top of page

Privacy Policy

Last updated: 29.6.2026

1. Controller

The controller responsible for the processing of personal data through this website is:

 

Matrescence by Veronica
Owner: Veronica Aguado Ortiz
Sole proprietorship / Einzelunternehmen
[FULL BUSINESS STREET ADDRESS]
Germany

Email: [BUSINESS EMAIL ADDRESS]

For questions concerning this Privacy Policy or the processing of your personal data, please contact me using the details above.

2. General information

I process personal data only where this is necessary to operate this website, answer enquiries, manage the waiting list, send newsletters where consent has been given, arrange and provide services, process payments, comply with legal obligations or protect legitimate business and security interests.

“Personal data” means information relating to an identified or identifiable individual. This can include names, email addresses, telephone numbers, IP addresses, booking information and information provided during a consultation.

Some information concerning pregnancy, birth, breastfeeding, physical or mental health, a child’s health or family circumstances may constitute special-category data under data protection law. Such information receives additional protection as explained below.

3. Website hosting and Wix

This website is created and hosted using services provided by Wix.com Ltd. and its affiliated companies (“Wix”). Wix may process technical and usage data, IP addresses, device and browser information, form submissions, contact information and other information required to provide the website, security, hosting, customer-management and related services.

Wix processes certain information on my behalf as a service provider. Wix may also process information for its own purposes where it acts as an independent controller.

The legal basis for technically necessary website processing is Article 6(1)(f) GDPR. My legitimate interests are the secure, reliable and efficient operation of the website. Where processing is necessary to provide a function expressly requested by a visitor, Article 6(1)(b) GDPR may also apply.

Technically necessary cookies and similar technologies are used under section 25(2) TDDDG. Non-essential cookies and technologies are used only after consent.

Wix and its service providers may process information outside the European Economic Area. Where required, such transfers are based on an adequacy decision or appropriate safeguards, such as the European Commission’s Standard Contractual Clauses.

Further information is available in the Wix Privacy Policy and through the cookie settings on this website.

4. Technical access data and security logs

When you visit this website, technical information may be processed automatically. This can include:

  • IP address;

  • date and time of access;

  • requested pages and files;

  • referring website;

  • browser and device type;

  • operating system;

  • language settings;

  • error and security information.

This information is used to deliver the website, maintain technical stability, prevent misuse and investigate security incidents.

The legal basis is Article 6(1)(f) GDPR. My legitimate interests are website security, fraud prevention and reliable delivery of the website.

5. Contact forms and enquiries

When you contact me using a website form, email or another communication channel, I may process the information you provide, including your:

  • name;

  • email address;

  • telephone number;

  • preferred language;

  • requested service;

  • message and correspondence history.

The information is used to answer your enquiry and, where applicable, take steps before entering into a service agreement.

The legal basis is Article 6(1)(b) GDPR where your enquiry concerns a potential or existing service agreement. For general enquiries, the legal basis is Article 6(1)(f) GDPR. My legitimate interest is responding to genuine communications concerning my services.

Please do not include medical records, diagnoses or detailed health information in a general contact form.

6. Waiting list

When you join the waiting list, I process the information requested in the form, normally including your name, email address, preferred language, country or time zone and the service in which you are interested.

This information is used exclusively to:

  • manage the waiting list;

  • contact you when the relevant service becomes available;

  • provide essential updates concerning availability or your request.

Joining the waiting list does not automatically subscribe you to a general marketing newsletter.

The legal basis is Article 6(1)(b) GDPR because processing is necessary to take steps at your request before a possible service agreement.

Waiting-list information will normally be deleted within six months after the relevant paid service becomes available, unless you become a client, request continued contact, separately subscribe to the newsletter or a legal reason requires longer retention.

You can leave the waiting list at any time by contacting [BUSINESS EMAIL].

7. Newsletter and marketing emails

I send newsletters and promotional emails only where you have separately consented to receive them.

The legal basis is Article 6(1)(a) GDPR and, where applicable, section 7 UWG. Newsletter consent is voluntary and is not required to join the waiting list, submit an enquiry or purchase a service.

A double-opt-in process may be used. This means that after registering, you must confirm your email address through a confirmation message. The registration, confirmation, date, time and relevant technical information may be stored to document consent.

You may withdraw your consent at any time by:

  • using the unsubscribe link included in each newsletter; or

  • emailing [BUSINESS EMAIL].

