Ankerly Privacy

1. Controller

Praxis LH Ergotherapie, Levi Hackbarth
Sole proprietorship
Ahrensfelder Weg 11
22927 Großhansdorf
Germany

Phone: +49 4102 695916
E-mail: info@lh-ergotherapie.de
Website: https://lh-ergotherapie.de

2. Privacy Contact

No data protection officer has been appointed.

If you have any questions regarding data protection, you may contact:

Levi Hackbarth
E-mail: info@lh-ergotherapie.de

3. General Information on Data Processing

We process personal data only to the extent necessary to provide our website and app, make content and features available, and respond to inquiries.

In particular, we process personal data for the following purposes:

  • providing the website and app
  • creating and managing user accounts
  • storing content and settings within the app
  • providing interactive features such as routines, exercises, favorites, agreements, and templates
  • ensuring technical stability, security, and troubleshooting
  • communicating with users
  • possibly sending a newsletter in the future, if introduced and if the relevant consent has been given

Processing is carried out on the basis of the applicable legal grounds, in particular Article 6(1)(a), (b), (c), and (f) GDPR.

4. Target Group and Nature of the Service

Our service is primarily intended for parents. User accounts may only be created and managed by parents or other adult legal guardians.

Within the app, information relating to children may be entered, such as:

  • the child’s first name or name
  • the child’s age
  • routines, agreements, favorites, exercises, and similar organizational content

Based on the current concept of the app, we do not intentionally request or process diagnosis data explicitly as health data. However, users should not enter sensitive medical information into free-text fields unless this is absolutely necessary.

5. Processing When Visiting the Website or Using the App

When you visit our website or use our app, technically necessary information is processed automatically. This includes in particular:

  • IP address
  • date and time of access
  • browser type and browser version
  • operating system
  • referrer URL
  • pages and files accessed
  • access status

The processing of this data is necessary to make the website and app technically available, ensure security, and detect misuse.

Legal basis: Article 6(1)(f) GDPR
Legitimate interest: technical provision, IT security, stability, and error analysis

6. Hosting and Database

Our website and app are hosted via Replit Deployment. According to the current technical setup, the database is also operated via Replit infrastructure.

Replit may process personal data on our behalf to the extent technically necessary, for example in connection with hosting, storage, database operation, website/app delivery, and technical provision of the service.

Where Replit acts as a processor on our behalf, processing is carried out on the basis of a data processing agreement pursuant to Article 28 GDPR.

Legal basis: Article 6(1)(b) GDPR and Article 6(1)(f) GDPR

7. User Account and Registration

If you create a user account, we process the data you provide in order to make the app features available to you.

In particular, the following data may be processed:

  • name
  • e-mail address
  • password in a technically protected form
  • account-related settings
  • dates and times of registration and use

Purpose of processing: provision of a personalized user account and access to protected app features

Legal basis: Article 6(1)(b) GDPR

8. Content Stored in the App

When you use the app, content entered by you may be stored so that you can access, edit, or delete it later.

Based on the current range of functions, this may include in particular:

  • favorites for articles and exercises
  • exercises and saved lists
  • to-do lists and routines
  • media agreements
  • recommendations and favorites
  • free-text entries and notes
  • names and organizational information relating to children
  • agreement-related content within the app
  • content from offline or local storage if synchronized with your account

Purpose of processing: provision of the requested app features and storage of user-related content

Legal basis: Article 6(1)(b) GDPR

9. Media Agreement and Comparable Templates

If you use a media agreement or comparable templates within the app, we process the data entered by you in order to create, store, display again, and make the document usable within the app.

This may include in particular:

  • child’s name
  • child’s age
  • name of one or more parents
  • agreed media times
  • permitted media, apps, websites, or games
  • individual rules and arrangements
  • free-text entries
  • creation and modification timestamps
  • document status, e.g. draft or signed

Legal basis: Article 6(1)(b) GDPR

10. Digital Signatures Within the App

Where the app allows a digital signature via touch input or signature field, we process that signature solely in order to store and display the relevant agreement or document within the app.

This is not a biometric identity verification process, but a simple digital representation of a signature entered by the users themselves.

The signature may be stored together with the relevant agreement, a timestamp, and the document status.

Purpose: documentation of an agreement signed within the app

Legal basis: Article 6(1)(b) GDPR

11. Offline Functions and Local Storage

Parts of the app may be stored locally on the user’s device in order to provide certain functions offline or improve usability. For example, content may be stored in the browser cache, local storage, IndexedDB, or similar local storage mechanisms.

Local storage serves the technical provision of the app, performance optimization, and offline use.

Where locally stored data is technically necessary only, such processing is based on our legitimate interest in providing a functional and user-friendly app.

Where locally stored content is linked to your user account or synchronized with our database, processing is also carried out for the performance of the user contract.

