Privacy Policy

Pro Icon SD e.U., Owner Ahmed Mansour, Maroltingergasse 88/1, 1160 Vienna, Austria, Phone +43 699 10318882, Email info@proicon-club-austria.at.

• Master data: Name, address, date of birth, membership status. • Contact data: Email address, phone number, correspondence. • Contract and booking data: Tariff, term, appointment bookings, training history, payments, outstanding claims. • Technical usage data: IP address, date and time of access, pages accessed, browser and device information. • Health-related data only as far as necessary for the safe implementation of EMS training and legally permissible.

• Processing of inquiries and appointment requests – Art. 6 Para. 1 lit. b and lit. f GDPR. • Conclusion, implementation, and administration of memberships and training services – Art. 6 Para. 1 lit. b GDPR. • Fulfillment of legal documentation, retention, tax, and accounting obligations – Art. 6 Para. 1 lit. c GDPR. • IT security, prevention of abuse, system stability, and internal administration – Art. 6 Para. 1 lit. f GDPR. • Promotional contact via newsletter, SMS, or comparable electronic channels only on the basis of consent or another permissible legal basis – Art. 6 Para. 1 lit. a GDPR. • Health-related details for EMS suitability assessment, risk assessment, and safe training implementation – Art. 9 Para. 2 lit. a GDPR (explicit consent) and/or other legally permissible exemption provisions.

When visiting the website, technically necessary connection data is processed. This includes in particular the IP address, date and time of access, requested file, referrer URL, browser type, browser version, and operating system. This processing is carried out to provide the website, to ensure system security, and for error analysis.

If you contact us by email, phone, or contact form, we process the data you provide to handle your request, for feedback, and, if applicable, to implement pre-contractual measures.

For online bookings or appointment reservations, we process the necessary details for organizing trial training, consultation appointments, ongoing training, and capacities. Insofar as external appointment or CRM systems are used, this is done on the basis of a contract for order processing, if legally required.

Before starting EMS training, health-related details may be requested, such as about previous illnesses, implants, cardiovascular diseases, pregnancy, medication intake, current complaints, or other safety-relevant circumstances. This data is processed exclusively as far as necessary for a safe training decision, training planning, risk information, and documentation. Without truthful notification of safety-relevant health information, participation in EMS training may be entirely or partially excluded. Access to such data is limited to those persons who absolutely need it for the safe implementation of the training.

For payment processing, we process in particular payment status, due dates, billing data, IBAN, account holder's name, and necessary information on direct debits and return debit data. The processing is carried out for contract fulfillment and, if applicable, for asserting outstanding claims.

Personal data is transferred to third parties only as far as necessary for contract fulfillment, technical operation, or due to legal obligations. Recipients may be in particular hosting providers, IT service providers, appointment software providers, newsletter service providers, payment service providers, tax consultants, accounting service providers, and legal representatives. Insofar as an order processing within the meaning of Art. 28 GDPR exists with external service providers, corresponding contracts are concluded.

Insofar as individual service providers process data outside the European Economic Area or access from third countries cannot be excluded, this is done only on the basis of suitable guarantees, such as an adequacy decision by the European Commission, standard contractual clauses, or another permissible legal basis.

Personal data is stored only as long as necessary for the respective purposes or as long as legal retention obligations exist. Contract and billing documents are generally stored for the duration of the legal retention periods. Health-related data is not kept longer than necessary and is then deleted or anonymized, unless there is a legal obligation or legitimate interest in further storage.

Technically necessary cookies and comparable technologies may be used as far as necessary for the provision and security of the website. Statistics, marketing, or convenience functions, as well as embedded content from third-party providers, are – as far as legally required – only activated after effective consent. Consent can be given, adjusted, or withdrawn via the used consent management tool. A list of the specifically used services, storage periods, and providers is to be maintained in the cookie banner or in the associated detailed view.

• Access to processed personal data. • Correction of incorrect or incomplete data. • Deletion, as far as no legal retention obligations prevent this. • Restriction of processing. • Data portability, as far as applicable. • Objection to processing based on legitimate interests. • Withdrawal of given consents with effect for the future.

If you believe that the processing of your data violates data protection law, you can contact the Austrian Data Protection Authority: Barichgasse 40-42, 1030 Vienna, email: dsb@dsb.gv.at.

This privacy policy is to be reviewed regularly and updated in the event of changes to the actual processes, the tools used, or the legal situation.