Privacy Policy – Psychologische Online-Beratung

1. Controller

Lucille Mayer
Psychological Counselor (non‑clinical)
c/o flexdienst – #11694
Kurt‑Schumacher‑Straße 76
67663 Kaiserslautern
Germany

Phone: +49 1575 0712587
Email: [email protected]
Website: https://online-psychologin.net

2. Purpose of Processing

I process personal data solely for the purpose of providing psychological counseling, scheduling appointments, issuing invoices, and documenting the counseling process. Data is processed only in connection with the services you request.

3. Legal Basis

Processing is carried out on the basis of:

Art. 6(1)(a) GDPR — your consent
Art. 6(1)(b) GDPR — performance of a contract or pre‑contractual measures
Art. 6(1)(f) GDPR — legitimate interests (e.g., secure website operation, appointment management, payment processing)

4. Categories of Data Processed

Name and contact details
Information provided during inquiries and appointment bookings
Notes taken during counseling sessions
Billing and payment information
Any additional information you voluntarily provide

No special categories of personal data under Art. 9 GDPR (e.g., health data) are processed, as no clinical or psychotherapeutic services are provided.

5. Storage Period

Personal data is stored only as long as necessary for the counseling process and to comply with statutory retention and limitation periods.
As a rule, data is retained for up to 3 years after the end of counseling (standard limitation period under German civil law).

6. Disclosure to Third Parties

Data is only shared when:

you have given explicit consent,
it is necessary for contract performance (e.g., payment providers),
there is a legal obligation, or
processing is carried out by a contracted service provider under Art. 28 GDPR.

No data is shared for advertising purposes.

7. Hosting and Service Providers

Hetzner Online GmbH (Hosting)
My website is hosted by Hetzner. Hetzner processes personal data on my behalf under a data processing agreement (Art. 28 GDPR). Processing takes place exclusively within the EU.

Tymia (Appointment Scheduling)
I use Tymia for appointment booking. The data you enter is processed for scheduling and managing appointments. Processing is based on Art. 6(1)(b) GDPR. A data processing agreement is in place.

Stripe (Payment Processing)
Payments are processed via Stripe. Stripe may transfer data to the United States. Transfers rely on the EU‑US Data Privacy Framework and Standard Contractual Clauses (SCCs). Processing is based on Art. 6(1)(b) and Art. 6(1)(f) GDPR.

8. Contact Form and Online Booking

When you contact me via the contact form or online booking system, the information you provide is stored for the purpose of handling your request and any follow‑up questions.
Processing is based on your consent under Art. 6(1)(a) GDPR.

All data is transmitted via encrypted connections (TLS/SSL).

9. Data Security

I implement appropriate technical and organizational measures to protect your data from loss, misuse, and unauthorized access. The website is provided exclusively via encrypted connections.

10. Your Rights

You have the right to:

access your stored data (Art. 15 GDPR)
rectification (Art. 16 GDPR)
erasure (Art. 17 GDPR)
restriction of processing (Art. 18 GDPR)
data portability (Art. 20 GDPR)
withdraw consent at any time (Art. 7(3) GDPR)
object to processing (Art. 21 GDPR)

11. Right to Lodge a Complaint

You may lodge a complaint with the competent supervisory authority:

The State Commissioner for Data Protection and Freedom of Information Rhineland‑Palatinate
Hintere Bleiche 34
55116 Mainz
https://www.datenschutz.rlp.de (datenschutz.rlp.de in Bing)

12. International Data Transfers

When using Stripe, personal data may be transferred to the United States. Transfers rely on the EU‑US Data Privacy Framework and Standard Contractual Clauses in accordance with Art. 46 GDPR.

13. Updates to This Privacy Policy

This privacy policy is reviewed and updated regularly to reflect legal requirements and changes to my services.