Legal basis: Article 6(1)(f) GDPR and, where account- or feature-related, Article 6(1)(b) GDPR

12. Necessary Cookies and Similar Technologies

At present, we use only technically necessary cookies or comparable technologies that are required for the operation of the website and app.

These may include in particular:

  • login or session cookies
  • security-related functions
  • technical storage of settings
  • provision of offline and app functions

These cookies and technologies are required in order for the website and app to function properly.

Legal basis under the GDPR: Article 6(1)(f) GDPR or Article 6(1)(b) GDPR for logged-in user accounts
Legitimate interest: secure and functional provision of the service

If analytics, statistics, marketing, or other non-essential cookies are introduced in the future, we will obtain separate consent before using them and update this Privacy Policy accordingly.

13. Push Notifications and Alerts

Where the app uses notifications or push notifications, we process the data necessary for this solely in order to provide you with reminders or alerts that you have requested.

This may concern, in particular, reminders relating to routines, exercises, agreements, or other app content.

Where separate consent is required for this, processing is carried out on the basis of your consent.

Legal basis: Article 6(1)(a) GDPR or Article 6(1)(b) GDPR, depending on the specific implementation

14. Contacting Us

If you contact us by e-mail or in any other way, we process the data you provide in order to handle your request.

This may include:

  • name
  • e-mail address
  • phone number
  • content of the message
  • other information provided voluntarily

Legal basis:

  • Article 6(1)(b) GDPR where the inquiry relates to the use of our services
  • Article 6(1)(f) GDPR for general inquiries

15. Newsletter (Planned)

A newsletter is planned but is not currently active.

Once a newsletter is introduced, we will supplement this Privacy Policy accordingly. As a rule, newsletters to private individuals will only be sent on the basis of prior consent.

The required information will then include in particular:

  • the mailing service provider used
  • the data processed
  • the double opt-in procedure
  • the possibility to withdraw consent
  • the storage period

Until the newsletter is actually introduced, no newsletter-related data processing takes place under this Privacy Policy.

16. App Stores

The app may in the future also be offered through app stores. Where users download the app via an app store or access information there, the privacy policies of the respective app store operator shall also apply.

We are not responsible for processing carried out by the respective app store operator.

To the extent that we ourselves receive or process personal data in connection with making the app available in an app store, we will provide separate information in this Privacy Policy as soon as this becomes specifically relevant.

17. No Automated Decision-Making

No automated decision-making, including profiling within the meaning of Article 22 GDPR, takes place.

18. Recipients of Personal Data

Personal data is disclosed to third parties only where this is legally permitted or necessary.

Recipients may include in particular:

  • technical hosting and infrastructure providers
  • database and platform providers
  • IT service providers involved in maintenance and operation
  • public authorities, where there is a legal obligation to do so

At present, no disclosure for advertising purposes takes place.

19. International Data Transfers

At present, no additional external services have been specifically integrated that necessarily require the transfer of personal data to third countries.

However, because Replit and potentially other technical providers may be used, processing outside the European Union or the European Economic Area cannot be fully excluded. If personal data is transferred to a third country, we will ensure that the legal requirements are met, in particular through appropriate safeguards under Articles 44 et seq. GDPR.

As soon as further providers such as newsletter, video, analytics, or similar services are actually used, we will update this Privacy Policy accordingly.

20. Storage Period

We store personal data only for as long as necessary for the respective purposes or as long as statutory retention obligations apply.

Based on the current status, the following principles apply:

  • user accounts and the content contained in them remain stored until they are deleted or the purpose no longer applies
  • users should be able to delete their account themselves
  • when an account is deleted, the associated content is generally deleted as well
  • content from future community functions may, where technically and functionally necessary, be anonymized if an account is deleted

Server and security logs are generally stored only as long as necessary for secure operation.

As soon as fixed deletion periods are defined for specific data categories, this Privacy Policy should be updated accordingly.

21. Data Security

We implement appropriate technical and organizational measures to protect personal data against loss, misuse, unauthorized access, unauthorized alteration, or unauthorized disclosure.

These measures include, in particular, access restrictions, authentication, secure storage, and protection of technical operations.

Despite all due care, complete security can never be absolutely guaranteed in internet-based systems.

22. Your Rights

Under the GDPR, you have in particular the following rights:

  • the right of access to the personal data processed about you
  • the right to rectification of inaccurate data
  • the right to erasure
  • the right to restriction of processing
  • the right to data portability
  • the right to object to processing based on Article 6(1)(e) or (f) GDPR
  • the right to withdraw consent at any time with effect for the future

To exercise your rights, you may contact us at info@lh-ergotherapie.de.

23. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data is unlawful.

The competent supervisory authority for our company is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD)
Holstenstraße 98
24103 Kiel
Germany

E-mail: mail@datenschutzzentrum.de
Website: https://www.datenschutzzentrum.de/

24. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy if legal requirements, technical functions, services used, or data processing activities change.

The version currently published on our website or in the app shall apply.

Nach oben scrollen