Privacy Policy

Data Controller

haddoccerv B.V. is the data controller responsible for your personal data. We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Collection

The data we collect includes personal information that you provide directly to us and information collected automatically when you use our website and services. This includes your name, email address, phone number, health information relevant to our treatments, appointment details, and technical data such as IP address and browser information.

We collect this information when you book appointments, fill out contact forms, subscribe to our newsletter, participate in consultations, use our website, or interact with our services in any way.

Categories of Personal Data

• Contact Information: Name, email address, phone number, postal address
• Health Information: Medical history, symptoms, treatment preferences, consultation notes
• Appointment Data: Booking details, service preferences, payment information
• Technical Data: IP address, browser type, device information, website usage patterns
• Communication Data: Records of correspondence, feedback, and support requests

How We Use Your Information

We explain how we use your information for various purposes related to providing our Ayurvedic wellness services. The use of your data is always based on a lawful basis under GDPR, including contract performance, legitimate interests, legal obligations, or your consent.

Specifically, how we use your information includes providing wellness consultations and treatments, managing appointments and bookings, communicating about our services, processing payments, improving our services, ensuring compliance with health regulations, and maintaining the security of our systems.

Legal Basis for Processing

• Contract Performance: To provide the wellness services you have booked
• Legitimate Interests: To improve our services and communicate relevant information
• Legal Obligation: To comply with health and safety regulations
• Consent: For marketing communications and optional data processing
• Vital Interests: In emergency situations related to your health and safety

Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information with trusted service providers who assist us in operating our business, such as payment processors, appointment scheduling systems, and healthcare professionals involved in your treatment. All third parties are required to maintain the confidentiality and security of your personal information.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Health records are typically retained for 7 years after your last appointment in accordance with healthcare regulations. Contact information for marketing purposes is retained until you withdraw consent or we determine it is no longer necessary. Technical data is usually retained for up to 2 years for security and analytical purposes.

Your Rights

Under GDPR, you have several rights regarding your personal data. These rights are designed to give you control over your personal information and ensure transparency in how we process it.

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to processing based on legitimate interests or for marketing
• Right to Withdraw Consent: Withdraw consent for processing where applicable

Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of sensitive data, secure storage systems, access controls, regular security assessments, staff training on data protection, and incident response procedures.

International Data Transfers

As we operate primarily within the European Union, your data is generally processed within the EU/EEA. If we need to transfer data outside this region, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and provide personalised content. For detailed information about our cookie practices, please refer to our Cookie Policy.

You can manage your cookie preferences through your browser settings or our cookie consent banner that appears when you first visit our website.

Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can take appropriate action.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. For significant changes, we may provide additional notice through email or our website.

Contact Us

If you have any questions about this privacy policy, wish to exercise your rights, or need to contact us about data protection matters, please contact us using the information below:

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data appropriately.

Supervisory Authority

If you have concerns about how we handle your personal data, you can contact the Dutch Data Protection Authority: