Dr. Chiao-Ya Chang

Dr. Chiao-Ya Chang

Dr. Chiao-Ya Chang

Privacy Policy

Effective date: August 1, 2025

Your privacy matters to me. At Dr. Chiaoya Chang | Data, AI & Movement, I believe that trust is earned, and part of that trust is being open about how we handle your data. I am committed to protecting your personal data and respecting your rights. This Privacy Policy explains how I collect, use, and protect your information according to the General Data Protection Regulation (GDPR) and German law (§ 13 TMG, BDSG).

I don’t track more than I need. We don’t share your data unless we have to. And we never sell your information. My goal is to make your experience simple, secure, and respectful of your privacy from start to finish.

Please take a moment to read through the details below. If anything’s unclear or if you have questions, I am always here to help - just reach out at chiaoya.chang.tw@gmail.com.

1. Information we collect

I may collect the following types of personal data when you interact with my website or services:

  • Contact information (e.g., name, email) if you contact us or book a session

  • Usage data (e.g., IP address, browser type, access times, referring URLs)

  • Device data (e.g., operating system, screen resolution)

  • Payment data (if you purchase services via Stripe – no full credit card details are stored on our servers)

I do not collect sensitive personal data unless you voluntarily provide it and consent to its processing.

2. How we use your information

I use your data for the following purposes:

  • To respond to inquiries or appointment requests

  • To process payments and deliver purchased services

  • To analyze website traffic and improve user experience

  • To comply with legal obligations

Legal bases under Art. 6 GDPR include: your consent (Art. 6(1)(a)), contract fulfillment (Art. 6(1)(b)), and legitimate interest (Art. 6(1)(f)).

3. Cookies

This website uses only essential cookies necessary for functionality. I do not use tracking cookies or ad cookies without your explicit consent.

If I implement cookies for analytics or performance in the future, a cookie consent banner will be displayed according to § 25 TTDSG.

You can control or disable cookies via your browser settings at any time.

4. Data security

I take appropriate technical and organizational measures to protect your data:

  • SSL encryption for website traffic

  • Secure third-party payment processing (Stripe)

  • Access control and minimal data retention

  • No unnecessary data sharing

While I do our best to secure your information, no system can guarantee 100% security.

5. Third-party services

I only share your data with trusted third parties necessary for delivering our services:

  • Stripe (for secure payment processing)

  • Framer (our website hosting provider)

  • Google Fonts (may involve external server request)

Each provider is GDPR-compliant and has its own privacy policy.

I do not sell your personal data to third parties.

6. Your rights

Under the GDPR, you have the right to:

  • Access the data we hold about you

  • Request correction or deletion

  • Restrict or object to processing

  • Withdraw consent at any time

  • File a complaint with a supervisory authority (Art. 77 GDPR)

To exercise any of these rights, simply contact me.

7. Contact

Responsible for data processing:

Dr. Chiaoya Chang
Berlin, Germany
Email: chiaoya.chang.tw@gmail.com