Book a free call

Privacy Policy

  1. Data Controller (Responsible Party):
    The data controller responsible for the processing of personal data on this website is:
    Sarah Sophie Günther (certified nutrition trainer & Pilates instructor, Vienna)
    www.your-fundamentals.at
    E-mail: lift@your-fundamentals.at
    Vienna, Austria
    I process personal data exclusively based on legal provisions (GDPR, TKG 2003).
  2. Processing of Personal Data
    Personal data refers to all information relating to an identified or identifiable natural person. I process the following categories of data:
    Contact information (name, e-mail address, telephone number)
    Billing and payment data
    Health-related information that you voluntarily provide through a questionnaire (e.g., allergies, intolerances)
    Content from contact forms and e-mails
    Data for appointment bookings
    Access data when visiting my website (IP address, browser data, cookies)
    Sensitive data (health data) is processed only with your explicit consent.
  3. Purpose of Data Processing
    I process your data for the following purposes:
    Responding to inquiries
    Preparation and execution of nutrition coaching, Pilates sessions, workshops, and online courses
    Fulfillment of contracts and invoicing
    Organizing appointments and course registrations
    Optimization of my website
    Compliance with legal obligations (e.g., tax law)
    I do not share data with third parties without a legal basis or your explicit consent.
  4. Legal Basis for Processing
    Your data is processed based on the following legal grounds:
    Art. 6(1)(b) GDPR – contract performance
    Art. 6(1)(a) GDPR – consent
    Art. 6(1)(f) GDPR – legitimate interest (e.g., website operation)
    Art. 6(1)(c) GDPR – legal obligation
    Art. 9 GDPR – processing of health data only with explicit consent
  5. Hosting & Website Operation
    The website www.your-fundamentals.at is hosted by World4You (Austria). World4You automatically stores data such as IP address, time of access, browser type & operating system, and visited pages. This is necessary for technical security.
    Legal basis: Art. 6(1)(f) GDPR.
  6. Cookies
    My website uses cookies to ensure basic functions and to analyze usage. You can disable cookies at any time via your browser settings.
  7. Use of Third-Party Providers
    If third parties process personal data, I have concluded appropriate data processing agreements (Art. 28 GDPR) to ensure that your data is processed in compliance with legal privacy requirements.
    7.1. Zoom (Online Meetings / Workshops)
    For online coaching and workshops, I use Zoom (Zoom Video Communications, Inc., USA). Processed data may include name, e-mail, image & audio (if provided voluntarily), and chat messages.
    Legal basis: Consent + contract performance.
    Zoom is used as data-minimally as possible and in compliance with EU Standard Contractual Clauses.
    7.2. Google Services
    I use the following Google services: Google Analytics (website analysis) and Google Tag Manager. Google LLC may process data partially in the United States. IP anonymization is used so that full IP addresses are not stored.
    Legal basis: Consent under Art. 6(1)(a) GDPR (via cookie banner).
  8. E-Mail & Contact Form
    E-mails and contact form submissions are stored to process your request.
    Legal basis: Contractual performance / pre-contractual measures.
  9. Third-Party Embedded Content & Social Media
    If the website includes embedded content (e.g., YouTube videos, Instagram feeds, TikTok content), these services may collect data about your interaction directly through their platforms.
    I recommend reviewing the privacy policies of these third parties to understand their data collection and processing.
  10. Appointment Tools / Online Courses
    If external tools are used for bookings (e.g., Calendly, Eversports), this is clearly indicated before use. Their terms and privacy policies apply when booking.
  11. Data Retention & Deletion
    I retain personal data for 7 years due to tax law requirements (invoices) and as long as necessary for the contract.
    Health-related data: retained only until the end of cooperation or withdrawal of consent. You may request deletion at any time, unless legal obligations prevent it.
  12. Transfer to Third Parties
    Data is not shared, except with:
    Zoom or Google for contract fulfillment
    Technical service providers
    Tax consultants (legal obligation)
    If you explicitly consent or if legally necessary
  13. Data Security
    I implement technical and organizational measures such as:
    SSL encryption
    Password protection
    Access controls
    Secure storage procedures
  14. Your Rights (GDPR)
    You have the right to:
    Access your personal data
    Correct or update incorrect data
    Request deletion or restriction of processing
    Object to processing
    Withdraw consent at any time
    Request data portability
    If you believe your data is processed unlawfully, you can file a complaint with the Austrian Data Protection Authority: Datenschutzbehörde, Barichgasse 40–42, 1030 Vienna.
  15. Health-Related Data
    As a nutrition & Pilates trainer, I process voluntarily provided info such as:
    Allergies
    Intolerances
    Physical limitations
    Medical clearances
    I do not assume responsibility for incorrect data. These data are used solely for safe course execution.
  16. Minors
    My services are not intended for persons under 16 years without parental consent.
  17. Changes to the Privacy Policy
    This privacy policy may be updated when necessary.
    The current version is always available on the website.
  18. Online Dispute Resolution
    Under Regulation (EU) No. 524/2013, consumers can use the European Online Dispute Resolution platform:
    https://ec.europa.eu/odr

Last updated:
January 2026