Skip to main content

Privacy Policy

Your Privacy and Data Protection

Last Updated: January 2025

1. Introduction

Spineboshara ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and online consultation services.

This policy complies with the General Data Protection Regulation (GDPR) and German data protection laws.

2. Data Controller

Responsible Party:

Omer Boshara
Steinfeldstraße 5
52222 Stolberg, Germany
Email: boshara@spineboshara.com

3. Information We Collect

3.1 Information You Provide

When you use our online consultation services through Consolto, you may provide:

  • Name and contact information (email, phone number)
  • Medical history and health information
  • Communication content during consultations
  • Payment information (processed securely by third-party payment processors)

3.2 Automatically Collected Information

Our website may automatically collect:

  • IP address and browser information
  • Device type and operating system
  • Pages visited and time spent on our website
  • Referring website or source

4. How We Use Your Information

We use your personal data for the following purposes:

  • Providing Medical Services: To conduct online consultations and provide spine care advice
  • Communication: To respond to your inquiries and schedule appointments
  • Legal Compliance: To comply with medical record-keeping and legal obligations
  • Service Improvement: To improve our website and consultation services
  • Security: To protect against fraud and unauthorized access

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Consent: You have given explicit consent for processing your health data
  • Contract Performance: Processing is necessary to provide consultation services
  • Legal Obligation: We must comply with medical and legal record-keeping requirements
  • Legitimate Interest: To improve our services and ensure website security

6. Data Sharing and Third Parties

6.1 Consolto Video Consultation Platform

We use Consolto for our online video consultations. When you use this service, your data is processed by Consolto according to their privacy policy. Consolto is GDPR-compliant and uses secure, encrypted connections.

6.2 Other Third Parties

We may share your information with:

  • Healthcare Providers: With your consent, for coordinated care
  • Legal Authorities: When required by law or to protect rights and safety
  • Service Providers: Who assist in operating our website (hosting, analytics)

We do not sell your personal data to third parties.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for data transmission
  • Secure storage of medical records
  • Access controls and authentication
  • Regular security assessments

8. Data Retention

We retain your personal data for as long as necessary:

  • Medical Records: 10 years (as required by German medical law)
  • Communication Records: As long as necessary for service provision
  • Website Analytics: Up to 26 months

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal obligations)
  • Right to Restriction: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to certain types of processing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at boshara@spineboshara.com

10. Cookies and Tracking

Our website uses minimal cookies for essential functionality:

  • Essential Cookies: Required for website operation and security
  • Analytics: To understand how visitors use our website (anonymized)

You can control cookies through your browser settings.

11. International Data Transfers

Your data is primarily stored within the European Union. If data is transferred outside the EU, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

12. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal data from children without parental consent.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be communicated via email or website notice.

14. Contact and Complaints

For privacy-related questions or concerns:

Email: boshara@spineboshara.com
Address: Steinfeldstraße 5, 52222 Stolberg, Germany

You also have the right to lodge a complaint with a supervisory authority:

German Data Protection Authority:
Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Website: www.bfdi.bund.de

15. Medical Disclaimer

Important: Online consultations are not an emergency service and do not replace in-person examination. For medical emergencies, please call emergency services immediately (112 in Germany).