top of page

Last updated: 25 January 2025

I, Bahareh Pakravesh, take the protection of your personal data very seriously. I handle your personal information confidentially and in accordance with applicable data protection regulations, particularly the General Data Protection Regulation (GDPR). This privacy policy informs you about how we process your personal data on our website.

1. Name and Contact Details of the Controller and Data Protection Officer
This privacy information applies to data processing by the controller:

Practice Name: BePure Naturheilpraxis
Name: Bahareh Pakravesh
Address: Am Sandtorpark 8, 20457 Hamburg, Germany
Email: info@bepure.health
Telephone: +49 (0)40 35771357
Mobile: +49 (0)170 2090866
Tax number: 94612558079

2. Collection and Storage of Personal Data and Purpose of Use
When you visit our website www.napb.health, the browser on your device automatically sends information to our web server. This information is temporarily stored in a so-called log file. Without any action on your part, the following data are collected and stored until automatic deletion:

  • IP address of the requesting device

  • Date and time of access

  • Name and URL of the file retrieved

  • Website from which the request originated (referrer URL)

  • Browser used, operating system, and the name of your access provider

We process these data for the following purposes:

  • Ensuring a smooth connection to the website

  • Ensuring convenient use of our website

  • Evaluating system security and stability

  • Other administrative purposes

The legal basis for processing is Article 6(1)(f) GDPR. Our legitimate interest follows from the purposes listed above. Under no circumstances do we use the data collected to draw conclusions about your identity.

3. Disclosure of Data
We only disclose your personal data to third parties if:

  • You have given your express consent (Article 6(1)(a) GDPR)

  • Disclosure is necessary for the establishment, exercise, or defence of legal claims and there is no reason to assume you have an overriding interest in not disclosing your data (Article 6(1)(f) GDPR)

  • There is a legal obligation to disclose (Article 6(1)(c) GDPR)

  • Disclosure is legally permissible and necessary for the performance of a contract with you (Article 6(1)(b) GDPR

4. Use of Google Maps
This website uses the online map service Google Maps (API) provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland.

Google Maps enables the visual display of interactive maps to show geographic information. This allows you to see our location and makes it easier to plan your visit.

When you access a page containing Google Maps, certain information (e.g., your IP address) is transmitted to Google servers and stored there. This may also include servers operated by Google LLC in the USA. The transmission occurs regardless of whether you are logged into a Google account. If you are logged in, the data will be associated with your account. To prevent this, log out before using Google Maps.

Google may store usage profiles for purposes such as personalised advertising, market research, and optimising its services. You have the right to object to such profiling by contacting Google directly.

Where legally required, we obtain your consent before activating Google Maps (Article 6(1)(a) GDPR). You can withdraw your consent at any time with future effect.

5. Newsletter
You can subscribe to our newsletter to receive regular updates about our practice and services.

To subscribe, you must:

  1. Provide a valid email address

  2. Complete the registration process

For verification, we use the double opt-in procedure. This means you will receive a confirmation email to verify that you own the email address provided.

When subscribing, we also store your IP address, the date, and the time of registration to protect against misuse.

The data collected during newsletter registration are used exclusively to send the newsletter. You can unsubscribe at any time via the link provided in each newsletter or by contacting us directly.

We use Cloudflare Turnstile to prevent spam and abuse. This GDPR-compliant service anonymously verifies that the registration request is made by a human.

6. Website Hosting and Technical Service Providers
Our website is hosted by:

Wix.com Ltd.
40 Namal Tel Aviv St., Tel Aviv 6350671, Israel

Wix processes technical data on our behalf when you visit the website. For details, see Wix’s privacy policy: https://de.wix.com/about/privacy

Legal basis: Article 6(1)(f) GDPR (legitimate interest in providing the website)
International data transfer: Based on EU Standard Contractual Clauses.

7. Online Appointment Booking (Wix Bookings)
When you use our online booking system, we collect:

  • First and last name

  • Email address

  • Telephone number

  • Appointment details and selected services

  • Any special requests or health information provided

  • Booking date and time

  • Appointment history

Purposes: Appointment scheduling, reminders, patient communication, and billing
Legal basis: Article 6(1)(b) GDPR (contract fulfilment); Article 9(2)(h) GDPR (healthcare purposes)
Retention period: 10 years under healthcare record-keeping laws

You will receive automatic email reminders before your appointment, which you may opt out of.

8. Contact Forms and Payment Processing
When you use our contact form, we collect:

  • Name

  • Email address

  • Phone number (optional)

  • Your message

  • Date and time of submission

Purpose: Responding to your inquiry
Retention: 2 years after the last contact

Payments: For paid services, payment processing is handled by “Old Wix Forms and Payments.” Payment data are encrypted and securely processed. Retention is 10 years under tax law.

9. Online Shop (Wix Stores)
When you purchase products or services online, we process:

  • Customer account details

  • Order history

  • Product preferences

  • Delivery addresses

  • Payment information

Purpose: Order fulfilment, customer service, accounting
Retention: 10 years for tax-relevant data, 3 years for customer account data

10. Additional Wix Features

  • Blog (Wix Blog): Processes only technical data when reading posts

  • Multilingual Content (Wix Multilingual): Saves your language preference

  • Website Search (Wix Site Search): Temporarily processes search queries

  • Members Area (Wix Members Area): Stores username, password, profile data, and activity history

11. Video Consultations (Zoom Integration)
For online consultations, we use Zoom Video Communications Inc., 55 Almaden Blvd, 6th Floor, San Jose, CA 95113, USA.

We process:

  • Name and email

  • Video/audio data during the session

  • Chat messages

  • Connection data

Sessions are not recorded unless explicitly agreed in advance. Data are deleted after the session except for those retained under healthcare record-keeping laws.

12. Accessibility and Design Tools
We use tools like Contrast Checker to improve accessibility. No personal data are processed.

13. Cookies and Tracking Technologies
We use only essential cookies for website functionality, booking, multilingual settings, cart storage, and security. No marketing or analytics cookies are used.

14. Retention Period Overview

  • Website logs: per Wix policy

  • Newsletter: until unsubscribed + 6 months

  • Contact form: 2 years after last contact

  • Bookings & patient data: 10 years

  • Payments: 10 years

  • Shop orders: 10 years

  • Customer accounts: 3 years after last activity

  • Zoom data: deleted after session

  • Member accounts: until deleted

15. Your Rights as a Data Subject
Under GDPR, you have the right to:

  • Access your personal data (Article 15)

  • Rectification of inaccurate data (Article 16)

  • Erasure of your data (Article 17)

  • Restrict processing (Article 18)

  • Data portability (Article 20)

  • Withdraw consent (Article 7(3))

  • Lodge a complaint with a supervisory authority (Article 77)

Supervisory authorities:

  • Federal Commissioner for Data Protection and Freedom of Information, Bonn

  • Hamburg Commissioner for Data Protection and Freedom of Information, Hamburg

16. Right to ObjectYou may object to processing based on legitimate interests (Article 21 GDPR), particularly to direct marketing, at any time by emailing info@bepure.health.

17. Data Security
We use SSL encryption during website visits. While we strive for maximum security, please note that online data transmission (e.g., via email or public Wi-Fi) may have security gaps. For sensitive matters, we recommend initial contact by phone to arrange a secure communication method.

18. Updates to This Privacy Policy
This policy is effective as of 1 January 2025. Changes may be made to reflect website updates or legal requirements. The current version is always available at www.bepure.health.

Contact for Data Protection Inquiries:
Email: info@bepure.health

bottom of page