PRIVACY POLICY

Privacy Policy

 

Last Updated: 11/11/2025

 

1. Who We Are (Data Controller)

Your privacy is important to me. This policy explains how I collect, use, and protect your personal data in accordance with Swiss (nFADP) and EU (GDPR) data protection laws.

The person responsible for the data processing on this website (the "Data Controller") is:

David Nikolic - Chemin des Novalles 19B, 1807 Blonay - +41 76 247 28 36 - David@Nikolic.health

 

2. Data We Collect on This Website

This website is designed to collect only the minimum data necessary. I collect data in the following ways:

A. When You Visit Our Website (Server Log Files) Our website hosting provider automatically collects and stores information in server log files, which your browser transmits. This may include your IP address, browser type, operating system, and the time of the server request. This data is not merged with other data sources. The basis for this processing is my "legitimate interest" in ensuring the security, stability, and error-free operation of this website.

B. When You Use Our Contact or Booking Forms When you contact me via my contact form or book a session, I collect the personal data you provide, such as your name and email address. I use this data solely to respond to your inquiry and to schedule your Discovery Session. The legal basis for this is your consent (which you provide via the checkbox) and to take "pre-contractual measures" at your request.

 

3. Cookies, Analytics & Tracking

 

A cookie is a small text file that is stored on your device when you visit a website. We use cookies to make our site work better and to understand how visitors use it.

We divide our cookies into two types:

A. Technically Necessary Cookies These cookies are essential for the basic operation of our website. They allow you to navigate the site and use its features. These cookies are always active and do not require your consent.

B. Analytics & Performance Cookies (Requires Your Consent) We use third-party analytics tools to help us understand how visitors interact with our website. This helps us improve our site and the services we offer. These cookies collect information in an anonymized way.

Service Used: Google Analytics

Provider: Google Ireland Ltd.

Purpose: This service uses cookies to collect anonymous data, such as which pages you visit, how long you stay on the site, and how you got here. Your IP address is anonymized before being sent to the provider.

Opt-Out: You can prevent Google Analytics from collecting your data by [e.g., downloading the Google Analytics Opt-out Browser Add-on].

 

3b. Your Consent (Cookie Banner)

We only use non-essential Analytics and Marketing cookies after you have given your explicit consent.

When you first visit our website, you will see a cookie banner asking for your permission. You can accept, reject, or customize your cookie preferences. You can also withdraw or change your consent at any time through the cookie settings on our website.

 

4. The Health History Form (Separate Data Processing)

This website does not collect or store your sensitive health information. This is handled in a separate, more secure process:

After you book a Discovery Session, you will receive a link to a confidential Health History Form.

This form collects "special categories of personal data" (i.e., sensitive health information) necessary for me to understand your health background and goals.

This data is processed for the sole purpose of preparing for and safely and effectively conducting our coaching sessions.

The legal basis for processing this sensitive data is your explicit consent, which will be requested on that form itself.

All data collected via the Health History Form is handled with the strictest confidentiality, stored securely, and is governed by the data protection principles laid out in this Privacy Policy.

 

5: Data Storage, Security & Third-Party Sharing

I do not sell your personal data. I share it only with third-party service providers who are essential to running my business. I have structured my data processing to separate personal client data from anonymous website analytics.

Security: I take reasonable technical and organizational measures to protect your data. This website uses SSL/TLS encryption (HTTPS).

A) Personal & Sensitive Client Data

This includes all information that can identify you, such as your name, email address, and the contents of your Health History Form.

Storage Location: All personal and sensitive client data is processed and stored exclusively on servers located within Europe (or Switzerland).

Third-Party Providers: The key providers who process this data are:

Website Host: IONOS

Email & Document Storage: Google Workspace (configured for European data storage).

 

B) Anonymized Analytics Data

This includes technical data about your visit, such as which pages were viewed. This data is anonymized and cannot be used to identify you personally.

Service Used: Google Analytics

Data Transfers: To provide this service, anonymous or pseudonymous data may be transferred to servers outside of Europe, such as in the U.S.

Safeguards: This is done only with providers who guarantee an adequate level of data protection, typically through Standard Contractual Clauses (SCCs), ensuring your data remains protected under GDPR and nFADP standards.

 

6. Data Retention (How Long We Keep Your Data)

I store your personal data only for as long as it is necessary for the purposes for which it was collected, or as required by Swiss law. For example, Swiss law requires that business records (which may include client contracts and invoices) be kept for 10 years. Data from non-client Discovery Sessions will be securely deleted after a reasonable period.

 

7. Your Data Protection Rights

You have comprehensive rights regarding your personal data. You have the right to:

Access the personal data I hold about you.

Rectify (correct) any inaccurate data.

Erase (delete) your personal data, subject to any legal retention obligations.

Object to the processing of your data.

Withdraw your consent at any time.

Complain to the relevant supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC / EDÖB).

If you wish to exercise any of these rights, please contact me at the email address provided in Section 1.

 

8. Changes to This Privacy Policy

I may amend this Privacy Policy at any time to reflect changes in my practices or for legal reasons. The version published on this website is always the current version.

 

Wir benötigen Ihre Zustimmung zum Laden der Übersetzungen

Wir nutzen einen Drittanbieter-Service, um den Inhalt der Website zu übersetzen, der möglicherweise Daten über Ihre Aktivitäten sammelt. Bitte überprüfen Sie die Details in der Datenschutzerklärung und akzeptieren Sie den Dienst, um die Übersetzungen zu sehen.