payments are processed via Stripe. When using Stripe, payment data is processed directly by Stripe. Further information can be found in Stripe's privacy policy.

10. Legal bases of processing

Personal data is processed on the basis of Art. 6(1)(b) GDPR (contract performance), Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interest) and Art. 9(2)(a) GDPR (processing of health data).

11. Storage period

Personal data is only stored for as long as necessary to fulfil the respective purposes, or as required by statutory retention obligations.

12. Rights of data subjects

Users have the right to access under Art. 15 GDPR, rectification under Art. 16 GDPR, erasure under Art. 17 GDPR, restriction of processing under Art. 18 GDPR, data portability under Art. 20 GDPR, and objection under Art. 21 GDPR.

13. Data security

This website uses SSL encryption to securely transmit confidential content.

14. Obligation to provide data

Providing personal data is required for the conclusion and performance of contracts. Without this data, the service cannot be provided.

15. Cookies and analytics tools

This website does not use tracking or marketing cookies (e.g. no Google Analytics). For anonymous traffic measurement, Cloudflare Web Analytics is optionally used. This service uses no cookies, no local storage (localStorage) on your device, and creates no user profile; only aggregated, anonymous visitor counts are recorded. Since no information is stored on or read from your device, strictly speaking no consent under §25 TTDSG (German Telecommunications-Telemedia Data Protection Act) is required for this. For transparency, we nevertheless ask for your consent via a cookie banner before the service is loaded; processing is based on Art. 6(1)(a) or (f) GDPR. You can change your choice at any time via “Cookie settings” in the footer. Further information: Cloudflare Privacy Policy.