Privacy Policy | Varee Thai Massage Berlin-Mitte

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR), other national data protection laws of the Member States and other data protection provisions is:

Varee Thaimassage
Owner: Alisa Bernat
Französische Str. 28
10117 Berlin
Phone: +49 30 23 93 41 39
Email: varee.thaimassage28@gmail.com

2. General information on data processing

We generally process personal data of our users only to the extent necessary to provide a functional website and our services. Processing usually takes place only with consent or where a law permits processing. The legal basis is in particular the GDPR and the German Federal Data Protection Act (BDSG).

3. Accessing the website (server log files)

When you access our website, the web server automatically processes technical data transmitted by your browser:

IP address (shortened where technically possible)
Date and time of access
Page accessed, HTTP status code and amount of data transferred
Browser type, browser version and operating system
Referrer URL (previously visited page)
Hostname of the accessing computer

The legal basis is Art. 6 (1) lit. f GDPR. Our legitimate interest is the stable operation and security of the website as well as protection against attacks. Log data is deleted or anonymised after a maximum of 14 days unless it is required for longer for security reasons, for example to investigate a specific attack.

4. Contact by email, phone, WhatsApp or form

If you contact us by email, phone, WhatsApp or through the contact form on the appointment page, we process the information you provide (name, contact details, preferred appointment, message) in order to respond to your request and arrange an appointment.

The legal basis is Art. 6 (1) lit. b GDPR (steps prior to entering into or performing a contract) and, additionally, Art. 6 (1) lit. f GDPR (legitimate interest in responding to your request). Your information is deleted as soon as it is no longer required for processing, at the latest after expiry of statutory retention periods.

Note on the contact form: The form on our website opens the email program installed on your device and sends the request from your own email address. The form data is not transmitted through our server.

Note on WhatsApp: When communicating via WhatsApp, data may also be transferred to the USA. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Dublin, Ireland. Please also note WhatsApp's privacy policy.

5. Cookies and analytics

This website uses no tracking cookies, no web analytics tool such as Google Analytics or Matomo, and no advertising networks. Only technically necessary means required to display the page are used. Consent under Section 25 (1) TDDDG is therefore not required.

6. External services

Fonts (locally hosted)

The fonts used on this website are served only locally from our own server under /fonts/. There is no connection to Google Fonts or other third-party providers for fonts. Your IP address is not transmitted to third parties for this purpose.

Maps (OpenStreetMap)

On our contact and home pages, we show a static preview image of our location. Only when you click the image does OpenStreetMap open in a new tab. Without your explicit click, no connection to OpenStreetMap or other third-party map providers is established. The provider is the OpenStreetMap Foundation, St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom.

7. Hosting

This website is delivered through Cloudflare, Inc. (101 Townsend Street, San Francisco, CA 94107, USA). Cloudflare processes technically necessary data, in particular IP addresses, to provide the website and protect it from attacks. A data processing agreement under Art. 28 GDPR exists with Cloudflare. Transfers to the USA are based on the EU-US Data Privacy Framework, in which Cloudflare participates, and additionally on standard contractual clauses under Art. 46 (2) lit. c GDPR.

Further information: cloudflare.com/privacypolicy

Any further disclosure of your personal data to third parties takes place only where permitted by law or where you have consented.

8. Your rights as a data subject

You have the following rights with regard to personal data concerning you:

Right of access (Art. 15 GDPR)
Right to rectification of inaccurate or incomplete data (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object to processing (Art. 21 GDPR)
Right to withdraw consent once given with effect for the future (Art. 7 (3) GDPR)

To exercise your rights, please contact us using the contact details listed in section 1.

9. Right to lodge a complaint with the supervisory authority

Under Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data. The authority responsible for us is:

Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59-61
10555 Berlin
Phone: +49 30 13 889-0
Web: www.datenschutz-berlin.de

10. Deletion and storage period

Personal data is deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place where required by European or national law, regulations or other provisions to which the controller is subject. Data is also blocked or deleted when a prescribed storage period expires, unless further storage is required for concluding or fulfilling a contract.

11. SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognise an encrypted connection by the lock symbol and the https:// address in your browser.

12. Currentness and changes to this privacy policy

This privacy policy is currently valid. Further development of our website or changes in legal or official requirements may make it necessary to adapt this policy. The current version can always be accessed on this page.

Updated: April 2026