Privacy Policy

Introduction

metavisions GmbH ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us in any way.

We are the data controller for the personal information we collect about you. This policy complies with the General Data Protection Regulation (GDPR) and Austrian data protection laws.

Data Controller Information

Data Collection

The data we collect depends on how you interact with our services. We collect personal information that you provide directly to us, information we obtain automatically when you use our services, and information from third parties.

Information You Provide Directly

• Contact details (name, email address, phone number)
• Account information when you register for our services
• Health and fitness information for programme customisation
• Payment information for service bookings
• Communication preferences and feedback
• Information submitted through contact forms or inquiries

Information We Collect Automatically

• Website usage data and analytics
• Device information and browser type
• IP address and location data
• Cookies and similar tracking technologies
• Session recordings for website improvement

How We Use Your Information

We process your personal data for various purposes based on different legal grounds. Here's how we use your information and the legal basis for each use:

Service Provision (Contract Performance)

• Provide wellness and fitness services
• Process bookings and payments
• Create personalised training programmes
• Communicate about your appointments and services
• Manage your account and preferences

Legitimate Interests

• Improve our services and website functionality
• Analyse usage patterns and customer preferences
• Prevent fraud and ensure security
• Respond to customer inquiries and provide support
• Conduct business operations and administration

Legal Compliance

• Comply with health and safety regulations
• Meet tax and accounting requirements
• Respond to legal requests and proceedings
• Maintain records as required by law

Consent (Where Applicable)

• Send marketing communications and newsletters
• Use cookies for analytics and personalisation
• Process special category health data for programme design
• Share testimonials and success stories

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: Trusted third parties who assist us in operating our business, such as payment processors, booking systems, and IT support providers
• Legal Requirements: When required by law, court order, or regulatory authority
• Business Transfers: In connection with any merger, acquisition, or sale of business assets
• Emergency Situations: To protect the safety and rights of our clients, staff, or the public
• Consent: When you have given explicit consent for specific sharing purposes

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Your Rights

Under GDPR and Austrian data protection law, you have several rights regarding your personal data. You can exercise these rights by contacting us using the contact information provided below.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, analyse website traffic, and personalise content. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication systems
• Staff training on data protection procedures
• Secure data backup and recovery systems
• Regular monitoring for security threats

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we need to transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard contractual clauses approved by the European Commission
• Binding corporate rules for multinational companies
• Your explicit consent for specific transfers

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date at the top of this page.

For significant changes that affect your rights, we may also notify you via email or other communication methods. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions about this Privacy Policy, want to exercise your rights, or need to contact us regarding data protection matters, please reach out using the following contact information:

We will respond to your inquiry within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) or your local supervisory authority.

Supervisory Authority