1. Data Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection provisions is:

Alexander Krüger – kruegermedia
Hinter dem Turm 23, 61130 Nidderau, Germany
Phone: +49 6187 475700
Email: info@kruegermedia.de

For data protection enquiries, Mr Alexander Krüger can be reached using the contact details above. The appointment of a data protection officer is not required by law.

2. Scope

This privacy policy applies to the websites obesity-network.com, gastric-bypass.com, gastric-band.com, gastric-sleeve-surgery.com, and intragastric-balloon.com (the "website"). It explains which personal data we process when you visit this website, for what purposes and on what legal basis, and what rights you have.

This website provides information about obesity and related treatment options and presents and links to clinics. At present, no health data is collected through this website and no patient data is passed on to clinics (see section 15).

3. Legal Bases for Processing

Where we process personal data, we do so on one of the following legal bases: your consent (Art. 6(1)(a) GDPR), the performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR), compliance with a legal obligation (Art. 6(1)(c) GDPR), or our legitimate interests, provided your interests do not override them (Art. 6(1)(f) GDPR). We state the applicable legal basis for each processing activity below.

4. Hosting and Server Log Files

This website is operated by an external service provider (host). The data collected on this website is stored on the host's servers.

Hosting-Anbieter:
netbeat GmbH
Obermünsterstr. 9
93047 Regensburg

Email: support@netbeat.de
Tel: +49 (0)941 - 5 99 03 21
www.netbeat.de

Each time this website is accessed, our system or the host's system automatically collects data and information transmitted by your browser and stores it in so-called server log files. The following are recorded: the IP address of the accessing device, the date and time of access, the name and URL of the file retrieved, the website from which access was made (referrer URL), the browser used and, where applicable, the operating system of your device, as well as the name of your access provider.

This processing is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in the technically error-free provision and the security of this website. Log files are generally stored for a period of seven days and then deleted, unless they are exceptionally required for a longer period to investigate or prevent security incidents.

5. SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the browser's address bar begins with "https://" and a padlock symbol is displayed. When encryption is active, the data you transmit to us cannot be read by third parties.

6. Cookies and Consent Management

This website uses cookies and comparable technologies. Cookies are small text files stored on your device. They do not harm your device and do not contain viruses.

Technically necessary cookies that are required to operate this website are used on the basis of Section 25(2) TDDDG and Art. 6(1)(f) GDPR. All other cookies and technologies — in particular for analytics and marketing purposes — are set only with your express consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

We manage your consent through a consent management tool. When you first access this website, you can choose which categories to allow. You can change or withdraw your choice at any time with effect for the future by reopening the settings via the consent tool. You can also restrict or prevent the storage of cookies in your browser settings; this may limit the functionality of this website.

7. Contact Form and Enquiries

If you contact us via the contact form or by email, we process the data you provide (in particular your name, email address, and your message) in order to handle and respond to your enquiry. Providing health data is not necessary for this; please do not send us any information about your state of health via the contact form.

The legal basis is Art. 6(1)(b) GDPR where your enquiry relates to the conclusion or performance of a contract, and otherwise Art. 6(1)(f) GDPR based on our legitimate interest in handling enquiries. We delete this data once your enquiry has been conclusively dealt with, provided no statutory retention obligations apply.

8. Newsletter

If you would like to receive the newsletter offered on this website, we require an email address from you. Registration uses the double opt-in procedure: after you register, you will receive an email asking you to confirm. This ensures that the registration is actually made by the owner of the email address.

The legal basis is your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw this consent at any time with effect for the future, for example via the unsubscribe link in every newsletter. The lawfulness of the processing carried out before the withdrawal remains unaffected. We store your email address for the purpose of sending the newsletter until you unsubscribe.

We use the Brevo service to send the newsletter. The provider is Brevo GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. Brevo processes the data as a processor on the basis of a contract pursuant to Art. 28 GDPR. [PLEASE CHECK: confirm provider and address and, if delivery or open-rate statistics are used, add the corresponding performance measurement.] Further information can be found in Brevo's privacy policy at https://www.brevo.com/legal/privacypolicy/.

