1. Data Protection
General Information
Protecting your personal data is important to me. Below, I explain what happens to your personal data when you visit this website. Personal data refers to all data that can identify you personally, such as your name, address, email address, or user behavior.
Data Collection on This Website
Who is responsible for data collection on this website?
The data processing on this website is carried out by:
Private Practice Réka Török
Couples Counseling & Couples Therapy
Monschauer Str. 12
D-40549 Düsseldorf
📧 info@reka-toeroek.de
How is your data collected?
Some data is collected when you provide it, for example via the contact form or email. Other data is automatically collected by IT systems when you visit the website, such as technical data (e.g., browser type, operating system, time of page access).
Why do I use your data?
Some data is used to ensure the website functions properly. Other data may be used to analyze user behavior.
Data you provide through contact (email, contact form) is used to respond to your inquiries.
What rights do you have regarding your data?
You have the right to obtain information about the origin, recipients, and purpose of your stored personal data at any time, free of charge. You also have the right to request correction or deletion of your data.
If you have given consent to data processing, you can revoke it at any time with future effect. You also have the right, under certain conditions, to request restriction of the processing of your personal data. Additionally, you have the right to lodge a complaint with the competent supervisory authority.
For this and any other questions related to data protection, feel free to contact me at any time.
2. Hosting & General Information on Data Processing
External Hosting Provider
This website is hosted by an external service provider. All personal data collected on this website is stored on the hosting provider’s servers. This includes, in particular, IP addresses, metadata, communication data, website accesses, and other data generated via the website.
Using a hosting provider serves to fulfill contractual obligations to potential and existing clients (Art. 6(1)(b) GDPR) and is in the interest of a secure, fast, and efficient delivery of my online services (Art. 6(1)(f) GDPR). The hosting provider only processes your data as necessary to fulfill its performance obligations and follows my instructions regarding this data.
My hosting provider is:
Hostingwerk
Feyer Media GmbH
Eibenweg 42
D-42111 Wuppertal
Telefon: +49 202 49579824
E-Mail: mail@feyermedia.de
Website: hostingwerk.de
3. Detailed Information
As a couples counselor and the operator of this website, I take the protection of your personal data very seriously. Your data is treated confidentially in accordance with legal data protection regulations and this privacy policy.
When using this website, various personal data is collected. This privacy policy explains what data is collected, how and why it is processed, and what rights you have regarding your data.
Controller
The controller is the individual or entity that decides on the purposes and means of processing personal data. The controller for data processing on this website is:
Private Practice Réka Török
Couples Counseling & Couples Therapy
Monschauer Str. 12
D-40549 Düsseldorf
📧 info@reka-toeroek.de
Collection and Processing of Personal Data
Server Log Files
The hosting provider automatically collects and stores information in server log files that your browser transmits automatically:
- Browser type and version
- Operating system
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data are not merged with other data sources and are deleted after seven days.
Data is processed based on Art. 6(1)(f) GDPR, which allows data processing to ensure a technically error-free presentation and optimization of the website.
Contact Form, Email, and Phone Inquiries
If you contact me via the contact form, email, or phone, your information is stored for the purpose of processing your request and in case of follow-up questions. Your data will not be shared without your consent.
Processing of this data is based on Art. 6(1)(b) GDPR if your request is related to a contract or necessary for pre-contractual actions. In all other cases, processing is based on my legitimate interest (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), where requested — which can be revoked at any time.
Your submitted data will be stored until you request deletion, revoke your consent, or the purpose for storage no longer applies (e.g., after your inquiry has been completed). Legal obligations, particularly retention periods, remain unaffected.
Use of RockSolid AntiSpam for Contact Forms
The contact form is protected against spam using the Contao extension “RockSolid AntiSpam”, which employs hidden form fields (honeypots). These are invisible to normal users but detectable by spambots. When a spambot is detected, the form submission is blocked. In rare cases, a security question is displayed to verify human users.
RockSolid AntiSpam processes IP addresses, browser data, and, if applicable, form content. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in protecting against spam and misuse). The data is used solely for spam prevention and is not shared with third parties. Technical and organizational security measures are in place.
More about RockSolid AntiSpam: https://rocksolidthemes.com/de/contao/plugins/honeypot-antispam
Cookies and Consent Management with Cookiebot
My website uses Cookiebot, a service of Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark, for managing consent to cookies and similar technologies. Cookiebot helps me obtain, document, and manage the legally required consents. In doing so, information about the consent status and technical data are processed in order to assign the consent granted and take it into account during future visits.
