Home / Data protection

Data protection

Below, we inform you about the processing of personal data when using our website and the services offered on it. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

§1. Controller and Data Protection Officer

  1. Controller pursuant to Art. 4 para. 7 GDPR is The Body Clinic – leichter leben GmbH Schöneberger Ufer 71 10785 Berlin Email: [email protected]

§2. Purposes of Processing and Legal Bases

    1. Informational use of the website If you use our website purely for informational purposes, we process a series of data with each request that your browser automatically transmits to our web server. This includes the IP address currently assigned to your device, the date and time of the request, the time zone, the specific page or file accessed, the HTTP status code, the amount of data transferred, as well as the website from which your request originated, the browser used, the operating system of your device, and the set language. This data is processed to enable your use of our website (connection setup) and to ensure system security and stability on a permanent basis, as well as to enable the technical administration of the network infrastructure and the optimization of our internet offering. The legal basis is our legitimate interest in enabling you to visit our website optimally, Art. 6 para. 1 sentence 1 lit. f GDPR. Furthermore, this data is evaluated only for internal statistical purposes and to improve the offering and is subsequently deleted, at the latest after one year. The legal basis for the processing here is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. In addition, we use cookies and third-party services when you visit our website. Further explanations can be found under §4.
    2. Contact If you contact us by email, post, telephone, or via our contact form, we process the following data: – Your contact details (depending on the type of contact: email address, name and address, name and telephone number) – Personal data that you provide to us as part of your inquiry. This data is processed exclusively for correspondence with you and to handle your request. The legal basis is our legitimate interest in being able to process your request (Art. 6 para. 1 sentence 1 lit. f GDPR). If your inquiry contains special categories of personal data, such as health data, we process this based on your consent (Art. 9 para. 2 lit. a GDPR). If the data processing is no longer necessary for this purpose, your personal data will be deleted, provided there is no legal retention obligation. Please note that communication via unencrypted email (i.e., without end-to-end encryption) always carries the risk that unauthorized third parties may gain access to the transmitted data during transmission and possibly use it for their own purposes. If you wish to avoid this risk, please send us your inquiries, especially when sending health data, via our contact form or by post.
    3. Newsletter If you sign up for our newsletter, we process your email address to send you marketing and promotional information. If you have additionally consented, we also process other personal data (name, gender, age, postal code, program status) to address you personally in the newsletter and to provide you with individually relevant content. The legal basis for the processing is your explicit consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. Since the program status may potentially involve health data, the processing of this information is also based on Art. 9 para. 2 lit. a GDPR. We use the double opt-in procedure for sending the newsletter: After your registration, you will receive a confirmation email with a link for verification. Only after your confirmation will your registration be completed, and you will receive our newsletter. You can revoke your consent at any time with effect for the future—either via the unsubscribe link in the newsletter or by notifying the controller.
    4. Appointment scheduling, health questionnaire, and initial consultation If you are interested in our services and schedule an appointment with us, we store the personal data collected in this context (name and contact details, your request) to offer you our service and fulfill our contractual obligations. The legal basis for processing your personal data is Art. 6 para. 1 sentence 1 lit. b GDPR (contract fulfillment). In this context, we also process special categories of personal data, particularly concerning your health, which we inquire about through a questionnaire and/or during the initial consultation. The processing is carried out to offer/mediate further services and benefits (medical consultation, coaching). The processing of special categories of personal data is based on your consent (Art. 9 para. 2 lit. a GDPR). Appointment scheduling with us is done via Doctolib. Please note that you need an account with Doctolib to schedule an appointment. If you create or have an account with Doctolib and schedule an appointment through the platform, Doctolib is independently responsible for processing your personal data within your Doctolib account as defined in Art. 4 No. 7 GDPR. Please refer to Doctolib’s privacy policy in this regard.
    5. Payment processing/billing If you use a paid service, we use the payment service provider Adyen (Adyen N.V., Simon Carmiggeltstraat 6-50, 1011 DJ Amsterdam, Netherlands) for processing your payments. Through the integrated payment interface, the payment service provider collects the necessary personal data (claim data, bank/payment data) to process the payment. In this case, the payment service provider is independently responsible for data processing. For more information on how your personal data is processed by the payment service provider, please refer to Adyen’s privacy policy: https://www.adyen.com/de_DE/privacy-policy
    6. Prescription transmission If you commission us to transmit medical prescriptions to a pharmacy of your choice, we process your prescription data and the necessary transmission data based on your consent (Art. 6 para. 1 sentence 1 lit. a, Art. 9 para. 2 lit. a GDPR) for the purpose of transmission. We store this data and delete it afterward unless we are obliged to retain it further. The transmission of your prescription data to the pharmacy you have chosen also takes place based on your consent (Art. 6 para. 1 sentence 1 lit. a, Art. 9 para. 2 lit. a GDPR).

