top of page

Privacy Policy – English Version (for Information Purposes Only)

This English version of the Privacy Policy is provided for convenience and informational purposes only. In case of any discrepancies or legal interpretation, the German version of the Privacy Policy shall prevail.

1. Overview of Data Protection

General Information

Protecting your personal data is important to us. This Privacy Policy explains what happens to your personal data when you visit our website or use our services.

Personal data means any data that can be used to identify you personally. Detailed information can be found in the sections below.

2. Data Controller

The controller responsible for data processing is:

LOOM Health – Practice for Functional Medicine & Herbal Medicine
Owner: Janine Alonzo, Naturopath (Heilpraktikerin)
Marienstraße 25, 10117 Berlin, Germany
Email: office@loom-health.de
Website: www.loom-health.de

3. Purposes of Data Processing

We process personal data for the following purposes:

  • Providing and securing the website

  • Appointment scheduling and practice administration

  • Performing, documenting, and organizing treatment

  • Billing of services

  • Compliance with legal documentation and retention obligations

Your data is not used for marketing purposes.

4. Types of Data Processed

Depending on your interaction with our website and services, we may process:

  • Identification and contact data (name, email, phone number, date of birth)

  • Health data (e.g. medical history, findings, lab results, treatment records)

  • Billing and insurance data

  • Communication data (emails, appointment requests)

  • Technical data (IP address, browser type, date and time of access)

5. Legal Basis for Processing

Processing is based on the following legal grounds:

  • Art. 6(1)(b) GDPR – performance of a contract / treatment relationship

  • Art. 9(2)(a) GDPR – consent to process health data

  • Art. 6(1)(c) GDPR – compliance with legal obligations

  • Art. 6(1)(f) GDPR – legitimate interest in providing a secure and functional website

6. Processing of Health Data (Treatment Context)

If you use our services as a patient, we also process special categories of personal data within the meaning of Art. 9 GDPR (health data), such as:

  • Medical history and intake information

  • Diagnoses, findings, and lab results

  • Treatment records and documentation

The processing is carried out exclusively for the purpose of providing, organizing, and documenting treatment and, where applicable, billing.

Your consent to process health data is given via a digital consent form prior to the start of treatment and can be withdrawn at any time with effect for the future. Statutory retention obligations remain unaffected.

7. Website Hosting (Wix)

This website is hosted by Wix.com Ltd.
Personal data collected through the use of this website may be stored on the servers of the hosting provider.

A data processing agreement (Art. 28 GDPR) has been concluded with the hosting provider.

8. Appointment Booking (Doctolib)

We use Doctolib to manage online appointment bookings.
When booking an appointment, personal data such as your name, contact details, and appointment information are processed.

The data is used exclusively for the purpose of appointment management and administration.
Further information can be found in the privacy policy of the respective provider.

9. Online Forms (Jotform)

We use GDPR-compliant online forms provided by Jotform to collect consent and, where applicable, medical intake information.

The data you enter – including health data, if provided – is processed for the purpose of organizing treatment.

A data processing agreement (Art. 28 GDPR) has been concluded with the provider.
Where available, data storage within the European Union is used.

Email notifications about new form submissions generally do not contain sensitive data.

10. Billing Services

If billing is handled through an external billing service (e.g. for private or supplementary insurance reimbursement), the necessary personal data will be transferred to the billing provider.

The transfer is carried out for the purpose of billing (Art. 6(1)(b) GDPR).
Health data is only transferred if necessary for billing purposes or if explicit consent has been given.

11. Email and Phone Communication

If you contact us by email or phone, your details will be stored and processed in order to handle your request.

For administrative matters (e.g. appointments, invoices, payment confirmations), please contact:
office@loom-health.de

Medical matters are addressed exclusively during scheduled appointments.

Please note that email communication may have security vulnerabilities.

12. Cookies & Google Maps

Our website uses cookies. Cookies are small text files stored on your device that do not cause any harm.

We also use Google Maps to display the location of our practice. This may involve transferring your IP address to Google servers, including servers in the United States.

The data transfer is based on the EU Commission’s approved Standard Contractual Clauses.

Further information can be found in Google’s Privacy Policy.

13. Data Retention

Your personal data is stored only for as long as necessary to fulfill the stated purposes or to comply with statutory retention obligations.

14. Your Rights

You have the right to:

  • Access your personal data

  • Rectification of inaccurate data

  • Erasure (subject to legal retention requirements)

  • Restriction of processing

  • Data portability

  • Withdrawal of consent with effect for the future

Requests can be sent to: office@loom-health.de

15. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority.

16. Data Security

We implement appropriate technical and organizational measures to protect your data against loss, misuse, and unauthorized access.

17. Updates

This Privacy Policy applies in its current version.
Version: January 2026

bottom of page