Withdrawal does not affect the lawfulness of processing undertaken before withdrawal.

Newsletter subscriptions are managed through [WIX EMAIL MARKETING / INSERT ACTUAL NEWSLETTER PROVIDER]. The provider processes your email address and related delivery and interaction data on my behalf. Delete or update this paragraph if another provider is used.

8. Bookings and service administration

When you request or book a consultation or programme, I may process:

  • your name and contact details;

  • billing information;

  • appointment date, time and time zone;

  • selected service;

  • language preferences;

  • correspondence relating to the booking;

  • information necessary to prepare and deliver the service.

The legal basis is Article 6(1)(b) GDPR because processing is necessary to arrange and perform the requested service.

Bookings are administered through:

Booking provider: [WIX BOOKINGS / INSERT ACTUAL PROVIDER]

The booking provider may process booking and contact information on my behalf. Its privacy information will be made available during the booking process or linked from this Privacy Policy.

9. Health-related and other sensitive information

Because my services concern lactation, infant sleep, motherhood and family wellbeing, you may choose to provide information relating to your health or your child’s health.

This can include information about:

  • pregnancy, birth or postpartum recovery;

  • infant feeding or lactation;

  • sleep patterns;

  • medication, diagnoses or medical treatment;

  • physical or mental wellbeing;

  • developmental or family circumstances.

Where this constitutes special-category data, it will be processed only where you have given explicit consent under Article 9(2)(a) GDPR or another valid legal basis applies.

This information is used only to understand your request, adapt the non-medical support being provided, identify matters outside my professional scope and, where necessary, recommend that you contact an appropriately qualified healthcare professional.

You may withdraw your consent at any time. Withdrawal does not affect processing already carried out lawfully, but it may mean that I cannot continue providing a service that depends on the information.

Only a parent, legal guardian or another properly authorised person should provide information concerning a child. Please do not provide information concerning another adult without their knowledge and appropriate authority.

10. Payments, invoices and accounting

When you purchase a service, payment and transaction information may be processed by me and by the payment provider selected during checkout.

Payment provider or providers: [WIX PAYMENTS / STRIPE / PAYPAL / INSERT ACTUAL PROVIDERS]

Depending on the payment method, the provider may process your name, billing address, transaction amount, payment instrument information, account information, IP address and fraud-prevention information.

Payment providers may act partly as independent controllers. Their privacy information should be reviewed before selecting a payment method.

The legal bases are:

  • Article 6(1)(b) GDPR for processing necessary to perform the service agreement;

  • Article 6(1)(c) GDPR for invoicing, tax and accounting obligations;

  • Article 6(1)(f) GDPR for fraud prevention and the establishment, exercise or defence of legal claims.

Payment-card details are not stored directly by me unless expressly stated. They are normally processed by the selected payment provider.

Invoice and accounting information may be shared with banks, payment providers, accounting software providers, tax advisers and public authorities where legally required.

11. Cookies and similar technologies

This website uses cookies and similar technologies. Some are technically necessary for security, navigation, language settings, forms, bookings and other functions expressly requested by visitors.

Non-essential technologies, including analytics, personalisation and marketing technologies, are activated only after consent.

The legal bases are:

  • section 25(2) TDDDG and Article 6(1)(f) GDPR for technically necessary technologies;

  • section 25(1) TDDDG and Article 6(1)(a) GDPR for non-essential technologies.

You can accept all non-essential technologies, reject them or choose individual categories through the cookie banner. You can change or withdraw your choice at any time using the Cookie Settings link in the website footer.

A current list of cookies, providers, purposes and storage periods is available in Cookie Settings.

12. Analytics

Wix Analytics

I may use Wix Analytics to understand general website usage, such as page visits, traffic sources and interactions.

Where Wix Analytics uses non-essential cookies or comparable device-access technologies, it is activated only after consent. The legal basis is Article 6(1)(a) GDPR and section 25(1) TDDDG.

Where Wix processes strictly necessary technical information without non-essential cookies, the legal basis is Article 6(1)(f) GDPR. My legitimate interest is understanding and improving the general performance and security of the website.

Optional external analytics

[DELETE THIS SECTION UNLESS GOOGLE ANALYTICS OR ANOTHER EXTERNAL ANALYTICS SERVICE IS ACTIVATED.]