Cookiebot uses technically necessary cookies or similar technologies for this purpose. This data processing is necessary to document your consent and to save your selection. The legal basis is Art. 6(1)(c) GDPR, where subject to a legal obligation, and Art. 6(1)(f) GDPR based on the legitimate interest in legally compliant consent management. Where consent is requested, processing is additionally based on Art. 6(1)(a) GDPR.
You can change or withdraw your consent settings at any time via the cookie banner. Further information on data processing by Cookiebot can be found at: https://www.cookiebot.com/en/privacy-policy/.
Google Tag and Google Tag Manager
I use Google Tag or Google Tag Manager provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag is used to manage and deploy website tags and may process technical data such as IP address and information about the device used and user behavior.
The service itself does not perform analysis or marketing functions; it manages the integration of other services. The deployment of analytics and marketing tags takes place only after your consent via our cookie banner or via Google Consent Mode.
The legal basis for the use of Google Tag is Art. 6(1)(a) GDPR, where consent has been given, and Art. 6(1)(f) GDPR insofar as processing is necessary for the technically required management of the tags used. Data may also be transferred to Google LLC servers in the United States.
Google Consent Mode
I use Google Consent Mode in combination with Cookiebot to technically transmit the consent status for Google services to Google. According to Google, no personal data from the Cookiebot banner is transmitted to Google, but only information indicating whether certain consents have been granted or denied. Based on this information, Google services such as Google Ads are controlled accordingly.
Google Ads
I use Google Ads, an online advertising program provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads enables me to draw attention to my offerings on external websites and measure the effectiveness of advertising measures. In particular, conversion tracking and, where applicable, remarketing functions may be used.
If you reach my website via a Google ad, Google may set a cookie or use a similar technology to recognize that you arrived at my website via the ad and whether a defined action, such as a contact request, was completed. This may involve, among other things, identifiers, information about the ad click, visited pages, and conversion data.
Google Ads may also use remarketing to show visitors to my website interest-based advertising on other websites within the Google advertising network. This function is only activated if you have consented to it.
The legal basis for processing in connection with Google Ads is Art. 6(1)(a) GDPR, provided you have given consent. You can withdraw your consent at any time via the cookie settings.
The cookies or similar identifiers used in connection with Google Ads may have different storage periods depending on the function used; in some cases, storage can last up to 90 days. Further information on data processing by Google Ads can be found in Google’s privacy policy at https://policies.google.com/privacy?hl=en and in Google’s advertising information at https://policies.google.com/technologies/ads?hl=en.
Recipients and Tansfer to third countries
As part of the use of Cookiebot, Google Tag, and Google Ads, personal data may be transferred to the providers named above and their affiliated companies. A transfer to third countries, especially the United States, cannot be ruled out. Where required, such transfers are based on appropriate safeguards, in particular Google’s standard contractual clauses.
Audio and Video Conferences
For communication with clients, I use online conferencing tools, specifically “Microsoft Teams.” When using Microsoft Teams, personal data such as name, email address, profile picture (if provided), chat messages, shared files, and meeting recordings may be processed. Microsoft may have access to some of this data. Please refer to Microsoft’s privacy policy for more details.
By participating in a Teams meeting, you consent to this processing. Use of these tools is based on Art. 6(1)(b) GDPR (for fulfilling contracts or pre-contractual steps), or Art. 6(1)(f) GDPR (legitimate interest in efficient communication). If consent is obtained, processing is based on Art. 6(1)(a) GDPR, which can be revoked at any time.
Retention Period
Unless otherwise stated in this privacy policy, your personal data is stored only as long as necessary for its intended purpose. Data may be retained longer if required by legal obligations that I must comply with.
Legal Basis for Data Processing
Unless otherwise specified, data processing is based on:
- Art. 6(1)(a) GDPR (your consent)
- Art. 9(2)(a) GDPR (for special categories of data)
- Art. 49(1)(a) GDPR (for data transfers to third countries with your consent)
- Art. 6(1)(b) GDPR (contractual obligations or pre-contractual measures)
- Art. 6(1)(c) GDPR (legal obligations)
- Art. 6(1)(f) GDPR (legitimate interest)
4. Your Rights
You have the right to:
- Request access to your stored data (Art. 15 GDPR)
- Request correction of incorrect data (Art. 16 GDPR)
- Request deletion of your data (Art. 17 GDPR)
- Request restriction of processing (Art. 18 GDPR)
- Object to data processing (Art. 21 GDPR)
- Withdraw your consent at any time (Art. 7(3) GDPR)
To exercise your rights, contact me at the details above.
You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR), typically the one in your place of residence, workplace, or where the alleged infringement occurred:
The State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
5. Changes to This Privacy Policy
I reserve the right to adapt this privacy policy as needed to reflect legal changes or changes to my services. The current version is always available on this page.
Last updated: July 2025