9. Web Analytics with Google Analytics

Subject to your consent, this website uses the web analytics service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses cookies and comparable technologies that enable an analysis of the use of this website. We use the service to evaluate and improve the use of our offering on a statistical basis. The legal basis is your consent pursuant to Art. 6(1)(a) GDPR in conjunction with Section 25(1) TDDDG. You can withdraw your consent at any time via the consent tool.

In the course of using Google Analytics, data may be transferred to Google LLC in the USA. Google LLC is certified under the EU-US Data Privacy Framework; in addition, the data transfer is based on the European Commission's Standard Contractual Clauses. Further information on the handling of user data can be found in Google's privacy policy at https://policies.google.com/privacy.

10. Affiliate Links and External Links

This website contains links to external offerings, including clinics, as well as affiliate links where applicable. When you click an affiliate link, the respective partner may set cookies in order to track a referral. We have no influence on the data processing carried out by external providers; the privacy policy of the respective provider applies.

https://fasting.learnnow.top

11. Transfer of Data to Third Countries

Where we use services that involve the transfer of data to countries outside the European Union or the European Economic Area (in particular the USA), this is done only where an adequate level of data protection is ensured. This is ensured by an adequacy decision of the European Commission, certification of the recipient under the EU-US Data Privacy Framework, or the conclusion of the European Commission's Standard Contractual Clauses. With regard to transfers to the USA, we point out that the same level of data protection as in the EU cannot generally be guaranteed there.

12. Storage Period

We process and store personal data only for as long as is necessary for the respective purpose. The data is then deleted unless statutory retention obligations — for example under commercial or tax law — require longer storage. In that case, the data is restricted from further processing.

13. No Automated Decision-Making

This website does not carry out automated decision-making, including profiling, within the meaning of Art. 22 GDPR.

14. Your Rights as a Data Subject

You have the following rights with regard to the personal data concerning you: the right of access (Art. 15 GDPR), to rectification (Art. 16 GDPR), to erasure (Art. 17 GDPR), to restriction of processing (Art. 18 GDPR), to data portability (Art. 20 GDPR), and the right to withdraw consent you have given at any time with effect for the future (Art. 7(3) GDPR). To exercise these rights, an informal notice to the contact details given in section 1 is sufficient.

Right to object (Art. 21 GDPR): Where we process data on the basis of Art. 6(1)(f) GDPR (legitimate interest), you have the right to object to such processing at any time on grounds relating to your particular situation. Where data is processed for direct marketing purposes, you have the right to object at any time without giving reasons.

Right to lodge a complaint: Without prejudice to any other remedy, you have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of your data infringes applicable law. The competent authority for the controller is: Der Hessische Beauftragte für Datenschutz und Informationsfreiheit, Postfach 3163, 65021 Wiesbaden, Germany, datenschutz.hessen.de.

15. Patient Referral and Lead Collection (currently not active)

At present, no health or patient data is collected through this website for referral to clinics. Clinics are only presented and linked.

[PLACEHOLDER – COMPLETE BEFORE GOING LIVE: As soon as enquiry or lead forms are introduced through which users provide health information (e.g. weight, BMI, pre-existing conditions) or through which a referral to clinics takes place, this section must be expanded. In particular, the following are required: explicit consent for the processing of special categories of personal data pursuant to Art. 9(2)(a) GDPR; a description of the data categories and recipients; documentation of the transfer to US clinics as a third-country transfer, including the transfer mechanism; and, where applicable, data processing or joint-controller agreements. This step should be carried out with legal counsel before going live.]

16. Notice for Users in the United States

The operator of this website is based in Germany; the processing of personal data is governed primarily by the data protection law of the European Union and the Federal Republic of Germany. Notwithstanding this, we wish to inform users residing in the United States — in particular in California — as follows:

We do not sell your personal information and do not share it with third parties for advertising purposes within the meaning of the California Consumer Privacy Act (CCPA/CPRA). The categories of data we process and the purposes are set out in this privacy policy. Although the comprehensive US state privacy laws typically apply only above certain revenue or user thresholds that this offering does not reach, we grant all users, as a courtesy, the rights of access and erasure described in this policy. Please direct requests to the contact details given in section 1.

17. Currency and Changes to this Privacy Policy

This privacy policy is dated May 2026. As this website develops or due to changes in legal requirements, it may become necessary to amend this privacy policy. The current version can be accessed on this website at any time.