Privacy
Protecting your personal data matters to us — especially in a medical setting. This notice informs you under Articles 13 and 14 of the General Data Protection Regulation (GDPR) about the processing of your data when visiting this website and when using our contact forms.
Controller
Dr. TONNINGER-BAHADORI & Partner OG
Schloßhofer Straße 13–15 (top floor), 1210 Vienna
Email: office@endoskopie.at
Phone: +43 1 890 56 72
Server log data
On every request our web server records technically necessary data (IP address, time, page requested, browser type). Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operation and security). This data is deleted after a short time and is not used for profiling.
Contact forms (callback, prescription request)
Our website offers two contact forms: the
callback form on the home page and the
prescription request form at /en/prescription.
Where your data is processed: The submitted data is processed exclusively on our web server in Austria — directly by a PHP script that delivers the request to us as an email to office@endoskopie.at. We do not use third-party services for processing the forms. Your data is not transferred to recipients outside the EU.
Legal bases:
- Callback form: Art. 6(1)(b) GDPR (pre-contractual measures at your request) as well as Art. 6(1)(a) GDPR (your consent when sending).
- Prescription request: Here we process special categories of personal data (health data). The legal basis is your explicit consent under Art. 9(2)(a) GDPR as well as Art. 6(1)(b) GDPR.
Storage period: Data submitted via the form is used to process your request and then deleted — unless statutory retention obligations (e.g. medical documentation duty under the Austrian Medical Practitioners Act) require longer storage.
Spam protection: The forms use an invisible “honeypot” field to detect automated requests — no additional data is collected from you in the process.
Contact by email or phone
If you contact us by email or phone, your information is processed to handle your request and for any follow-up communication (Art. 6(1)(b) and (f) GDPR; for health-related information additionally Art. 9(2)(h) GDPR — provision of healthcare). We do not pass on this data to third parties without your consent.
Embedded content (YouTube)
On the page /en/services/colonoscopy explanatory
videos from YouTube are embedded. We use a
click-to-play approach: when you open the page
you initially only see a preview image stored locally on our
server — no connection to YouTube or Google is
made. Only when you actively click the play button is the
actual video player loaded and data (in particular your IP
address) transmitted to Google LLC (USA). For the embedding
itself we use the more privacy-friendly variant
youtube-nocookie.com.
Legal basis for the data transfer on the play click: Art. 6(1)(a) GDPR (your consent, expressed by actively clicking). For details on Google's processing please see their privacy notice: policies.google.com/privacy.
Fonts
This website uses the web fonts Inter and Fraunces for a consistent display. The fonts are served directly from our web server in Austria — no connection is made to external providers such as Google Fonts, so your IP address is not transmitted to third parties.
Cookies
This website does not set any cookies of its own. Embedded content (e.g. the YouTube videos) may set its own cookies after you click play — see above.
Your rights
You have the right at any time to access, rectification, erasure, restriction of processing and to data portability under Articles 15 to 20 GDPR. Consents you have given can be revoked at any time for the future (Art. 7(3) GDPR). You also have the right to lodge a complaint with the data protection authority (dsb.gv.at).
Status: . This notice is updated on an ongoing basis to reflect current processing activities.