This website also uses [NAME OF ANALYTICS PROVIDER] after you consent to analytics cookies. The service processes information concerning website interactions, device characteristics, approximate location and online identifiers.

The legal basis is Article 6(1)(a) GDPR and section 25(1) TDDDG. Further information about the provider, international transfers, retention period and withdrawal options must be inserted here before the tool is activated.

 

13. Communication and online consultations

Where you agree to communicate through email, telephone, video call or a messaging service, the relevant provider may process communication and technical information.

Online consultations are provided through:

[GOOGLE MEET / ZOOM]

Messaging support is provided through:

[WHATSAPP / EMAIL]

Before activating a new communication provider, this Privacy Policy will be updated with its identity, processing purposes and relevant transfer safeguards.

Please do not use ordinary email or consumer messaging services for urgent medical information or emergencies.

14. Recipients and processors

Personal information is disclosed only where necessary. Potential recipients include:

  • Wix and its affiliated service providers;

  • booking, newsletter, communication and video-call providers;

  • payment providers and banks;

  • IT, hosting and security providers;

  • accountants and tax advisers;

  • legal advisers and insurers;

  • public authorities, courts or regulators where legally required.

Service providers acting on my behalf are selected with regard to data protection requirements and are subject to appropriate contractual obligations.

I do not sell personal data.

15. International data transfers

Some technology providers may process personal information outside Germany or the European Economic Area.

Where personal data is transferred to a country without an applicable adequacy decision, the transfer will be based on an approved safeguard, such as Standard Contractual Clauses, together with supplementary measures where required.

You may contact me for further information about the safeguards relevant to a particular provider.

16. Retention periods

Personal information is retained only for as long as necessary for the purpose for which it was collected, subject to statutory retention obligations.

The following general periods apply:

  • general enquiries: normally up to six months after the enquiry has been resolved;

  • waiting-list information: normally until six months after the relevant service becomes available;

  • newsletter information: until consent is withdrawn, with limited consent records retained where necessary to demonstrate compliance;

  • booking and service correspondence: normally for up to three years after the end of the service, unless longer retention is required;

  • health-related intake information: normally for up to twelve months after the service ends, unless ongoing support, your request, legal claims or another lawful reason requires longer retention;

  • invoices and accounting records: for the statutory German retention period, generally eight or ten years depending on the type of record;

  • cookie consent records: for as long as necessary to demonstrate and manage the relevant consent;

  • technical security information: for the period reasonably necessary for security and troubleshooting.

Information may be retained for longer where this is required by tax, accounting or other law or is necessary for the establishment, exercise or defence of legal claims.

When information is no longer required, it will be deleted or anonymised.

17. Your rights

Subject to the applicable legal conditions, you have the right to:

  • request access to your personal data;

  • request correction of inaccurate or incomplete data;

  • request deletion of your data;

  • request restriction of processing;

  • receive certain data in a portable format;

  • object to processing based on legitimate interests;

  • withdraw consent at any time;

  • lodge a complaint with a data protection supervisory authority.

Where processing is based on legitimate interests, you may object on grounds relating to your particular situation. Where data is processed for direct marketing, you may object at any time without giving reasons.

To exercise your rights, contact [BUSINESS EMAIL]. I may request reasonable information to verify your identity.

The right to deletion does not apply where continued retention is required by law or necessary for legal claims.

18. Supervisory authority

You have the right to lodge a complaint with a data protection authority.

For a business established in Berlin, the competent authority is generally:

Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59–61
10555 Berlin
Germany

Email: mailbox@datenschutz-berlin.de

You may also contact another competent supervisory authority, particularly in the EU or EEA country where you live or where the alleged infringement occurred.

19. Requirement to provide information

Information marked as required in a form is necessary to process the relevant request or booking. Without it, I may be unable to respond, manage your booking or provide the requested service.

Newsletter consent and consent to optional cookies are voluntary.

20. Automated decision-making

I do not use personal information to make decisions based solely on automated processing that produce legal or similarly significant effects.

21. Data security

Appropriate organisational and technical measures are used to protect personal information against accidental or unlawful loss, alteration, disclosure or access.

Internet communication cannot be guaranteed to be completely secure. Please avoid sending unnecessary medical records or highly sensitive information through ordinary email or general website forms.

22. Changes to this Privacy Policy

This Privacy Policy may be updated when the website, services, providers or legal requirements change.

The current version and its revision date will always be published on this page.

bottom of page