Privacy Policy | Schreiner Personal Training in Wien | Sandra Schreiner

Last updated: August 4, 2025

The protection of your personal data is very important to me. I therefore process your data exclusively on the basis of the applicable legal provisions (GDPR, TKG 2003). In this privacy policy, I inform you about the data processing in connection with my website.

1. Contact / Email Communication

If you contact me via email, the personal data you transmit (e.g. name, email address, content of the communication) will be stored for six months to process your inquiry and in case of follow-up questions, after which it will be deleted.
Emails are only retained as long as necessary to handle the request or to comply with statutory retention obligations. No data will be shared with third parties without your explicit consent.
The legal basis for this is Art. 6(1)(a) GDPR (consent) and/or Art. 6(1)(b) GDPR (pre-contractual measures or performance of a contract).

2. Booking Tools

To manage bookings, I use external platforms:

Fyndery – Anbieter: fyndery GmbH, Germany
https://www.fyndery.de/privacy_notice/

MyClubs – Anbieter: myClubs GmbH, Austria
https://www.myclubs.com/at/de/data-protection/

Please refer to the respective privacy policies of the platforms you use to make a booking. These platforms also process your personal data. For more information, please consult the linked privacy policies above.
Use of these platforms and the associated processing of your personal data is based on Art. 6(1)(b) GDPR (performance of a contract), insofar as it is necessary for handling the booking.

3. Social Media – Instagram

I operate a business profile on Instagram:
https://www.instagram.com/sandra.personaltraining/#

Instagram is a service of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

When visiting my Instagram page, your personal data may be processed by Meta – including your IP address and other information stored in cookies. Meta processes this data independently, outside of my control, and in accordance with its own privacy policy: https://privacycenter.instagram.com/policy

I only receive aggregated, anonymized usage statistics from Meta (known as “Insights”).

The legal basis for this data processing is Art. 6(1)(f) GDPR (legitimate interest in analyzing reach and improving services).

4. Hosting

This website is hosted by:

Vercel Inc.
440 N Barranca Ave #4133
Covina, CA 91723, USA
https://vercel.com/legal/privacy-policy

It cannot be ruled out that data may be transferred to the United States in this context. Vercel states that it operates in compliance with the GDPR.
The transfer of personal data to Vercel Inc. (in the USA) is based on an adequacy decision (Data Privacy Framework). Vercel Inc. is registered under the Data Privacy Framework.

5. Your Rights

You have the right to access, rectify, delete, restrict, and transfer your data, as well as the right to object or withdraw consent at any time.
If you believe that the processing of your personal data violates data protection law, or if your data protection rights have been infringed in any other way, you can file a complaint with me or with the supervisory authority.

Austrian Data Protection Authority:

Österreichische Datenschutzbehörde
Barichgasse 40–42, 1030 Wien
www.dsb.gv.at

6. Data Controller

Sandra Ingrid Schreiner
Linke Wienzeile 4/1/13
1060 Wien, Österreich
E-Mail: office@personaltraining.co.at

7. Image Credits

The photos used on this website are provided by:

Viktoria Spitzbart
mivana photography
Thomas Magyar

8. Collection of Personal Data in the Context of Training

In the course of participating in training sessions such as Bungee Super Fly, the following personal data may be collected from participants:

First and last name
Telephone number
Email address
Health-related information (e.g. pre-existing conditions or contraindications)

This data is processed solely for the purpose of conducting the training, ensuring safety, documentation, and, if necessary, for contacting you in connection with the booked session.

The legal basis for this is Art. 6(1)(b) GDPR (performance of a contract) and Art. 9(2)(a) GDPR (explicit written consent for processing health data via the medical history form).

Health-related data falls under the special category of data pursuant to Art. 9 GDPR and is treated confidentially. It is not stored digitally unless necessary and is only retained for as long as required for training purposes or by law.