§3. Recipients of Personal Data

  • We only disclose your personal data to third parties if you have given your consent (Art. 6 para. 1 sentence 1 lit. a, Art. 9 para. 2 lit. a GDPR) or if we are otherwise obliged or entitled to disclose your data. If, following the appointment with us, medical and/or nutritional counseling is indicated and you wish to schedule an appointment with one of our cooperating doctors or coaches, we will forward your personal data, including your health data from the questionnaire and our appointment, to the partner doctors and/or coaches. The data transfer is carried out to fulfill our contractual obligations to you (Art. 6 para. 1 sentence 1 lit. b GDPR) and based on your consent if special categories of personal data, particularly health data, are involved (Art. 6 para. 1 sentence 1 lit. a, Art. 9 para. 2 lit. a GDPR). The processing of your personal data by the doctor and/or coach is then carried out under their own responsibility. In this regard, we refer to the privacy policy of your respective doctor/coach, which they will gladly provide to you. Without your consent, we cannot offer you the service. If you have received a digital prescription, we transmit the prescription data to the pharmacy of your choice for redemption. The transmission is encrypted. The legal basis for the transmission of your data is also your consent (Art. 6 para. 1 sentence 1 lit. a, Art. 9 para. 2 lit. a GDPR). If we use service providers for the operation of our website who process personal data on our behalf within the scope of commissioned processing in accordance with Art. 28 GDPR, they may be recipients of your personal data. We use processors in the areas of data storage and software usage. For managing our appointments, we use the services of Doctolib GmbH, Mehringdamm 51, 10961 Berlin. For sending newsletters, we use Mailchimp from The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA. A complete list of all current processors is available upon request. The service providers have been and will be carefully selected and commissioned in writing by us. The service providers are strictly bound by our instructions and are regularly monitored. A transfer of your personal data to third parties or processing outside the existing contractual relationship by the service providers does not occur.

§4. Storage Duration

  • We store your personal data only as long as it is necessary for the execution and processing of the services you desire and to the extent that no more specific regulations have been established above or we are authorized or obliged to retain them further based on your consent or legal obligations (e.g., commercial and tax retention obligations).

§5. Cookies

  • We use cookies on our website. These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device, do not contain viruses, trojans or other malicious software. Information related to the specific device used is stored in the cookie. However, this does not mean that we gain immediate knowledge of your identity. Depending on the storage duration, a distinction is made between transient cookies, which are deleted when the browser is closed or logged out, and persistent cookies, which are only deleted after a specified duration. The use of cookies is partly necessary to technically display the website. Without these cookies, our website cannot be displayed (fully correctly), and support functions cannot be enabled. The use of technically necessary cookies is based on our legitimate interest in making our website available to you. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR. On the other hand, we use cookies to make the use of our website more pleasant for you and to statistically record the use of our website for the purpose of optimizing our offer and for advertising purposes. We only use these cookies with your consent, which you can give when you first visit our website via the so-called cookie consent tool. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future, without affecting the lawfulness of the processing carried out until the revocation. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a warning always appears before a new cookie is created. However, completely disabling cookies may result in you not being able to use all the features of our website.
    1. Google Analytics For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics, a web analysis service of Google Inc. https://www.google.de/intl/de/about/ (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized usage profiles are created and cookies are used. The information generated by the cookie about your use of this website such as – browser type/version, – operating system used, – referrer URL (the previously visited page), – hostname of the accessing computer (IP address), – time of the server request, is transmitted to a Google server in the USA and stored there. This information is used to evaluate the use of the website, compile reports on website activity, and provide other services related to website usage and internet usage for market research and demand-oriented design of this internet site. This information may also be transferred to third parties where required by law or where third parties process this data on our behalf. According to Google, your IP address will never be merged with other Google data. We use Google Analytics only with standard IP anonymization. This means that the IP address of users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area so that a personal reference can no longer be made. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. With the entry into force of the EU-US Data Privacy Framework and the certification of Google LLC (USA), an adequate level of data protection is considered to exist for data processing by Google US. The processing of your personal data by Google Analytics, particularly the transfer of your data to the USA, only takes place if you have given us your explicit consent via the cookie banner in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de). Alternatively, especially for browsers on mobile devices, you can prevent the collection by Google Analytics by clicking on https://tools.google.com/dlpage/gaoptout. An opt-out cookie will be set that prevents the future collection of your data when visiting this website. The opt-out cookie only applies to this browser and only to our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=de).
    2. Google Ads We use Google Ads (conversion and remarketing) on our website to draw attention to our services on external websites and to determine how successful individual advertising measures are. Our interest here is to show you advertising that is of interest to you, to make our website more interesting for you and to measure the success of our advertising. This advertising is delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as the display of ads or clicks by users, can be measured. If you access our website via a Google ad, a cookie is stored on your device by Google Ads. This cookie usually stores a unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information. This allows us to analyze your interactions on our website and present interest-based advertising on other websites within the Google advertising network. The cookies allow Google to recognize your internet browser, but they cannot be tracked across other Ads user websites. We ourselves do not collect or process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google, which allow us to identify which advertising measures are particularly effective. Based on the cookie, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and further use of the data collected through the use of this tool by Google and therefore inform you according to our level of knowledge: By integrating Ads Conversion, Google receives the information that you have accessed the relevant part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or not logged in, it is possible that Google will learn and store your IP address. We cannot exclude the possibility that Google may transfer personal data to the USA. With the entry into force of the EU-US Data Privacy Framework and the certification of Google LLC (USA), an adequate level of data protection is considered to exist for data processing by Google US. The legal basis for the processing is your consent given via the cookie banner (Art. 6 para. 1 sentence 1 lit. a GDPR). You can revoke your consent at any time with effect for the future.
    3. Facebook/Meta Pixel We have integrated the “Meta Pixel” of Meta Platforms Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) on our website. The “Meta Pixel” allows us to measure the success of our advertising campaigns on Facebook and Instagram, among others. Furthermore, the “Meta Pixel” allows us and Meta to assign the visitors of our offer to certain groups (e.g. visitors who come from our website or according to the interests we communicate to Meta (Facebook), so-called “Custom Audiences”) to display specific advertisements and thus recognize them. This ensures that these users are only shown interest-based advertisements and that annoying ads are avoided. During your visit to the website, the following data, among others, is transmitted to Meta: – pages or URLs visited – achievement of “website goals” (e.g. contact requests and newsletter registrations) – your internet connection data (IP address) – technical information such as browser, device and screen resolution – a randomly generated user ID – a randomly generated ad click ID if you reached our website via an ad This data may potentially also be transmitted to Meta servers in the USA. No directly personal data such as name, address or contact details is transmitted to Facebook. Meta stores cookies in your web browser for one year from your last visit. These cookies contain a randomly generated user ID that allows you to be recognized on future website visits. If you are logged in to Meta platforms such as Facebook/Instagram, Meta may also associate the visit with your Facebook/Instagram account. The legal basis for the use of the Meta Pixel is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You grant your consent through the cookie settings (cookie banner / consent manager). You can revoke your consent at any time with effect for the future. There is no legal or contractual obligation to provide your data. If you do not give us your consent, you can still visit our website, but some functions may not be fully available.

§6. Data Subject Rights

  • You have the following rights with regard to us:
    • pursuant to Art. 15 GDPR, the right to obtain free information about the personal data processed and to receive a copy of this data;
    • pursuant to Art. 15 GDPR, the right to be informed about the origin and recipients of the data as well as the purpose of data processing and the duration of storage;
    • pursuant to Art. 16 GDPR, the right to the immediate correction of inaccurate data or the completion of incomplete data;
    • pursuant to Art. 17 GDPR, the right to request the deletion of your personal data stored by us;
    • pursuant to Art. 18 GDPR, the right to request the restriction of the processing of your personal data;
    • pursuant to Art. 20 GDPR, the right to receive the data you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller;
    • pursuant to Art. 19 GDPR, the right to be informed about all recipients to whom the personal data have been disclosed;
    • pursuant to Art. 21 GDPR, the right to object to the processing;
    • pursuant to Art. 7 para. 3 GDPR, the right to withdraw your consent to the processing of personal data at any time with effect for the future, without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
  • You can assert your rights at any time by contacting the controller mentioned in §1. In addition, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of your personal data infringes the provisions of data protection law. The supervisory authority responsible at the controller’s registered office is: Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10555 Berlin. Phone: 030 13889-0, Email: [email protected], Website: www.datenschutz-berlin.de
Last updated: February 2025

Schedule an appointment

Click the button below to book your initial consultation. We look forward to supporting you on your journey to a healthy weight.

Make an appointment
Scroll to Top